IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Monday, 28 August


Future Proof Your SysAdmin Career: Free Ebook "IndyWatch Feed Tech"

Future Proof Your SysAdmin Career: Free Ebook


Links 28/8/2017: Linux 4.13 RC7, GnuPG 2.2 Released "IndyWatch Feed Tech"

GNOME bluefish



  • 7 Business Advantages of Linux

    If youre looking for a more affordable way of running your office than Windows, an open source alternative like Linux can be a very good alternative. A lot of businesses needlessly stick with Windows because it is what they are familiar and comfortable with, but learning to use a Linux system is easy once you get that hang of it and it has many advantages, as you can see below

  • Desktop

    • Pinebook

      Anyhow, DHL also takes a fee for providing the service of paying the taxes for me. I can clear the taxes myself with customs (although they are taxes, not custom), but strangely I still have to pay the same fee to DHL. That adds another 60 to the grand total.

      So we started with 110 for the laptop itself plus extra storage, and have now arrived at a grand total of 213! That certainly puts a damper on things, esp. considering that the hardware has been designed two years ago and hardly compares with even the cheapest netbooks (that can be gotten for a similar price) of 2017.

  • Server

    • ...


SysAdmins Essential Guide to Linux Workstation Security: Free Ebook "IndyWatch Feed Tech"

SysAdmins Essential Guide to Linux Workstation Security: Free Ebook


IP Lawyer Who Represented TiVo is Trump's Nomination as USPTO Chief "IndyWatch Feed Tech"

President Donald Trump has selected Andrei Iancu, the managing partner of a major Los Angeles law firm, to be the next head of the US Patent and Trademark Office [USPTO].

His most notable work in the tech sector is likely his representation of TiVo Corp. in its long-running patent battles with companies like EchoStar, Motorola, Microsoft, Verizon, and Cisco. TiVo ultimately succeeded in compelling those defendants to pay up for its pioneering DVR patents, and payments to TiVo ultimately totaled more than $1.6 billion, according to Iancu's biography page.

Iancu also had a hand in Immersion Corp's $82 million jury verdict against Sony Computer Entertainment in which a jury found that Immersion's patent claims on tactile feedback technology were valid and infringed.

[...] Iancu earned his JD, along with an MS in mechanical engineering and a BS in aerospace engineering, from UCLA. He worked as an engineer at Hughes Aircraft before attending law school.

Handling the business of a large and successful law firm like Irell & Manella means that Iancu is no slouch when it comes to management skills. And his varied set of clients could help him avoid the tug of war that often pops up between tech and pharma over how to manage the patent system.

If confirmed by the Senate, Iancu will replace Michelle Lee, the outgoing USPTO director who left shortly after Trump's inauguration. Lee, a former Google attorney, was a favorite of the tech sector.


Original Submission

Read more of this story at SoylentNews.


Tesla CEO Elon Musk Gives Us a Peek At His L.A. Tunnel Project "IndyWatch Feed Tech"

Tesla and SpaceX CEO Elon Musk teased his newest endeavor with a picture of a Model S inside a tunnel that hes digging in Los Angeles.

Like so many of Musks projects, this isnt just any ol tunnel. Musks startup, The Boring Company, is digging a tunnel that will be used to transport vehicles at high speeds to avoid traffic congestion. The idea is to lower vehicles via an elevator to a tunnel, where its then transportednot drivenin a sled along magnetic rails at high speeds.

The Boring Company, was inspired by traffic congestion Musk experienced in Los Angeles. The aim is to find a way cost-effectively dig networks of tunnels for vehicles and high-speed trains.


What Do the Most Successful Open Source Projects Have In Common? "IndyWatch Feed Tech"

Thriving open source projects have many users, and the most active have thousands of authors contributing. There are now more than 60 million open source repositories, but the vast majority are just a public workspace for a single individual. What differentiates the most successful open source projects? One commonality is that most of them are backed by either one company or a group of companies collaborating together.


Drones and AI Take On Killer Sharks Down Under "IndyWatch Feed Tech"

Robots are an expensive, but cool, solution to a very rare problem

Whether or not shark attacks are a major problem in Australia (spoiler alert: they're not), the Australian government has devoted an enormous amount of resources into trying to mitigate the risk of sharks near popular beaches. They've tried nets to keep the sharks out, they've tried electronic gadgets to dissuade them, and they've tried lots of different ways of killing them, without much in the way of evidence that any of it is particularly effective. 

After six months of trials, the latest and most robot-y idea is about to be implemented: drones will start patrolling some Australian beaches next month, using cameras and some AI-backed image analysis software to spot lurking sharks much better than humans can.

Humans aren't particularly good at identifying sharks on aerial imagery. We can manage a 20-30 percent accuracy rate, which means both identifying other things as sharks (kinda bad) and misidentifying sharks as other things (way worse). As with many tasks of this kind, a machine learning system does much better: once it's been trained on labeled aerial videos of sharks, whales, dolphins, surfers, swimmers, boats, and whatever else, the software is 90 percent accurate at telling humans to panic because there's a shark somewhere. And when implemented on a drone, the system really does tell people to panic, using a loudspeaker to warn them that there's a shark in the water. 

The drones come from an Australian company called Westpac Little Ripper, which modifies a few different kinds of commercial drones for tasks like shark spotting as well as general lifesaving operations, such as dropping beacons and even rafts. The larger Little Ripper drones are gas powered and can fly for hours, which is nice, but they somehow cost up to US $250,000 each.

It's also worth noting that visual shark detection from the air only works when the weather's good, and while you can use it to reliably spot sharks near the surface, ones that are deeper down (hunting you from below) are still very hard to spot.

In case you were wondering whether any of this is driven by pol...


Selena Gomez Instagram hacked; posts nude photos of Justin Bieber "IndyWatch Feed Tech"

By Carolina

Earlier today (August 28), the official Instagram of popular singer Selena

This is a post from Read the original post: Selena Gomez Instagram hacked; posts nude photos of Justin Bieber


Black hole models contradicted "IndyWatch Feed Tech"

A long-standing but unproven assumption about the X-ray spectra of black holes in space has been contradicted by hands-on experiments performed at Sandia National Laboratories Z machine.

Z, the most energetic laboratory X-ray source on Earth, can duplicate the X-rays surrounding black holes that otherwise can be watched only from a great distance and then theorized about.

Of course, emission directly from black holes cannot be observed, said Sandia researcher and lead author Guillaume Loisel, lead author for a paper on the experimental results, published in August in Physical Review Letters. We see emission from surrounding matter just before it is consumed by the black hole. This surrounding matter is forced into the shape of a disk, called an accretion disk.


DARPA Wants Bots To Protect Us From Cyber Adversaries "IndyWatch Feed Tech"

The military research unit is looking for technology and software that can identify networks that have been infiltratedand neutralize them.

The militarys research unit is looking for ways to automate protection against cyber adversaries, preventing incidents like the WannaCry ransomware attack that took down parts of the United Kingdoms National Health Service networks.

The Defense Advanced Research Projects Agency is gathering proposals for software that can automatically neutralize botnets, armies of compromised devices that can be used to carry out attacks, according to a new broad agency announcement.


Spoiler Alert! Repairing A Race Car Can Get Complicated, Fast. "IndyWatch Feed Tech"

[Big Fish Motorsports] has a vehicle with an adjustable rear spoiler system that broke in the lead up to a big race. The original builder had since gone AWOL so the considerable talents of [Quinn Dunki] were brought to bear in getting it working again.

Cracking open the black control box of mystery revealed an Arduino, a ProtoShield and the first major road block: the Arduino remained stubbornly incommunicado despite several different methods of trying to read the source code. Turns out the Arduinos ATMega324 was configured to be unreadable or simply fried, but an ATMega128 [Quinn] had proved to be a capable replacement. However, without knowing how the ten relays for this spoiler system were configured and the race day deadline looming ever larger [Quinn] opted to scrap the original and hack together something of her own design with what she had on hand.

After a mock-up of some fresh code a...


Private Internet Access Get a Secure VPN to Protect Your Online Privacy "IndyWatch Feed Tech"

Since most of us rely upon the Internet for day-to-day activities today, hacking and spying have become a prime concern, and so have online security and privacy. The Internet has become a digital universe with websites collecting your sensitive information and selling them to advertisers, hackers looking for ways to steal your data from the ill-equipped networks, websites, and PCs, and


[security bulletin] HPESBHF03770 rev.1 - HPE Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat, Remote Arbitrary Code Execution "IndyWatch Feed Tech"

Posted by HPE Product Security Response Team on Aug 28


Document ID: hpesbhf03770en_us
Version: 1

HPESBHF03770 rev.1 - HPE Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat, Remote Arbitrary Code

NOTICE: The information in this Security Bulletin should be acted upon as soon as...


Dad Creates App That Forces Kids to See Parents' Texts "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

Kids have always been a little difficult.

Technology may have made things worse, as the young tend to know more about tech than their parents do.

They know, for example, how to ignore mom and dad and do whatever they like.

Nick Herbert found this a touch frustrating.

Kids have a habit of simply not replying to texts. Not because they're bad kids, but, well, they're doing something more interesting on the phone -- like playing a game.

So, as CBS News reports, Herbert conceived ReplyASAP. This is an app (currently available only on Android) that forces your child to address your texts.

By annoying the living hell out of them.

[...] Herbert insists that ReplyASAP is meant to be used only in emergencies. This isn't about annoying your kids all the time, however tempting that might be.

Indeed, he told me that it's not about forcing your child to reply. Instead, he said: "It is simply a means of getting an important message to the child, even when they have their phone on silent, and for the parent to know they have seen it."

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


Chinese governments latest crack against online anonymity "IndyWatch Feed Tech"

The Chinese government is dead-set on making it so that all online interactions can be tied to a specific user. The latest move towards this goal came on Friday, when the Cyberspace Administration of China (CAC) released an overview of the new rules that dictate that anonymous users cant post content online. The new rules The rules have actually been announced by Chinas National Internet Information Office, and are expected to be enforced by Internet More


Game of Thrones Piracy Peaks After Season Finale "IndyWatch Feed Tech"

The seventh season of Game of Thrones has been the most-viewed thus far, with record-breaking TV ratings.

Traditionally, the season finale is among the most-viewed episodes of the season. This is true on official channels, but also on pirate sites.

Despite numerous legal options, Game of Thrones remains extremely popular among pirates. Minutes after the official broadcast ended last night people flocked to various torrent and streaming sites, to watch it for free.

Looking at the torrent download numbers we see that the latest episode is topping all previous ones of this season. At the time of writing, more than 400,000 people were actively sharing one of the many available torrents.

Some of the more popular GoT torrents

While the demand is significant, there is no all time swarm record as we saw two years ago.

In part, this may be due to improved legal options, but the recent rise of pirate streaming sites and services are also stealing traffic. While there is no hard data available, millions of people now use streaming sites and services to watch pirated episodes of Game of Thrones.

Record or not, there is little doubt that Game of Thrones will end up being the most pirated show of the year once again. That will be the sixth year in a row, which is unprecedented.

In recent years, HBO has tried to contain piracy by sending DMCA takedown notices to pirate sites. In addition, the company also warned tens of thousands of BitTorrent downloaders directly. Nonetheless, many people still find their way to this unofficial market.

While HBO has grown used to mass-scale piracy in recent years, it encountered some other major setbacks this season. Hackers leaked preliminary outlines of various episodes before they aired. The same hackers also threatened to release the season finale, but that never happened.

There were two episode leaks this year, but these were unrelated to the aforementioned. The fourth episode leaked through the Indian media processing company Prime Focus Technologies, which resulted in several...


Twenty-plus years on, SMTP callbacks are still pointless and need to die "IndyWatch Feed Tech"

A rarely used legacy misfeature of the main Internet email protocol creeps back from irrelevance as a minor annoyance. You should ask your mail and antispam provider about their approach to 'SMTP callbacks'. Be wary of any assertion that is not backed by evidence.

Even if you are an IT professional and run an email system, you could be forgiven for not being immediately aware that there is such a thing as SMTP callbacks, also referred to as callback verification. As you will see from the Wikipedia article, the feature was never widely adopted, and for all too understandable reasons.

If you do run a mail system, you have probably heard about that feature's predecessor, the still-required but rarely used SMTP VRFY and EXPN commands. Those commands offer a way to verify whether an address is valid and to show the component addresses that a mailing list resolves to, respectively.

Back when all things inter-networking were considered experimental and it was generally thought that information should flow freely in and between those experimental networks, it was quite common for mail servers to offer VRFY and EXPN service to all comers.

I'm old enough to remember using VRFY by hand, telnet-ing to port 25 on a mail server and running VRFY $user@$domain.$tld commands to check whether an email address was indeed valid. I've forgotten which domains and persons were involved, but I imagine the reason why was that I wanted to contact somebody who had said something interesting in a post to a USENET news group.

But networkers trying to make contact with each other were not the only ones who discovered the VRFY and EXPN commands.  Soon spammers were using those commands to actively harvest actually! valid! deliverable! addresses, and by 1999 the RFC2505 best practices document recommended disabling the features altogether. After all, there would usually be some other way available to find somebody's email address (there was even a FAQ, a longish Frequentl...


Tubular: A Hyperloop Contest As Musk Inches Toward Creating High-Speed Venture "IndyWatch Feed Tech"

The WARR Hyperloop team, from the Technical University of Munich, claimed the top prize by sending its vehicle through the nearly airless tube at a top speed of 327 kilometers per hour. That was more than triple the speed runner-up Paradigm Hyperloop, a Canadian-U.S. team that attained 102 kph in the lengthy tube.


Facebook blocks ads from fake news pages "IndyWatch Feed Tech"

Facebook is blocking pages that post fake news stories from buying ads as part of its efforts to curb hoax articles on its platform.The company announced on Monday that it would prevent Facebook pages public profiles for brands, celebrities,...


Hackaday Prize Entry: Sonic Glasses "IndyWatch Feed Tech"

This year, the Hackaday Prize is going to find the most innovative and interesting assistive technologies. Whether thats refreshable Braille displays or reliable utensils for the disabled, the finalists for the Assistive Technologies portion of the Prize will be creating some of the most interesting tech out there.

For his entry into the Assistive Technology part of the Prize, [Pawit] is building binaural glasses for the blind. Its difficult to navigate unknown environments without a sense of sight, and these SonicScape glasses turn cheap distance sensors into head-mounted sonar.

The glasses are built around a pair of ultrasonic distance sensors (the HC-SR-04, if youre curious), mounted in a convenient 3D-printed enclosure that looks sufficiently like a pair of glasses to not draw too many glares. (Although maybe wed print them in black to lower the contrast.) Of note in this project is the Bluetooth connectivity to eliminate wires and independent left and right audio channels. That last bit being able to hear in left and right is something we havent seen before in devices like this and aims to greatly increase the usability of such a device.

The HackadayPrize2017 is Sponsored by:
Texas Instruments

Filed under: The Hackaday Prize ...


This AI Butler Wants to Roam Your Home "IndyWatch Feed Tech"

Say hello to Temi. Wired reports that this sleek, 3-foot robot with a tablet for a face is essentially a kind of travelling AI butler for your homea Siri or Alexa, only on wheels. It will come rolling when you holler. It can use facial recognition to follow people around, so they can watch TV or Skype as they stroll. And it taps Googles artificial intelligence to help answer your questions. A run of 1,000 robots will be made available November by its maker, Roboteam, and its planned to cost under $1,500 when it launches widely next year. But, as weve argued in the past, these kinds of domestic robots are more a source of entertainment than much practical use, and are certainly not the kinds of practical machines that may one day be able to take over some of your household chores. For now, you might be better off carrying your phone around the homeespecially if you have stairs.


Massachusetts Supreme Court Says Digital Cameras Can't Be Searched Without A Warrant "IndyWatch Feed Tech"

Some more good news on the Fourth Amendment front, even if it's somewhat jurisdictionally limited: the Supreme Judicial Court of Massachusetts has (sort of) decided [PDF] the Supreme Court's Riley decision isn't just for cellphones. (via

In this case, the search of a robbery suspect's backpack while he was being questioned yielded a ring, a digital camera, and other items. The police warrantlessly searched the digital phone1, discovering a photo of the suspect next to a firearm later determined to have been stolen. This led to two convictions: one for the stolen property and one for carrying a firearm without a license.

The defendant challenged all of the evidence resulting from the warrantless search of the backpack, but the state got to keep most of what it found, along with the conviction for theft. But it didn't get to keep the firearm conviction, as the court here sees digital cameras to be almost no different than cellphones when it comes to warrantless searches and the Riley decision. From the opinion:

The Commonwealth counters that Riley does not apply because digital cameras, lacking the ability to function as computers, are not analogous to cell phones for Fourth Amendment purposes. We decline to address the constitutionality of the search of the digital camera on Fourth Amendment grounds, but we apply the reasoning in Riley in holding that the search of the camera violated art. 14 [of the Massachusetts Declaration of Rights].

[1] [I suspect the author meant digital camera, not digital phone - Ed]

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


WireX DDoS Botnet: An Army of Thousands of Hacked Android SmartPhones "IndyWatch Feed Tech"

Do you believe that just because you have downloaded an app from the official app store, you're safe from malware? Think twice before believing it. A team of security researchers from several security firms have uncovered a new, widespread botnet that consists of tens of thousands of hacked Android smartphones. Dubbed WireX, detected as "Android Clicker," the botnet network primarily


[$] Goodbye to GFP_TEMPORARY and dma_alloc_noncoherent() "IndyWatch Feed Tech"

Like most actively developed programs, the kernel grows over time; there have only been two development cycles ever (2.6.36 and 3.17) where the kernel as a whole was smaller than its predecessor. The kernel's internal API tends to grow in size and complexity along with the rest. The good thing about the internal API, though, is that it is completely under the control of the development community and can be changed at any time. Among other things, that means that parts of the kernel's internal API can be removed if they are no longer needed or if their addition in the first place is deemed to be a mistake. A pair of pending removals in the memory-management area shows how this process can work.


Distribution Release: Redcore Linux 1708 "IndyWatch Feed Tech"

Ghiunhan Mamut has announced the release of a new snapshot of Redcore Linux, a rolling release desktop distribution based on Gentoo. The new snapshot offers several package upgrades and new fixes. "This release focuses on polishing the overall look'n'feel and out of the box experience of the distribution.....


Beating Heart patch offers new hope for desperately ill patients "IndyWatch Feed Tech"

Researchers are using stem cells to fabricate tiny patches they hope will be able to restore function to damaged cardiac tissue.


Sarahah app uploads your address book without your knowledge "IndyWatch Feed Tech"

Honesty app Sarahah is dishonest, as it uploads your phone contacts to the server

Sarahah, the anonymous feedback messaging app, is all over the place. Be it Facebook, Twitter, Instagram or Snapchat, everyone is talking about the app for the past couple of weeks.

For those unaware, Sarahah means honesty in Arabic, is an app that allows the users to send anonymous messages to others registered with the app. Created by Saudi Arabian developer Zain al-Abidin Tawfiq, the app is aimed to help people identify their strengths and weaknesses. However, users have no way of knowing who sent the message or how to reply to them. The app is available in two languages, English and Arabic, for iOS and Android users.

Sarahah helps you in discovering your strengths and areas for improvement by receiving honest feedback from your employees and your friends in a private manner, the app description explains.

However, it now appears that the app is collecting more just than feedback messages. Apparently, the app is uploading users phone numbers and email addresses in the address book to the companys servers, which was spotted by Zachary Julian, a senior security analyst at Bishop Fox when he installed the app on his Android smartphone, a Galaxy S5 running Android 5.1.1.

When this news was reported by The Intercept, Zain al-Abidin Tawfiq responded by tweeting that the contact lists were being uploaded for a planned find your friends feature. However, the removal of the functionality was delayed due to a technical issue. He now claims that the functionality has removed from the server and the data request will be removed in a future release. He also tweeted that Sarahah currently stores no contacts in its databases, which is impossible to verify.

Sarahah uploading address book data from The Intercept on Vimeo.

Julian discovered the behaviour of Sarahah by using BURP Suite, a traffic analyzer, which intercepts internet traffic entering and leaving the device, allowing the owner to see what data is sent to remote servers. When Julian launched Sarahah on the device, BURP Suite caught the app in the act of uploading his private data.

As soon as you log into the application, it transmits all of your email and phone contacts stored on the Android operating system, he said. The same occurrence was later determined on Apples iOS too, although after a prompt to access contacts, which also appears in newer versions of Android....


Turning off the Intel Management Engine (ME) "IndyWatch Feed Tech"

Over at Positive Technologies, we learn:

Our team of Positive Technologies researchers has delved deep into the internal architecture of Intel Management Engine (ME) 11, revealing a mechanism that can disable Intel ME after hardware is initialized and the main processor starts. In this article, we describe how we discovered this undocumented mode and how it is connected with the U.S. governments High Assurance Platform (HAP) program.

Yup, the NSA is running Intel machines with the ME off, and so should you, most likely.


School of Mines hopes to launch first-ever space mining program "IndyWatch Feed Tech"

The Colorado School of Mines is no longer concerned with just earthly matters.

The world-renowned science and engineering institution in Golden is now eyeing asteroids, the moon, Mars and beyond to explore, extract, process and use the raw materials they provide to help sustain life in space.

Mines hopes to launch a first-of-its kind interdisciplinary graduate program in space resources in 2018, pending approval by school leaders. The first course, Space Resources Fundamentals, is being offered as a pilot program this fall.


The Tourbillon: Anti-Gravity for Watch Movements "IndyWatch Feed Tech"

Do you know what time it is? Chances are good that you used a computer or a cell phone to answer that question. The time on your phone is about as accurate as chronometry gets these days. Thats because cell networks are timed from satellites, which are in turn timed from atomic clocks. And these days, it may be that atomic clocks are the only clocks that matter.

Before this modern era of quartz and atomic accuracy, though, timepieces were mechanical. Clocks were driven by heavy weights that made them impractical for travel. It wasnt until the mainspring-driven movement came along that timekeeping could even begin to become portable.

But while the invention of the mainspring made portable timepieces possible, it hurt their accuracy. Thats because the driving force of a tightly wound spring isnt constant like that of an inert, solid weight.  So pocket watches werent exactly an overnight success. Early pieces were largely ornamental, and only told the hour. Worst of all, they would slow down throughout the day as the mainspring unwound, becoming useless unless wound several times a day. The mainspring wasnt the only problem plaguing pocket watches, but it was the among the most obvious.

Time is a Balancing Act



Sarahah App Uploads Your Contacts List on Unidentified Server "IndyWatch Feed Tech"

By Waqas

Sarahah is a new app that is gaining popularity among

This is a post from Read the original post: Sarahah App Uploads Your Contacts List on Unidentified Server


New, custom ransomware delivered to orgs via extremely targeted emails "IndyWatch Feed Tech"

Ransomware campaigns are usually wide-flung affairs: the attackers send out as many malicious emails as possible and hope to hit a substantial number of targets. But more targeted campaigns are also becoming a trend. Targeting different verticals Take for example the latest ones spotted by Proofpoint researchers in August: one was primarily aimed at Healthcare and Education verticals, while the other targeted Manufacturing and Technology companies. In both cases, the campaigns targeted UK and US More


AmanithVG Brings Fast OpenVG To Linux, OpenGL ES Rendering "IndyWatch Feed Tech"

AmanithVG is a new library implementing the Khronos OpenVG 1.1 vector graphics 2D API. This library supports OpenVG rendering using a software/CPU-based approach or in turn using OpenGL / OpenGL ES 1.1...


Exabytes SSD VPS Exclusive offer "IndyWatch Feed Tech"

Hello all! Edward from Exabytes sent in an offer and were happy to feature these guys for the second time. Theyre a registered company out of Singapore (201014969M), their WHOIS is public, and they accept PayPal and major credit/debit cards as payment. You can find their legal docs here. Its worth noting that they offer a Risk Free 30 Day Money Back Guarantee.

More about the company: 

Exabytes has specialized in providing web hosting services since its establishment in 2001. Today we serve over 75,000 Customers in 121 countries, and manage over 1000 servers. We have physical offices in Asia Pacific (Singapore, Indonesia and Malaysia), providing in-house and professional support to our worldwide customers. Our hosting servers are located in North America, Singapore, Malaysia and Indonesia. Lastly, our VPS offer server are located in Denver Tech Data Center, Colorado, USA and Telstra Singapore Data Center, Paya Lebar, Singapore.

Heres the offers: 
US Managed SSD VPS 1 
1x vCPU
20GB SSD space
1TB transfer
1Gbps uplink
1x IPv4
CentOS, Ubuntu
$ 6.99/month
$ 83.88/year

Managed Asia SSD VPS 1 
1x vCPU
20GB SSD space
1TB transfer
1Gbps uplink
1x IPv4
CentOS, Debian, Ubuntu
$ 6.99/month
$ 83.88/year


US Data Centers and Test IPs

Datacenter Name  Denver Tech Data Center,  Denver, Colorado, United States/
Test IPv4...


Pale Moon Blocks AdNauseum Extension [Updated] "IndyWatch Feed Tech"

It's being reported on HackerNews that the Pale Moon Browser is blocking the AdNauseum extension, an ad blocking extension designed to obfuscate browsing data and protect users from tracking by advertising networks.

The main story link is to the Pale Moon Forum which summarises the issue as follows:

After investigating the AdNauseam extension's behavior and the results for web publishers, the extension has been added to the Pale Moon blocklist with a severity level of 2 (meaning you won't be able to enable it unless you increase the blocking level in about:config to 3). For those unfamiliar with this extension: it generates false ad "clicks" to ad servers in an attempt to generate "noise" for the ad networks in a protest against the advertising network system as a whole.

While the premise behind this is similar to poisoning trackers with false fingerprints (which we are proponents of, ourselves), and we normally let users decide for themselves what they want to do with their browser, we are strictly against allowing extensions that cause direct damage (including damage to third parties). There is a subtle but important difference between blocking content and generating fake user interaction.

[...] Because this extension causes direct and indirect economic damage to website owners, it is classified as malware, and as such blocked.

From the forum threads this decision has been slightly controversial with some users.

If you're not familiar with Pale Moon, it is an Open Source web browser, forked from a mature Mozilla code release, and has been covered on SN before.

[Update: Added text re: blocking level; bolded text that was bold in the original posting. --martyb]

Original Submission

Read more of this story at SoylentNews.


Wanna see the Game of Thrones in advance email delivers malware "IndyWatch Feed Tech"

By Carolina

Beware of Email promising Game of Thrones Spoilers because it

This is a post from Read the original post: Wanna see the Game of Thrones in advance email delivers malware


Meet HZV de Septembre "IndyWatch Feed Tech"

Rentre HZV et reprise des meets en ce samedi 2 septembre 2017 !
RDV l'Electrolab 52, Rue Paul Lescop Nanterre 16H !

Pas de talk programm pour le moment, si vous voulez en proposer un,
crivez-nous sur meet [at] hackerzvoice [dot] net !


Au plaisir de vous retrouver !


Beware! Viral Sarahah App Secretly Steals Your Entire Contact List "IndyWatch Feed Tech"

Are you also one of those 18 Million users using SARAHAH? You should beware of this app because the anonymous feedback application may not be as private as it really sounds. Sarahah is a newly launched app that has become one of the hottest iPhone and Android apps in the past couple of weeks, allowing its users to sign up to receive anonymised, candid messages from other Sarahah users.


Upverter Joins Altium "IndyWatch Feed Tech"

In a post on the Upverter blog today, [Zak Homuth], founder of the online EDA suite Upverter has announced they have been acquired by Altium.

The largest change in the announcement is the removal of Upverters paid professional tier of service. Now, the entirety of Upverter is free. Previously, this paid professional tier included CAM export, 3D preview, BOM management, and unlimited private projects for $1200 per seat per year.

Hackaday has taken a look at Upverter before in an book-length series of posts describing how to build a PCB in every software tool. While Upverter is a web-based PCB design tool that doesnt respond to a right mouse click, the experience was pleasant overall. There are some interesting features in Upverter that make PCB design work fun snap-to alignment of pads, a phenomenal number of ways to export your data and its more than capable enough for the electronics hobbyist.

With the Altium announcement, [Zak] says Upverter will continue on its mission to create a system to design a complete product, from schematic to enclosure to firmware to BOM management.

Filed under: news


FSF at DebConf17: John & Molly take Montreal "IndyWatch Feed Tech"

OpenShot Logo

John Sullivan, the Executive Director of the FSF, joined me and nearly four hundred of our closest Debian friends for a week of celebrating free software, working together on cool projects, and talking endlessly about what we can do for user freedom around the world.

Speaking at DebConf was a big deal for me. Participating in the Debian community was an important part of what took me from being a person who used free software to an active member of the free software movement. Presenting at a conference provides a different kind of opportunity to interact with everyone there. As someone who organizes conferences, I feel as though the speakers do a huge amount of work to shape the experience that attendees have, and that by providing individuals with microphones and stages, we create a conversation that helps the community learn, explore, and grow.

DebConf17 kicked off with Open Day, where John was to deliver a session titled "Freedom embedded: Devices that respect users and communities." The same series of thunderstorms, a tornado warning, and other threatening weather forecasts that caused me to arrive in Montreal a day early, resulted in John's flights being delayed several times. Since he was trapped in New York, John and the DebConf organizing team agreed that it would be best for me to deliver the session on behalf of the FSF.

OpenShot Logo

This kicked off what became a great week for the FSF in Montreal. John managed to arrive in time for his other session, "Increasingly permissive or increasingly dismissive?," on the lack of any data to support the exaggerated claims we've been hearing about the decline of copyleft.

We held a birds-of-a-feather (BoF) session for FSF members and potential members in Debian. Speaking with members of the Debian community while wearing our FSF hats is important: the FSF does not officially endorse Debian as a distribution due to some outstanding disagreements, but there is a lo...


Venus Automaton Design Recalls Mechanical Computers "IndyWatch Feed Tech"

I dont usually talk about spacecraft close to our own Sun, but exceptions invariably arise. Centauri Dreams took a close look at the Parker Solar Probe back in June, because its operations close to the Sun (within about 10 solar radii) have implications for how we might build the kind of spacecraft that can perform sundiver maneuvers, approaching the Sun before deploying a solar sail for maximum effect (see Parker Solar Probe: Implications for Sundiver). Sundivers are one way to maximize acceleration for future interstellar missions.

And then theres Venus, a planet Ive written little about in these pages. The Automaton Rover for Extreme Environments (AREE) concept study now being funded by the NASA Innovative Advanced Concepts program is intriguing because it looks at spacecraft design from a fresh angle, actually one that harkens back to generations of mechanical devices that have had little part in space exploration. At least, until now. For while the environment on Venus challenges all our surface rover concepts, a hybrid mechanical/electronic design might save the day. The implications for other extreme environments in the outer system are quite interesting.

AREE grows out of ideas first proposed in 2015 by JPL engineer Jonathan Sauder, who drew on his knowledge of mechanical computers, the sort of calculating machines that use levers and gears instead of microchips. Think of Charles Babbages Difference Engine, which was designed in the 19th Century, or the Greek Antikythera mechanism, which could tell the Hellenistic world in ancient times about upcoming astronomical events like eclipses.

Image: AREE is a clockwork rover inspired by mechanical computers. A JPL team is studying how this kind of rover could explore extreme environments, like the surface of Venus. Credit: NASA/JPL-Caltech.

Sauder likes the idea of using analog technologies on Venus because electronics dont last long under its extreme pressure and temperatures. If we can limit the use of electronics to the bare essentials and do the rest with analog techniques, we change the paradigm.

The power source? Wind turbines in the center of the rover, storing energy in a constant force spring. Tank treads, or something similar, would replace wheels, while communications would be handled by a rotating shutter placed in front of a bright radar target. The idea would be to turn the bright reflection on and off. Venus rover, meet the Royal Navy circa 1800 communicating with f...


Uber taps Expedia chief executive to be its new CEO "IndyWatch Feed Tech"

Uber has picked Dara Khosrowshahi, head of the internet travel company Expedia, to serve as its new chief executive, according to multiple reports.Khosrowshahi became the leading candidate out of three finalists during weekend board meetings to...


Security updates for Monday "IndyWatch Feed Tech"

Security updates have been issued by Debian (augeas, connman, fontforge, freeradius, git, mariadb-10.1, openjdk-7, php5, qemu, qemu-kvm, and tenshi), Fedora (augeas, libsndfile, thunderbird, and xen), Gentoo (AutoTrace and jbig2dec), Mageia (dbus, flash-player-plugin, groovy, groovy18, heimdal, kernel-linus, kmail(kdepimlibs4), libice, libmodplug, miniupnpc, and postgresql9.3/4/6), openSUSE (freeradius-server, gnome-shell, ImageMagick, and openvswitch), and SUSE (java-1_8_0-ibm, libzypp, and postgresql94).


graphicsmagick: memory allocation failure in MagickRealloc (memory.c) "IndyWatch Feed Tech"

Posted by Agostino Sarubbo on Aug 28

graphicsmagick is a collection of tools and libraries for many image formats.

The relevant ASan output of the issue:

# gm convert -clip -negate $FILE out
==15168==End of process memory map.
==15168==AddressSanitizer CHECK failed:
"((0 && "unable to mmap")) != (0)"
(0x0, 0x0)...


AMD Threadripper 1950X Linux Benchmarks "IndyWatch Feed Tech"

Last week I was able to finally get my hands on a Threadripper 1950X system thanks to AMD for being able to deliver some Linux tests from this high-end desktop platform. The Threadripper 1950X as a reminder is a 16-core processor with 32 threads via SMT, 3.4GHz base frequency, 4.0GHz boost frequency, quad-channel DDR4 support, and support for 64 PCI-E lanes. Threadripper sits between the Ryzen 7 desktop processors and the AMD EPYC server/workstation processors, which are still soon to be tested at Phoronix. The Ryzen Threadripper 1950X will set you back $999 USD, but compared to the Core i9 7900X at the same price, has six more cores / 12 threads and a slightly higher base clock frequency of 3.4GHz vs. 3.3GHz but a lower boost frequency of 4.0GHz vs. 4.3GHz.


High Moral Reasoning Associated With Increased Activity in the Human Brain's Reward System "IndyWatch Feed Tech"

Individuals who have a high level of moral reasoning show increased activity in the brain's frontostriatal reward system, both during periods of rest and while performing a sequential risk taking and decision making task according to a new study from researchers at the Perelman School of Medicine, the Wharton School of the University of Pennsylvania, Shanghai International Studies University in Shanghai, China and Charit Universittsmediz in Berlin, Germany. The findings from the study, published this month in Scientific Reports, may help researchers to understand how brain function differs in individuals at different stages of moral reasoning and why some individuals who reach a high level of moral reasoning are more likely to engage in certain "prosocial" behaviors -- such as performing community service or giving to charity -- based on more advanced principles and ethical rules.

[...] The researchers' previous work found an association between high levels of moral reasoning and gray matter volume, establishing a critical link between moral reasoning and brain structure. This more recent study sought to discover whether a link exists between moral reasoning and brain function.

Original Submission

Read more of this story at SoylentNews.


Popular Sarahah App secretly uploads your phone contacts to the companys servers "IndyWatch Feed Tech"

According to a report published by The Intercept, the popular Sarahah app silently uploads users phone contacts to the companys servers.

This summer, Sarahah became one of the most popular iPhone apps in the world for both iOS and Android.

Sarahah has been created by Saudi Arabian developer Zain al-Abidin Tawfiq, it implements a social network that lets users send and receive anonymous messages.

Sarahah app

It reached the top of the App Store in many regions, including Australia, Ireland, the U.S, and the UK.

Created by Saudi Arabian developer Zain al-Abidin Tawfiq, the app is essentially a social network that lets you send and receive anonymous messages.

Sarahah means frankness or honesty in Arabic, the name was chosen because the author believes that people are more willing to be honest when their messages are anonymized like the app does.

Today the Sarahah app has more than 18 Million users that probably ignore that the app may not be as private as they believe.

According to a report published by The Intercept, the app silently uploads users phone contacts to the companys servers.

The discovery was made by the security analyst Zachary Julian, he discovered that once users have installed the Sarahah app for the first time, it harvests and uploads data in the address book.

Zachary Julian, a senior security analyst at Bishop Fox, discovered Sarahahs uploading of private information when he installed the app on his Android phone, a Galaxy S5 running Android 5.1.1. The phone was outfitted with monitoring software known as BURP Suite, which intercepts internet traffic entering and leaving the device, allowing the owner to see what data is sent to remote servers. reads the report published by The Intercept. When Julian launched Sarahah on the device, BURP Suite caught the app in the act of uploading his private data.

As soon as you log into the application, it transmits all of your email and phone contacts stored on the Android operating system, he said. He later verified the same occurs on Apples iOS, albeit after a prompt to access contacts, which also appears in newer vers...


openjpeg: stack-based buffer overflow write in pgxtoimage (convert.c) "IndyWatch Feed Tech"

Posted by Agostino Sarubbo on Aug 28

openjpeg is an open-source JPEG 2000 library.

The complete ASan output of the issue:

# opj_compress -n 1 -i $FILE -o null.j2k
==159529==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fde59900160 at pc 0x000000450bef bp
0x7ffe7641f3c0 sp 0x7ffe7641eb70
WRITE of size 36 at 0x7fde59900160 thread T0
#0 0x450bee in scanf_common...


Helicopter security "IndyWatch Feed Tech"

After my last post about security spending, I was thinking about how most security teams integrate into the overall business (hint: they don't). As part of this thought experiment I decided to compare traditional security to something that in modern times has come to be called helicopter parenting.

A helicopter parent is someone who won't let their kids do anything on their own. These are the people you hear about who follow their child to college, to sports practice. They yell at teachers and coaches for not respecting how special the child is. The kids are never allowed to take any risks because risk is dangerous and bad. If they climb the tree, while it could be a life altering experience, they could also fall and get hurt. Skateboarding is possibly the most dangerous thing anyone could ever do! We better make sure nothing bad can ever happen.

It's pretty well understood now that this sort of attitude is terrible for the children. They must learn to do things on their own, it's part of the development process. Taking risks and failing is an extremely useful exercise. It's not something we think about often, but you have to learn to fail. Failure is hard to learn. The children of helicopter parents do manage to learn one lesson they can use in their life, they learn to hide what they do from their parents. They get extremely good at finding way to get around all their rules and restrictions. To a degree we all had this problem growing up. At some point we all wanted to do something our parents didn't approve of, which generally meant we did it anyway, we just didn't tell our parents. Now imagine a universe where your parents let you do NOTHING, you're going to be hiding literally everything. Nobody throughout history has ever accepted the fact that they can do nothing, they just make sure the authoritarian doesn't know about it. Getting caught is still better than doing nothing much of the time.

This brings us to traditional security. Most security teams don't try to work with the business counterparts. Security teams often think they can just tell everyone else what to do. Have you ever heard the security team ask "what are you trying to do?" Of course not. They always just say "don't do that" or maybe "do it this way" then move on to tell the next group how to do their job. They don't try to understand what you're doing and why you are doing it. It's quite l...


uBlock: Dynamic Blocking Rules "IndyWatch Feed Tech"

Today I learned that uMatrix is kind of an integral part of uBlock origin already:

  1. Enable advanced user mode.
  2. In the uBlock origin dropdown, click [+ requests blocked] underneath the International Power Symbol.
  3. Get this:

and the restrict annoying sites until they behave.


openjpeg: invalid memory write in tgatoimage (convert.c) "IndyWatch Feed Tech"

Posted by Agostino Sarubbo on Aug 28

openjpeg is an open-source JPEG 2000 library.

The complete ASan output of the issue:

# opj_compress -r 20,10,1 -jpip -EPH -SOP -cinema2K 24 -n 1 -i $FILE -o null.j2k


Moving Sciences Statistical Goal Posts "IndyWatch Feed Tech"

In 1989, Ralph Rosnow and Robert Rosenthal, two well-respected experts on statistical methods in psychology, wrote the following memorable line: We want to underscore that, surely, God loves the .06 nearly as much as the .05 (p. 1277).

For researchers in psychologyas well as in the biological and social sciencesthis was an amusing statement because .05 is the Holy Grail of statistical significance. It may seem unusual to use religious language when writing about scientific methods, but the metaphor is fitting because, for almost as long as scientists have used statistical methods, achieving a probability of .05 or less (e.g., .04, .027, .004) meant publication, academic success, and another step toward the financial security of tenure. But .06 or even .055 meant nothing. No publication and no progress toward a comfortable retirement.

Rosnow and Rosenthal were arguing that scientists had been overly concerned with a single, arbitrary cut-off score, p < .05, but today their plea sounds a bit antique. In the latest response to the reproducibility crisis in psychology (see my December 2015 online column, Has Science a Problem?) a group of seventy-two accomplished statisticians, biologists, and social scientists have signed a statement proposing that the criterion be changed from .05 to .005. This may seem like a nerdy technical issue, but the proposed change has profound implications for the progress of science and has ignited a vigorous controversy in the field. But Im getting ahead of myself. Lets step back and figure out what this is all about.

The Reverse Logic of Statistical Significance

The idea came from the British biologist and statistician Ronald Fisher, a man Richard Dawkins has called the greatest biologist since Darwin (The Edge 2011). Fisher invented many statistical techniquesincluding the analysis of variance (ANOVA)and, ever since learning how to use Fishers methods, has been the bane of graduate students in biology, psychology, and many other disciplines.

Fisher recognized that you cannot affirm the consequent. Scientists are commonly in the position of wanting to prove that a variable they are interested in causes something to happen. For example, imagine a chemist has identified Compound X, which she believes will promote hair growth in balding humans. She creates a Compound X lotion and a placebo lotion and conducts an experiment on balding volunteers. Lo and behold, the people in her Compound X group grow more hair than those in the placebo group. If her experiment was otherwise well designed and conducted, can she safely conclude Compound X grows hair? Of course not. It might just have been a lucky test, and furthermore no number of positive tests can prove th...


Fedora 28 Is Aiming To Be Released By Mid-May "IndyWatch Feed Tech"

The Fedora Engineering and Steering Committee has been working to firm up the release schedule for the Fedora 28 Linux operating system update due out in Q2'2018...


Using more Site Settings "IndyWatch Feed Tech"

Site-Settings can be useful to simplify the web.

Site-Settings in Chrome can be accessed by pressing the Info-Circle next to the Sitename above a web page. A dropdown shows the rules for the site, usually Ask (default). Sites with annoying Ad-Tech that sneaks around the Adblocker can often be silenced by disabling Javascript and Flash completely.

It is not necessary to disable other settings, especially if the default is Ask a requester will pop up before a feature such as e.g. Location is being used.


Researchers bought MacBook for $1 using critical vulnerabilities "IndyWatch Feed Tech"

By Waqas

Why buy expensive MacBook Pro when you can get it

This is a post from Read the original post: Researchers bought MacBook for $1 using critical vulnerabilities


Getting a start on cyber threat hunting "IndyWatch Feed Tech"

In this age of advanced persistent threats, waiting for traditional threat management solutions like IDS and SIEM to flag incidents and threats is simply not enough anymore. We live in a world where the adversaries will persist in getting into an organizations environment, and they only have to be successful once. And, on average, companies are breached for more than 200 days before they realize they are compromised, notes Mark Terenzoni, CEO at Sqrrl, a More


Poll: Google was wrong to fire engineer over diversity memo "IndyWatch Feed Tech"

A majority of voters in a new poll says Google was wrong to fire an engineer for writing a controversial internal memo detailing why he believes the company has failed to attract more women in its workforce.Fifty-five percent of those polled in the...


Dip update 69/n "IndyWatch Feed Tech"

[Orig: Aug 28, 2017]
Hi everyone,
Below is the light curve as of ~1 hour ago.  Humidity was too high to open domes last night at OGG, so only TFN to report.
Also, two papers on our star were posted to the archive this morning, both presenting new analysis of the long term dimming/variability with coverage over the past couple couple years -> decade.  Links to the paper are here:
and here
Note that the first (Meng et al.) has undergone peer review and is accepted for publication. The second (Simon et al.) has just been submitted to the journal for review, and the content is subject to change after the authors receive feedback from the referee (and the community). To discuss/read more, see the relevant threads on the sub-reddit for the Meng et al. paper and the Simon et al. paper
~Tabby and team


Tech Firms Team Up to Take Down WireX Android DDoS Botnet "IndyWatch Feed Tech"

A half dozen technology and security companies some of them competitors issued the exact same press release today. This unusual level of cross-industry collaboration caps a successful effort to dismantle WireX, an extraordinary new crime machine comprising tens of thousands of hacked Android mobile devices that was used this month to launch a series of massive cyber attacks.

Experts involved in the takedown warn that WireX marks the emergence of a new class of attack tools that are more challenging to defend against and thus require broader industry cooperation to defeat.

This graphic shows the rapid growth of the WireX botnet in the first three weeks of August 2017.

This graphic shows the rapid growth of the WireX botnet in the first three weeks of August 2017.

News of WireXs emergence first surfaced August 2, 2017, when a modest collection of hacked Android devices was first spotted conducting some fairly small online attacks. Less than two weeks later, however, the number of infected Android devices enslaved by WireX had ballooned to the tens of thousands.

More worrisome was that those in control of the botnet were now wielding it to take down several large websites in the hospitality industry pelting the targeted sites with so much junk traffic that the sites were no longer able to accommodate legitimate visitors.

Experts tracking the attacks soon zeroed in on the malware that powers WireX: Approximately 300 different mobile apps scattered across Googles Play store that were mimicking seemingly innocuous programs, including video players, ringtones or simple tools such as file managers.

We identified approximately 300 apps associated with the issue, blocked them from the Play Store, and were in the process of removing them from all affected devices, Google said in a written statement. The researchers findings, combined with our own analysis, have enabled us to better protect Android users, everywhere.

Perhaps to avoid raising suspicion, the tainted Play store applications all performed their basic stated functions. But those apps also bundled a small program that would launch quietly in the background and cause the infected mobile device to surr...


Britain Invented Rock-N-Roll, And Other Stories "IndyWatch Feed Tech"

An elderly relative of mine used to get irate at the BBC news. When our Prime Minister [Edward Heath] or another of her btes noirs of the day came on, shed rail at the radio or the TV, expressing her views to them in no uncertain terms. It taught a young me a lot about the futility of shouting at the telly, as well as about making a spectacle of oneself.

The ISS in flight. NASA(Public Domain)The ISS in flight. NASA [Public domain].The other evening though I found myself almost at the point of  shouting at a TV programme, and since its one with a clear message about technology I feel its worth sharing here. The programme in question was one of the Impossible Engineering series, and it was talking about the technology behind the International Space Station. It was recent enough to include last years mission involving [Tim Peake], so it was by no means a show dredged from the archives.

All very well, you say. Impossible Engineerings format of looking at...


Future Proof Your SysAdmin Career: Embracing DevOps "IndyWatch Feed Tech"

Future Proof Your SysAdmin Career: Embracing DevOps


openjpeg: heap-based buffer overflow in opj_t2_encode_packet (t2.c) "IndyWatch Feed Tech"

Posted by Agostino Sarubbo on Aug 28

openjpeg is an open-source JPEG 2000 library.

The complete ASan output of the issue:

# opj_compress -r 20,10,1 -jpip -EPH -SOP -cinema2K 24 -n 1 -i $FILE -o null.j2k
TIFFReadDirectoryCheckOrder: Warning, Invalid TIFF directory; tags are not sorted in ascending order.
TIFFReadDirectory: Warning, Unknown field with tag 27154 (0x6a12) encountered.
TIFFReadDirectory: Warning, Unknown field with tag 32512 (0x7f00) encountered....


GnuPG 2.2.0 released "IndyWatch Feed Tech"

Version 2.2.0 of the GNU Privacy Guard is out; this is the beginning of a new long-term stable series. Changes in this release are mostly minor, but it does now install as gpg rather than gpg2, and it will automatically fetch keys from keyservers by default. "Note: this enables keyserver and Web Key Directory operators to notice when you intend to encrypt to a mail address without having the key locally. This new behaviour will eventually make key discovery much easier and mostly automatic."


Mayweather vs. McGregor Caused Massive Surge in Streaming Piracy "IndyWatch Feed Tech"

The boxing matchup between Mayweather and McGregor was an unusual sporting event in many ways, not least financially.

With close to a billion dollars at stake, various rightsholders did their best to ensure that piracy was kept to a minimum.

However, despite an injunction against pirate streaming sites and mysterious tracking codes embedded in streams, they were easily defeated.

New data published by Canadian broadband management company Sandvine reveals that there was a massive surge in live streaming piracy around the fight. The company monitored traffic at a fixed access tier-1 network in North America and found that many people tuned into pirate IPTV services.

Generally speaking, a single pirate live streaming channel never accounts for more than five percent of the total bandwidth generated by these unauthorized broadcasts. However, it was quite different last weekend.

On Saturday that all changed, as the report below shows: at its peak, the pirated UFC and PPV channels for the Mayweather/McGregor fight accounted for 50% of all pirate TV streams, Sandvine notes.

Streaming piracy boost

According to Sandvine, roughly 8% of the sampled subscribers have pirate live streaming devices at their homes and many of these were tuning into the fight between Mayweather and McGregor.

Towards the end of the event, 3.5 percent of total bandwidth consumed on the network came from these pirate streams. To give an illustration of the traffic that was generated, Sandvine notes that the unauthorized boxing streams totaled more traffic than Twitch, Facebook, and Instagram together.

Streaming piracy market share

While the figures are based on a sample of North American fixed access network traffic, Sandvine believes that it provides a good indication of the total traffic. In the near future, the company plans to release more details on this pirate streaming tr...


Integrating GDPR into your day to day IT practices "IndyWatch Feed Tech"

GDPR, four letters that when combined strike fear into the heart of any sysadmin. Luckily, there is quite some time before it comes into force, which means getting into the habit of complying should be natural by 25th May 2018. My default position on these types of regulations are to consider it from a consumers point of view, and think about how I would feel with someone holding personal data of mine for longer than More


Open Banking APIs under PSD2: What are the security threats and solutions? Download VASCO's white paper now "IndyWatch Feed Tech"

Graham Cluley Security News is sponsored this week by the folks at VASCO. Thanks to the great team there for their support!

More than 10,000 customers in 100 countries rely on VASCO to secure access, manage identities, verify transactions, simplify document signing and protect high value assets and systems.

The Revised Payment Services Directive, also known as PSD2, requires European banks to provide communication interfaces to Third Party Providers (TPPs).

In this whitepaper VASCO analyzes the requirements for the communication interface as defined in the draft RTS, with a special emphasis on security requirements. VASCO identifies the most important security threats against these interfaces, and discuss various solutions that can help banks to protect against them.

By downloading this free white paper, youll discover:

  • the PSD2 requirements for open banking APIs
  • the security and privacy threats against the APIs of banks
  • how to protect APIs against security threats
  • VASCO's solution suite for PSD2 compliance

Interested in learning more? Download VASCO's white paper: Open Banking APIs under PSD2: What are the security threats and solutions?

If youre interested in sponsorin...


Tips for an Information Security Analyst/Pentester career - Episode 11: Mutillidae II (brief introduction) "IndyWatch Feed Tech"

Mutillidae II is another vulnerable web application created by OWASP in order to test a web application for security vulnerabilities resulting from insecure coding and how to prevent them.

Over this episode, I am going to perform a basic SQL injection and a quick command injection.

We might also use blind SQL injection with Mutillidae, as I'm gonna show in a coming post.

The difference with a plain SQL injection attack is that, in the blind approach, we won't try entering commands in an input field, but we'll use an application to do that for us.

Such different approach can allow for a much faster attack and is recommended in case of input validation, where inputting injection attacks manually would be no use.

a) Quick SQL injection

We start out with the user lookup page. No user was created for this interface yet.

Therefore, I type in a random username (bla), followed by a '.

The website very kindly returns us an error message indicating the database uses MySQL as a backend language.

This information allows us to successfully attack an input field, through an injection attack I had used in my Ethical Hacking class.



Why Teens Take Risks: It's Not a Deficit in Brain Development "IndyWatch Feed Tech"

Why DO teens do THAT? Raging hormones? Prefrontal cortex fully developed? Thrill Seeking? New research from The Annenberg Public Policy Center of the University of Pennsylvania has released a report explaining Why Teens Take Risks: It's Not a Deficit in Brain Development:

The authors propose an alternative model that emphasizes the role that risk taking and the experience gained by it play in adolescent development. This model explains much of the apparent increase in risk taking by adolescents as "an adaptive need to gain the experience required to assume adult roles and behaviors." That experience eventually changes the way people think about risk, making it more "gist-like" or thematic and making them more risk averse.

"Recent meta-analyses suggest that the way individuals think about risks and rewards changes as they mature, and current accounts of brain development must take these newer ideas into account to explain adolescent risk taking," said co-author Valerie Reyna, Ph.D., director of the Human Neuroscience Institute at Cornell University.

Romer[1] added, "The reason teens are doing all of this exploring and novelty seeking is to build experience so that they can do a better job in making the difficult and risky decisions in later life decisions like 'Should I take this job?' or 'Should I marry this person?'There's no doubt that this period of development is a challenge for parents, but that's doesn't mean that the adolescent brain is somehow deficient or lacking in control."

[1] Daniel Romer, Ph.D

Daniel Romer, Valerie F. Reyna, Theodore D. Satterthwaite. Beyond stereotypes of adolescent risk taking: Placing the adolescent brain in developmental context. Developmental Cognitive Neuroscience, 2017; 27: 19 DOI: 10.1016/j.dcn.2017.07.007 (Javascript required).

Alternate Link: Science.

Original Submission

Read more of this story at SoylentNews.


GnuPG 2.2 Released "IndyWatch Feed Tech"

Werner Koch has announced the release of GNU Privacy Guard's GnuPG 2.2 stable series...


Facebook Messenger scam is targeting its victims via a video link malware "IndyWatch Feed Tech"

Facebook Messenger Spam Spreading Malicious Chrome Extensions, Adware

Beware Facebook Messenger users, as cybercriminals are targeting victims by spreading malware through links sent by their friends.

The malware campaign was discovered by David Jacoby, a senior security researcher in the global research and analysis team at Kaspersky Lab, who was himself targeted after a Facebook friend with whom he rarely interacts, sent a link to a purported video file in Messenger.

After just a few minutes analyzing the message, I understood that I was just peeking at the top of this iceberg. This malware was spreading via Facebook Messenger, serving multi platform malware/adware, using tons of domains to prevent tracking, and earning clicks, David said.

So, how does this malware spread? Apparently, the malicious message containing a or link and the name of the user plus the word Video arrives through one of your friends account on Messenger to make the potential victims believe that it is a legitimate video link. When the victim clicks on the link, it will take the user to a Google Docs page that has a screenshot photo of that Facebook friend. The message is made to look like a playable movie.

But when clicked on that video, the victim is redirected to external sites depending on their browser, location and operating system that ultimately attempt to lure them into installing the malware. This malicious software, if downloaded, will cause the victim to spread the virus to their contacts on Facebook Messenger.

By doing this, it basically moves your browser through a set of websites and, using tracking cookies, monitors your activity, displays certain ads for you and even, in some cases, social engineers you to click on links, Jacoby writes.

For example, a Google Chrome user is redirected to a fake YouTube page with a fake error message designed to push the user in downloading a malicious Chrome extension.

Meanwhile, on Firefox, the users get directed to a website displaying a fake Flash Update notice, which attempts to run a Windows executable to deliver the adware. Since this malware is cross-platform, it affects MacOS Safari too and offers the download of a .dmg file, which is also adware.

It is unclear how the malware spreads via Messenger.

The initial spreading mechanism seems to be Facebook Messenger, but how it actually spreads via Messenger is still unknown. It may be from stolen credentials, hijacked browsers or clickjacking, David speculated.

The people behind this are most likely making a lot of money in ads and getting access to a lot of Facebook accounts, said David.

We know that clicking on unknown lin...


Chinese APT17 group leverages fake Game of Thrones leaks as lures "IndyWatch Feed Tech"

Researchers at Proofpoint spotted a cyber espionage campaign leveraging recent Game of Thrones episode leaks and attribute it to Chinese APT17 group.

Security researchers at Proofpoint have uncovered a cyber espionage campaign leveraging recent Game of Thrones episode leaks to trick victims into opening malicious documents sent via email.

Experts have observed during the past week, the threat actor sending emails to victims with the subject of Wanna see the Game of Thrones in advance?

The malicious messages use weaponized documents booby-trapped with an embedded LNK file that runs a Powershell script to installs the 9002 remote access trojan and gain full access to the victims machine.

Proofpoint recently observed a targeted email campaign attempting a spearphishing attack using a Game of Thrones lure. The malicious attachment, which offered salacious spoilers and video clips, attempted to install a 9002 remote access Trojan (RAT) historically used by state-sponsored actors. reads the analysis published by Proofpoint.

The 9002 RAT was well known by experts in the IT security community, below a list of operations that involved it:



The Tech That Won the First Formula Student Driverless Race "IndyWatch Feed Tech"

On-the-fly mapping got the driverless car through a rainy day Photo: Formula Student Germany

Engineering student Manuel Dangel of Swiss Federal Institute of Technology (ETH) in  Zurich and teammates were walking the racecourse at Formula Student Driverless in Hockenheimring, Germany, earlier this month when they realized that the computerized wheelbarrow they were using to map the course had gone haywire. [See " Students Race Driverless Cars in Germany in Formula Student Competition " 16 August 2017.]

As part of the track-drive event, one of several events that make up the entire competition, the rules permit teams half an hour to walk the racecourse and make measurements they might need to program their driverless cars. Because the track-drive event consists of ten solo laps on the same, unchanging course among traffic cones, the basic strategy is to run within the map, Dangel says. If you cannot make a map before the event, though, you have to switch to a more complex strategy.

The car, which the Zurich student engineers named Flela in honor of a Swiss mountain pass, is a veteran of the 2015 Formula Student Electric race. Its builders gave it two types of eyes: lidar and optical, along with several ways of measuring its ground velocity. They also gave it two ways of navigating: following a pre-loaded map, or building a map of its own during the first couple of laps, which requires slower driving and trustworthy sensors.

For the car to build its own map, it had to use the lidar to distinguish the triangles of the traffic cones and determine the likeliest correct path between the cones. That is harder than it sounds, because lidar does not detect colors, which is how the race organizers distinguished between cones on the left and right side of the track. Instead, the students had to program a probability tree, as shown in the image. Identifying cones may seem obvious to humans, but to a computer they can look a lot like objects in the background, such as tall grass. Water on the track can also reflect images of cones that appear to be below ground level, further confusing things. A lot of driverless driving may be in the eyes, but even more is in the brains.



Top 10 Most Pirated Movies of The Week on BitTorrent 08/28/17 "IndyWatch Feed Tech"

This week we have two newcomers in our chart.

Hitmans Bodyguard is the most downloaded movie.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are Web-DL/Webrip/HDRip/BDrip/DVDrip unless stated otherwise.

RSS feed for the weekly movie download chart.

This weeks most downloaded movies are:
Movie Rank Rank last week Movie name IMDb Rating / Trailer
Most downloaded movies via torrents
1 () Hitmans Bodyguard 7.2 / trailer
2 (2) Guardians of the Galaxy Vol. 2 8.0 / trailer
3 (1) Baywatch 5.7 / trailer
4 (3) The Mummy 2017 5.8 /...


Know your adversary: Focus on social engineering "IndyWatch Feed Tech"

In this podcast recorded at Black Hat USA 2017, Tim Roberts, Senior Security Consultant at NTT Security, talks about social engineering and emphasizes the importance of security awareness and security culture. Heres a transcript of the podcast for your convenience. Hi, my name is Tim Roberts. I work for NTT Security Threats Services Group. We provide service offerings for offensive security testing. This includes network application, wireless mobile penetration testing, as well as on-site social More


TEDGlobal: The computer that can smell explosives "IndyWatch Feed Tech"

Nigerian Oshi Agabi has unveiled a computer based not on silicon but on mice neurons at the TEDGlobal conference in Tanzania.

The system has been trained to recognise the smell of explosives and could be used to replace traditional airport security, he said.

Eventually the modem-sized device dubbed Koniku Kore could provide the brain for future robots.


No More Forced Windows Updates, Promises Microsoft "IndyWatch Feed Tech"

Microsoft will stop Windows 10 forced automatic updates

After a truck load of complaints from angry users, Microsoft has finally changed its mind and will stop sending forced updates to users PCs. Starting with the Windows 10 Creators Update, your machine will no longer display easy to miss reminders about updates and then install it automatically. You will now get to control when any new updates will be installed. This news broke back in May and at the time, it was being pegged as Microsoft listening to its users. However, reports have recently come out that this action might have been in response to the lawsuits that were filed against Microsoft for pushing updates to machines without user knowledge.


During the one year period when Microsoft allowed a free upgrade from Windows 7 & 8 to Windows 10, Microsoft downloaded GBs of data onto user machines that were eligible for the update. This led to many angry Windows users filing lawsuits against the company. In 2016, a consumer rights body in the German state of Baden-Wrttemberg, took Microsoft to court over these downloads, claiming that the company would download up to 6 GB of files onto machines without user consent. After approximately a year of legal proceedings, the German wing of Microsoft has voluntarily agreed to not download files on to user machines without consent. The German rights group has welcomed this news, but also said that the delay in implementing the change was not acceptable.

We would have wished for an earlier backdown, but [Microsofts statement] is a success for more consumer rights in the digital world, said Cornelia Tausch, CEO of the Consumer Center in Baden-Wrttemberg.

How it will now work

Once the update is available, instead of a small prompt, users will now receive a full screen prompt that will give you 3 options viz. Restart Now, Pick a time and Snooze. Even if you do not do anything, your machine will not take any action automatically as is the case right now. On hitting Snooze, a user can delay the update for up to 3 days until 35 days have passed. Once those 35 days are up, users can delay the update even further by hitting Remind me Tomorrow. Therefore, a user can delay the update indefinitely.

As we mentioned earlier, reports of this first broke out in May with Microsoft releasing a statement on their blog post that made it seem like Microsoft was listening to its users. An excerpt of the blog post is as below:

Prior to the Creators Update, Windows 10 made most of the decisions for...


Fascinating Glimpse Into Police Investigation "IndyWatch Feed Tech"

How an abused child was located and rescued using obscure clues

A few years ago I wrote about the extreme security practices of the YardBird
child abuse media trading group. The security rules they developed and, for the most part, followed enabled a significant portion of the group to evade capture even though they were thoroughly penetrated by law enforcement who passively collected data for about a year.

This post is not going to examine the security procedures they used, but rather look at the investigative work that police conducted in order to rescue one child who was being abused. I will state up front that I do not know if the media documenting her abuse was available via other channels or exclusively to the YardBird group. Also, I will admit that I am not entirely sure that this investigation is related to the YardBird group, although it seems to be an exact match. Finally, given the nature of this crime, I will not be providing any suggestions on mitigations to protect against these investigative techniques.

Anyone that would learn from decade old investigation did so long ago, and anyone else is unlikely to use this post as a guide.

The affidavit is here:

Probably linked to YardBird

There are a few things which stand out in the description of the group which I think sound remarkably similar to the YardBird group. In particular the use of Usenet, procedure to join the group, and the security rules governing members actions. The original investigation was conducted by the Australian police which also matches with the YardBird investigation.

Inband Clues

The police have nothing but the content of the pictures to go on. Somehow, they link the location of the abuse victim to the state of Georgia in the US. Fortunately the press filled the details of the process that the investigators followed. Analyzing the complaint, affidavit and article allows us to extract the critical elements which were used to locate the abuser and rescue the child victim.

At each step remember that the police are constructing a sieve that they can pass data through which...


Artificial Intelligence Comics "IndyWatch Feed Tech"

How about smiling with some comics on Artificial Intelligence and Robots?

Blade Runner: 2049s upcoming release is quickly approaching us. We will have to hold out two more months to learn what those mysteries may be.


Hit App Sarahah Quietly Uploads Your Address Book "IndyWatch Feed Tech"

Sarahah, a new app that lets people sign up to receive anonymized, candid messages, has been surging in popularity; somewhere north of 18 million people are estimated to have downloaded it from Apple and Googles online stores, making it the number three most downloaded free software title for iPhones and iPads.

Sarahah bills itself as a way to receive honest feedback from friends and employees. But the app is collecting more than feedback messages. When launched for the first time, it immediately harvests and uploads all phone numbers and email addresses in your address book. Although Sarahah does in some cases ask for permission to access contacts, it does not disclose that it uploads such data, nor does it seem to make any functional use of the information. Sarahah did not respond to requests for comment.

"Zachary Julian, a senior security analyst at Bishop Fox, discovered Sarahah's uploading of private information when he installed the app on his Android phone, a Galaxy S5 running Android 5.1.1. The phone was outfitted with monitoring software known as BURP Suite, which intercepts internet traffic entering and leaving the device, allowing the owner to see what data is sent to remote servers. When Julian launched Sarahah on the device, BURP Suite caught the app in the act of uploading his private data.

"As soon as you log into the application, it transmits all of your email and phone contacts stored on the Android operating system," he said. He later verified the same occurs on Apple's iOS, albeit after a prompt to "access contacts," which also appears in newer versions of Android. Julian also noticed that if you haven't used the application in a while, it'll share all of your contacts again. He did some testing on the app on a Friday night, and when he booted the app on a Sunday morning, it pushed all of his contacts again."

Original Submission

Read more of this story at SoylentNews.


Doomed Incandescent Light Blinker "IndyWatch Feed Tech"

[Jnis]s entry for the Flashing Light Prize was doomed from the start. Or should we say Doomed? It was a complicated mess of Rube-Goldbergery that essentially guaranteed that hed have no time for making a proper video and submitting and entry. But it also ran Doom. Or at least ran on Doom.

(Note: [Jnis] sent us this hack in the e-mail theres no link for this blog post. Youre reading it here and now.)

It starts with a DC motor salvaged from a DVD player that spins a wheel that flips a switch back a...


Intel Haswell Scheduler Updated In LLVM "IndyWatch Feed Tech"

Last month in LLVM there was new Sandy Bridge scheduler information to improve the instruction scheduling and other hardware detail changes so LLVM can generate more efficient code for those older CPUs. At that time we learned Intel developers were also planning improvements too for LLVM with newer Haswell / Broadwell / Skylake / Skylake-X CPUs. Improvements have now landed for Haswell...


SUSE Pledges Endless Love for btrfs; Says Red Hat's Dumping Irrelevant "IndyWatch Feed Tech"

Submitted via IRC for TheMightyBuzzard

SUSE has decided to let the world know it has no plans to step away from the btrfs filesystem, and plans to make it even better.

The company's public display of affection comes after Red Hat decided not to fully support the filesystem in its own Linux.

Losing a place in one of the big three Linux distros isn't a good look for any package even if, as was the case with this decision, Red Hat was never a big contributor or fan of btrfs.

[Matthias G. Eckermann] also hinted at some future directions for the filesystem. "We just start to see the opportunities from subvolume quotas when managing Quality of Service on the storage level" he writes, adding "Compression (already there) combined with Encryption (future) makes btrfs an interesting choice for embedded systems and IoT, as may the full use of send-receive for managing system patches and updates to (Linux based) 'firmware'."

Mmmmmm... butter-fs


Original Submission

Read more of this story at SoylentNews.


Re: Integer overflow in bttv driver "IndyWatch Feed Tech"

Posted by Greg KH on Aug 28

shows this, from the repo you link to above:

what am I missing here?

Also, any specific reason you sent this to oss-security just a few
minutes after sending it to security () kernel org? I don't really care
for something like this that is not really an issue, but if it was,...


Initial Vulkan SDL Integration Lands "IndyWatch Feed Tech"

Landing within the SDL (Simple DirectMedia Library) code-base over night is initial Vulkan API support...


This Week in Numbers: Comparing Corporate Open Source Contributions on GitHub Organizations "IndyWatch Feed Tech"

Another way to evaluate GitHub organizations is based on their activity. Open Hub data indicates that 61 percent of the most active organizations on GitHub organizations are commercial enterprises. Most of these companies are working on projects where almost all of the contributors are also employees. Non-profit organizations like those supporting Linux and Kubernetes on average have the highest number of commits.


Using Ansible for Deploying Serverless Applications "IndyWatch Feed Tech"

Ansible is designed as the simplest deployment tool that actually works. What that means is that it's not a full programming language. You write YAML templates that define tasks and list whatever tasks you need to automate your job.


Monitoring Network Traffic More Efficiently "IndyWatch Feed Tech"

In todays data networks, traffic analysis determining which links are getting congested and why is usually done by computers at the networks edge, which try to infer the state of the network from the times at which different data packets reach their destinations.


Managing Vim Plugins "IndyWatch Feed Tech"

We look at some tools that can help take the pain out of managing plugins.


Communicating in a Foreign Language Takes Emotion Out of Decision-Making "IndyWatch Feed Tech"

From mrpg comes an interesting story about how communicating in a foreign language can influence decision making.

If you could save the lives of five people by pushing another bystander in front of a train to his death, would you do it? And should it make any difference if that choice is presented in a language you speak, but isn't your native tongue?

Psychologists at the University of Chicago found in past research that people facing such a dilemma while communicating in a foreign language are far more willing to sacrifice the bystander than those using their native tongue. In a paper published Aug. 14 in Psychological Science, the UChicago researchers take a major step toward understanding why that happens.

"Until now, we and others have described how using a foreign language affects the way that we think," said Boaz Keysar, the UChicago psychology professor in whose lab the research was conducted. "We always had explanations, but they were not tested directly. This is really the first paper that explains why, with evidence."

[...] "We discovered that people using a foreign language were not any more concerned with maximizing the greater good," said lead author Sayuri Hayakawa, a UChicago doctoral student in psychology. "But rather, were less averse to violating the taboos that can interfere with making utility-maximizing choices."

Journal Reference: Sayuri Hayakawa, David Tannenbaum, Albert Costa, Joanna D. Corey, Boaz Keysar. Thinking More or Feeling Less? Explaining the Foreign-Language Effect on Moral Judgment. Psychological Science, 2017; 095679761772094 DOI: 10.1177/0956797617720944

Original Submission

Read more of this story at SoylentNews.


Why I cant transfer money with my Monitor upright "IndyWatch Feed Tech"

Berliner Sparkasse Onlinebanking FAQ: Why do I get the message mobile device, cant perform smsTAN money transfer when using my Desktop computer. A possible cause is the display resolution. Your computer is being detected as a mobile device by our online banking system. smsTAN is not working from a mobile device. Solution: Change the display resolution.

So 19201080 work, but 10801920 doesnt.


Cheap and Easy Magnetic DNA Separation Method Needs Your Help "IndyWatch Feed Tech"

When you consider that almost every single cell in your body has more than a meter of DNA coiled up inside its nucleus, it seems like it should be pretty easy to get some to study. But with all the other cellular gunk in a crude preparation, DNA can be quite hard to isolate. Thats where this cheap and easy magnetic DNA separation method comes in. If it can be optimized and tested with some help from the citizen science community.

Commercial DNA separation methods generally involve mixing silica beads into crude cell fractions; the DNA preferentially binds to the silica, making it possible to mechanically separate it from the rest of the cellular junk. But rather than using a centrifuge to isolate the DNA, [Justin] from The Thought Emporium figured that magnets might do a better job. Its not a new idea biotech companies offer magnetic separation beads commercially, but at too steep a price for [Justin]s budget. His hack comes from making magnetite particles from common iron compounds like PCB etchant and moss killer, and household ammonia cleaner. The magnetite particles are then coated with sodium silicate solution, also known as waterglass. The silica coating should allow the beads to bind to DNA, with the magnetic core taking care of separation.

[Justin] was in the process of testing his method when he lost access to the needed instruments, so hes appealing to the larger science community for help optimizing his technique. Based on his track record of success in fields ranging from satellite tracking to graphene production, well bet hell nail this one too.

Filed under: chemistry hacks


Y2Gay was not a joke article "IndyWatch Feed Tech"

(Article in German)

So the software in German Standesmtern does not implement marriage properly after the law changed: It cannot register a marriage between partners of the same sex. The workaround is to enter the sex of one of the partners falsely, hence the Geschlechtsumwandlung (sex change) in the articles title.

Time to read the Y2Gay article again, and this time not as a joke.


Not even reading "IndyWatch Feed Tech"

Why do companies think about Chatbots and other abominations for customer support? Because already their Fleshbots are not even reading what the customer writes.

Here for example is my password strength for the KLM website:

But Kris, thats terrible. Why dont you set a proper password? Well, there is this:

Seriously, 4 numeric characters only? Well, no, they even suck at sucking, its actually taking up to 6 numeric characters.

But seriously, KLM? This is how it is done:

Would you please kindly unfuck your password management? Well, lets ask:

That looks like a phishing attempt to me, but thats the actual KLM account, so lets try it:


Nope, you did not even read what I wrote.



Google mistake is the root cause of Internet Outage in Japan "IndyWatch Feed Tech"

A widespread internet disruption occurred in Japan on Friday, Google error it the main cause of the Internet outage that caused the panic in the country.

Google error it the root cause of a widespread Internet outage in Japan that lasted for about an hour on Friday, August 25. The incident was caused by a BGM route hijack that began at 12:22 PM local Japan time and was fixed by 1:01 PM.

Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. It interconnects the networks of major Internet service providers that announce which IP addresses are available on their networks.

If an ISP provides wrong information on the availability of IP address blocks we are in presence of a BGM route hijack ISPs.

This is what has happened on Friday when Google wrongly advertised that IP blocks belonging to a Japanese ISPs were found on its network.

BGPMon who analyzed the event confirmed that Google hijacked the traffic NTT Communications Corp., a major ISP who also supports two smaller ISPs named OCN and KDDI Corp. NTT has more than 8 million customers, 7.67 million home users, and 480,000 companies.

Beginning at 2017-08-25 03:23:34, we detected a possible BGP hijack.

Prefix, Normally announced by AS7527 Japan Internet Exchange Co., Ltd.

Starting at 2017-08-25 03:23:34, a more specific route ( was announced by ASN 15169 (Google Inc.).

This was detected by 17 BGPMon peers. reported BGPMon.

Other ISPs started routing traffic that was destined for Japan to Googles systems, many services online in Japan went down, including the Nintendo networks.

A widespread internet disruption hit Japan on Friday, blocking access to banking and train reservation services as well as gaming sites.

The disruption was limited to the networks of NTT Communications Corp. and KDDI Corp.

NTT Communications, which runs the OCN internet service, said the problem occurred because an overseas network service provider that OCN uses suddenly switched internet routes. reported the Japan Times.

It was chaos in the country, the Internal Affairs...


Piracy Fines For Dutch Pirates, Starting This Autumn "IndyWatch Feed Tech"

In 2014, the European Court of Justice ruled that the piracy levy, used in the Netherlands to compensate rightsholders for illicit downloading, was unlawful. In the immediate aftermath, downloading from unauthorized sources was banned.

Three years on and illegal downloading is still considered by rightsholders to be a problem that needs to be brought under control. This means that BitTorrent users are the number one target since their activities also involve uploading, something that most courts consider to be a relatively serious offense.

With that in mind, Dutch film distributor Dutch Filmworks (DFW) is preparing a wave of anti-piracy activity that looks set to mimic the copyright-trolling activities of similar outfits all over the world.

A recent application to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), revealed that DFW wishes to combat the unlawful dissemination of copyright protected works by monitoring the activities of BitTorrent users.

DFW intends to collect data from people who exchange files over the Internet through BitTorrent networks. The data processing consists of capturing proof of exchange of files via IP addresses for the purpose of researching involvement of these users in the distribution or reproduction of copyrighted works, it reads.

People who are monitored sharing DFW titles (the company says it intends to track people sharing dozens of releases) will get a letter with an offer to settle in advance of being taken to court. Speaking with NOS, DFW CEO Willem Pruijsserts now reveals that the campaign will begin in the autumn.

[The lettter] will propose a fee, he says. If someone does not agree [to pay], the organization can start a lawsuit.

Quite how much DFW will ask for is not yet clear, but Pruijsserts says the Dutch model will be more reasonable than similar schemes underway in other regions.

In Germany, this costs between 800 and 1,000, although we find this a bit excessive. But of course it has to be a deterrent, so it will be more than a tenner or two, he said.

In comments to RTLZ, Pruijsserts confirmed fines of at least hundreds of euros.

According to documents filed with the Dutch data protection authority, DFW will e...


Kafka Architecture "IndyWatch Feed Tech"

First, if you are not sure what Kafka is, see this article.


Gateway to the Heavens: The Assyrian Account to the Tower of Babel "IndyWatch Feed Tech"

 How about an alternative reading?  As the Sahara desert dried out all the peoples living therin migrated toward the Nile delta. and this drove a population boom.


The Ottawa Angel Incident "IndyWatch Feed Tech"

This another extaordinary eye witness report and very rich in detail.  She had ample time to observe close up and from diffeent angles.  I also think she has it ight on all counts.  This is an ambassador heading to a meeting in the city and surely was met by a conveyance there outside the city.

It is cetainly not an angel but may be a human genetic experiment constucted during the antidiluvium high civilization. Or it may be alien as well.  However, i do find that the whole described biology to be purely terran.  I know those wings and those feathers and that brow ridge as well.  Thus the simplest explanation is a population of flight modified humanity that retains its arms and legs as well and spots the necessary deep chest needed for the oveall large size.

We already know that such experiments were conducted long ago.  We already know how to do this ourselves or are so close that it no longer matters.

Of course this could be someone's creative witing execise or alternatively an ambasaador from our near future as well.  Yet i have ample indication of such cuiosities now stepping into and out of our present reality in order to taste our world again.  The wild was always about but few in number and smart enough to avoid common knowledge.

These on the other hand are completely human smart and simply biologically wonderful and good at not been seen generally.

The Ottawa Angel Incident

Friday, August 11, 2017


Diamond and Silk get the axe "IndyWatch Feed Tech"

It angers me that Google, Facebook and Youtube, who possess effective monpolies over their space should use that power to choke independent voices supporting a political meme they simply do not like.  Perhaps the government should declare them to be a media utility and perhaps disallow their sale of advertising.  In fact why should they own the perpetual right to sell advertising anyway?

Newspapers no longer own the classifieds.  How about we simply create an advertising meme for all customers in the form of John Doe$$$ who immediately auto posts to his  account on these sites and shares with his friends.  I actually know how to make this into the central channel for all advertising without paying a dime to Google, Facebook and Youtube.

Diamond and Silk are good fun and no more.  I think i watched them once and they are actually funny.  Cutting that free act off from money is petty and insulting and enough to make many users angry.  These spoiled owners need to wake up and stop trying to jump in front of a political train(wreck) or otherwise because there is no way a commercial enterprise can win that game.

Recall how Trump's drawing power served to smash up a number of top unassailable brands and precipitated the abrupt departure of their bosses.  Then recall it had nothing to do with him at all and become very scared.  He is the bowsprit on a massive reformation of the American  polity that is happening regardless.

Diamond and Silk get the axe: Google, Facebook and YouTube on black censorship RAMPAGE to silence all pro-Trump voices by any means possible

Thursday, August 10, 2017 by: Ethan Huff



The Supernatural Weapons of the Mahabharata and Their World Destroying Power "IndyWatch Feed Tech"

The Battle of Kurukshetra, fought between the Kauravas and the Pandavas, recorded in the Mahabharata

One thing that i have never truly commented on is that there is ample evidence in scriptures to support  both the Bronze Age and an earlier antediluvian technological civilization that sustained human lifespans past a thousand years.  Our own science is saying this is completely plausible.  

The memory of this past age has bled into the scriptures and has been sustained as we finally slipped into a primitive global dispensation rather recently in fact.   I suspect the last of the long lived humans left off not much later than 4000 to 5000 years ago with the establishment of several large cities.  Since then we have been living short cycle lives, forcing rapid change as a matter of course.

 Thus reading these scriptures is best done assuming modernity to provide technical explanations.  This works well.


 The Supernatural Weapons of the Mahabharata and Their World Destroying Power

In many world mythologies, the characters in the myths are often given supernatural weapons. In Greek mythology,...


The Case for Cosmic Pantheism - Facts So Romantic "IndyWatch Feed Tech"

Einstein, a professed pantheist, wrote that he experienced a cosmic religious feeling, a persistent awe at the sublimity and marvelous order of the universe. He was not alone.Credit: Internet Archive

Arent those opposites? people often ask me, when they discover I study science and religion. As a professor of religious studies, I am particularly drawn to the places where religion and science seem antagonistic, but turn out to be entwined. The multiverse, I would argue, is one of those places. This may come as a surprise, because the multiverse is so often used as an argument against the existence of God.

The multiverse hypothesis has been around since the late 1950s, but it gained traction in the late 1990s when physicists discovered dark energy, or the cosmological constant. When it comes to the mass of the electron or the strength of the nuclear forces, nearly any other value would have prevented the emergence of life as we know it. As for the cosmological constant, nearly any other value would have prevented the emergence of the universe itself. So, this discovery forced physicists to confront a question they had been avoiding for decades: Why is the universe so well suited to our
Read More

Enzyme Produced in the Liver Promotes Obesity, Fatty Liver Disease and Insulin Resistance "IndyWatch Feed Tech"

Original article in Deutsches Zentrum fr Diabetesforschung e.V. (DZD):

In mice that are given a high-fat diet, an increased production of the enzyme DPP4* by the liver promotes an increase in body fat, the development of fatty liver disease and insulin resistance. These were the findings of a current study by DZD-researchers in Potsdam and Tbingen. "In combination with our observations from additional human and cell studies, these results indicate that increased DPP4 production by the liver is the cause rather than the consequence of a fatty liver and insulin resistance," says the head of the study, Annette Schrmann from the German Institute for Human Nutrition Research (DIfE), a partner of the German Center for Diabetes Research (DZD). The research team led by Schrmann has now published its findings in Molecular Metabolism.

"DPP4 inhibitors** are well known from the treatment of diabetes. Therefore, in our opinion, they could be used in the future not only to improve the sugar metabolism but also to treat non-alcoholic fatty liver disease***," adds the lead author of the study, Christian Baumeier from DIfE.

[...] In addition, the scientists observed that human beings suffering from insulin resistance and non-alcoholic fatty liver disease have a greater amount of active DPP4 in their blood than healthy people.

Read more of this story at SoylentNews.

Security Concerns Engulfing IoT Applications, and What Vendors Are Doing About It "IndyWatch Feed Tech"

Security Concerns Engulfing IoT Applications, and What Vendors Are Doing About It


[SECURITY] [DSA 3956-1] connman security update "IndyWatch Feed Tech"

Posted by Luciano Bello on Aug 27

Debian Security Advisory DSA-3956-1 security () debian org Luciano Bello
August 27, 2017

Package : connman
CVE ID : CVE-2017-12865
Debian Bug :...


Zimperium researcher released an iOS Kernel Exploit PoC "IndyWatch Feed Tech"

Zimperium Researcher Adam Donenfeld released an iOS Kernel Exploit PoC that can be used to gain full control of iOS mobile devices.

Researcher Adam Donenfeld of mobile security firm Zimperium published a Proof-of-concept (PoC) for recently patched iOS vulnerabilities that can be chained to gain full control of iOS mobile devices.

The expert called the PoC exploit zIVA (Zimperiums iOS Video Audio), it is designated to work on all 64-bit iOS devices <= 10.3.1.

The vulnerabilities discovered earlier this year are tracked as CVE-2017-6979, CVE-2017-6989, CVE-2017-6994, CVE-2017-6995, CVE-2017-6996, CVE-2017-6997, CVE-2017-6998 and CVE-2017-6999.

The exploit allows an attacker to take complete control of the kernel, chaining the vulnerabilities it is possible to jailbreak a device, it has been presented at the HITBGSEC held in Singapore on August 25th.

Following my previous post, Im releasing ziVA: a fully chained iOS kernel exploit that (should) work on all the iOS devices running iOS 10.3.1 or earlier. The exploit itself consists of multiple vulnerabilities that were discovered all in the same module: AppleAVEDriver. Donenfeld wrote in a blog post.

iOS Kernel Exploit

iOS 10.3.2, which Apple released in mid-May, addresses seven AVEVideoEncoder flaws and one IOSurface vulnerability discovered b...


Muscle robots being developed to remove debris from Fukushima reactors "IndyWatch Feed Tech"

TOKYO A joint venture between Japanese and American high-technology power houses Hitachi and General Electric is developing special robots for removing nuclear debris from the Fukushima Daiichi nuclear power plant, the most difficult task in decommissioning the plants six reactors, three of which suffered core meltdowns in the March 2011 accident.

The machines under development by Hitachi-GE Nuclear Energy are called muscle robots, as their hydraulic springs operate like human muscles. The company, based in Hitachi, Ibaraki Prefecture, is stepping up efforts to complete the development project in time for the start of debris removal in 2021.

Hitachi-GE is testing the arms of the robots at a plant of Chugai Technos, a Hiroshima-based engineering service company, located a 30-minute drive from the center of the city. The testing is taking place in a structure with a life-size model of the primary containment vessel of the No. 1 reactor at the Fukushima plant. The robots awkwardly move about, picking up concrete lumps standing in for fuel debris.


Clowns-Only Showing of Stephen King's 'It' is Worst Idea Ever "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story on CNET:

Alamo Drafthouse Cinema is offering a clowns-only screening of Stephen King's "It," the classic horror story featuring Pennywise the murderous clown.

There are three clowns-only showings, all at Austin, Texas theaters on Sept. 9, the day after "It" opens in the US.

"For this special clown screening of IT, all attendees should arrive dressed as a clown in order to attend," the Alamo Drafthouse website explains. "Please arrive early and join us in the Barrel O' Fun (CNET note: The whaaat, now?) beginning at 5:30pm for an IT pre-party where we will have face-painters available for clown touch-ups, a photo booth, raffles for prizes, and other terrifying merriment. Please arrive in your own Pennywise best and be ready to float with us."

[Ed Note: The fear of clowns is Coulrophobia. The wikipedia page does NOT have pictures, which I find mildly amusing.]

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


Turning On Your Amplifier With A Raspberry Pi "IndyWatch Feed Tech"

Life is good if you are a couch potato music enthusiast. Bluetooth audio allows the playing of all your music from your smartphone, and apps to control your hi-fi give you complete control over your listening experience.

Not quite so for [Daniel Landau] though. His Cambridge Audio amplifier isnt quite the latest generation, and he didnt possess a handy way to turn it on and off without resorting to its infrared remote control. It has a proprietary interface of some kind, but nothing wireless to which he could talk from his mobile device.

His solution is fairly straightforward, which in itself says something about the technology available to us in the hardware world these days. He took a Raspberry Pi with the Home Assistant home automation package and the LIRC infrared subsystem installed, and had it drive an infrared LED within range of the amplifiers receiver. Coupled with the Home Assistant app, he was then able to turn the amplifier on and off as desired. Its a fairly simple use of the software in question, but this is the type of project upon which so much more can later be built.

Not so many years ago this comparatively easy project would have required a significant amount more hardware and effort. A few weeks ago [John Baichtal] took a look at the evolution of home automation technology, through the lens of the language surrounding the term itself.

Via Hacker News.

Filed under: digital audio hacks, home hacks


Trump Expected to Lift Ban on Military Gear to Local Police Forces "IndyWatch Feed Tech"

Via: USA Today: The Trump administration is preparing to lift a controversial ban on the transfer of some surplus military equipment to police departments whose battlefield-style response to rioting in a St. Louis suburb three years ago prompted a halt to the program. The new plan, outlined in documents obtained by USA TODAY, would roll []


Weekend Entertainment: Video Explorations Around Area 51 "IndyWatch Feed Tech"

Visits to the various gates of Area 51 comprise an entire genre of videos on YouTube. Click bait titles and corny theremin soundtracks are par for the course here. If you are interested in the topic at all, you have probably seen many of these. Ive watched dozens of videos where someone drives up to []


Wanted: GNU Project Maintainers Part 2 "IndyWatch Feed Tech"

Want to use your skills to aid in the development and maintenance of GNU projects? Here are four more projects that could use your help.

GNU XBoard

A screenshot from XBoard, an app for playing chess and other chess-like board games. (Photo credit:

Carters Corner

This article is a continuation of my last article on GNU projects that are in current need of maintainers. When I first read about the projects GNU needed help with, I was drawn to Gnubik from my own personal love of Rubiks Cube puzzles. I ended up liking the program and wanted to help so I reached out to the maintainer, who replied back asking about my background and letting me know where help was needed at if I was still interested. Since then, Ive slowly been helping out where I could and enjoying learning more about the code behind the program. Im hoping that by writing about these projects,...


Leather grown using biotechnology is about to hit the catwalk "IndyWatch Feed Tech"

LEATHERMAKING is an ancient craft. The oldest leather artefact found so far is a 5,500-year-old shoe from a cave in Armenia, but paintings in Egyptian tombs show that, 7,000 years ago, leather was being turned into all manner of things, from sandals to buckets to military equipment. It is a fair bet that the use of animal skins for shelter and clothing goes back hundreds of thousands of years at least.

Leathermaking is also, though, a nasty business. In 18th-century London the soaking of putrefying hides in urine and lime, to loosen any remaining flesh and hair, and the subsequent pounding of dog faeces into those skins to soften and preserve them, caused such a stench that the business was outlawed from the City proper and forced downwind and across the river into Bermondsey. In countries such as India and Japan, the trade tainted people as well as places and was (and often still remains) the preserve of social outcasts such as Dalits and Burakumin.


Kernel prepatch 4.13-rc7 "IndyWatch Feed Tech"

The 4.13-rc7 kernel prepatch has been released. "We had a few issues come up the past week, but nothing that is really impacting the release schedule. So here's rc7, and I still expect this to the the last rc, although the best-laid plans of mice and men.."


General Mills Loses Bid to Trademark Yellow Color on Cheerios Box "IndyWatch Feed Tech"

From ArsTechnica

General Mills argued that it deserved to be awarded the trademark status because "consumers have come to identify the color yellow" on boxes of oats cereal with "the Cheerios brand." It has been marketed in yellow packaging since 1945, with billions in sales.

The board noted that "there is no doubt that a single color applied to a product or its packaging may function as a trademark and be entitled to registration under the Trademark Act." But that's only if those colors have become "inherently distinctive" in the eyes of consumers. Some of those examples include UPS "Brown;" T-Mobile "Magenta;" Target "Red;" John Deere "Green & Yellow;" and Home Depot "Orange." It goes without saying that anybody can still use those colors predominately in their marketing, but not direct competitors.

Regarding the box of Cheerios, however, the court ruled that consumers don't necessarily associate the yellow box of cereal with Cheerios, despite General Mills' assertion to the contrary. Consumers are confronted with a multitude of yellow boxes of oats cereal, the appeal board noted. By comparison, T-Mobile has only a handful of competitors, and none of them uses the magenta color as a distinctive mark, the appeal board said.

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


Is Your Mobile Carrier Your Weakest Link? "IndyWatch Feed Tech"

More online services than ever now offer two-step authentication requiring customers to complete a login using their phone or other mobile device after supplying a username and password. But with so many services relying on your mobile for that second factor, there has never been more riding on the security of your mobile account. Below are some tips to ensure your mobile device (or, more specifically, your mobile carrier) isnt the weakest link in your security chain.

For reasons explored more in The Value of a Hacked Email Account, many people become so preoccupied with securing online access to their financial accounts that they overlook or forget the fact that all of those precautions may be moot if hackers can access your email inbox. From that 2013 piece:

Sign up with any service online, and it will almost certainly require you to supply an email address. In nearly all cases, the person who is in control of that address can reset the password of any associated services or accounts merely by requesting a password reset email.


Many webmail providers now encourage users to take advantage of two-step (a.k.a. two factor) authentication methods in addition to passwords for securing access to email. This usually involves the user adding a mobile phone number to their account that gets sent a one-time code that needs to be entered after supplying the account password. The idea here is that even if thieves somehow manage to phish or otherwise glean your account password, they still need access to your phone to discover the one-time code.

Depending on how youve set up two-step authentication, however, this may be far from airtight security. Whats more, not all two-step authentication methods are equally secure. Probably the most common form of secondary authentication a one-time code sent to your mobile device via SMS/text message is also the least secure.

Thats because thieves who manage to phish or otherwise filch your password can then simply ring your mobile provider pretending to be you, claiming that your phone is lost and that you need to activate a new phone and corresponding new SIM card. Or, they convince a gullible or inexperienced customer support rep to temporarily forward all of your calls and texts to a different number (this happened to me in 2013).



Total Eclipse "IndyWatch Feed Tech"

[2017 Solar eclipse with corona] My first total eclipse! The suspense had been building for years.

Dave and I were in Wyoming. We'd made a hotel reservation nine months ago, by which time we were already too late to book a room in the zone of totality and settled for Laramie, a few hours' drive from the centerline.

For visual observing, I had my little portable 80mm refractor. But photography was more complicated. I'd promised myself that for my first (and possibly only) total eclipse, I wasn't going to miss the experience because I was spending too much time fiddling with cameras. But I couldn't talk myself into not trying any photography at all.

Initially, my plan was to use my 90mm Mak as a 500mm camera lens. It had worked okay for the the 2012 Venus transit.

[Homemade solar finder for telescope] I spent several weeks before the eclipse in a flurry of creation, making a couple of solar finders, a barn-door mount, and then wrestling with motorizing the barn-door (which was a failure because I couldn't find a place to buy decent gears for the motor. I'm still working on that and will eventually write it up). I wrote up a plan: what equipment I would use when, a series of progressive exposures for totality, and so forth.

And then, a couple of days before we were due to leave, I figured I should test my rig -- and discovered that it was basically impossible to focus on the sun. For the Venus transit, the sun wasn't that high in the sky, so I focused through the viewfinder. But for the total eclipse, the sun would be almost overhead, and the viewfinder nearly impossible to see. So I had planned to point the Mak at a distant hillside, focus it, then slip the filter on and point it up to the sun. It turned out the focal point was completely different through the filter.

[Solar finder for DSLR, made from popsicle sticks] With only a couple of days left to go, I revised my plan. The Mak is difficult to focus under any circumstances. I decided not to use it, and to stick to my Canon 55-250mm zoom telephoto, with the camera on a normal tripod. I'd skip the partial eclipse (I've photographed those before anyway) an...


Sorry US; Europeans Listen to Space with GRAVES "IndyWatch Feed Tech"

In Europe, the GRAVES radar station beams a signal on 143.050 MHz almost straight up to detect and track satellites and space junk. That means you will generally not hear any signal from the station. However, [DK8OK] shows how you canif you are in Europelisten for reflections from the powerful radar. The reflections can come from airplanes, meteors, or spacecraft. You can see a video from [way1888] showing the result of the recent Perseid meteor shower.

Using a software-defined radio receiver, [DK8OK] tunes slightly off frequency and waits for reflections to appear in the waterfall. In addition to observing the signal, it is possible to process the audio to create more details.

Why is there a giant vertical radar transmitter in the middle of France? The transmitter uses a phased array to send a signal over a 45-degree swath of the sky at a time. It makes six total steps every 19.2 seconds. A receiver several hundred miles away listens for reflections.

Even the moon reflects the signal when it is in the radars path. If you are interested in a moon bounce, you may be able to build a station to hear the reflections without being in Europe.

Of course, if you can transmit yourself, you might want to bounce your own signal off airplanes. If you want to do it old school, you could emulate [Zoltn Bay].

Filed under: radio hacks


Energy Storage: Lithium from Supervolcanoes? "IndyWatch Feed Tech"

Cobalt is a much more serious blocker than lithium. Via: Smithsonian: Theres no doubt that in coming years, were going to need a lot of lithium. The growing market of electric automobiles, plus new household energy storage and large-scale battery farms, and the current lack of any technology better for storage than lithium ion batteries, []


Week in review: Android Oreo security, hacking robots, DDoS attacks on the rise "IndyWatch Feed Tech"

Heres an overview of some of last weeks most interesting news, podcasts and articles: Judge limits DOJs search of anti-Trump website data On Thursday, District of Columbia Superior Court Judge Robert Morin ruled that DreamHost must comply with the narrowed warrant, but has further limited the governments access to the asked-for data, in order to limit exposure of sensitive user information. Review: Securing the Internet of Things The authors do a good job explaining the More


The Worlds (New) Longest Flight Is Coming "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

Qantas noted that both planes "can get close" to the requirements needed for London and New York missions. The public prodding is designed to make one or both manufacturers revisit technical schemes to edge out even greater range.

A nonstop flight from Sydney to London would shave almost four hours off current travel times that involve a stopover; for New York, travelers could save nearly three hours. Airbus, in an emailed statement, said it was equal to the challenge.

[...] Qantas flew its first so-called "Kangaroo Route" from Sydney to London in December 1947, flying a Lockheed Constellation. The trip took four days. In a few years, the kangaroo-flagged carrier hopes to do it in just over 20 hours.

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


Linux 4.13-rc7 Kernel Released, Linux 4.13 Likely Coming Next Week "IndyWatch Feed Tech"

Just days after Linux turned 26 years old, Linus Torvalds has announced the seventh weekly test candidate of the upcoming Linux 4.13 kernel...


DistroWatch Weekly, Issue 727 "IndyWatch Feed Tech"

This week in DistroWatch Weekly: Review: Cucumber Linux 1.0News: DragonFly BSD prepares HAMMER2, Ubuntu's transition to GNOME, a free hardware phone running Debian, SUSE reaffirms their commitment to Btrfs, GNOME's new settings panel, Nimbusoft sells Ubuntu Budgie computersQuestions and answers: Using Flatpak vs SnapReleased last week: Black Lab....


Tips for an Information Security Analyst/Pentester career - Episode 12 (reviewed version): Blind SQL injection with DVWA "IndyWatch Feed Tech"

Last reviewed: 8/27/2017


We talked about SQL injection over the previous episode.

I manually inputted injection commands within input fields to crack the database.

However, this isn't the only, nor the best approach.

If we can't manually input the commands (input sanitation), or we want a faster approach, we can try a blind SQL injection attack.

In this case, we'll have a software run the SQL injection for us, instead of having to do it manually.


I enter a valid user id (3) in DVWA and click Submit.

We need the URL of the page we're in (shown below).

At that point, I grab the cookie session ID by right-clicking on an empty post in the page and clicking Page Info and then Security. 



HPR2366: Making Bramble Jelly "IndyWatch Feed Tech"

How to make Jam/Jelly Hi again HPR listeners, its the time of the year when I turn my hand to foraging and making Jelly from the local wild brambles. The season has started early here in the UK so Ive already produced over 60 jars of bramble jelly this year with more to come. Thankfully I have people who donate old jam jars for reuse during the year which I store for this very time of the year so I have not had any problems with jars for storage. First on the issue of hygiene, before filling all the jars have previously been de-labelled and on the day of production are given another wash in hot soapy water, rinsed and placed in the oven and cooked for at least 15 minutes at 150 Centigrade (300 Fahrenheit) to sterilise them. All the lids are also boiled in water and kept hot until just before use for the same reason. The first thing I do in making jelly is wash the collected fruit (Blackberries) and put it in a pan with a little water to start cooking, then mash with a vegetable masher to start the process of breaking down the fruit. I also add 1 Lemon cut in half to each 1 Kg of fruit both for the acidity and the pectin in the pith of the lemon (this helps setting the jelly as it cools). If there are any available I add wild plums to the mix in about a 10% ratio of plums to the Brambles as these are also rich in pectin. Once the fruit has boiled and broken down leave to cool, then remove the lemon skins ensuring you scrape the inside to get the gelatinous pulp into the pot as this contains the pectin. Now the fruit needs to be strained to remove the seeds etc. and just leave the juice for making the jelly. Once this has been done reduce the juice by about a third to concentrate it a little then measure the remaining juice to calculate how much sugar you will need for making the jelly. I use 1Kg sugar to each Liter of juice (1lb/US Pint) Put the juice in a pan large enough that it only comes half way up after the sugar is added as you need room for it to expand as it boils, bring the Juice back up to a boil and add the sugar stirring until it's all dissolved. This will have cooled it all down again so continue heating the juice and sugar mix until it starts to boil. At this stage you need to keep the juice boiling until it has come to Jam temp (105C/220F). If you have a Jam Thermometer you can use that to find the jam/jelly point. I dont so I use a mixture of visual clues (boiling with lots of small bubbles on the surface) and using a cold plate kept in the freezer to test the Jelly as it cooks until its ready. You need to boil the juice for 10-15 minutes after it gets to temperature then put a drop of the juice on a cold saucer and leave for a minute, after which run your finger through the blob of juice and if it ripples up and stays there without closing the gap created you have Jelly. If not boil for a further 5 minutes and repeat until you have a setting jelly. Editor's Note: above adjusted in accordance with the comment 2017...


VW Engineer Sentenced to 40 Month Prison Term in Diesel Case "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

A federal judge in Detroit sentenced former engineer James Liang to 40 months in prison on Friday for his role in Volkswagen AG's (VOWG_p.DE) multiyear scheme to sell diesel cars that generated more pollution than U.S. clean air rules allowed.

U.S. District Court Judge Sean Cox also ordered Liang to pay a $200,000 fine, 10 times the amount sought by federal prosecutors. Cox said he hoped the prison sentence and fine would deter other auto industry engineers and executives from similar schemes to deceive regulators and consumers.

Liang was part of a long-term conspiracy that perpetrated a "stunning fraud on the American consumer," Cox said, as the defendant's family looked on in the courtroom. "This is a very serious and troubling crime against our economic system."

Liang pleaded guilty earlier this year to misleading regulators, and had cooperated with U.S. law enforcement officials investigating Volkswagen.

Prosecutors last week recommended that Liang, 63, receive a three-year prison sentence, reflecting credit for his months of cooperation with the U.S. investigation of Volkswagen's diesel emissions fraud. Liang could have received a five-year prison term under federal sentencing guidelines. Liang's lawyers had asked for a sentence of home detention and community service.

Liang can appeal the sentence, Cox said.

Volkswagen pleaded guilty in March to three felony charges under an agreement with prosecutors to resolve the U.S. criminal probe of the company itself. It agreed to spend as much as $25 billion in the United States to resolve claims from owners and regulators and offered to buy back about 500,000 vehicles.

Volkswagen has admitted that it used software to deceive regulators in the United States and Europe from 2006 to 2015.

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


Windows 10 vs. Ubuntu 17.04 With Intel Kabylake Mobile Graphics "IndyWatch Feed Tech"

While we've seen the Radeon Linux OpenGL driver get competitive to the Windows Radeon OpenGL driver and the NVIDIA Windows/Linux OpenGL binary drivers have long been on a level playing field, how's the Intel HD Graphics performance? Here are some quick and fresh benchmarks this weekend.


Hackaday Links: August 27, 2017 "IndyWatch Feed Tech"

Hulk Hands! Who remembers Hulk Hands? These were a toy originally released for the 2003 Hulk movie and were basically large foam clenched fists you could wear. Hulk Hands have been consistently been re-released for various Marvel films, but now theres something better: its the stupidest tool ever. Two guys thought it would be fun and not dangerous at all to create cast iron Hulk Hands and use them as demolition and renovation equipment. This is being sold as a tool comparable to a sledgehammer or a wrecking bar.

New Pogs! Were up to 0x0C. Is your collection complete?

[Peter] is building an airplane out of foam in his basement. Hes also doing it as a five or six-part series on his YouTube channel. Part two is now up. This update covers the tail surfaces, weighing and balancing the fuselage, and a general Q&A with YouTube comments.  Yes, [Peter] still has a GoFundMe up for a parachute, and its already about half funded. With any luck, hell have the $2600 for a parachute before he builds the rest of the plane. Another option is a ballistic parachute system a parachute for the whole plane, like a Cirrus. That would be a bit more than $4000, so well see how far the GoFundMe goes.

Primitive Technology has another video out. This time, hes improving his bow string blower into something that kinda, sorta resembles a modern forge. This time, the experiment was a success when it comes to pottery hes now able to fire clay at a much higher temperature, bringing him reasonably close to modern ceramics. At least, as close as you can get starting with the technology of a pointed stick. The experiment was marginally successful when it came to creating iron. Hes using iron-bearing bacteria (!) for his source of ore and was able to smelt millimeter-sized pellets of iron. This guy need...


Philips Wants to Stop Piracy With Ambilight Technology "IndyWatch Feed Tech"

The movie industry sees illegally recorded movies as one of the biggest piracy threats and goes to extremes to stop it.

Over the years, movie theaters have used audio and video watermarking tools to detect pirates, for example. And during prominent events, night-vision goggles and other spy tech is used to monitor movie goers.

Most anti-piracy efforts are not particularly pleasing for the public, but a new technology from Philips hopes to change this. In a recent patent application the technology company proposes an ambient lighting system for movie theaters that will hinder pirate recordings.

The major motion picture studios are losing large amounts of money due to piracy. The worldwide motion picture industry, distributors, theaters, video stores and pay-per-view operators, lose each year billions of dollars as a result of piracy, the company begins.

Philips notes that many of the current security measures, such as watermarking, make piracy traceable. However, they dont prevent actual recording and distribution. Watermarks can be simply rendered useless if pirates remove them afterwards, for example.

The problem with current security measures in digital cinema is that they do not prevent pirates from filming the content from the cinema screen. Watermarks can help to identify the source of pirate content, but it does not prevent the actual copying and spreading of the content.

The ambient lighting solution is different and Philips believes that it could reduce piracy substantially.

The concept is quite easy. By shining light on the visitors from the side, at a certain frequency, the pirate recordings will be severely degraded up to a point where theyll become completely unwatchable.

The solution proposed here is to shine visible light from an (additional) light source with a pre-determined modulation frequency at the cinema screen while the movie plays, the patent application reads.

When the frequency is chosen well, a camera will not be able to properly film the content, because the light source runs out of sync with the camera resulting in stripes running through the movie content.


Sunday, 27 August


Congress Passes Law Expressly Violating the 4th Amendment, Only 1% Vote Against "IndyWatch Feed Tech"

Congress just passed, and Trump signed, a law that makes all properties adjacent to the rail system operated by the Washington Metropolitan Area Transit Authority, Constitution free zones.

From TFA on

"In performing its duties, the Commission, through its Board or designated employees or agents, may: Enter upon the WMATA Rail System and, upon reasonable notice and a finding by the chief executive officer that a need exists, upon any lands, waters, and premises adjacent to the WMATA Rail System, including, without limitation, property owned or occupied by the federal government, for the purpose of making inspections, investigations, examinations, and testing as the Commission may deem necessary to carry out the purposes of this MSC Compact, and such entry shall not be deemed a trespass."

As we all know, the standard in the 4th Amendment is a particularized warrant based on probable cause, "reasonable notice and need" as determined by the cops (i.e. agency chief), is not the same thing at all.

We already have constitution free zones within 100 100 miles of any border, and this provides a convenient framework to do a similar thing along any rail line (or road) so the Feds can liberate the center of the country from any form of Constitutional protection. Anyway ... the 4th Amendment is already dead at this point, but its piecemeal demise should provide a useful education for those clamoring for the demise of the 1st.

Original Submission

Read more of this story at SoylentNews.


3D OpenGL Acceleration For Windows Guests On QEMU Using VirGL/VirtIO "IndyWatch Feed Tech"

While there has been VirGL as one of the options for allowing 3D/OpenGL acceleration of Linux guests within QEMU/KVM virtual machines to allow the calls to be directed to the host system's OpenGL driver, that support hasn't been available when Windows is running as QEMU/KVM guest. That is changing though thanks in large part to this year's Google Summer of Code...


Mesa Drivers' Use Of Multiple IRs, Gallium3D With NIR "IndyWatch Feed Tech"

Following the news this week that RadeonSI may switch to NIR completely in the future, in the forums a number of questions were raised about why the Linux graphics drivers are using multiple forms of intermediate representation and whether this would still make RadeonSI a Gallium3D driver if it doesn't default to TGSI...


27aug2017 "IndyWatch Feed Tech"


Face Scans, Robot Baggage Handlers and the Airport of the Future "IndyWatch Feed Tech"

Over at is an article on new technology being rolled out at Singapore's Changi airport, and trialled in several other locations.

Facial scanning in particular is generating a lot of buzz. Changi in the affluent city-state of Singapore, regarded as among the world's best airports, is set to roll out this biometric technology at a new terminal to open later this year.

Passengers will have their faces scanned when they first check in and at subsequent stages, theoretically allowing them to go through the whole boarding process quickly without encountering another human.

Australia announced in July an investment of Aus$22.5 million ($17.5 million) to introduce face recognition technology at all the country's international airports, while Dubai Airport is also trialling it.

[...] Robots are appearing at some major hubs, including at Seoul's Incheon airport, where they carry out tasks including cleaning and carrying luggage, while Changi's new terminal will have robotic cleaners complete with butlers' uniforms.

The article is a widely reprinted AFP story, but Business Traveller also has it's own walk through of the new terminal, which focuses on the overall experience of the traveller rather than the technology, but also includes some additional details on the system:

[...] the machine measures key facial features and structure rather than details such as haircuts and facial hair, so barring reconstructive surgery passengers can rest assured that the scanning will work even if they look slightly different to their passport photo. The scanning works by filming a short video and selecting the optimal frame that best meets the necessary criteria, making absolute stillness while the photo is being taken not necessary. Glasses do need to be removed during this process, however.

Original Submission

Read more of this story at SoylentNews.


Mattis to troops: Hold the line until U.S. is less divided "IndyWatch Feed Tech"

Defense Secretary Jim Mattis, 66, a retired Marine four-star general, in impromptu remarks to troops abroad, in a Facebook video:

Its good to see you all out here, young men and women. For those of you that I havent met, my names Mattis. I work at the Department of Defense, obviously And thank you for being out here, OK? I know at times you wonder if anybody knows The only way this great big experiment you and I call America is going to survive is if we got tough hombres like you

Youre a great example for our country right now. Its got a few problems. You know it and I know it. Its got problems that we dont have in the military.


Hackaday Prize Entry: The Weedinator Project, Now with Flame "IndyWatch Feed Tech"

The new Weedinator will be an autonomous robotic rover using a combination of GPS and colored markers for navigation. With an interesting looking adjustable suspension system to help with fine positioning, the Weedinator will use various attachments to help with plant care. Individual weeds will be identified optically and sent to the big greenhouse in the sky via precise flame from a small butane torch. Its an ambitious project, but [TegwynTwmffat] is building off experience gained from the previous incarnation and were excited to see where it goes.

The HackadayPrize2017 is Sponsored by:
Texas Instruments

Filed under: robots hacks, The Hackaday Prize ...


Ice Cream That Doesnt Melt is Being Sold in Japan "IndyWatch Feed Tech"

Now a long lasting ice cream which does not melt soon is available and being sold in Japan, which is scientifically proven.


Tara Hambley, a member of the ProLon UK team, joins our Life Extension Board. "IndyWatch Feed Tech"

Tara Hambley, a member of the ProLon UK team, joins our Life Extension Board.


Darkwood Creators Share Game on The Pirate Bay, For Those Who Can't Pay "IndyWatch Feed Tech"

Submitted via IRC for TheMightyBuzzard

Acid Wizard Studio, the creators of the popular Darkwood game, have shared a copy on The Pirate Bay. The developers want to help out people who don't have the financial means to buy a legal copy of the game and also prevent them from going to unauthorized key sharing sites.

Online piracy is an issue that affects many industries, and indie game development is certainly no exception.

While some developers see piracy as an evil that needs to be rooted out as soon as possible, others are more open to the motivations behind it.

The average game fan may not have the financial means to try out all the new titles that come out every month, for example. While these people are not by any means entitled to a free copy, sometimes the human element resonates with developers.

Acid Wizard Studio, the three college friends from Poland behind the horror game Darkwood, started thinking about this when they recently received an email from a desperate young fan.

They recount how a fan, who loved the game, asked for a refund because he was worried about his parent's reaction to the cost. They realized this was not an isolated occurrence and decided to do something very unusual in the videogame industry: make a free copy available on a torrent! The story concludes:

Read more of this story at SoylentNews.


CVE-2017-13709: Incorrect access control in FlightGear "IndyWatch Feed Tech"

Posted by Florent Rougon on Aug 27


Please find below the info for CVE-2017-13709. I'm also attaching a
patch combining the security fix applied to FlightGear's 'next'
branch[1] with its parent commit[2], because [1] requires [2] to work

However, I don't expect the combined patch nor [2] to apply cleanly to
FlightGear 2017.2 or earlier, because commit [3] introduced changes in
the close vicinity of the changes in [2] (two conflicts). If you...


3D Printing T-Shirt Designs "IndyWatch Feed Tech"

Usually, t-shirt designs are screen printed, but thats so old school. You have to make the silkscreen and then rub paint all over its clearly a technique meant for the past. Well, fear not, as [RCLifeOn] is here to bring us to the future with 3D Printed T-Shirt Designs.

[RCLifeOn] affixes t-shirts to his print build platform and boom: youve got 3D printed graphics. He started by using PLA which, while it looked great, wasnt up to a tussle with a washing machine. However, he quickly moved on to NinjaFlex which fended much better in a wash cycle. While the NinjaFlex washed better, [RCLifeOn] did have some issues getting the NinjaFlex to adhere to the t-shirt. With a little persistence and some settings tweaking, he was able to come out ahead with a durable and aesthetically pleasing result.

Now, 3D printing isnt going to replace screen printing, but its also not going to replace injection molding. What 3D printing lacks in speed and efficiency, it makes up in setup time & cost. In other words, if you need 50 t-shirts of the same design, screen printing is the way to go. But, if you need 50 shirts, each with a different design, you just might want to follow in [RCLifeOns] footsteps.

Anyways, we dont have much on 3D printing t-shirts, but we do have other useful information on 3D printing slinkys and 3D printing project enclosures. And, if youd rather do it the old-school way, we can show you how to silkscreen all the things.

Filed under: 3d Printer hacks


Chip implants make humans more efficient "IndyWatch Feed Tech"

My new Op-Ed for The San Francisco Chronicle: #transhumanism

Wisconsin company Three Square Market recently announced it will become the first U.S. company to offer its employees chip implants that can be scanned at security entrances, carry medical information and even purchase candy in some vending machines. A company in Europe already did this last year.

For many people, it sounds crazy to electively have a piece of technology embedded in their body simply for conveniences sake. But a growing number of Americans are doing it, including me.

I got my RFID implant two years ago, and now I use it to send text messages, bypass security codes on my computer, and open my front door. Soon Ill get the software to start my car, and then my life will be totally keyless.

The type of chip implants in humans varies depending on the manufacturer or purpose of the device. A few hundred thousand people around the world have cochlear implants, which allow deaf people to hear. Others have implants to help with Alzheimers, Parkinsons or even depression. A growing number of transhumanists people who want to use radical technology in their bodies have the $60 implant I have. Its tiny, about the size of a grain of rice, and is injected into the body by a syringe. The injection process usually in the hand near the thumb is often bloodless and takes seconds to complete.


Tor relay of a Brazilian University was banned after harvesting .onions "IndyWatch Feed Tech"

The Tor relay of a Brazilian University was banned by the Tor administrators because it was spotted collecting the .onion addresses of visitors.

A team of researchers from a Brazilian University of Campinas in So Paulo, Brazil, has had its Tor relay node banned because it was spotted collecting the .onion addresses of visitors.

Marcus Rodrigues, a junior researcher with the Brazilian University, explained he and his colleagues were working to develop a tool that could identify malicious hidden services.

According to the Tor administrators, the activity conducted by the researchers is a violation of the Tor Projects ethical guidelines and triggered the banning of the node.

Below the description published by the researchers in a Tor mailing list post:

My relay was harvesting .onion addresses and I apologize if that breaks any rule or ethical guideline.

We were conducting some research on malicious Hidden Services to study their behavior and how we could design a tool that could tell malicious and benign Hidden Services apart.

Because we focus mainly on web pages, we use a crawler to get almost all of the data we need. However, there are some statistics (such as the size of the Tor network, how many HSs run HTTP(s) protocol, how many run other protocols and which protocols do they run, etc) which cannot be obtained through a crawler. Thats why we were harvesting .onion addresses.

We would run a simple portscan and download the index page, in case it was running a web server, on a few random addresses we collected. We would also try and determine the average longevity of those few HSs. However, after collecting the data we needed for statistical purposes, the .onion addresses we collected would be deleted and under no circumstances we would disclose the information we collected on a specific .onion address we harvested. In addition, we would never target specific harvested HS, but only a random sample.



LG Electronics is Opening a Factory in Michigan "IndyWatch Feed Tech"

Fox News is reporting that LG will be opening a new plant in Detroit:

LG Electronics said Tuesday it will spend $25 million to open a U.S. plant for manufacturing electric vehicle components.

The 250,000-square-foot building is located in Hazel Park, Michigan, a suburb of Detroit. When it opens next year, the plant will create at least 292 jobs in Hazel Park and an expanded research and development center in nearby Troy.

The Michigan government is providing a four-year, $2.9 million capital grant for the project.

[...] LG said vehicle components are the company's fastest-growing business. Auto-related revenue jumped 43% year-over-year to $1.5 billion during the first half of 2017, driven by LG's supplier agreement with General Motors (GM) for the new Chevrolet Bolt electric vehicle.

[...] In addition to the Michigan facility, LG expects to begin construction soon on a $250 million factory for washing machines in Clarksville, Tennessee. The production plant will create 600 new jobs by 2019, according to LG. The company is also building a new North American headquarters down the road from its current offices in Englewood Cliffs, N.J. The project will cost $300 million.

Original Submission

Read more of this story at SoylentNews.


Dip update 68/n "IndyWatch Feed Tech"

[Orig: Aug 27, 2017]
Hi everyone,
Below is the light curve as of ~1 hour ago.  TFN images look like they had moisture on the detector, so only OGG to report.  
For those who are curious, Ive attached one of the affected TFN images from last night.  Our star is marked with the red target.  You can see fuzziness around the top and bottom of the image, particularly on the right hand side.  Our target *looks* like it is out of the messy area, but there can be affects on the measurements from the imperfections that we can not see with our eyes.
~Tabby and team


Harvey hits Texas with 130mph winds "IndyWatch Feed Tech"

Texas residents are left reeling by catastrophic flooding caused by Hurricane Harvey. Forty inches of rain is expected to fall with an estimated $40bn worth of damage left behind.


The great outer space LAND GRAB of the near future: Conflicts over space rock mining rights "IndyWatch Feed Tech"

(Natural News) Space has become a veritable goldmine of natural resources for many companies, yet can anyone lay claim to them? Thats the question legal experts claim will become relevant in the future as firm turn to the stars for precious metals and minerals, and its one that also needs to be answered as soon as possible to avoid hostility between competing firms and countries.

Barry Kellman, law professor of space governance at DePaul University in Chicago, explained: There is a huge debate on whether companies can simply travel to space and extract its resources. There is no way to answer the question until someone does it.

According to one international treaty, this need not even be an issue. The Outer Space Treaty of 1967, formally known as the Treaty on Principles Governing the Activities of States in the Exploration and Use of Outer Space, Including the Moon and Other Celestial Bodies, has served as the main standard for sharing space. As per the 1967 treaty, no single country can claim national appropriation of celestial bodies by occupation or by other means. (Related: MINING just one large asteroid could COLLAPSE the world economy due to surge of new supply for valuable metals.)


Cyberattacks, not North Korea, pose greatest security threat "IndyWatch Feed Tech"

Based on the news, one would think the greatest threat to our nation is North Koreas looming capability to strike the continental United States with nuclear tipped intercontinental ballistic missiles (ICBMs).

While the Hermit Kingdoms ability to launch missiles with miniaturized nuclear payloads that can reach the U.S. is alarming, another threat to our national and economic security targeted cyberattacks by state-sponsored advanced persistent threat (APT) groups and terrorist and criminal non-state actors is being overlooked.


Automatically kill scripts and commands after a certain duration "IndyWatch Feed Tech"

When running scripts, we might want to restrict the time for which a script runs. May be printing out the logs for 10 minutes and then stop automatically or stopping a script if it does not exit by itself. We can use the command time out for this .

Timeout command runs a command for a specific duration and kills the command after that duration if it has not exited by itself.


Let us take the following script,, as an example

The script sleeps for 15 seconds and then prints the message done.

If we run the script with timeout of 5 seconds the message "done" will not get printed as the script will get killed before 15 seconds as shown below.

Running the script with out the timeout, we will see the message done being printed.


Mystery Codes Appear in Pirate Mayweather v McGregor Streams "IndyWatch Feed Tech"

For many hardcore boxing fans, it was the fight that should never have taken place. But last night, undefeated legend Floyd Mayweather stepped into the ring against UFC lightweight champion and supposed boxing novice, Conor McGregor.

A known slow starter, Mayweather came out true to form, arguably losing the first three rounds to the brash Irishman who had previously promised to bounce the 40-year-olds head off the canvas in round one. But by round 10 it was all over, with McGregor running out of gas and with no answer to Mayweathers increasingly vicious punches. TKO Mayweather.

While viewing figures wont be in for some time, the event is likely to have been a massive PPV success all over the world, with millions tuning in for what turned out to be a value-for-money event. But despite widespread availability, its likely that hundreds of thousands maybe even millions tuned into the fight from unofficial sources. Interestingly, some of those had a little extra something thrown in for free.

During the fight, TF received an unsubstantiated report that an unusual watermark was being embedded into streams originally broadcast by Sky Box Office in the UK. The message we received simply told us there were codes on the screen, but we were unable to get any further information from the source who had already gone offline.

Quick inquiries with two other sources watching pirate streams confirmed that codes had appeared on their screens too. One managed to take a series of photographs which are included below. (Note: portions of the code are redacted to protect the source)

The mystery sequence of numbers

The letter and number combinations briefly appeared in 20 to 23 sets of pairs, which according to the images seen by TF stayed the same throughout the broadcast. It is possible there was some variation but nothing weve seen suggests that. The big question, of course, is why they were put there and by whom.

According to our sources, these codes didnt appear when the main action was taking place but when the camera turned to people in each corner. Since no digits appeared over the top of the fight itself, it might suggest that they were put there by a broadcaster, in this instance Sky Box Office, who were licensed to show the fight in the UK.

If that was indeed the case, its certainly possible that the sequence of nu...


3D Printer Tool Changer Gives You Access to Lots of Extruders "IndyWatch Feed Tech"

The benefits of having a 3D printer with multiple extruders are numerous: you can print soluble support material for easy removal, print a combination of flexible and rigid filament, or simply print in different colors. Unfortunately, traditional multi-extruder setups have some serious drawbacks, even aside from the cost.

Usually, the extruders are all mounted next to each other on a single carriage. This increases the mass, which can cause print quality issues like shadowing. It also reduces the printable area, as each extruder needs to be able to reach the entire area. All of this means that the design becomes more and more impractical with each extruder you add, and thats why its uncommon to see more than two extruders on a printer.

Over on, [rolmie] has come up with a very practical (and affordable) solution to this problem. He has designed a tool changer that gives the printer the ability to switch out hot ends on the fly. The system is very similar to the tool changers we see on CNC machining centers: tools (the hotends) are stored on a rack, and a tool change in the G-code sends the carriage over to the rack to drop off the old hotend and pick up a new one.

The benefit of the design is that both the mass and volume of the carriage are kept to a minimum, while allowing you to use many different hot ends. Each hotends settings can be configured individually, and you can even use different models of hotend altogether (maybe one model works better for PLA, while another is better for ABS). The design is still in the prototyping stage and needs some refinement, but its a very promising proof of concept that seems like it could be implemented fairly easily into most 3D printer models.

Filed under: 3d Printer hacks


Lamborghini launches the luxury Android smartphone Alpha-One for $2,450 "IndyWatch Feed Tech"

Lamborghini Introduces Its New Expensive Android Smartphone, But Is It Worth That Price?

Tonino Lamborghini, the premium Italian brand, that sells non-automotive Lamborghini-lifestyle luxury products has launched an Android smartphone called Alpha-One. Just like the Lamborghini cars, this luxury smartphone too carries a hefty price tag of $2,450.

According to Tonino, the Alpha-One is a signature smartphone that is made with the finest materials, such as liquid alloy (stronger than Titanium) and Italian handmade black leather. It is designed specifically to resist corrosion. The luxury phone sports the companys Raging Bull logo on the back and comes in a package that has a custom Italian leather phone case along with a charging cable.

On the specifications front, the Alpha-One comes with a 5.5-inch QuadHD (25601440) AMOLED display with Corning Gorilla glass. It is powered by a Qualcomm Snapdragon 820 quad-core processor paired with Adreno 530 GPU. The luxury handset features 4GB of RAM along with 64GB of inbuilt storage that is expandable up to 128GB via microSD card. The dual-SIM (Nano+Nano) smartphone runs on Android 7.0 Nougat operating system and is powered by a huge 3,250mAh battery with QuickCharge 3.0.

On the camera front, the Lamborghini smartphone sports a 20MP main camera with f/1.8 aperture and an 8MP selfie camera. It also comes with 4K video recording, OIS (optical image stabilisation), EIS (electronic image stabilization) and dual front-facing speakers that feature Dolby ATMOS Digital Surround for an immersive audio experience. Theres also a fingerprint reader, a USB-C port, a headphone jack and a dedicated DAC and ADC for hi-fi sound. It comes with AKM 4961 Hi-Fi processor along with AKM 4490 HiFi Audio Amplifier.

If the ridiculously priced Alpha-One excites you and for some reason you want to buy an Alpha-One, you can grab it online, or from Londons Harrods store in the UK, and from a number of shops, such as the Dubai Malls Levant luxury boutique, in the UAE.

The post Lamborghini launches the luxury Android smartphone Alpha-One for $2,450 appeared first on TechWorm.


LLVMpipe vs. OpenSWR Software Rendering On A 40 Core / 80 Thread Tyan Server "IndyWatch Feed Tech"

With testing out a Tyan 1U server featuring dual Intel Xeon Gold 6138 CPUs, one of the uncommon test requests we have received but understandable given our audience is curiosity about the performance of OpenGL software rendering on this 40 core / 80 thread Xeon Scalable server when making use of Mesa's LLVMpipe software rasterizer and the newer OpenSWR driver from Intel.


University of Hong Kong Engineers Develop a "Super Steel" "IndyWatch Feed Tech"

A Hong Kong-Beijing-Taiwan mechanical engineering team led by Dr Huang Mingxin from the University of Hong Kong (HKU) has recently developed a Super Steel (also called D&P Steel as it adopted a new deformed and partitioned (D&P) strategy) which addressed the strength-ductility trade-off. Its material cost is just one-fifth of that of the steel used in the current aerospace and defence applications. This research breakthrough is recently published in the prestigious academic journal Science.

[...] In addition to the substantial improvement of tensile properties, this breakthrough steel has achieved the unprecedented yield strength of 2.2 GPa and uniform elongation of 16%. Additionally, this breakthrough steel has two advantages:

(1). Low raw-materials cost.

The raw materials cost of the D&P steel is only 20% of the maraging steel used in aerospace and defence applications. The chemical composition of this breakthrough steel belongs to the system of medium manganese (Mn) steel, containing 10% manganese, 0.47% carbon, 2% aluminium, 0.7% vanadium (mass percent), and the balance is iron. No expensive alloying elements have been used exhaustively but just some common alloying compositions that can be widely seen in the commercialized steels. Figure 1[1] compares the raw materials cost between the present D&P steel with other high-strength steels.

(2). Simple industrial processing

The second advantage is that this breakthrough steel can be developed using conventional industrial processing routes, including warm rolling, cold rolling and annealing. This is different from the development of other metallic materials where the fabrication processes involve complex routes and special equipment, which are difficult to scale-up. Therefore, it is expected that the present breakthrough steel has a great potential for industrial mass production.

[1] Figure 1.

Maraging steels.

High dislocation densityinduced large ductility in deformed and partitioned steels (open, DOI: 10.1126/science.aan0177) (DX)

Original Submission...


Purism's Librem 5 Is Nearing $100k In Funding, But A Long Journey Remains "IndyWatch Feed Tech"

This week Purism announced their plans for the Librem 5 smart-phone as a GNU/Linux smartphone that is privacy-respecting, as open as possible, and costs $599 USD. The company believes they can have the phone ready for release by early 2019 if they raise $1.5 million USD over the next two months. In just about three days they have raised nearly $100,000, but it's not clear if the pacing will continue to reach the milestone in time...


Fighting For My Free Speech "IndyWatch Feed Tech"

Techrights uptime
But its actually up and running, something in the network prevents access to it

WHILE Mr. Trump fights for his safe space by blocking me (and many other critics of his), I myself never block anyone. I never preached for anything other than free speech, including speech or messages that I strongly disagree with. I never deleted any comments that offended me, either. I approved everything. Even insults against me; even libel!

Not everyone views the world like I do. A lot of people believe in outright gagging of particular views. In fact, many think that its acceptable to block my entire site, as the EPO has done for nearly 3 years. The EPO went even further than blocking my site and on numerous occasions threatened to sue me (SLAPP). Others did so too.

Over the past 4 months my Web sites have not been accessible from particular locations. My webhost and I are not sure why. Recently, things got a lot worse. More and more locations in the world find themselves unable to access my writings. There seems to be something in the network (not the server or the users end but the routing) standing in the way. We are still investigating this as censorship of this kind continues to exacerbate (I track the severity of it using an uptime notifications service called Montastic a service I have been using for over a decade).

At the moment, my most important work revolves around articles about the EPO. In the past, the EPO attempted article takedowns using threats of litigation. It tried several times. These articles contained leaks, which we published almost daily. Would any other sites out there be willing to create a mirror for it all? Its almost 2,000 articles (the site as a whole has about 22,500 articles, aside from the Wiki and front page which was implemented in Drupal), which include PDF attachments etc. The CMS is WordPress for the most part (for all the articles). Articles indexes have already been set up; someone scraped these and put some copies on Github, but a complete mirror would help discourage future muzzling attempts.

The state of censorship on the Internet is now verging the creepy. Were told its necessary because Nazis (the perfect pretext/excuse other then pure cri...


Loading a large file into an editor "IndyWatch Feed Tech"

A 3GB AmigaDOS disk dump does not load into TextWrangler

So Ingo tried to load a 3GB file into TextWrangler on MacOS, and that did not work despite him having plenty of memory left. Thats of course, because TextWrangler is still a 32 Bit binary:

$ pwd
$ file * /bin/ls
TextWrangler: Mach-O executable i386
/bin/ls:      Mach-O 64-bit executable x86_64

and even with a theoretical limit of 4GB in a 32 Bit application memory space, a 3GB allocation wont fit. In MacOS, you can use vmmap to look at the contents of a processes memory map:

$ ps auxwww | grep Text[W]rangler
kris               349   0.0  0.1   848392   9468   ??  S     5Aug17   0:56.75 /Applications/ -psn_0_73746
$ vmmap 349
Process:         TextWrangler [349]
Path:            /Applications/
Load Address:    0xdd000
Identifier:      com.barebones.textwrangler
Version:         5.5.2 (397016)
Code Type:       X86
Parent Process:  ??? [1]

Date/Time:       2017-08-27 14:07:28.908 +0200
Launch Time:     2017-08-05 16:08:34.755 +0200
OS Version:      Mac OS X 10.12.3 (16D32)
Report Version:  7
Analysis Tool:   /Applications/
Analysis Tool Version:  Xcode 8.3.3 (8E3004b)

Virtual Memory Map of process 349 (TextWrangler)
Output report format:  2.4  -- 32-bit process
VM page size:  4096 bytes

==== Non-writable regions for process 349
__TEXT                 000dd000-0066c000 [ 5692K  2200K     4K     8K] r-x/rwx SM=COW
__TEXT                 9e22c000-9e248000 [  112K     4K     0K     0K] r-x/r-x SM=COW          /usr/lib/libCRFSuite.dylib
__TEXT                 9e248000-9e252000 [   40K     4K     0K     0K] r-x/r-x SM=COW          /usr/lib/libChineseTokenizer.dylib
__TEXT                 9e252000-9e254000 [    8K     8K     0K     0K] r-x/r-x SM=COW          /usr/lib/libDiagnosticMessagesClient.dylib
__TEXT                 9f9d4000-9f9fb000 [  156K   140K     0K     0K] r-x/r-x SM=COW          /usr/lib/system/libxpc.dylib
__IMAGE                a9419000-a94...


Outreachy Summer 2017 Yielded A New Coloring Book, Wine AppDB Improvements "IndyWatch Feed Tech"

Not only is GSoC wrapping up now as school nears for many of the involved student developers, but the Outreachy internship program is also ending this coming week...


NWS Houston on Twitter "IndyWatch Feed Tech"

Houston Emergency Management Tweets: EMERGENCY MANAGEMENT HAS REQUESTED: IF HIGHEST FLOOR OF YOUR HOME BECOMES DANGEROUSGET ON THE ROOF. #houwx #glswx #txwx #Harvey as Apocalyptic Hurricane Harvey Sweeps State.


KDE Had Another Successful Year With Google Summer of Code "IndyWatch Feed Tech"

KDE saw more than one dozen student developers interact on various projects this summer thanks to the Google Summer of Code 2017...


How Much Longer Can Guy Ryder and Claude Rouiller Ignore Abuses and Cement Injustice at the EPO? "IndyWatch Feed Tech"

Looking the other way to secure their own job

Guy Ryder
Guy Ryder, Director-General of ILO

Summary: ILO does not deal with cases of injustice at the EPO and barely even looks into appeals, instead issuing very short dismissals and moving on as though its a rubber-stamping operation

EARLIER this summer we wrote about ILOs passive approach towards (if not utter disregard for) justice at the EPO. We complained about apathy/indifference and then mentioned the upcoming decisions from the ILO Administrative Tribunal (ILOAT) decisions which were likely going to be more of the same [1, 2]. We havent until now had a chance to revisit this subject.

The above serves to reaffirm the view that ILO does not provide recourse/access to justice and Dutch authorities should therefore deal with the matter accordingly, removing the immunity of the Office.The latest set of ILOAT judgments came out on the 28th of June. As can be seen here, many of the judgments (at least 7 we can see) were, as usual, about EPO. Mr. Rouiller himself was involved in his capacity as a judge (not just Tribunal chief) in some of the judgments, for example this latest one (complaint summarily dismissed). Only one out of 7 he was not involved in, namely this one (dismissed also). The remaining 5 are:

  • ...


FFmpeg Has Seen Some AVX2 Optimizations For VP9 Decoding "IndyWatch Feed Tech"

Another GSoC 2017 project worth highlighting now that Google's annual Summer of Code has finished is the AVX2 optimizations being done to the VP9 decoder within FFmpeg...


GNOME Games Now Supports Controller Reassignment "IndyWatch Feed Tech"

Thanks to this year's Google Summer of Code, there is a branch pending for allowing game controllers to be re-assigned within GNOME Games...


Casting Metal Directly Into 3D Printed Molds "IndyWatch Feed Tech"

Casting metal and 3D printing go together like nuts and gum, and there are no shortage techniques that use the two together. Lost PLA casting is common, and sculptors are getting turned on to creating their works in plastic first before sending it off to the foundry. Now the folks at FormLabs have turned the whole casting metal and 3D printer thing on its head: theyre printing sacrificial molds to cast pewter.

There are two techniques demonstrated in this tutorial, but the real winner here is printing a complete sacrificial mold for pewter miniatures. While this technique requires a little bit of work including washing, curing, and a bit of post-processing, you would have to do that anyway with anything coming out of a resin printer.

The material of choice for these molds is a high temp resin with a heat deflection temperature of 289 C. Using a pewter alloy that melts at 260 C, casting a metal miniature is as simple as pouring molten metal into a mold. Demolding might be a little finicky, but with a small screwdriver used as a chisel, its possible to get the cast newly parts out.

Weve seen pewter casting with PLA, but the quality available from the Form resin printers is truly amazing and produces some great looking miniatures.

Filed under: 3d Printer hacks


EPO Silencers of the Media Part I: Introduction "IndyWatch Feed Tech"

Trying to paint as criminals those who expose criminality is not a novel trick

Joe Arpaio Loses: New Times Co-Founders Win $3.75 Million Settlement for 2007 False Arrests
Source: Joe Arpaio Loses: New Times Co-Founders Win $3.75 Million Settlement for 2007 False Arrests

Summary: eljko Topi (EPO Vice-President) and his campaign against the media shows how EPO money/resources (and immunity) are misused against reporters, in an effort to suppress the truth and protect wrongdoing

OUR LONG SERIES OF LUFTHANSA articles (and EPO role in the scandals) has led us down a rabbit hole. Having gone through all the notes and the leads, we now have a lot more to say (not necessarily about the Lufthansa case). Asking for more documents, in order to support the allegations we were making, means access to additional information, including from court hearings.

Before we proceed, here is the full series about Lufthansa, which we recommend reading for background information:


Could Astronauts Make Tools From Pee During Long Space Trips? "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

You may've heard that astronauts on the International Space Station recycle their own pee into drinking water, but space travelers could also one day upcycle their own urine into tools and other useful items.

Researchers from Clemson University are exploring ways that strains of yeast can be used to convert nitrogen from urine and carbon dioxide from astronauts' breath (or perhaps the atmosphere of Mars) into useful substances like nutrients or polymers. One strain of engineered yeast creates polyester polymers that could be used in 3D printers to create needed tools or parts for a long space mission.

The researchers presented their work Tuesday at the 254th National Meeting & Exposition of the American Chemical Society (ACS) in Washington.

[...] Having "a biological system that astronauts can awaken from a dormant state" and start using to produce what they need, when they need it, is the project's motivation, Blenner said.

See also: EurekAlert.

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


AGC for gr-satellites "IndyWatch Feed Tech"

In a previous post I discussed my BER simulations with the LilacSat-1 receiver in gr-satellites. I found out that the "Feed Forward AGC" block was not performing well and causing a considerable loss in performance. David Rowe remarked that an AGC should not be necessary in a PSK modem, since PSK is not sensitive to amplitude. While this is true, several of the GNU Radio blocks that I'm using in my BPSK receiver are indeed sensitive to amplitude, so an AGC must be used with them. Here I look at these blocks and I explain the new AGC that I'm now using in gr-satellites.

The basic BPSK receiver that I'm using in GNU Radio is show below. An FLL Band-Edge block is used first for coarse frequency correction, a low pass filter takes out some of the noise off the sides of the signal, the Polyphase Clock Sync performs clock recovery and RRC filtering, and the Costas loop acts as a PLL to lock to the phase of the carrier.

Coherent BPSK receiver

It turns out that all the three blocks in this chain (besides the low pass filter) have feedback loops with discriminators that assume a signal of amplitude 1. Let us analyse this in detail, starting by the Costas loop, which is probably the best known and simplest algorithm amongst the three used here.

Recall that a Costas loop works by using a phase detector to measure the phase of the signal and then using this measure as an error input in a feedback loop to try to drive the phase to zero. The phase detector of a BPSK Costas loop should be insensitive to phase changes of 180, meaning that it should output zero both for a phase of 0 and a phase of 180. Otherwise we just get a regular PLL, which is sensitive to phase changes. Mathematically, the optimal phase detector for a BPSK Costas loop is \arctan(I/Q) ...


Large Patent Trolls Called Prism, Conversant and IPVALUE Continue to Tax the Market Without Creating Anything, Only Lawsuits "IndyWatch Feed Tech"

Prism patent troll

Summary: Some of the latest moves and actions from large patent trolls, which damage the productive market in the name of patents (not theirs)

IN A LAWSUIT which was mentioned here several times last week, Prism won a lot of money despite making no products at all. As Joe Mullin put it the other day:

A patent-licensing entity that sued the five largest cell phone carriers has seen its biggest victory slip away.

Prism won a $30 million verdict against Sprint in 2015, when a jury found that Sprint violated US Patents No. 8,127,345 and 8,387,155, both of which describe methods of managing access to protected computer resources. According to the complaint (PDF), filed in 2012, Sprints Simply Everything Plan and Everything Data Plan were both methods of controlling access to Sprints protected network resources and thus infringed the patents.

This, unfortunately, is a reminder that patent parasites still exist out there. Even very large ones. Some of them paint themselves not as trolls but as fronts of other companies. Microsoft has quite a few fronts, including MOSAID/Conversant, which Microsoft gave many of Nokias patents to.

What they basically do is harvest/buy lots of patents, then use them to blackmail as many companies as possible for as much money as possible.As it turns out, MOSAID/Conversants chief has just moved to the parasite known as IPVALUE. When Richard Lloyd says that its business is patent monetisation he means patent trolling and adds this background: Vector Capital acquired IPVALUE in 2014 as its investment vehicle in the IP space. Last year it acquired Longitude Licensing, the monetisation platform formed in 2013 with a portfolio of semiconductor patents previously owned by Elpida, and entered into a partnership with Cypress Semiconductor. The company looks to both acquire its own assets to monetise as well as advising...


Patent Aggression is Bad for Business "IndyWatch Feed Tech"

FTC Charges Qualcomm

Summary: Microsoft, Qualcomm, and Virtual StrongBox are missing the point and relying too much on patents, failing to see the backlash that patent aggression typically entails

MANY people dislike all sorts of companies, but rarely do they campaign against them. The reason this site exists in the first place is Microsofts patent attacks on Free software. Microsoft, based on new headlines like these [1, 2, 3, 4], continues to stockpile patents. What will these be used for? We dont know yet. Had Microsoft not been so aggressive with patents (and trolls), we would not protest. We published about 5,000 articles about Microsoft all of them negative. Patents make enemies.

Microsoft too learned it the hard way; nowadays it carefully attempts to hide legal action against GNU/Linux (Microsoft satellites are suing and Microsoft keeps the extortion behind closed doors).For quite a while now Qualcomm has been receiving negative press because it uses software and hardware patents to bully a lot of companies and shake them down for protection money. Theres growing resistance to it. Well, according to this (citing several other press reports), Qualcomms investors belatedly realise that being a patent bully is bad for business. The stock already collapsed several times. Florian Mller said:

About a month ago I shared the observation that Qualcomms approach to its FTC and Apple litigations was in part driven by investor re...


Post-Alice 101 Eliminates Most Software Patents, But Amid Heavy Lobbying 101 is Not Secured "IndyWatch Feed Tech"

nor is the Patent Trial and Appeal Board (PTAB)

EagleSummary: A glance at the latest moves against Alice and in favour of patent maximalism, which means endless litigation, patenting everything under the sun etc.

THE progress made towards abolishing software patents is profound. Even at the USPTO. We hardly believed we would ever get there.

Litigants continue to use Alice and its progeny as a powerful tool to invalidate business method and software patents, this article said yesterday. Being a site of the patent microcosm, its a complaint rather than a celebration. Here are some of the more relevant parts:

Litigants continue to use Alice and its progeny as a powerful tool to invalidate business method and software patents. Thats what happened recently in Mantissa Corp. v. Ondot Systems, Inc., et al, when Magistrate Judge Palermo of the Southern District of Texas invalidated fifty-two claims asserted by a software company from two of its patents (U.S. Patent Nos. 7,779,456 and 8,353,027) covering a method of protecting use of an entitys identity, the method being executed on electronic computer hardware in combination with software, i.e., identity protection software for banking cards. In invalidating the claims under 101, Judge Palermo relied heavily on comparisons to claims invalidated as abstract ideas in previous cases, including Alice, and ultimately found that the patent claims at issue covered merely a computer-implemented method of preventing identity theftan idea that has existed since the dawn of civilization.


Turning to the second part of the Alice analysis, Judge Palermo found there was no inventive concept sufficient to transform the abstract idea into a patent-eligible applicationthe standard from Alice. She examined the claim limitations individually (an analysis too in-depth for this article) and as an ordered combination, and found them insufficient under both analyses. Mantissa attempted to proffer additional limitations from the patent specifications to strengthen its inventive concept argument, but Judge Palermo was not swayed. Instead, she properly stuck to the c...


Nuclear Waste, and Colour Changing Cats "IndyWatch Feed Tech"

Recently on Last Week Tonight John Oliver discussed the problem of nuclear waste storage, which despite a number of attempts to designate a central storage site is still stored in "temporary" sites throughout the US.

The idea of a central nuclear waste repository at Yucca Mountain was raised again. However one additional problem, highlighted by a consultation in 1981 by the US Department of Energy, was how to design radiation warnings which could be understood tens of thousands of years into the future even though language, culture, and iconography may undergo significant changes.

And on that note, here's an old guardian article on how colour-changing cats might be the solution.

In 1984, writer Franoise Bastide and semiotician Paolo Fabbri suggested the answer could lie in breeding animals that "react with discoloration of the skin when exposed" to radiation. "[Their] role as a detector of radiation should be anchored in cultural tradition by introducing a suitable name (eg, 'ray cat')."

And following up on that is the project The Ray Cat Solution, in conjunction with Bricobio, the Montral biology maker community:

New Hampshire Institute of Art's Type 1 class has joined forces with Bricobio and The Raycat Solution to help insert Raycats into the cultural vocabulary.

While Bricobio works towards genetically altering cats so they change color when in the presence of radioactive material, the NHIA Type 1 class is working to insert the idea that if a cat changes color, that space might be dangerous to others.

There is an associated film on the subject on Vimeo.

Originally spotted through the 99% Invisible Episode "Ten Thousand Years"

Original Submission

Read more of this story at SoylentNews.


DIY Mocha Cooker "IndyWatch Feed Tech"

Food-grade 3D printing filament is on the rise and it is nice to have a custom coffee mug in the office to instill a little envy in the locals. [Stefan] took it upon himself to create a Mocha Machine that he would 3D print and test the boundaries of his filament.

[Stefan] used Fusion 360 to replicate the famous Bialetti Moka Express pot in it true octagonal shape. Since the pot brews coffee under pressure, he tested tolerances in Fusion 360 to make sure all the thicknesses were right. While the design was being printed, a steel washer was added to facilitate induction heating since you cant really put a plastic pot over a flame. The print uses Formfutura Volcano PLA which is annealed for an hour at 110 degrees Celsius.

Below is a video of the whole process and though the material may not be food grade, the project is definitely a step in the right direction. Since the printed parts can withstand temperatures of up to 160 degrees Celsius, projects that involve boiling water or experiments with crystallization can benefit from a custom design.

We really hope to see more projects that use this technique, however, for those looking at their coffee machine right now, take a look at more coffee machine hacks as well as alarm clock hacks to get the coffee brewing in the morning. 

Filed under:...


Defray Ransomware used in targeted attacks on Education and Healthcare verticals "IndyWatch Feed Tech"

Researchers at Proofpoint spotted Defray Ransomware, a new ransomware used in a targeted campaign against education and healthcare organizations.

Earlier this month, researchers at Proofpoint spotted a targeted ransomware campaign against education and healthcare organizations. The ransomware used in the campaign was dubbed Defray, based on the command and control (C&C) server hostname used for the first observed attack:


The ransomware is being spread via Microsoft Word document attachments in email.

The researchers observed two targeted attack on Aug. 15, and on Aug. 22, and both appeared to be designed for specific organizations.

The attack on August 22, aimed primarily at Healthcare and Education involving messages with a Microsoft Word document containing an embedded executable (specifically, an OLE packager shell object). The attachment features a UK hospital logo in the upper right and purports to be from the Director of Information Management & Technology at the hospital.

The attack on August 15 targeted Manufacturing and Technology verticals, attackers used messages with the subject Order/Quote and a Microsoft Word document containing an embedded executable (also an OLE packager shell object).

The attachment used a lure referencing a UK-based aquarium purported to be from a representative of the aquarium.


Defray Ransomware

The attackers behind the Defray ransomware ask for $5,000, but researchers highlighted that the ransom note contains several email addresses, presumably of the cybercriminal Igor Glushkov,to allow victims to negotiate a smaller ransom or ask questions.

The Defray ransomware targets a hardcoded list of file types but doesnt change the file extension names. After encryption is complete, the Defray ransomware may cause other general havoc on the system by disabling startup recovery and deleting volume shadow copies. On Windows 7, it monitors and kills running programs with a GUI, such as the task manager and browsers.

Experts speculate the threat could be being used privately and for this reason, it is less likely Defr...


Duke Robotics Inc "IndyWatch Feed Tech"

Duke Robotics Inc. announces, TIKAD, a dramatic step forward in protecting our troops by developing the resources needed to fight terrorism effectively today.

Governments are spending more than ever before on Defense budgets today, which provides an enormous incentive to solve problems that troops currently face.

TIKAD, the Future Soldier, saves lives by replacing boots on the ground.

Duke Robotics will work with select government clients around the globe with the goal to reduce the number of deployed troops as well as empower troops with immediate air-power deployment, improving prospects of mission success, minimizing battlefield injuries, loss of life to friendly troops and saving innocent civilians.

Connect with Duke Robotics on Social Media:



Worlds First Hologram Table "IndyWatch Feed Tech"

This is our latest update.
The title says worlds first hologram table in fact more correctly we should say worlds first multiuser hologram table there have been some before that only one person could view at one time.

Or you can contact us directly at [email protected]
This product is about to do its first manufacturing run.
If you are interested in pre-ordering, distributing or investing, please contact us.


Testing Drones in Combat "IndyWatch Feed Tech"

This post is also available in: he ( Hebrew )

In a few months, the U.S Air Force and SOFWERX will pit UAV s against each other in a rumble-style experiment to gather data on drone operations, the Air Forces secretary, Heather Wilson, said. The competition, called the ThunderDrone Rapid Prototyping Event will investigate forms, platforms, effects and data science for small unmanned aerial vehicles, said Wilson.

According to, SOFWERX, an initiative that facilitates rapid prototyping and technology experimentation between U.S. Special Operations Command and members of non-traditional industry and academia, is planning events related to ThunderDrone beginning in early September with a technology exposition. The event is meant to help completely change the face of drone warfare, and will be a living test bed for creating a drone marketplace, according to SOFWERX. Additionally, it will enable experimentation along with rapid prototyping.


Uber Driver Tips Hit $50 Million, Uber Adds New Features for Drivers "IndyWatch Feed Tech"

Uber is adding trip type preferences, more driver destinations, and long trip notifications for drivers. The changes come as tips to Uber drivers have hit $50 million:

"This week, we're going to hit $50 million dollars in tips for drivers," explained Uber's U.S. and Canada manager Rachel Holt. "We launched the tipping effort in three cities two months ago, but we didn't roll it out all over the U.S. until the middle of July. So we're really, really excited just to see how well that feature has done in just a short period of time."

That $50 million is a lot in context: Lyft has had the feature for years, and hit just $250 million in tips in July. Drivers have made around 200,000 phone calls to support, Holt says, since Uber introduced 24/7 phone service, and on average they reach an agent in less than 30 seconds. Eighty-five percent of drivers have said they're satisfied with the experience.

The new changes today are focused on adding more flexibility to the experience. If you're not super familiar with the driver experience, these might sound mysterious, but they're actually pretty straightforward, and each emphasizes greater freedom in how drivers manage their day.

Pay your Uber driver well, because Uber won't.

Original Submission

Read more of this story at SoylentNews.


Harvesting Copper from Microwave Ovens "IndyWatch Feed Tech"

Obsolete appliances were once a gold mine of parts, free for the taking with a few snips of your diagonal cutters. Times have changed, though, and most devices yield only a paltry supply of parts, so much so that only by harvesting raw materials can you get much value out of them. And so we have this example of reclaiming copper from used microwave ovens.

The primary source of copper in most microwaves is the transformer, which we usually see re-tasked for everything from spot welders to material handling electromagnets. But the transformer is not the only source of the red metal; [eWaste Ben] also harvests it from relay coils and the main coil and shading coils of the fan motor.  The bounty is melted down in an electric foundry and cast in a graphite mold into a lovely ingot.

Unless youre into repeatedly casting copper trinkets, a large bar of reclaimed copper might not be something you have a burning need to possess. But bearing in mind that copper can go for about $2.50 a pound at the scrap yard, theres some money to be made, especially with dead microwaves essentially free for the taking. As [Ben] points out, taking the extra step to melt and cast the copper harvested from microwaves makes no sense if all youre going to do is sell the scrap, but its nice to know how to do it just the same.

Filed under: green hacks, misc hacks


How Realistic Is Elon Musks Hyperloop? "IndyWatch Feed Tech"

Elon Musks plan for the hyperloop promised city-to-city travel at speeds in excess of 700 mph, making the trip between New York City and Washington, D.C., 29 minutes. Bloomberg QuickTake Q&A explains what hurdles exist, and how they can be overcome, before the hyperloop becomes reality. (video by Henry Baker) (Source: Bloomberg)


Cheap Polystyrene Could Enhance Perovskite Solar Cells "IndyWatch Feed Tech"

Researchers from The University of Manchester are using polystyrene particles rather than expensive polymers to make the next generation of solar cells, which are used to make solar panels, more stable and even cheaper.

The move could significantly reduce the cost of production and manufacturing of the solar cells, making electricity cheaper in the future for the public at a time when energy prices are increasing.

The research, published by The Royal Society of Chemistry in the journal Nanoscale [DOI: 10.1039/C7NR02650A] [DX], shows how University of Manchester scientists are using insulating polystyrene microgel particles to reduce the costs and improve the stability of Perovskite Solar Cells or PSCs.

[...] "The perovskite layer in solar cells is not inherently unstable, but the required [hole-transport material (HTM)] layer is. HTM layers made of congregated polymers are thin but they are also relatively expensive and contribute a significant portion of the total cost of the solar cell. In this study we used polystyrene, which is 1 ten thousandth of the cost of polymers to produce, and is also hydrophobic which helps improve the stability of PSCs. Overall the enhanced stability and lower costs of production hugely outweigh any of the decreased efficiency."

Original Submission

Read more of this story at SoylentNews.


Determining Kibble Level Via Time-of-Flight "IndyWatch Feed Tech"

[WTH] is building an IoT kitty food dispenser. There are a few of these projects floating around that measure out portions very sensibly  some use screws to dispense a set amount of food at a time, some measure the weight of the remaining stockpile. This build is definitely not that. This kitty food monitor uses a time of flight sensor to determine the remaining level of food in a hopper. [WTH]s feeder lets the cat eat all the grub it wants, then alerts the hooman when kibble levels drop below a certain level.

The project starts with one of those pet food dispensers that consist of a hopper that gravity feeds into the food bowl. As the animal eats that food, more dispenses into the bowl. Attached to the lid is an ESP8266 connected to an Adafruit time of flight sensor. This reports the kibble level in centimeters, which is good enough for [WTH]s purposes. Sensor data is logged to a Google Drive spreadsheet, published as a graph through M2X (AT&Ts IOT service), and texted to [WTH]s smart watch via IFTTT.

Look for a plethora of Tweeting, Instagramming, and otherwise automated feeding of the cat overlords right here on Hackaday. Check out automatic cat feeder dispenses noms, wants cheezburger, and a cat feeder made with laminator parts.

Filed under: misc hacks


Trial to Decide Whether Ex-Grubhub Driver Should be Classified as Employee "IndyWatch Feed Tech"

"This is the first case in California as to how the gig economy works," US Magistrate Judge Jacqueline Corley said during the Thursday hearing, likely the last hearing before the September 5 bench trial, which is expected to last about a week. Most of the hearing was taken up establishing procedural ground rules and wrapping up loose threads about witness availability, among other items.

This lawsuit just might provide an answer. If Grubhub must treat its drivers as employees, the employees would be entitled to all kinds of benefits, including unemployment, insurance, and reimbursement for various expenses, like gas and employee phone bills. In short, treating workers as employees could cost companies like Grubhub millions of dollars.

The case, known as Lawson v. Grubhub, which was first filed back in 2015, is one of a slew of ongoing cases filed against so-called "gig economy" firms. During the Thursday hearing, the judge said that she had only recently understood that, in this context, "gig" simply was slang for "job" or work. She seemingly was under the impression that it was related to the tech prefix "giga."

[...] "This trial is a milestone because similar cases have settled or been dismissed," Michael LeRoy, a labor law professor at the University of Illinois, e-mailed Ars. "When cases settle, the wage-and-hour laws are not applied and interpreted by courtsand therefore, it's hard to say for sure how the law is adapting to the rapid changes in gig work."

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


A Functioning 3D Printer For 10 "IndyWatch Feed Tech"

There was a time when crowdfunding websites were full of 3D printers at impossibly low prices. You knew that it would turn out to be either blatant vaporware or its delivery date would slip into the 2020s, but still there seemed always to be an eager queue ready to sign up. Even though there were promised models for under $200, $150, and then $100, there had to be a lower limit to the prices they were prepared to claim for their products. A $10 printer on Kickstarter for example would have been just a step too far.

There is a project thats come close to that mark though, even though the magic figure is 10 euros rather than 10 dollars, so just short of 12 dollars at todays exchange rate. [Michele Lizzit] has built a functioning 3D printer for himself, and claims that magic 10 build price. How on earth has he done it? The answer lies in extensive use of scrap components, in this case from broken inkjet printers and an image scanner. These provide all the mechanical parts for the printer, leaving him only having to spend his 10 on some hot end parts and the printers electronics. In an unusual move, the frame of the machine appears to come from a set of cardboard biscuit boxes, a master stroke of junk box construction.

The claimed resolution is 33m, and using the position encoders from the inkjet printers he is able to make it a closed loop device. We salute his ingenuity in building such an impressive printer from so little, and were we ever locked by the bad guys in a room full of IT junk and lacked a handy escape device, wed wish to be incarcerated with [Michele] any day over [Angus MacGyver] or [Sgt. Bosco BA Baracus].

You can see the printer in action in the video below the break.

Weve shown you another 3D printer made from inkjet parts, but not quite so cheaply. If you want to see how far weve come, in 2011 a cheap and easy 3D printer came in at $500. This is progress.

Filed under: 3d Printer hacks, slider ...


DailyStormer new site booted off after hosting provider gets DDoSed "IndyWatch Feed Tech"

By Waqas

It looks like there is no place for DailyStormer on the

This is a post from Read the original post: DailyStormer new site booted off after hosting provider gets DDoSed


DOJ To End Operation ChokePoint; Porn Stars Free To Bank Once More! | Techdirt "IndyWatch Feed Tech"

Submitted via IRC for TheMightyBuzzard

You may recall that in 2014 we wrote about a strange occurrence having to do with Chase Bank refusing to provide its banking services to Teagan Presley, a rather well known adult film actress. When it became clear that Presley wasn't the only performer to whom this was happening, it initially looked as though banks were engaging in a form of slut-shaming of adult film actors. It turned out, however, that it was the federal government doing the slut-shaming, with the emergence of the Department of Justice's Operation Choke Point. This DOJ policy that was developed to combat financial fraud somehow bled over the stencil lines and became a sort of banking morality police, encouraging banks to cut off services to industries like adult film, fireworks retail stores, and sellers engaged in what the DOJ deemed to be "racist materials." It's worth highlighting that all of these industries and actions, whether you like them or not, are legal, yet the DOJ was essentially attempting to extra-judiciously scuttle them through secretive federal policy. That should have terrified everyone, but didn't, and so the program went on.

Until recently. The justice department recently announced that Operation Choke Point will be ended.

The move hands a big victory to Republican lawmakers who charged that the initiative dubbed "Operation Choke Point" was hurting legitimate businesses. In a letter to House Judiciary Chairman Bob Goodlatte (R-Va.), Assistant Attorney General Stephen Boyd referred to the program as "a misguided initiative."

"We share your view that law abiding businesses should not be targeted simply for operating in an industry that a particular administration might disfavor," says the letter, obtained by progressive activist group Allied Progress and later provided to POLITICO by Goodlatte's office. "Enforcement decisions should always be made based on facts and the applicable law. We reiterate that the Department will not discourage the provision of financial services to lawful industries, including businesses engaged in short-term lending and firearms-related activities," it adds. A nearly identical letter was sent to Sens. Thom Tillis (R-N.C.) and Mike Crapo (R-Id...

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog