IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Thursday, 16 August

00:10

Ixia delivers visibility into all traffic in virtual workloads in private cloud environments "IndyWatch Feed Tech"

Keysight Technologies announced Cloud Sensor vTap, a new feature of CloudLens from Ixia, a Keysight Business. Cloud Sensor vTap enables organizations to manage their security risk in private and hybrid cloud environments, such as Microsoft Azure Stack, with visibility into East-West traffic without requiring access. The increase in cloud adoption has heightened the need for securing data, applications, and workloads that reside in any cloud-based environment. In fact, in a recent Ixia survey, Lack of More

The post Ixia delivers visibility into all traffic in virtual workloads in private cloud environments appeared first on Help Net Security.

00:10

CSI launches open API platform to provide secure connections to data "IndyWatch Feed Tech"

Computer Services introduces CSIbridge, an open application programming interface (API) platform, to give banks the power to build custom technology integrations that maximize efficiency and enhance competitiveness. CSIbridge provides a platform that banks and third-party providers can use to access data for ancillary solutions. CSI customers can take advantage of the open API platform to customize and release new services through pre-built APIs into banking features. Customers continue to expect more and more from their More

The post CSI launches open API platform to provide secure connections to data appeared first on Help Net Security.

00:09

PTC launches cybersecurity collaboration initiative for more secure and resilient IoT deployments "IndyWatch Feed Tech"

Continuing its commitment to promoting shared responsibility for safe and secure IoT deployments, PTC has unveiled a Coordinated Vulnerability Disclosure (CVD) Program. The new program is designed to support the reporting and remediation of security vulnerabilities that could affect the environments in which PTC products operate, including industrial and safety-critical industries. The CVD Program is a component of PTCs Shared Responsibility Model, which defines a framework for cybersecurity collaboration with customers, partners, and others within More

The post PTC launches cybersecurity collaboration initiative for more secure and resilient IoT deployments appeared first on Help Net Security.

00:09

Lockpath partners with RapidRatings to increase third-party risk visibility "IndyWatch Feed Tech"

Lockpath announced a new partnership with RapidRatings. This partnership aims to further risk management technology by broadening its scope to provide third-party risk visibility that includes financial health analytics. The partnership will include a technology integration of RapidRatings Financial Health Rating within Lockpaths Keylight Platform, a governance, integrated risk management and compliance (GRC) solution. This integration will benefit joint customers, who will be able to garner a view of the risk posed to them by More

The post Lockpath partners with RapidRatings to increase third-party risk visibility appeared first on Help Net Security.

00:08

EZShield acquires IdentityForce "IndyWatch Feed Tech"

EZShield announced it has acquired IdentityForce. The acquisition expands EZShields identity protection ecosystem by nearly 50 percent, providing partners in every industry, businesses of all sizes, and consumers with secure capabilities and restoration services. The pervasiveness of cyber fraud incidents and data breaches is estimated to cost $6 trillion annually by 2021. IdentityForce is a trusted, top-ranked leader in identity theft protection and their business is comprised of a highly customer-centric team of experts who More

The post EZShield acquires IdentityForce appeared first on Help Net Security.

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Wednesday, 15 August

23:13

SpaceX's Falcon Heavy Could Launch Japanese and European Payloads to Lunar Orbital Platform-Gateway "IndyWatch Feed Tech"

SpaceX's Falcon Heavy eyed by Europe/Japan

According to RussianSpaceWeb, SpaceX's Falcon Heavy rocket is under serious consideration for launches of major European and Japanese payloads associated with the Lunar Orbital Platform-Gateway (formerly the Deep Space Gateway).

[...] Regardless of the LOPG's existential merits, a lot of energy (and money) is currently being funneled into planning and initial hardware development for the lunar station's various modular segments. JAXA is currently analyzing ways to resupply LOPG and its crew complement with its HTV-X cargo spacecraft, currently targeting its first annual ISS resupply mission by the end of 2021. While JAXA will use its own domestic H-III rocket to launch HTV-X to the ISS, that rocket simply is not powerful enough to place a minimum of ~10,000 kg (22,000 lb) on a trans-lunar insertion (TLI) trajectory. As such, JAXA is examining SpaceX's Falcon Heavy as a prime (and affordable) option: by recovering both side boosters on SpaceX's drone ships and sacrificing the rocket's center core, a 2/3rds-reusable Falcon Heavy should be able to send as much as 20,000 kg to TLI (lunar orbit), according to comments made by CEO Elon Musk.

That impressive performance would also be needed for another LOPG payload, this time for ESA's 5-6 ton European System Providing Refueling Infrastructure and Telecommunications (ESPRIT) lunar station module. That component is unlikely to reach launch readiness before 2024, but ESA is already considering Falcon Heavy (over its own Ariane 6 rocket) in order to save some of the module's propellant. Weighing 6 metric tons at most, Falcon Heavy could most likely launch ESPRIT while still recovering all three of its booster stages.

Previously: NASA's Chief of Human Spaceflight Rules Out Use of Falcon Heavy for Lunar Station...

22:24

[$] The Data Transfer Project "IndyWatch Feed Tech"

Social networks are typically walled gardens; users of a service can interact with other users and their content, but cannot see or interact with data stored in competing services. Beyond that, though, these walled gardens have generally made it difficult or impossible to decide to switch to a competitorall of the user's data is locked into a particular site. Over time, that has been changing to some extent, but a new project has the potential to make it straightforward to switch to a new service without losing everything. The Data Transfer Project (DTP) is a collaborative project between several internet heavyweights that wants to "create an open-source, service-to-service data portability platform".

22:22

Google releases archive of online political ads "IndyWatch Feed Tech"

Google has released a library of political advertisements purchased on its platforms, revealing how much groups are spending on online campaign efforts and where theyre focusing.The archive is a new part of the company's regular...

22:15

How to update source tree at /usr/src using svn on FreeBSD "IndyWatch Feed Tech"

I compiled custom FreeBSD kernel for my FreeBSD jail to use vnet. How do I update my FreeBSD /usr/src/ code tree? How can I update source tree at /usr/src on FreeBSD using svn command to patch and compile kernel again?

The post How to update source tree at /usr/src using svn on FreeBSD appeared first on nixCraft.

22:10

New Intel chip flaw Foreshadow attacks SGX technology to extract sensitive data "IndyWatch Feed Tech"

By Waqas

Security fraternity is still dealing with the adverse consequences and versatile range of threats caused by the Spectre and Meltdown vulnerabilities. But, to add to their misery, there is another possibly worst hardware flaw detected by security researchers in Intel chips. This flaw, dubbed as Foreshadow, can obtain information even from the most secured components []

This is a post from HackRead.com Read the original post: New Intel chip flaw Foreshadow attacks SGX technology to extract sensitive data

22:00

Dont Forget Your Mints When Using This Synthesizer "IndyWatch Feed Tech"

While synthesizers in the music world are incredibly common, theyre not all keyboard-based instruments as you might be imagining. Especially if youre trying to get a specific feel or sound from a synthesizer in order to mimic a real instrument, there might be a better style synth that you can use. One of these types is the breath controller, a synthesizer specifically built to mimic the sound of wind instruments using the actual breath from a physical person. Available breath controllers can be pricey, though, so [Andrey] built his own.

To build the synthesizer, [Andrey] used a melodica hose and mouthpiece connected to a pressure sensor. He then built a condenser circuit on a custom Arduino shield and plugged it all into an Arduino Mega (although he notes that this is a bit of overkill). From there, the Arduino needed to be programmed to act as a MIDI device and to interact with the pressure sensor, and he was well on his way to a wind instrument synthesizer.

The beauty of synthesizers is not just in their ability to match the look and sound of existing instruments but to do things beyond the realm of traditional instruments as well, sometimes for a greatly reduced price point.

21:52

Intel Begins Teasing Their Discrete Graphics Card "IndyWatch Feed Tech"

Don't expect the Intel discrete gamer graphics card to come until 2020, but with the SIGGRAPH graphics conference happening this week in Vancouver, they have begun teasing their first PCI Express graphics card...

21:33

New Law Bans U.S. Government From Buying Equipment From Chinese Telecom Giants ZTE and Huawei "IndyWatch Feed Tech"

President Trump yesterday signed a defense funding bill that included a sweeping ban on the US government using technology supplied by Chinese telecommunications giants ZTE and Huawei. The bill also includes a narrower ban on using surveillance gear provided by Chinese companies Hytera Communications, Hangzhou Hikvision Digital Technology, or Dahua Technology for national security applications.

The legislation directs federal agencies to stop using the Chinese-made hardware within two years. If that proves impractical, an agency can apply for a waiver to permit a longer phase-out period.

Previously: Verizon Cancels Plans to Sell Huawei Phone Due to U.S. Government Pressure
U.S. Intelligence Agency Heads Warn Against Using Huawei and ZTE Products
The U.S. Intelligence Community's Demonization of Huawei Remains Highly Hypocritical
Huawei CEO Still Committed to the U.S. Market
Rural Wireless Association Opposes U.S. Government Ban on Huawei and ZTE Equipment
ZTE Suspends Operations Due to U.S. Ban (UPDATED)


Original Submission

Read more of this story at SoylentNews.

21:31

The U.S. Needs a Cyber Force More Than a Space Force "IndyWatch Feed Tech"

Agree?


Trump shouldnt be ridiculed for looking to the heavens, but a more urgent threat looms.

21:24

Google One launches with cheaper cloud storage plans "IndyWatch Feed Tech"

For some reason, Google is rebranding Google Drive storage plans under the name Google One. Along with the rebranding, Google is also improving its pricing in ways that give customers more options and more storage at lower prices. It marks the services first price cut in four years.

Google One plans start at the same place as Google Drive plans $1.99 per month for 100GB of additional storage but the situation improves after that. Google is introducing a new $2.99-per-month tier, which includes 200GB of storage, and its upgrading the $9.99-per-month tier to include 2TB of storage instead of 1TB.

We signed up for a 2TB storage option to try out Google One. The process is simple, you just head into Google Drive and click on Storage, then Upgrade Storage, to bring up all the possible upgrades.

21:23

Google Needs To Come Clean About Its Chinese Plans "IndyWatch Feed Tech"

In 2010, EFF and many other organizations praised Google for refusing to sacrifice the companys values for access to the Chinese market. At the time, this move followed public backlash and several attacks on Googles infrastructure that targeted the personal data of several prominent Chinese human rights activists. Googles departure from China showed that strong core values in fundamental human rights could beat out short-term economic gain in the calculus of an Internet company.

But now it seems the company has reversed course.

This news comes amid other reports of American tech giants compromising values to enter or remain within China: Facebook has piloted a censored version of its own platform, and Apple recently faced criticism for moving its customers' data into China-hosted servers, and adding code to filter the Taiwanese flag emoji in Chinese locales.

Within China, Googles direct competitor, Baidu, has been facing a significant amount of social, regulatory, and economic backlash over recent advertising malpractice, such as monetizing questionable medical advertisements, heavily deprioritizing non-Baidu services, and allegedly promoting phishing sites. There may well be...

21:22

Phoronix Test Suite 8.2 M2 Released With Offline Improvements, L1TF/Foreshadow Reporting "IndyWatch Feed Tech"

The second development snapshot of the upcoming Phoronix Test Suite 8.2-Rakkestad to benchmark to your heart's delight on Linux, macOS, Windows, Solaris, and BSD platforms from embedded/SBC systems to cloud and servers...

21:22

AI can peer pressure you, too "IndyWatch Feed Tech"

A new study finds children are particularly susceptible to the influence of AI.

21:19

Twitter restricts Infowars account "IndyWatch Feed Tech"

Twitter has restricted the account of the right-wing conspiracy show Infowars just hours after taking action against its host, Alex Jones.The Infowars account will be restricted from tweeting, but will still be able to browse Twitter and send direct...

21:16

Telling the Truth About Defects in Technology Should Never, Ever, Ever Be Illegal. EVER. "IndyWatch Feed Tech"

Congress has never made a law saying, "Corporations should get to decide who gets to publish truthful information about defects in their products," and the First Amendment wouldn't allow such a law but that hasn't stopped corporations from conjuring one out of thin air, and then defending it as though it was a natural right they'd had all along.

Some background: in 1986, Ronald Reagan, spooked by the Matthew Broderick movie Wargames (true story!) worked with Congress to pass a sweeping cybercrime bill called the Computer Fraud and Abuse Act (CFAA) that was exceedingly sloppily drafted. CFAA makes it a felony to "exceed[] authorized access" on someone else's computer in many instances.

Fast forward to 1998, when Bill Clinton and his Congress enacted the Digital Millennium Copyright Act (DMCA), a giant, gnarly hairball of digital copyright law that included section 1201, which bans bypassing any "technological measure" that "effectively controls access" to copyrighted works, or "traffic[ing]" in devices or services that bypass digital locks.

Notice that neither of these laws bans disclosure of defects, including security disclosures! But decades later, corporate lawyers and federal prosecutors have constructed a body of legal precedents that twist these overbroad laws into a rule that effectively gives corporations the power to decide who gets to tell the truth about flaws and bugs in their products.

Businesses and prosecutors have brought civil and criminal actions against researchers and whistleblowers who violated a company's terms of service in the process of discovering a defect. The argument goes like this: "Our terms of service ban probing our system for security defects. When you login to our server for that purpose, you 'exceed your authorization,' and that violates the Computer Fraud and Abuse Act."

Likewise, businesses and prosecutors have used Section 1201 of the DMCA to attack researchers who exposed defects in software and hardware. Here's how that argument goes: "We designed our products with a lock that you have to get around to discover the defects in our software. Since our software is copyrighted, that lock is an 'access control for a copyrighted work' and that means that your research is prohibited, and any publication you make explaining how to replicate your findings is illegal speech, because helping other people get around our locks is 'trafficking.'"

The First Amendment would certainly not allow Cong...

21:00

Widespread Instagram Hack Locking Users Out of Their Accounts "IndyWatch Feed Tech"

Instagram has been hit by a widespread hacking campaign that appears to stem from Russia and have affected hundreds of users over the past week, leaving them locked out of their accounts. A growing number of Instagram users are taking to social media, including Twitter and Reddit, to report a mysterious hack which involves locking them out of their account with their email addresses changed to

20:45

VKMS Coming In Linux 4.19 Is One Of The Best GSoC & Outreachy Projects Of The Year "IndyWatch Feed Tech"

One of the student summer coding projects that ended up being a cross between Google Summer of Code (GSoC) and Outreachy was the VKMS driver to provide a virtual KMS implementation for headless systems and other interesting use-cases...

20:44

Yuneecs latest drone comes with 4K shooting, voice controls, and face detection "IndyWatch Feed Tech"

Yuneecs Mantis Q is a foldable drone that features 4K, voice controls, face detection, and 33 minutes of battery life. Its available for preorder now.

20:43

This alga may be seeding the worlds skies with clouds "IndyWatch Feed Tech"

After some of these microbes die, their calcium shells make their way into sea air.

20:43

This one particle could solve five mega-mysteries of physics "IndyWatch Feed Tech"

Forget the Higgs: theorists have uncovered a missing link that explains dark matter, what happened in the big bang and more. Now theyre racing to find it.

By Michael Brooks

911? Its an emergency. The most important particle in the universe is missing. Florian Goertz knows this isnt a case for the police, but he is still waiting impatiently for a response. This 911 isnt a phone number, but a building on the northern edge of the worlds biggest particle accelerator.

20:43

Researchers suggest phonons may have mass and perhaps negative gravity "IndyWatch Feed Tech"

A trio of physicists with Columbia University is making waves with a new theory about phononsthey suggest they might have negative mass, and because of that, have negative gravity. Angelo Esposito, Rafael Krichevsky and Alberto Nicolis have written a paper to support their theory, including the math, and have uploaded it to the xrXiv preprint server.

Most theories depict waves as more of a collective event than as physical things. They are seen as the movement of molecules bumping against each other like balls on a pool tablethe energy of one ball knocking the next, and so onany motion in one direction is offset by motion in the opposite direction. In such a model, sound has no mass, and thus cannot be impacted by . But there may be more to the story. In their paper, the researchers suggest that the current theory does not fully explain everything that has been observed.

In recent years, physicists have come up with a word to describe the behavior of at a very small scalethe phonon. It describes the way sound vibrations cause complicated interactions with molecules, which allows the sound to propagate. The term has been useful because it allows for applying principles to sound that have previously been applied to actual particles. But no one has suggested that they actually are particles, which means they should not have mass. In this new effort, the researchers suggest the phonon could have negative , and because of that, could also have negative gravity.

20:42

Cant get out of bed? NASA picked the perfect songs to wake up its Mars rover "IndyWatch Feed Tech"

NASA engineers have crafted a themed playlist to greet their sleeping Opportunity rover on Mars, which lost power in a Martian dust storm in June.

20:40

Networking vendors patch against new cryptographic attack "IndyWatch Feed Tech"

Vulnerable IPSec IKE implementations used in Cisco, Huawei, ZyXel and Clavister networking devices can allow attackers to retrieve session keys and decrypt connections, researchers have found. The attack Dennis Felsch, Martin Grothe and Jrg Schwenk from Ruhr-Universitt Bochum, and Adam Czubak and Marcin Szymanek of the University of Opole are scheduled to demonstrate the new attack this week at the USENIX Security Symposium in Baltimore. In the meantime, they published a paper about their discovery. More

The post Networking vendors patch against new cryptographic attack appeared first on Help Net Security.

20:30

Rover V2 Handles Stairs as Easily as the Outdoors "IndyWatch Feed Tech"

Rover V2 is an open-source, 3D-printable robotic rover platform that has seen a lot of evolution and development from its creator, [tlalexander]. There are a number of interesting things about Rover V2s design, such as the way the wheel hubs themselves contain motors and custom planetary gearboxes. This system is compact and keeps weight down low to the ground, which helps keep a rover stable. The platform is all wheel drive, and moving parts like the suspension are kept high up, as far away from the ground as possible. Software is a custom Python stack running on a Raspberry Pi that provides basic control.

The Rover V2 is a full mechanical redesign of the previous version, which caught our attention with its intricate planetary gearing inside the wheel hubs. [tlalexander]s goal is to create a robust, reliable rover platform for development that, thanks to its design, can be mostly 3D printed and requires a minimum of specialized hardware.

The HackadayPrize2018 is Sponsored by:

20:22

India to launch its first manned space mission by 2022 "IndyWatch Feed Tech"

The countrys space agency plans to send a crew of three on a mission within 40 months.

20:12

Email Phishers Using New Way to Bypass Microsoft Office 365 Protections "IndyWatch Feed Tech"

Phishing works no matter how hard a company tries to protect its customers or employees. Security researchers have been warning of a new phishing attack that cybercriminals and email scammers are using in the wild to bypass the Advanced Threat Protection (ATP) mechanism implemented by widely used email services like Microsoft Office 365. Microsoft Office 365 is an all-in-solution for users

20:02

Weird circles in the sky may be signs of a universe before ours "IndyWatch Feed Tech"

By Chelsea Whyte

Swirling patterns in the sky may be signs of black holes that survived the destruction of a universe before the big bang.

What we claim were seeing is the final remnant after a black hole has evaporated away in the previous aeon, says Roger Penrose, a mathematical physicist at the University of Oxford.

19:50

Hundreds of Instagram accounts were hijacked in a coordinated attack "IndyWatch Feed Tech"

Hundreds of Instagram accounts were hijacked in what appears to be the result of a coordinated attack, all the accounts share common signs of compromise.

Alleged attackers have hijacked Instagram accounts and modified personal information making impossible to restore the accounts.

The number of Instagram accounts that was hacked has increased since the beginning of August, all the victims were logged out of their accounts, their personal and contact information were deleted, personal email address was changed.

The attackers changed victims email addresses with one associated to a Russian domain (.ru).

The media outlet Mashable first reported the spike in the account takeover.

Like half a dozen other hacking victims who spoke with Mashable, her profile photo had been changed, as had all the contact information linked to the account, which was now linked to an email with a .ru Russian domain. reported Mashable.

Megan and Kristas experiences are not isolated cases. They are two of hundreds of Instagram users who have reported similar attacks since the beginning of the month.

More than 5,000 tweets from 899 accounts were mentioning Instagram hacks in the last seven days, many users have been desperately tweeting at Instagrams Twitter account requesting support.

Numerous reports of hacks were reported on Reddit, and Mashable reported a Google Trends search that shows a spike in searches for Instagram hacked on Aug. 8, and again on Aug. 11.

Instagram accounts hacked

Instagram hacked accounts have had their profile photos changed with D...

19:44

A Small Team of Student AI Coders Beats Google's Machine-Learning Code "IndyWatch Feed Tech"

Submitted via IRC for SoyCow1984

Students from Fast.ai, a small organization that runs free machine-learning courses online, just created an AI algorithm that outperforms code from Google's researchers, according to an important benchmark.

Fast.ai's success is important because it sometimes seems as if only those with huge resources can do advanced AI research.

Fast.ai consists of part-time students keen to try their hand at machine learningand perhaps transition into a career in data science. It rents access to computers in Amazon's cloud.

But Fast.ai's team built an algorithm that beats Google's code, as measured using a benchmark called DAWNBench, from researchers at Stanford. This benchmark uses a common image classification task to track the speed of a deep-learning algorithm per dollar of compute power.

Google's researchers topped the previous rankings, in a category for training on several machines, using a custom-built collection its own chips designed specifically for machine learning. The Fast.ai team was able to produce something even faster, on roughly equivalent hardware.

"State-of-the-art results are not the exclusive domain of big companies," says Jeremy Howard, one of Fast.ai's founders and a prominent AI entrepreneur. Howard and his cofounder, Rachel Thomas, created Fast.ai to make AI more accessible and less exclusive.

Source: https://www.technologyreview.com/s/611858/small-team-of-ai-coders-beats-googles-code/


Original Submission

Read more of this story at SoylentNews.

19:33

Crypto Updates Sent In For Linux 4.19 Kernel, Speck Is Still In The Kernel "IndyWatch Feed Tech"

The Linux kernel's crypto subsystem updates were sent out today with its new feature work for the Linux 4.19 kernel. One change we were curious to see was whether they were going to nuke the Speck cipher code, but they did not...

19:02

SpaceX seeks approval for Starlink internet tests on high-performance govt. planes "IndyWatch Feed Tech"

According to updated regulatory documents and recent Aviation Week interviews with the US Air Force Research Laboratory, it can be all but guaranteed that the USAF has begun working with SpaceX to test the feasibility of using the companys planned Starlink satellite internet constellation for military communications purposes.

In early August, SpaceX updated regulatory documents required by the Federal Communications Commission (FCC) for the company to be permitted to experimental test its two prototype Starlink internet satellites, named Tintin A and B. Launched roughly six months ago as a copassenger on one of SpaceXs own Falcon 9 rockets, the satellite duo has been quietly performing a broad range of tests on orbit, particularly focused on general satellite operations, orbital maneuvering with SpaceXs own custom-built electric propulsion, and most importantly the experimental satellites cutting-edge communications capabilities.

The orbit histories of @SpaceXs Tintin A/B Starlink prototype satellites, launched in February! Some thoroughly intriguing differences in behavior over the six months theyve spent on-orbit. Data and visualizations generated by the lovely http://CalSky.com. pic.twitter.com/a8CfQaZJep

19:01

Track Everything, Everywhere with an IoT Barcode Scanner "IndyWatch Feed Tech"

Ive always considered barcodes to be one of those invisible innovations that profoundly changed the world. What we might recognize as modern barcodes were originally designed as a labor-saving device in the rail and retail industries, but were quickly adopted by factories for automation, hospitals to help prevent medication errors, and a wide variety of other industries to track the movements of goods.

Medication errors in hospitals are serious and scary: enter the humble barcode to save lives. Source: The State and Trends of Barcode, RFID, Biometric and Pharmacy Automation Technologies in US Hospitals

The technology is accessible, since all you really need is a printer to make barcodes. If youre already printing packaging for a product, it only costs you ink, or perhaps a small sticker. Barcodes are so ubiquitous that weve ceased noticing them; as an experiment I took a moment to count all of them on my (cluttered) desk I found 43 and probably didnt find them all.

Despite that, Ive only used them in exactly one project: a consultant and friend of mine asked me to build a reference database out of his fairly extensive library. I had a tablet with a camera in 2011, and used it to scan the ISBN barcodes to a list. That list was used to get the information needed to automatically enter the reference to a simple database, all I had to do was quickly verify that it was...

18:35

Europeans Take Upload Filter Protests to The Streets "IndyWatch Feed Tech"

After years of careful planning and negotiating, the European Parliament was ready to vote on its new copyright directive last month.

With backing from large political factions and pretty much the entire entertainment industry, many assumed that proposal would pass.

They were wrong.

The Copyright Directive was sent back to the drawing board following protests from legal scholars, Internet gurus, activists, and many members of the public. Article 13, often referred to as the upload filter proposal, was at the center of this pushback.

The vote was a massive blow to those who put their hope on the EUs proposed copyright changes. Following the failure of SOPA and ACTA, this was another disappointment, which triggered several entertainment industry insiders to call foul play.

They claimed that the grassroots protests were driven by automated tools, which spammed Members of Parliament were with protest messages, noting that large tech companies such as Google were partly behind this.

This narrative is gaining attention from the mainstream media, and there are even calls for a criminal investigation into the matter.

Opponents of the upload filters clearly disagree. In part triggered by the criticism, but more importantly, to ensure that copyright reform proposals will change for the better, they plan to move the protests to the streets of Europe later this month.

Julia Reda, the Pirate Partys Member of European Parliament, is calling people to join these protests, to have their voices heard, and to show the critics that there are real people behind the opposition.

We havent won yet. After their initial shock at losing the vote in July, the proponents of upload filters and the link tax have come up with a convenient narrative to downplay the massive public opposition they faced, Reda writes.

Theyre claiming the protest was all fake, generated by bots and orchestrated by big internet companies. According to them, Europeans dont actually care about their freedom of expression. We dont actually care about EU lawmaking enough to make our voices heard. We will just stand idly by a...

18:29

OpenSSH Username Enumeration "IndyWatch Feed Tech"

Posted by Qualys Security Advisory on Aug 15

Hi all,

We sent the following email to openssh () openssh com and
distros () vs openwall org about an hour ago, and it was decided that we
should send it to oss-security () lists openwall com right away (as far as
we know, no CVE has been assigned to this issue yet):

========================================================================

While reviewing the latest OpenSSH commits, we stumbled across:...

18:27

Google Pixel 3XL design and specs revealed in a massive leak "IndyWatch Feed Tech"

Leaked video of Google Pixel 3XL shows 6.7-Inch QHD+ Screen and a Triple-Camera Setup

Googles upcoming flagships, Pixel 3 and Pixel 3XL is expected to be released this October. However, a new unboxing video has revealed Pixel 3XL in its entirety. A Ukrainian blogger by the name Ivan Luchkov has posted a video of a white Pixel 3XL that uses the AnTuTu app. This reveals specifications, in-box content, and more regarding the forthcoming third-gen Pixel smartphone. The same blogger had earlier posted an unboxing video of Pixel 3XL confirming the addition of USB-C headphones.

Watch the leaked video Of Pixel 3XL specifications:

The video reveals that the Pixel 3XL will have a massive 6.7-inch screen. This is 0.7-inches bigger than the Pixel 2XL and 0.3-inches bigger than the newly launched Galaxy Note 9. The Pixel 3XL is the largest mass-market smartphone ever made. Other specs reveal that the phone will have a 29601440 display and 494ppi. It will come with 4GB of RAM and 64GB of non-expandable onboard storage. The device is also shown running Android 9.0 Pie out of the box and a Snapdragon 845 chipset.

The Pixel 3 XL will apparently boast three front-facing cameras, all of which are 8.1MP. It will also have a single 12.2 MP camera on the rear. The device is by a 3,430mAH battery, which is disappointingly smaller than the 3,520mAh battery included in Pixel 2 XL.

Images from the unboxing video also reveal that the Pixel 3 XL will come with a USB-C cable, USB adapter, 3.5mm adapter, and a pair of headphones that looks similar to Pixel Buds with a USB-C connector.

Since the Pixel 3 XL is still in the processing stage, there are chances that the hardware and features may vary when the Pixel 3 XL is finally launched.

Source: Android Police

The post Google Pixel 3XL design and specs revealed in a massive leak appeared first on TechWorm.

18:23

Links 15/8/2018: Akademy 2018 Wrapups and More Intel Defects "IndyWatch Feed Tech"

GNOME bluefish

Contents

GNU/Linux

18:11

AT&T hit with $224M lawsuit over cryptocurrency loss "IndyWatch Feed Tech"

Cryptocurrency investor Michael Terpin on Wednesday filed a $224 million lawsuit against AT&T, accusing the telecommunications company of gross negligence, fraud and other violations after millions in online currency were allegedly...

18:11

Xen Security Advisory 274 v3 (CVE-2018-14678) - Linux: Uninitialized state in x86 PV failsafe callback path "IndyWatch Feed Tech"

Posted by Xen . org security team on Aug 15

Xen Security Advisory CVE-2018-14678 / XSA-274

Linux: Uninitialized state in x86 PV failsafe callback path

UPDATES IN VERSION 3
====================

Fix spelling in CREDITS.

ISSUE DESCRIPTION
=================

Linux has a `failsafe` callback, invoked by Xen under certain
conditions. Normally in this failsafe callback, error_entry is paired
with error_exit; and error_entry uses %ebx...

18:11

OpenSSL (1.1.0g) Key Sniffed From Radio Signal "IndyWatch Feed Tech"

If you missed the OpenSSL update released in May, go back and get it: a Georgia Tech team recovered a 2048-bit RSA key from OpenSSL using smartphone processor radio emissions, in a single pass.

The good news is that their attack was on OpenSSL 1.1.0g, which was released last November, and the library has been updated since then. Dubbed One&Done, the attack was carried out by Georgia tech's Monjur Alam, Haider Adnan Khan, Moumita Dey, Nishith Sinha, Robert Callan, Alenka Zajic, and Milos Prvulovic.

The researchers only needed a simple and relatively low cost Ettus USRP B200 mini receiver (costing less than $1,000/900/800) to capture the revealing radio noise from a Samsung Galaxy phone, an Alcatel Ideal phone, and a A13-OLinuXino single-board computer.

In Georgia Tech's announcement, the group explained that its attack is the first to crack OpenSSL without exploiting cache timing or organisation.

[...] The good news is that not only was mitigation relatively simple, it improved OpenSSL's performance. Our mitigation relies on obtaining all the bits that belong to one window at once, rather than extracting the bits one at a time, the paper stated. For the attacker, this means that there are now billions of possibilities for the value to be extracted from the signal, while the number of signal samples available for this recovery is similar to what was originally used for making a binary (single-bit) decision.

This mitigation results in a slight improvement in execution time of the exponentiation, the paper continued.

Here's the link to the group's upcoming Usenix talk.


Original Submission

Read more of this story at SoylentNews.

18:00

Friday Hack Chat: LED Diffusion "IndyWatch Feed Tech"

A decade ago, the first Arduino projects featuring addressable RGB LEDs came on the scene, and the world hasnt been the same since. Now we have full wall video displays with WS2812s and APA102s, wearable blinky, and entire suits of armor made of LEDs. The future is bright, and in RGB.

For this weeks Hack Chat, were going to be talking all about how to maintain the blinky without eye-searing brightness. Its the LED Diffusion Hack Chat, full of tips and tricks on how to get the glowey without it being imprinted on your retina.

Our guest for this weeks Hack Chat is the incredible Becky Stern. Becky is one of the most prolific makers around and has a long history of fabricating some really, really cool stuff. Shes published hundreds of tutorials on everything from microcontrollers to computerized knitting machines, and has been featured by dozens of media outlets including the BBC, CNN, The Late Show with Colbert, VICE, and Forbes. Right now, shes working at Autodesk with Instructables.

During this Hack Chat, were going to be talking all about diffusing LEDs, with topics including:

  • Taking some san...

17:50

Mesa 18.2-RC3 Released With Two Dozen Fixes "IndyWatch Feed Tech"

Mesa 18.2 as the next quarterly feature release to the contained OpenGL/Vulkan drivers is about two weeks out if all goes well, but today for testing Mesa 18.2-RC3 is now available...

17:48

New Network 2030 Group Asks: What Comes After 5G? "IndyWatch Feed Tech"

The ITU focus group wants to make sure the backbone of every network can support future demand for data

5G report logo, link to report landing page

If you listen to the hype about 5G, with its promises of self-driving vehicles and immersive virtual reality, it doesnt take long to realize how much data the coming generation of wireless will require. But have engineers been so preoccupied with delivering low-latency networks to feed data-hungry applications that theyve forgotten about the rest of our vast, tangled telecommunications network? 

That concern has sparked some researchers to start thinking about where all that data will go after it travels from your phone to the nearest cell tower.

The International Telecommunication Union, an agency of the United Nations that coordinates telecom infrastructure between countries, recently launched a new focus group to, in part, address an emerging imbalance in our wireless communications. The group, Network 2030more accurately, the ITU-T Focus Group Technologies for Network 2030 (FG NET-2030)will explore ways to close the growing gap between the fixed and mobile components of future communications networks.

The fixed side and the mobile side are both parts of the unified system that sends information to all of our wireless devices. Even so, Richard Li, the chief scientist of future networks at Huawei and the chairman of the ITU Network 2030 group, sees enough of a distinction to consider them as two separate components. And that distinction is where he sees problems beginning to emerge.

Think of the mobile side as the antennas and radio waves that directly deliver data to our devices. This is the side that has gotten a lot of attention in recent years with the advent of 5G, along with beamforming, massive MIMO, and millimeter waves. The fixed side is everything elseincluding antennas to beam data wirelessly between two fixed points, and also the cables, fibers, and switches that handle the va...

...

17:43

Smart consumption management system for energy-efficient industrial companies "IndyWatch Feed Tech"

Energy use in industrial buildings continues to skyrocket, contributing to the negative impact on global warming and Earths natural resources. An EU initiative introduced a disruptive system thats able to reduce electricity consumption in the industrial sector.

Using energy efficiently helps industry save money, conserve resources and tackle climate change. ISO 50001 supports companies in all sectors to use energy more efficiently through the development of an system. It calls on the to integrate energy management into their overall efforts for improving quality and environmental management. Companies can perform several actions to successfully implement this new international standard, including creating policies for more efficient energy use, identifying significant areas of and targeting reductions.

17:43

Liquid battery could lead to flexible energy storage "IndyWatch Feed Tech"

A new type of energy storage system could revolutionise energy storage and drop the charging time of electric cars from hours to seconds.

In a new paper published today in the journal Nature Chemistry, chemists from the University of Glasgow discuss how they developed a system using a nano-molecule that can store electric power or giving a new type of hybrid storage system that can be used as a flow battery or for hydrogen storage.

Their hybrid-electric-hydrogen flow battery, based upon the design of a nanoscale battery molecule can store energy, releasing the power on demand as electric power or hydrogen gas that can be used a fuel. When a concentrated liquid containing the nano-molecules is made, the amount of energy it can store increases by almost 10 times. The energy can be released as either electricity or hydrogen gas meaning that the system could be used flexibly in situations that might need either a fuel or .

17:43

European aquaculture to benefit from a better quality of live feed "IndyWatch Feed Tech"

The aquaculture sector is growing, with fish farming being a key way to ensure Europe gets the quality food it needs without exploiting marine resources further. One key problem the industry faces is how to get the immature fish though their first few months one EU project may be about to smooth the way.

Aquaculture is a growing market within the EU, bringing employment and providing a sustainable source of fish at a time when our marine life is under pressure. The main bottle-neck for the production of marine fish is the juvenile phase, especially during the time in which live diets are used. Even the established species, sea bream and sea bass, have a very low survival rate with an average of 25 percent. For new species in aquaculture, such as amberjack and tuna, the mortality is even higher.

The natural first feed for most is crustacean nauplii, the offspring of many types of crustacean zooplankton. Fish larvae is evolutionary adapted to such a diet, and it is believed that this type of prey fulfils the fish larvas nutritional requirements.

17:43

State-of-the-art solar panel recycling plant "IndyWatch Feed Tech"

The German engineering company Geltz Umwelt-Technologie has successfully developed an advanced recycling plant for obsolete or ageing solar panels.

As sales of solar power increase, there is a looming problem that is quite often overlooked: disposing waste from outdated or destroyed . A surge in solar panel disposal is expected to take place in the early 2030s, given the design life of installed around the millennium.

To address this problem before this big disposal wave, the EU has funded the ELSi project. With strong competencies in plant manufacturing and wastewater treatment including , the Geltz Umwelt-Technologie firm has built a test and treatment facility at a large disposal firm to retrieve reusable materials from solar modules.

17:32

Foreshadow Attacks experts found 3 new Intel CPU side-channel flaws "IndyWatch Feed Tech"

Foreshadow Attacks Security researchers disclosed the details of three new speculative execution side-channel attacks that affect Intel processors.

The new flaws, dubbed Foreshadow and L1 Terminal Fault (L1TF), were discovered by two independent research teams.

An attacker could exploit the Foreshadow vulnerabilities attacks to gain access to the sensitive data stored in a computers memory or third-party clouds.

The flaws affect the Intels Core and Xeon processors, they were reported to Intel in January, shortly after the disclosure of Spectre and Meltdown attacks.

The three Foreshadow vulnerabilities are:

  • CVE-2018-3615 that affects the  Intels Software Guard Extensions (SGX);
  • CVE-2018-3620 that affects operating systems and System Management Mode (SMM); 
  • CVE-2018-3646 that affects virtualization software and Virtual Machine Monitors (VMM).

Today, Intel and our industry partners are sharing more details and mitigation information about a recently identified speculative execution side-channel method called L1 Terminal Fault (L1TF). This method affects select microprocessor products supporting Intel Software Guard Extensions (Intel SGX) and was first reported to us by researchers at KU Leuven University*, Technion Israel Institute of Technology*, University of Michigan*, University of Adelaide* and Data61.  reads the post published by Intel

Further research by our security team identified two related applications of L1TF with the potential to impact other microprocessors, operating systems and virtualization software..

Security researchers initially discovered the SGX vulnerability, meanwhile, Intel experts found other two other issues while analyzing the cause of Foreshadow.

All previously known attacks against Intel SGX rely on application-specific information leakage from either sidechannels [30, 39, 45, 51, 57, 58, 60] or software vulnerabilities [38, 59]. It was generally believed that well-written enclaves could prevent information leakage by adhering to good coding practices, such as never branching on secrets, prompting Intel to state that in general, these research papers do not demonstrate anything new or unexpected about the Intel SGX architecture. states the research paper.

[Foreshadow-NG] attacks can potentially be used...

17:31

Arcade Inspired Halloween Candy Dispenser "IndyWatch Feed Tech"

The days are getting shorter and the nights are a little cooler, which can only mean one thing: its officially time to start devising the trials youll put the neighborhood children through this Halloween. For [Randall Hendricks], that means building a new candy dispensing machine to make sure the kids have to work for their sugary reward. After all, wheres the challenge in just walking up and taking some candy from a bowl? These kids need to build character.

[Randall] writes in to share his early work on this years candy contraption which hes based on a popular arcade game called Goal Line Rush. In this skill based game a disc with various prizes spins slowly inside the machine, and the player has a button that will extend an arm from the rear of the disc. The trick is getting the timing right to push the prize off the disc and into the chute. Replace the prizes with some empty calorie balls of high fructose corn syrup, and you get the idea.

Theres still plenty of time before All Hallows Eve, so the machine is understandably still a bit rough. He hasnt started the enclosure yet, and at this point is still finalizing the mechanics. But this early peek looks very promising, and in the video after the break you can see how the machine doles out the goodies.

The disc is rotated by a high torque...

17:23

Lets pray for clear skies "IndyWatch Feed Tech"

The International Space Station (ISS) will be visible to the naked eye in several areas in the country starting tonight!

According to the NASA website, the space station looks like an airplane or a very bright star moving across the sky and moves considerably faster than a typical airplane.

17:22

U.S. $23 trillion will be lost if temperatures rise four degrees by 2100 "IndyWatch Feed Tech"

Imagine something similar to the Great Depression of 1929 hitting the world, but this time it never ends.

Economic modelling suggests this is the reality facing us if we continue emitting greenhouse gases and allowing temperatures to rise unabated.

Economists have largely underestimated the global economic damages from climate change, partly as a result of averaging these effects across countries and regions, but also because the likely behaviour of producers and consumers in a climate change future isnt usually taken into consideration in climate modelling.

17:11

Multiple vulnerabilities in Jenkins "IndyWatch Feed Tech"

Posted by Daniel Beck on Aug 15

Jenkins is an open source automation server which enables developers around
the world to reliably build, test, and deploy their software. The following
releases contain fixes for security vulnerabilities:

* Jenkins weekly 2.138
* Jenkins LTS 2.121.3

Summaries of the vulnerabilities are below. More details, severity, and
attribution can be found here:
https://jenkins.io/security/advisory/2018-08-15/

We provide advance notification for security...

17:03

Indonesia earthquakehow scrap tyres could stop buildings collapsing "IndyWatch Feed Tech"

At the time of writing, 436 people have died following an earthquake in the Indonesian island of Lombok. A further 2,500 people have been hospitalised with serious injuries and over 270,000 people have been displaced.

Earthquakes are one of the deadliest natural disasters, accounting for just 7.5% of such events between 1994 and 2013 but causing 37% of deaths. And, as with all , it isnt the countries that suffer the most earthquakes that see the biggest losses. Instead, the number of people who die in an earthquake is related to how developed the country is.

In Lombok, as in Nepal in 2015, many deaths were caused by the widespread collapse of local rickety houses incapable of withstanding the numerous aftershocks. More generally, low quality buildings and inadequate town planning are the two main reasons why seismic events are more destructive in developing countries.

17:03

New water-splitting technology brings clean hydrogen fuel one step closer "IndyWatch Feed Tech"

In the quest for clean alternative energy sources, hydrogen is a favorite. It releases a lot of energy when burnedwith a bonus: The major byproduct of burning hydrogen is pure water.

The big obstacle has been getting pure in sufficient quantity to burn. So scientists are studying , or HERs, a type of water-splitting technology in which electrodes, covered with catalytic materials, are inserted into water and charged with electricity. The interaction of the electricity, the catalysts and the water produce hydrogen gasa clean fueland clean, breathable oxygen.

Alas, there is a problem: At present, electrodes must be coated with precious, expensive metals, most notably platinum.

17:02

How to conserve half the planet without going hungry "IndyWatch Feed Tech"

Every day there are roughly 386,000 new mouths to feed, and in that same 24 hours, scientists estimate between one and 100 species will go extinct. Thats it. Lost forever.

To deal with the biodiversity crisis we need to find a way to give nature more spacehabitat loss is a key factor driving these extinctions. But how would this affect our food supplies?

New research, published in Nature Sustainability, found it could mean we lose a lot of food but exactly how much really depends on how we choose to give nature that space. Doing it right could mean rethinking how we do agriculture and altogether.

17:02

An Interview With Didier Coeurnelle "IndyWatch Feed Tech"

An interview with Didier Coeurnelle from the Healthy Life Extension Society.


As you might remember, we have recently posted about the Longevity Film Competition, an initiative by HEALES, ILA, and the SENS Research Foundation that encourages supporters of healthy life extension to produce a short film to popularize the subject.

Didier Coeurnelle is a jurist and the co-chair of HEALES, the Healthy Life Extension Society promoting life extension in Europe, as well as a long-standing member of social and environmental movements.

We got in touch with Didier, who serves as co-director of the competition, to ask him about the initiative and to share his thoughts on advocacy in general.

17:01

Masergy announces interoperability of global UCaaS with Cisco IP endpoints "IndyWatch Feed Tech"

Masergy announced the expansion of its UCaaS offering to include collaboration endpoints from Ciscos 8800 and 6800 series. This news highlights Masergys continued commitment to accommodate a variety of IP phones that are certified with its feature-rich Global UCaaS and Cloud Contact Center solutions. Todays global workforce requires advanced collaboration platforms to drive increased productivity, said Dean Manzoori, vice president of product management UCaaS, Masergy. As enterprises rapidly incorporate cloud-based unified communications services, Masergy is More

The post Masergy announces interoperability of global UCaaS with Cisco IP endpoints appeared first on Help Net Security.

17:00

Chaos and confusion reign with existing firewall infrastructure "IndyWatch Feed Tech"

Many organizations are still struggling to master basic firewall hygiene, promising increased complexity and risk associated with network security policy management for those planning to adopt hybrid cloud models and next-gen architectures, according to Firemons 2018 State of the Firewall report. The majority of respondents believe the firewall is still an important part of their overall security architecture, with 94% saying firewalls are as critical as always or more critical than ever. The same percentage More

The post Chaos and confusion reign with existing firewall infrastructure appeared first on Help Net Security.

16:58

Entrust Datacard receives patent for innovative card personalization process "IndyWatch Feed Tech"

Entrust Datacard announced that the company was awarded U.S. Patent No. 10,049,320 (Card Printing Mechanism with Card Return Path) on Aug. 14, 2018. This newly patented technology facilitates duplex card printing without the need for a second card printing mechanism, which reduces the cost and footprint of card personalization systems. With nearly 50 years of innovation in identity security and quality assurance, and several patents currently pending directed towards drop-on-demand (DoD) applications, Entrust Datacard continues More

The post Entrust Datacard receives patent for innovative card personalization process appeared first on Help Net Security.

16:57

Demand for online content and services drive Pulse Secure application delivery business growth "IndyWatch Feed Tech"

Pulse Secure announced that its virtual Application Delivery Controller (virtual ADC) business unit has achieved growth and increased market share in the last year. The announcement marks the one-year anniversary since Pulses acquisition of the virtual ADC Business Unit from Brocade Communications. Factors driving the companys success are the demand for online content and web services, and infrastructure requirements including cloud and hybrid IT growth, DevOps, containerization/Docker and workload migration. Brad Casemore, research vice president More

The post Demand for online content and services drive Pulse Secure application delivery business growth appeared first on Help Net Security.

16:55

Security updates for Wednesday "IndyWatch Feed Tech"

Security updates have been issued by CentOS (kernel), Debian (kernel, linux-4.9, postgresql-9.4, and ruby-zip), Fedora (cgit, firefox, knot-resolver, mingw-LibRaw, php-symfony, php-symfony3, php-symfony4, php-zendframework-zend-diactoros, php-zendframework-zend-feed, php-zendframework-zend-http, python2-django1.11, quazip, sox, and thunderbird-enigmail), openSUSE (python-Django and seamonkey), Oracle (kernel), Red Hat (kernel, kernel-rt, and redhat-virtualization-host), Scientific Linux (kernel), Slackware (openssl), SUSE (clamav, firefox, kernel, and samba), and Ubuntu (kernel, libxml2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-azure, linux-gcp, linux-lts-trusty, linux-lts-xenial, linux-aws, linux-raspi2, and samba).

16:52

Patch Tuesday, August 2018 Edition "IndyWatch Feed Tech"

Adobe and Microsoft each released security updates for their software on Tuesday. Adobe plugged five security holes in its Flash Player browser plugin. Microsoft pushed 17 updates to fix at least 60 vulnerabilities in Windows and other software, including two zero-day flaws that attackers were already exploiting before Microsoft issued patches to fix them.

According to security firm Ivanti, the first of the two zero-day flaws (CVE-2018-8373) is a critical flaw in Internet Explorer that attackers could use to foist malware on IE users who browse to hacked or booby-trapped sites. The other zero-day is a bug (CVE-2018-8414) in the Windows 10 shell that could allow an attacker to run code of his choice.

Microsoft also patched more variants of the Meltdown/Spectre memory vulnerabilities, collectively dubbed Foreshadow by a team of researchers who discovered and reported the Intel-based flaws. For more information about how Foreshadow works, check out their academic paper (PDF), and/or the video below. Microsofts analysis is here.

One nifty little bug fixed in this patch batch is CVE-2018-8345. It addresses a problem in the way Windows handles shortcut files; ending in the .lnk extension, shortcut files are Windows components that link (hence the lnk extension) easy-to-recognize icons to specific executable programs, and are typically placed on the users Desktop or Start Menu.

That description of a shortcut file was taken verbatim from the first widely read report on what would later be dubbed the Stuxnet...

16:46

August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days "IndyWatch Feed Tech"

In the August 2018 Patch Tuesday, Microsoft has plugged over 60 vulnerabilities, two of which are being actively exploited in the wild. In addition to those, the company has also released a critical update advisory that addresses vulnerabilities found and patched in Adobe Flash. Exploited zero-days The two patched zero-days are: CVE-2018-8414 A vulnerability in Windows Shell that can be triggered by a user opening a specially crafted file and could allow the attacker More

The post August 2018 Patch Tuesday: Microsoft fixes two actively exploited zero-days appeared first on Help Net Security.

16:37

Early Japanese Eating Habits Gleaned From Hairs In Old Books "IndyWatch Feed Tech"

The diet and eating habits of earlier civilizations has been inferred from old manuscripts and artwork, but there is always a question as to how representative that is of what the common diet was at the time, in much the same way as whether in a millennia from now one could infer our modern-day diet from surviving ``foodie'' magazines. It is always a bonus when you can have access to direct tissue to analyze. In a recent paper in the Open Access journal Nature Scientific Reports, Atsushi Maruyama and colleagues in Japan acquired a number of book sets produced during the Edo period and they analyzed samples of human hair found in the books. By analyzing the abundances of various carbon and nitrogen isotopes they were able to make inferences about the early Japanese diet.

The covers of such books are made of recycled thick paper, which, for financial reasons, was believed to have been produced soon before book printing, using waste paper collected in the same cities where the books were printed. Because the hairs are embedded in the paper fibres, the hairs are thought to have been mixed accidentally during waste paper collection or blended intentionally for reinforcement during paper production. In either case, the hairs most likely belong to people living in the city and year of book printing, both of which are available from the records (colophon) on the book. Thus, the hairs found in each book, together with the records of time and place, constitute the ideal human tissue samples to reconstruct the eating habits at the time and place of the book printing, using isotope analysis.

They found that people depended upon rice, vegetables, and fish more exclusively than contemporary Japanese people. They also noticed that the levels of nitrogen increased over 200 years, indicating an increase in the contribution of marine fish as both food and fertilizer, which generally confirms what literature-based studies have found.

Atsushi Maruyama, Jun'ichiro Takemura, Hayato Sawada, Takaaki Kaneko, Yukihiro Kohmatsu & Atsushi Iriguchi, Hairs in old books isotopically reconstruct the eating habits of early modern Japan, Scientific Reports volume 8, Article number: 12152 (2018)


Original Submission

Read more of this story at SoylentNews.

16:30

Top 10 Free Movie Download Websites | Watch movies online legally 2018 "IndyWatch Feed Tech"

List of top 10 free movie download websites that are absolutely legal to download HD movies or to watch them online

I am simply a lunatic movie lover, and I guess you too, for you are here! Well, we all love watching movies, dont we? Certainly, that appears to be one of the most amazing ways we can spend our leisure time. Whenever I find the weekend to be near, I get to look for ways to spend my off-time. However, when I switch on to download movies, I tend to dive into immense confusion since there are a plenty of websites, but only a few of them are legal. Keeping this in mind, today I decided to make things clear for you. This ultimately made me come up with a list of top 10 free movie download websites that are absolutely legal, without any doubt!

Crackle

Free Movie Download Websites | Crackle

Crackle is one of the best online movie streaming apps available today. It lets you watch your favorite movies online. This website supports vision in tablets, streaming players, gaming console, smart TVs, and mobiles as well. All you need is to create an account with Crackle. Simply put your device activation code. If you are not much in favor of downloading the movie, Crackle still allows you to watch it online without downloading!

Vimeo

...

16:22

DDoS attackers increasingly strike outside of normal business hours "IndyWatch Feed Tech"

DDoS attack volumes have increased by 50% to an average of 3.3 Gbps during May, June and July 2018, compared to 2.2 Gbps during the previous quarter, according to Link11. Attacks are also becoming increasingly complex, with 46% of incidents using two or more vectors. While attack volumes increased, researchers recorded a 36% decrease in the overall number of attacks. There was a total of 9,325 attacks during the quarter: an average of 102 attacks More

The post DDoS attackers increasingly strike outside of normal business hours appeared first on Help Net Security.

16:17

10 Reasons to Attend ONS Europe in September | Registration Deadline Approaching Register & Save $605 "IndyWatch Feed Tech"

Heres a sneak peek at why you need to be at Open Networking Summit Europe in Amsterdam next month! But hurry spots are going quickly. Secure your spot and register by September 1 to save $605.

16:08

Haru: An Experimental Social Robot From Honda Research "IndyWatch Feed Tech"

The Honda Research Institute gives an in-depth look at the design of its newest social robot prototype

Social robots have had it tough recently. There are lots of reasons for this, but a big part of it is that its a challenge to develop a social robot thats able to spark long-term user interest without driving initial expectations impractically high. This isnt just the case for commercial robotssocial robots designed for long-term user interaction studies have the same sorts of issues. The Honda Research Institute is well aware of how tricky this is, and researchers there have been working on the design of a prototype social robot that achieves a balance between human expectation, surface appearance, physical affordance, and robot functionality. Its called Haru, and Honda Research has provided a fascinating and detailed look into how they came up with its design.

A paper on Haru was presented at the ACM/IEEE International Conference on Human Robot Interaction (HRI) earlier this year, and the introduction does a lovely job of presenting why its so important to carefully consider the physical design of social robots intended to interact with humans:

Various studies confirm that human expectations are shaped by the physical attributes of a robot. As a consequence, human expectations can set the bar high depending on the promise it holds as a function of its physical appearance and how this measures up with the robots actual affordances. For example, a six-foot-tall humanoid robot with a futuristic look would turn out be a disappointment if it only performed Q&A tasks and nothing more. This indifference does not impact on the smaller and basic-shaped smart devices, as the simple Q&A task completion of current smart devices is proportional to the simple image they project. The physical and aesthetic elements of a robot require considered design as they affect its prospect of acceptance and long-term adoption. It is essential to foresee in advance the implicit illusionary functionality brought upon by the design of the robots physical affordance, and to strike a balance between this and human expectation. Keeping human expectation low while stoking interest at the same time may prove to be a good strategy.

Its possible that this is not just a good strategy, but the best strategy (or in fact the only strategy). Were tempted to ascribe all kinds of things to robots that look even vaguely human, and thats been one of the issues that social robots have had in the pastenough human-ness that users think theyre more competent than they are. Commercial...

16:01

Stop Using Python 2: What You Need to Know About Python 3 "IndyWatch Feed Tech"

Though Python 3 was released in 2008, many projects are still stuck on Python 2.

Well take you through some of the features that Python 2 programs are missing out on, not only from 3.0 but up to the current release (3.7).

Why Python 3 Happened

Before 2008, Python developers had a bit of a headache. The language that started in the 1989 Christmas holidays as the pet project of Guido van Rossum was now growing at a fast pace. Features had been piled on, and the project was now large enough that earlier design decisions were hindering implementation. Because of this, the process of adding new features was becoming an exercise in hacking around the existing code.

The solution was Python 3: the only release that deliberately broke backwards compatibility. At the time, the decision was controversial. Was it acceptable for a publicly used open source project to purposefully break on older code? Despite the backlash, the decision was taken, giving Guido and the developers a one off chance to clean out redundant code, fix common pitfalls and re-architect the language. The aim was that within Python 3 there would be only one obvious way of doing things. Its testament to the design choices made back then that were still on 3.x releases a decade later.

The __future__ is Now

The __future__ import is a slice of time-travelling wizardry which allows you to summon select features from future releases of Python. In fact, the current Python release, 3.7, contains __future__ imports from releases which havent yet been written!

Ok fine, so its not quite as grandiose as that, a __future__ import is just an explicit indicator of switching on new syntax which is packaged with the current release. We thought wed mention it because a few of the Python 3 features listed below can be __future__ imported and used in 2.6 and 2.7, which were released to coincide with 3.0 and 3.1 respectively. Having said this, upgrading is, of course, still advised as new features are frozen in past releases and will not benefit from the evolution and maintenance of current versions.

Onto what youre missing out on in Python 3

Print is a Function

Yes, we know that most people are aware of this, but its one of t...

15:45

An Early Look At The L1 Terminal Fault "L1TF" Performance Impact On Virtual Machines "IndyWatch Feed Tech"

Yesterday the latest speculative execution vulnerability was disclosed that was akin to Meltdown and is dubbed the L1 Terminal Fault, or "L1TF" for short. Here are some very early benchmarks of the performance impact of the L1TF mitigation on the Linux virtual machine performance when testing the various levels of mitigation as well as the unpatched system performance prior to this vulnerability coming to light.

15:35

5 Jobs Robots Will Never take from Humans "IndyWatch Feed Tech"

Intro

Do robots really come to take over our jobs? The line has been drawn with latest AI breakthrough programmes, like AlphaZero, which is able to beat you in Chess, Go and Shogi, so human worries are never been as real, as they are today. Some still think, that we still have a long road to go, referencing new technologies, that are only implemented at the very beginning stages, like surgical robotics for instance. These people, however, forget, that they are already using automatic cashiers and train sales station assistants as a regular convenience, forgetting that not so long ago these tasks were performed by another human-being and was considered a fully obligated paid job. Is this true then, that every task robot performs is better what human abilities can achieve? With this question in mind, for all of you critics, believers, skeptics and dreamers, today we will talk about certain job skills in which humans can still give AI a good run for their money.

Creativity

This one is a no-brainer yes, machines can actually recognize your face on a photograph, but can they actually paint one? Computer programs are very effective at calculating a viable solution from a number of options, but when it comes to creating their own creative choice they fail miserably. Creating something from scratch is still something that robots are yet to replicate since even we as humans do not fully understand what makes our brain spark with a new idea. Experts are getting robots to make some works of art, recipes and even inspirational quotes, but the end results are, well, mixed, to say the least. All of this means, that any job that is heavily based on a creative process, like musicians, writers, entrepreneurs, etc. can stop breathing heavily they can safely bet for being untouched for a long while.
...

15:11

Sex extortion emails now quoting part of their victims phone number "IndyWatch Feed Tech"

Some computer users are reporting that they have received a new type of extortion email in their inbox, which - in an attempt to scare them into giving in to demands for money - quotes part of their phone number.

But where are the blackmailers getting the phone number from?

15:02

Universal Method to Sort Complex Information Found "IndyWatch Feed Tech"

The nearest neighbor problem asks where a new point fits in to an existing data set. A few researchers set out to prove that there was no universal way to solve it. Instead, they found such a way.

If you were opening a coffee shop, there's a question you'd want answered: Where's the next closest cafe? This information would help you understand your competition.

This scenario is an example of a type of problem widely studied in computer science called "nearest neighbor" search. It asks, given a data set and a new data point, which point in your existing data is closest to your new point? It's a question that comes up in many everyday situations in areas such as genomics research, image searches and Spotify recommendations.

And unlike the coffee shop example, nearest neighbor questions are often very hard to answer. Over the past few decades, top minds in computer science have applied themselves to finding a better way to solve the problem. In particular, they've tried to address complications that arise because different data sets can use very different definitions of what it means for two points to be "close" to one another.

Now, a team of computer scientists has come up with a radically new way of solving nearest neighbor problems. In a pair of papers, five computer scientists have elaborated the first general-purpose method of solving nearest neighbor questions for complex data.


Original Submission

Read more of this story at SoylentNews.

14:33

Russian trolls had burst of activity for pro-Trump website: report "IndyWatch Feed Tech"

Russian social media operatives stepped up activity last year to boost a website known for inaccurate content favorable toward President Trump, eight months after carrying out a disinformation campaign during the 2016 campaign.Bloomberg...

14:33

A Git Origin Story "IndyWatch Feed Tech"

A look at Linux kernel developers' various revision control solutions through the years, Linus Torvalds' decision to use BitKeeper and the controversy that followed, and how Git came to be created.

14:24

Exabeam raises $50 million in series D funding to disrupt SIEM market "IndyWatch Feed Tech"

Exabeam announced that it has closed $50 million in Series D funding. The round, backed entirely by existing investors, was led by Lightspeed Venture Partners and supported by Aspect Ventures, Cisco Investments, Icon Ventures, Norwest Venture Partners and cybersecurity investor Shlomo Kramer. The funds will be used to grow the companys cloud portfolio, as well as sales and channels to expedite global expansion. The complexities in securing modern digital businesses, along with the increase in More

The post Exabeam raises $50 million in series D funding to disrupt SIEM market appeared first on Help Net Security.

14:21

Splunk .conf18 to feature industry visionaries and product innovations "IndyWatch Feed Tech"

Splunk announced that industry visionaries including Steve Wozniak, will present at .conf18, the annual Splunk conference. The event will take place from October 1-4, 2018, at the Walt Disney World Swan and Dolphin Resort in Orlando, Florida. More than 9,000 people are expected to attend .conf18 to learn about the latest Splunk products and innovations spanning IT, security, developer, artificial intelligence and machine learning, mobile, and the Internet of Things (IoT) technology. Attendees will participate More

The post Splunk .conf18 to feature industry visionaries and product innovations appeared first on Help Net Security.

14:20

Orange acquires Basefarm Holding to support its cloud computing strategy "IndyWatch Feed Tech"

Orange announced that it has completed the acquisition of 100% of Basefarm through its enterprise subsidiary Orange Business Services following the approbation of the competition authorities. Basefarm is an European player in cloud-based infrastructure and services, as well as the management of critical applications and data analysis. The company, which recorded revenues of over 100 million euros in 2017, has enjoyed growth since its creation. Basefarm has an operational presence in several European countries, particularly More

The post Orange acquires Basefarm Holding to support its cloud computing strategy appeared first on Help Net Security.

14:19

Jarno Limnll appointed CEO of IoT infrastructure security firm Tosibox "IndyWatch Feed Tech"

IoT infrastructure security firm Tosibox Oy of Finland announces the appointment of cyber security expert Jarno Limnll as its new Chief Executive Officer. In his new role, Limnll is to lead the drive for Tosiboxs remote connection technology to become the standard for secure Internet of Things (IoT) infrastructures in network management. Clearly, Tosibox is delighted to welcome Jarno Limnll as its new CEO, says Markku Tapio, Chairman of the Board of Tosibox Oy. He More

The post Jarno Limnll appointed CEO of IoT infrastructure security firm Tosibox appeared first on Help Net Security.

14:17

Why Locking Down the Kernel Wont Stall Linux Improvements "IndyWatch Feed Tech"

The Linux Kernel Hardening Project is making significant strides in reducing vulnerabilities and increasing the effort required to exploit vulnerabilities that remain. Much of what has been implemented is obviously valuable, but sometimes the benefit is more subtle. In some cases, changes with clear merit face opposition because of performance issues. In other instances, the amount of code change required can be prohibitive. Sometimes the cost of additional security development overwhelms the value expected from it.

13:52

PUBG Mobile Lite APK Download | How To Install It "IndyWatch Feed Tech"

How to download PUBG Mobile Lite APK and install it

PUBG Mobile lite Well, this game needs to introduction. You might have heard about this in the past few weeks. Every gaming channel on youtube or even your friends are talking about this. There are plenty of reasons why this game became so famous. It was first launched for desktops and PCs only but this year it was launched for smartphones too. This did a great welfare to all game lovers out there. They quickly downloaded it from the play store and even before you realize its popularity, it went viral like a hell. So in this article, we are providing you with the best way to download and install PUBG.

Download PUBG Mobile lite using Apk File

Yes, you can download PUBG using an APK file. There are two popular APK sites which have highest ranking regarding PUBG download.

  1. ApkPure
  2. ApkMirror

You can directly move to the download sections of PUBG just by clicking these website names Above.

Procedure on how to install PUBG Mobile lite: (Apkpure version)

  • Download the APKPure app
  • Search for PUBG Mobile app and download the APK file
  • Once downloaded, install the PUBG Mobile Lite APK on your smartphone
  • Before you can play the game, you need a VPN to connect to the Philippines server in order to enter a battle royale. (We used X-VPN and had to buy a premium subscription to unlock the Philippines location in order to play PUBG Mobile Lite. However, you can download any other VPN which can set your location in the Philippines).
  • Once youve set your location, you can connect to the local server and start a match.

Procedure on how to install: (Apkmirror version)

  • Simply follow the link above ApkMirror

Another way to download PUBG Is using Google Play store

In this method, you just need to download PUBG like you do for other games.

  • Open Play store...

13:49

64-bit ARM Changes For Linux 4.19 Has "A Bunch Of Good Stuff" "IndyWatch Feed Tech"

Will Deacon submitted the 64-bit ARM (ARM64/AArch64) changes on Tuesday for the Linux 4.19 kernel merge window...

13:45

New Office 365 phishing attack uses malicious links in SharePoint documents "IndyWatch Feed Tech"

Fake emails targeting Office 365 users via malicious links inserted into SharePoint documents are the latest trick phishers employ to bypass the platforms built-in security, Avanan researchers warn. The cloud security company says that the phishing attack was leveraged against some 10% of its Office 365 customers in the past two weeks and they believe the same percentage applies to Office 365 globally. About the PhishPoint attack The victim receives an email containing a link More

The post New Office 365 phishing attack uses malicious links in SharePoint documents appeared first on Help Net Security.

13:30

PSD2 SCA requirements will be implemented soon, are you ready? "IndyWatch Feed Tech"

As the second Payment Services Directive continues its rollout, regulations making it obligatory for organisations to implement strong customer authentication (SCA) in online payments will come into force on September 19th this year. Despite the proximity of this new requirement, regulators have still not made clear what the most effective way to implement SCA is, in a way that does not compromise on customer convenience. This points to a need for greater collaboration between key More

The post PSD2 SCA requirements will be implemented soon, are you ready? appeared first on Help Net Security.

13:28

How to install Fortnite for android ? | APK Download "IndyWatch Feed Tech"

How you can download Fortnite APK and install it

Fortnite made disaster in the smartphone gaming industry when it was first launched on iOS. But now it even did more to Android users. As we all know that this game was exclusively launched for only Samsung devices before. But that exclusivity lasted no longer. After a few days, an Apk file was available in the market targeting non-Samsung devices too. Allowing other users to download and install fortnite on their devices. Now anyone can get an access to this game. You can also get access by simply downloading this game from the link provided just below this article.

So after the tremendous success of PUBG, many gamers have shifted towards this masterpiece. The reason is pretty simple, this game has a great potential. I personally played it and felt this game is better than PUBG in terms of performance and graphics. Well, you can try your taste by following the installation guide below:-

Few things to remember before Installing this game (Fortnite):

1. Avoid Playstore

If you are thinking to download this game from official google play store then you are just wasting your time. This game is only available on Fornites official website or on apk website (Link just below this article).

2. Check your device

Check your device first. If you have a compatible Samsung device then you dont need to do anything much. Just simply download Fortnite right away, either through the Samsung Game Launcher or Epics website. In order to check if your device is compatible or not visit Download Fornite for android.

3. Sign Up for the waiting list

4. Waiting for Invite

In this part, all you patience skills will be tested to its core. Some people are getting invites early and some are just waiting for the beautiful moment when they receive e-mail notification via Epic Games. Since the craze and hipe of this game have increased t...

13:25

Systematic Analysis Reduces One Chicago Location's Parking Tickets by 50% "IndyWatch Feed Tech"

Utilizing FOIA and some clever software Mr. Chapman quickly identifies a troubled spot for parking in Chicago and gets results!

http://mchap.io/using-foia-data-and-unix-to-halve-major-source-of-parking-tickets.html

The story relates how the author used Freedom of Information Act requests to gather raw data on parking tickets issued in Chicago. What he received was a semicolon-delimited text file containing a great number of data entry errors. The author outlines the steps taken to clean and extract data on a likely problematic parking location. Armed with this data, he visited the location and discovered very confusing signage. He reported this to the city, who rectified the signage. This led to a 50 percent decrease in the number of tickets issued for that location.

I immediately asked myself three things

1. How much more effective has that corner become?
2. Who's grumbling about the loss of revenue?
3. What would happen if more of us did this very thing?


Original Submission

Read more of this story at SoylentNews.

13:00

A Remotely Controlled Kindle Page Turner "IndyWatch Feed Tech"

One of the biggest advantages of e-readers such as the Kindle is the fact that it doesnt weigh as much as a traditional hardcover book, much less the thousands of books it can hold in digital form. Which is especially nice if you drop the thing on your face while reading in bed. But as light and easy to use as the Kindle is, you still need to hold it in your hands and interact with it like some kind of a babys toy.

Looking for a way to operate the Kindle without having to go through the exhaustive effort of raising their hand, [abm513] designed and built a clip-on device that makes using Amazons e-reader even easier. At the press of a button, the device knocks on the edge of the screen which advances the book to the next page. Going back a page will still require you to extend your meaty digit, but thats your own fault for standing in the way of progress.

The 3D printed case holds an Arduino and RF receiver, as well as a small servo to power the karate-chop action. Theres no battery inside, meaning the device needs to stay plugged in via a micro USB connection on the back of the case. But lets be honest: if youre the kind of person who has a remote-controlled Kindle, you probably arent leaving the house anytime soon.

To...

12:56

Machine Learning Could Help Identify Author of an Anonymous Code "IndyWatch Feed Tech"

Machine Learning Algorithm That De-anonymizes Programmers From Source Code And Binaries

Researchers have found that machine learning can be used to help identify pieces of codes, binaries, and exploits written by anonymous programmers, according to Wired. In other words, machine learning can de-anonymize programmers from source-code or binary form.

The study was presented by Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadts former Ph.D. student and now an assistant professor at George Washington University, at the DefCon hacking experience.

How To De-Anonymize Code

According to the researchers, the code written in the programming language is not completely anonymous. The abstract syntax trees contain stylistic fingerprints that can be used to potentially identify programmers from code and binaries.

In order to study the binary experiment, the researchers examined code samples in machine learning algorithms and removed all the features such as choice of words used, how to organize codes and length of the code. They then narrowed the features to only include the ones that actually differentiate developers from each other.

Examples of a programmers work are fed into the AI where it studies the coding structure. This approach trains an algorithm to recognize a programmers coding structure based on examples of their work.

For the testing, Caliskan and the other researchers used code samples from Googles annual Code Jam competition. It was found that 83% of the time, the AI was successful in identifying the programmers from the sample size.

Where can it be used?

This approach could be used for identifying malware creators or investigating instances of hacks. It can also be used to find out if students studying programming stole codes from others, or whether a developer violated a non-compete clause in their employment contract.

Privacy Implications

However, this approach could have privacy implications, especially for those thousands of developers who contribute open-source code to the world and choose to remain anonymous for certain reasons.

Future Work

Greenstadt and Caliskan plan to study how other factors might affect a persons coding style. For instance, questions such as what happens w...

12:49

DRM Updates Sent In For Linux 4.19 With New VKMS Driver, Intel Icelake Work "IndyWatch Feed Tech"

David Airlie has submitted the Direct Rendering Manager (DRM) updates for the Linux 4.19 kernel merge window with these various open-source graphics/display driver updates...

12:42

Surfing the internet with your mind seems to be a great step forward "IndyWatch Feed Tech"

The implications are mind-boggling, oh yes.


Check out what MIT media lab does using bone conduction technology.

#technology #future #internet #biotechnology #communication #immersiveleaks

12:28

Top Linux Developers' Recommended Programming Books "IndyWatch Feed Tech"

Without question, Linux was created by brilliant programmers who employed good computer science knowledge. Let the Linux programmers whose names you know share the books that got them started and the technology references they recommend for today's developers. How many of them have you read?

12:08

Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) "IndyWatch Feed Tech"

Posted by Marcus Meissner on Aug 15

Hi,

no.

SegmentSmack affects TCP segments,
FragmentSmack affects IP fragments (lower protocol level).

Ciao, Marcus

11:48

New Bugs Leave Millions of Phones Vulnerable to Hackers "IndyWatch Feed Tech"

Submitted via IRC for BoyceMagooglyMonkey

Research funded by the Department of Homeland Security has found a "slew" of vulnerabilities in mobile devices offered by the four major U.S. cell phone carriers, including loopholes that may allow a hacker to gain access to a user's data, emails, text messages without the owner's knowledge.

The flaws allow a user "to escalate privileges and take over the device," Vincent Sritapan, a program manager at the Department of Homeland Security's Science and Technology Directorate told Fifth Domain during the Black Hat conference in Las Vegas.

The vulnerabilities are built into devices before a customer purchases the phone. Researchers said it is not clear if hackers have exploited the loophole yet.

Department of Homeland Security officials declined to say which manufacturers have the underlying vulnerabilities.

Millions of users in the U.S. are likely at risk, a source familiar with the research said, although the total number is not clear.

Because of the size of the market, it is likely that government officials are also at risk. The vulnerabilities are not limited to the U.S.

Researchers are expected to announce more details about the flaws later in the week.

Source: https://www.fifthdomain.com/show-reporters/black-hat/2018/08/07/manufacturing-bugs-allow-millions-of-phones-to-be-taken-over-dhs-project-to-announce/


Original Submission

Read more of this story at SoylentNews.

11:38

The Linux Benchmarking Continues On The Threadripper 2950X & 2990WX "IndyWatch Feed Tech"

While I haven't posted any new Threadripper 2950X/2990WX benchmarks since the embargo expired on Monday with the Threadripper 2 Linux review and some Windows 10 vs. Linux benchmarks, tests have continued under Linux -- as well as FreeBSD...

11:28

Former Microsoft Engineer Gets Prison for Role in Reveton Ransomware "IndyWatch Feed Tech"

A former Microsoft network engineer who was charged in April this year has now been sentenced to 18 months in prison after pleading guilty to money laundering in connection with the Reveton ransomware. Reveton malware is old ransomware, also known as scareware or police ransomware that instead of encrypting files locks the screen of victims computers and displays a message purporting to come

11:25

CodeWeavers Joins The Khronos Group Along With IKEA "IndyWatch Feed Tech"

In addition to the many technical accomplishments of Khronos this week at SIGGRAPH 2018, they were also celebrating the milestone of crossing 140 members to this industry standards group...

11:20

Antiquated Patenting Trick: Adding Words Like Apparatus to Make Abstract Ideas Look/Sound Like They Pertain to or Contain a Device "IndyWatch Feed Tech"

Apparatus

Summary: 35 U.S.C. 101 (Section 101) still maintains that abstract ideas are not patent-eligible; so applicants and law firms go out of their way to make their ideas seem as though theyre physical

THE examiners at the USPTO have been instructed (as per Section 101/Alice and examination guidelines) not to grant abstract patents, which include software patents. This means that applicants and the law firms whom they pay to game the system will go out of their way to rephrase things, making life harder for examiners.

RichmondBizSenses patent listings, published only a few hours ago, include Method and apparatus for context based data analytics (analysis or analytics using algorithms).

We certainly hope that examiners are clever enough to spot these tricks; the underlying algorithms do not depend on a device and arent strictly tied to any; they can run on any general-purpose computer.Notice how they titled it; apparatus is just the same old trick (like device) for making abstract ideas seem physical. Lawyers tricks like these fool the examiners. Device, at least in the EPO, is the weasel word quite often used to make patents look less as such (or per se as they phrase it in India). We certainly hope that examiners are clever enough to spot these tricks; the underlying algorithms do not depend on a device and arent strictly tied to any; they can run on any general-purpose computer.

Watchtrolls latest attack on 35 U.S.C. 101 (this time Jeremy Doerre again, for the second time in a week) shows that patent quality is the real threat to these maximalists/extremists. They dislike justice, love litigation, and Section 101 is therefore a threat to them. Maybe they will just attack SC...

11:14

Re: CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) "IndyWatch Feed Tech"

Posted by David T. on Aug 15

Is this the same as "SegmentSmack" that came out last week, CVE-2018-5390?
Or, what is the difference?

11:11

The Big Networking Update Sent In For Linux 4.19, Including 802.11ax Bits "IndyWatch Feed Tech"

David Miller sent in the networking subsystem updates today for the Linux 4.19 kernel merge window...

10:51

CSNC-2018-016 - ownCloud iOS Application - Cross-Site Scripting "IndyWatch Feed Tech"

Posted by Advisories on Aug 15

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: ownCloud iOS Application (owncloud.iosapp) [1]
# Vendor: ownCloud Gmbh
# CSNC ID: CSNC-2018-016
# CVE ID: N/A
# Subject: Cross-Site Scripting in ownCloud iOS Application's WebViews
# Risk: Low
# Effect:...

10:48

CSNC-2018-023 - Atmosphere Framework - Reflected Cross-Site Scripting (XSS) "IndyWatch Feed Tech"

Posted by Advisories on Aug 15

#############################################################
#
# COMPASS SECURITY ADVISORY
# https://www.compass-security.com/research/advisories/
#
#############################################################
#
# Product: Atmosphere [1]
# Vendor: Async-IO.org
# CSNC ID: CSNC-2018-023
# Subject: Reflected Cross-Site Scripting (XSS)
# Risk: High
# Effect: Remotely exploitable
# Author: Lukasz D. (advisories ()...

10:40

August 2018 Microsoft Patch Tuesday fixes two flaws exploited in attacks in the wild "IndyWatch Feed Tech"

Microsoft Patch Tuesday update for August 2018 addresses a total of 60 vulnerabilities, two of which are actively exploited in attacks in the wild.

After Adobe, also Microsoft released the Patch Tuesday update for August 2018 that addresses a total of 60 vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio.

19 remote code execution vulnerabilities are rated as critical and two flaws are being exploited in the wild at the time of release.

Microsoft has also addressed 39 important vulnerabilities, one moderate and one low in severity.

Lets start with the vulnerabilities exploited in attacks in the wild:

CVE-2018-8373 IE Scripting Engine Memory Corruption Vulnerability

The vulnerability affects Internet Explorer 9, 10 and 11, it was first disclosed last month by Trend Micro and affected all supported versions of Windows.

The flaw could be exploited by remote attackers to take control of the vulnerable systems by tricking victims into viewing a specially crafted website through Internet Explorer. The attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine.

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. reads the security advisory published by Microsoft.

An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

CVE-2018-8414  Windows Shell Remote Code Execution Vulnerability

The flaw is actively exploited in attacks in the wild, it resides in the Windows Shell and tied with the improper validation of file paths. An attacker can execute arbitrary code on the vulnerable system by tricking victims into opening a specially crafted file received via an email or a web page.

An attacker who successfully exploited this vulnerabil...

10:40

Top 10 Torrent Site iDope Goes Down With Domain Issues "IndyWatch Feed Tech"

In the summer of 2016, shockwaves rippled through the BitTorrent scene when KickassTorrents (KAT), the worlds most popular torrent site at the time, was forcefully shut down.

The action coordinated by the US government saw alleged KAT founder Artem Vaulin taken into custody. Meanwhile, millions of former users scrambled to find alternatives elsewhere on the Internet.

Unsurprisingly, many dispersed to existing torrent giants such as The Pirate Bay and RARBG but it didnt take long for new blood to enter the ecosystem. Soon after KATs demise, a new indexer called iDope made its debut, largely as a tribute to the dismantled torrent behemoth.

This project was developed the next day after we knew KAT was taken down, its very very new, and we are a very small team, so you wont find anything about it on the Internet, especially when we never promoted it decently, one of the sites operators said back in 2016.

We only intended to make simple products that everyone can enjoy, we dont make bucks out of it, and thus we promise no annoying pop-up ads.

In the months and years that followed, iDope gained a significant following and in January 2018, the relatively new site broke into TorrentFreaks annual round-up of the worlds most-visited torrent sites. With similar traffic to the equally popular Zooqle, iDope bagged itself a joint tenth position in the list.

During the past week, however, problems have hit the site. Without any warning, iDope which has operated very smoothly from the iDope.se domain since its launch went offline.

The sites Twitter and Facebook accounts have been dormant for some time and the recent downtime didnt result in any updates. Unfortunately, that vacuum has left people to speculate on what has caused the outage, from technical issues to problems with the authorities.

TorrentFreak contacted the last known email address associated with the iDope team expecting that to be dead too. Overnight, however, we received a response, one that leaves hope for a smooth return for the popular torrent index.

There are some problems with our domain idope.se, We are communicating with the domain provider. We believe it can be restored within a few days, TF was told.

While iDope was down, other domains that appeared to be clones or perhaps mirrors of iDope remained up, albeit with indexes a few days out of dat...

10:31

Open Invention Network (OIN) Member Companies Need to Become Unanimous in Opposition to Software Patents "IndyWatch Feed Tech"

OIN still going with the flow of millionaires and billionaires who fund it, not Free/libre software developers

Opposition

Summary: Opposition to abstract software patents, which even the SCOTUS and the Federal Circuit nowadays reject, would be strategically smart for OIN; but instead it issues a statement in support of a GPL compliance initiative

THE USPTO is still granting software patents, never mind if courts continue and persist in rejecting these. OIN still generally supports software patents, albeit shyly. It doesnt talk about that too much. Just look at the member companies of OIN, especially founding members; some of these companies actively pursue their own software patents and IBM is blackmailing companies with these.

OIN still generally supports software patents, albeit shyly.Yesterday OIN issued this press release [1, 2] under the title Open Invention Network Member Companies Unanimous in Support of GPL Cooperation Commitment and whats odd about it is that they talk about software licences rather than patent licences. The GPL is dealing with copyright (mostly), albeit GPLv3 indirectly deals with patents too. So its interesting that OIN now talks about the GPL rather than patent policy. From the opening paragraph:

Open Invention Network (OIN), the largest patent non-aggression community in history, announced today that its eight funding members Google, IBM, Red Hat, SUSE, Sony, NEC, Philips, Toyota ...

10:16

Hack Causes Pacemakers to Deliver Life-Threatening Shocks "IndyWatch Feed Tech"

Submitted via IRC for SoyCow1984

Life-saving pacemakers manufactured by Medtronic don't rely on encryption to safeguard firmware updates, a failing that makes it possible for hackers to remotely install malicious wares that threaten patients' lives, security researchers said Thursday.

At the Black Hat security conference in Las Vegas, researchers Billy Rios and Jonathan Butts said they first alerted medical device maker Medtronic to the hacking vulnerabilities in January 2017. So far, they said, the proof-of-concept attacks they developed still work. The duo on Thursday demonstrated one hack that compromised a CareLink 2090 programmer, a device doctors use to control pacemakers after they're implanted in patients.

Because updates for the programmer aren't delivered over an encrypted HTTPS connection and firmware isn't digitally signed, the researchers were able to force it to run malicious firmware that would be hard for most doctors to detect. From there, the researchers said, the compromised machine could cause implanted pacemakers to make life-threatening changes in therapies, such as increasing the number of shocks delivered to patients.

Source: https://arstechnica.com/information-technology/2018/08/lack-of-encryption-makes-hacks-on-life-saving-pacemakers-shockingly-easy/

Related: A Doctor Trying to Save Medical Devices from Hackers
Security Researcher Hacks Her Own Pacemaker
Updated: University of Michigan Says Flaws That MedSec Reported Aren't That Serious
Fatal Flaws in Ten Pacemakers Make for Denial of Life Attacks
After Lawsuits and Denial, Pacemaker Vendor Finally Admits its Product is Hackable
8,000 Vulnerabilities Found in Software to Manage Cardiac Devices
465,000 US Patients Told That Their Pacemaker Needs a Firmware Upgrade
...

10:00

Replacement Audi Plastics Thanks To 3D Printing "IndyWatch Feed Tech"

Old cars can be fun, and as long as you drive something that was once moderately popular, mechanical parts can be easy enough to come by. Things like filters, spark plugs, idle air solenoids theyre generally available for decades after a car is out of production as long as you know where to look. However, plastics can be much harder to come by. 20 to 30 years into a cars lifetime, and youll be hard pressed to find a radio surround or vent trim in as-new condition theyve all long ago succumbed to the sun and air like the cracked and discoloured piece in your own car. What is a hacker to do? Bust out the 3D printer, of course!

[Stephen Kraus] has developed a series of parts for his Audi, ready to print on the average home 3D printer. Theres the triple gauge mount which fits in the radio slot for that classic tuner look, to the printed wheel caps which are sure to come in handy after youve lost the originals. There are even useful parts for capping off the distributor if youre switching to a more modern ignition setup. [Stephen] also reports that his replacement shifter bushing printed in PLA has lasted over a year in normal use.

This is an excellent example of what 3D printers do best obscure, bespoke one-off parts with complex geometries are no trouble at all, and can be easily made at home. Weve seen this done to great effect before, too for example with this speedometer correction gear in an old truck.

09:52

President Battistelli Killed the EPO; Antnio Campinos Will Finish the Job "IndyWatch Feed Tech"

Reducing jobs, only months after outsourcing jobs at EU-IPO (sending these overseas to low-salaried staff, even in defiance of EU rules)

Closed

Summary: The EPO is shrinking, but this is being shrewdly disguised using terms like efficiency and a low-profile President who keeps himself in the dark

THE number of granted patents continues to decrease (a steady decline) at the USPTO, representing improvements (restrictions) imposed there by the courts. Well say a little more about that later.

These people dont care about scientists, whom they merely view/perceive as human resources (not to mention who has been put in charge of human resources).At the office in Munich, however, patent maximalism reigns supreme. The agenda has nothing to do with science and technology; the management lacks background in science and technology. The President is a former banker and his predecessor is a politician. These people dont care about scientists, whom they merely view/perceive as human resources (not to mention who has been put in charge of human resources). Its all about money. All. About. Money. Short-term gain. What doesnt count to them is the long-term survival of their company (its actually not a company but an institution with a monopoly, which should not strive for profits but instead serve public interests).

The official announcement is that target per examiner still increases, but the EPO shall have less examiners. Recruitment is halted and retirement shall not compensated.
      Mrpel
Anyway, Mrpel says that the EPO is closing shop. (thats her headline). It is not literally but metaphorically doing so; it was killed by Battistelli and his friend...

09:40

Foreshadow Attacks 3 New Intel CPU Side-Channel Flaws Discovered "IndyWatch Feed Tech"

2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks. Dubbed Foreshadow, alternatively called L1 Terminal Fault or L1TF, the new attacks include

09:20

Adobe August 2018 Patch Tuesday addresses 11 vulnerabilities in its products "IndyWatch Feed Tech"

Adobe released the August 2018 Patch Tuesday updates that address 11 vulnerabilities in Flash Player, the Creative Cloud Desktop Application, Experience Manager, and Acrobat and Reader.

Adobe August 2018 Patch Tuesday updates have addressed eleven vulnerabilities in eleven products, five of them in Flash Player.

Below vulnerability details:

Vulnerability Category Vulnerability Impact Severity CVE Number
Out-of-bounds read Information Disclosure Important CVE-2018-12824
Security bypass Security Mitigation Bypass Important CVE-2018-12825
Out-of-bounds read Information Disclosure Important CVE-2018-12826
Out-of-bounds read Information Disclosure Important CVE-2018-12827
Use of a component with a known vulnerability Privilege Escalation Important CVE-2018-12828

All the five security flaws fixed with the August 2018 Patch Tuesday updates have been rated as Important, the most serious one is a privilege escalation issue tracked as CVE-2018-12828 that can lead to arbitrary code execution.

Adobe has released security updates for Adobe Flash Player for Windows, macOS,...

09:04

Theo on the latest Intel issues "IndyWatch Feed Tech"

Theo de Raadt (deraadt@) posted to the tech@ mailing list with some background on how the latest discovered Intel CPU issues relate to OpenBSD.

Date: Wed, 15 Aug 2018 00:31:16 -0600
From: Theo de Raadt [elided]
To: tech@openbsd.org
Subject: CVE-2018-3615, CVE-2018-3620, CVE-2018-3646

These 3 issues all relate to a bug in Intel cpus

The cpu will speculatively honour invalid PTE against data in the
on-core L1 cache.  Memory disclosure occurs into the wrong context.

These 3 issues (CVE-2018-3615, CVE-2018-3620, CVE-2018-3646) together
are the currently public artifacts of this one bug.

Read more

09:00

Nuclear Fusion Updated project reviews "IndyWatch Feed Tech"

  

I must admit that after discovering just how easy it is to produce a 3D spiral wave able to induce electron decay in Dark Matter, my interest in fusion waned.  As i have posted before, we have all the energy we want for the taking and anywhere inside our galaxy at least.

These research programs remain as excellent work in understanding our physical limits and much is been learned so bravo still.

This item gives us an update and general summary of the ongoing work which has isolated several separate protocols and is attempting to drive them home.  I continue to like LLP simply because containment is not the issue.  The issue is unsurprisingly materials science.  It is also capable of been very compact, but after saying just that i would like to spend the heavy coin to scale it all up ten fold.  I do think that this design will perform much better as scale climbs.

That is exactly why we already have huge gravity ships that you do not know about although just too many folks have seen them pass at night.  Note that all UFO's are gravity ships at least and EM ships second in order to maneuver...

 

 Nuclear Fusion Updated project reviews

09:00

Trumps Prime Directive: Save American Culture From Maoist Forces "IndyWatch Feed Tech"



 

The one big problem faced by POTUS is that he has to fight several large wars. Common sense dictates that he must solve them essentially one at a time and completely at that.   Yet before all that it is also necessary to eliminate the DEEP STATE which is central to all these wars.  The DEEP STATE is waging a Maoist campaign against western culture itself and it has become obvious.

Intel from Q  has informed us regarding ongoing actions against the DEEP STATE. I now think that its demise is eminent.  I also think that the Midterms will be a smashing Trump victory.  Dem efforts have been tepid to date and leadership is AWOL.  This can give him real control of both house and congress and i also note a large number of GOP congressmen and senators are stepping out which can only mean Trump endorsed replacements.

Then expect a wall reform legislation including some form of single payer medicare in particular.  The cultural war will be suddenly reversed through the reform of education including the universities in particular.  Having avowed Maoists brainwashing the non STEM crowd has got to stop..






Trumps Prime Directive: Save the American Culture From the Maoist Forces Which Are Imposing Their Communist Will On America
 

Mao, despicable but effective. According to NYU Professor Rectanwald, Mao is the model that is being used to destroy our country.

...

09:00

Clinker built Viking ship DRAGON HARALD FAIRHAIR "IndyWatch Feed Tech"

Dragon Harald Fairhair: The construction of a Viking DragonShip


I was unaware that the Norwegians had actually built one of these and had really got it right as well.  a lot of good questions got answered herel.   This one was crafted inside of two years.  Watch all the videos in this post.

It was also build as large as likely ever built as well.  Now i want to see this scaled back to a more practical size, not least because this size comes in at 70 tons.  60 foot length and a 15 foot beam should get us down to under twenty tons.  Assume ten pairs of oars for a crew of forty or so.

This was surely typical of the usual long ship of the vikings.

Better yet it is light enough that sledging it becomes plausible.  Thinner planks would make a big difference there.

There is an excellent prospect for building a fleet of these smaller craft for sailing in Salish Sea between Vancouver and Vancouver Island's Cowichan Valley which was the likely site of the original Vinland.  It is clearly no trick to...

'Gargoyle' Sighting - South of Boston, MA "IndyWatch Feed Tech"













This time we got a good look without the face.  That the witness confirmed first impression of a gargoyle is important as he surely got it right.  This means not a bird and not a pterodactyl.  We have now had plenty of likely gargoyles and even some other actual IDs as well.

The Chupacabra is surely a gargoyle and there is plenty of game out there for a blood feed as well.  These creatures generally stay well clear of us and our animals though not always with a chicken coop and other small operations.  Larger operations really have way too much protection.

Again we have the Thunder Bird out there as well as the Chupacabra or Gargoyle and we also have a Pterodactyl also.  All these can sit down on a roof and will.
..




'Gargoyle' Sighting - South of Boston, MA

Friday, August 03, 2018

https://www.phantomsandmonsters.com/2018/08/gargoyle-sighting-south-of-boston-ma.html

The following account was posted at Reddit today, by the user named Decay_WithMe. I contacted the witness and received a bit more information:


I live 25 minutes south of Boston. About 6 months ago I saw this insane thing. It was about 3 AM, I had been up late as I normally am. I stepped outside to smoke a cigarette. It was dark as Hell except for the stars and moon. As I was smoking I heard this noise of something flying. I look up and see this winged creature land on my neighbor's roof and just sit there like a Gargoyle would. I thought I was seeing sh*t or seeing something wrong but then the creature jumped up and flew away and I could see its whole body. It was the size of a small human but massive wings. It reminded me of a Gargoyle. I don't know what the f**k I saw but it was crazy. Has anyone eve...

08:42

Home Depot Q2 2018 Results Shed Light on U.S. Economy "IndyWatch Feed Tech"

Home Depot's Sales Rebound Muted by Inflation in Fuel and Lumber

Home Depot Inc.'s sales rebounded last quarter as Americans took on more remodeling projects, but rising costs for lumber and transportation are weighing on profitability.

[...] Home Depot and its smaller rival Lowe's Cos. are often seen as proxies for the health of the housing sector because property owners spend more on their homes when they believe values are rising. But for several quarters there's been increasing concern that years of robust home-price gains are cooling. For its part, Home Depot has continually said that a shortage of available homes in many markets would actually underpin higher home-improvement spending.

[...] Even as the overall housing market looks to be cooling, several trends are driving demand for home-improvement products. A shortage of available listings has slowed property purchases, causing some owners to opt for sprucing up their homes instead. Additionally, more people are staying longer in their homes, which also supports the uptick.

The labor market also plays a role: A strong run of hiring, coupled with moderate wage growth, has boosted Americans' wherewithal to spend money on fixing up their homes. Spending on home improvement -- which accounts for about 38 percent of private residential construction outlays -- surged 13.8 percent in June from a year earlier to reach $221 billion, according to Commerce Department data. Going forward, the job market may continue to propel housing and remodeling demand. But potential hurdles include a pickup in mortgage rates, a shortage of skilled workers for building and remodeling projects, and rising costs for construction materials such as lumber, which is affected by tariffs.

Also at CNN and CNBC.


Original Submission

Read more of this story at SoylentNews.

08:05

FreeBSD Security Advisory FreeBSD-SA-18:11.hostapd "IndyWatch Feed Tech"

Posted by FreeBSD Security Advisories on Aug 14

=============================================================================
FreeBSD-SA-18:11.hostapd Security Advisory
The FreeBSD Project

Topic: Unauthenticated EAPOL-Key Decryption Vulnerability

Category: contrib
Module: wpa
Announced: 2018-08-14
Credits: Mathy Vanhoef of the imec-DistriNet research group of...

08:00

FreeBSD Security Advisory FreeBSD-SA-18:10.ip "IndyWatch Feed Tech"

Posted by FreeBSD Security Advisories on Aug 14

=============================================================================
FreeBSD-SA-18:10.ip Security Advisory
The FreeBSD Project

Topic: Resource exhaustion in IP fragment reassembly

Category: core
Module: inet
Announced: 2018-08-14
Credits: Juha-Matti Tilli from...

07:57

FreeBSD Security Advisory FreeBSD-SA-18:09.l1tf "IndyWatch Feed Tech"

Posted by FreeBSD Security Advisories on Aug 14

=============================================================================
FreeBSD-SA-18:09.l1tf Security Advisory
The FreeBSD Project

Topic: L1 Terminal Fault (L1TF) Kernel Information Disclosure

Category: core
Module: Kernel
Announced: 2018-08-14
Affects: All supported versions of FreeBSD.
Corrected:...

07:53

FreeBSD Security Advisory FreeBSD-SA-18:08.tcp "IndyWatch Feed Tech"

Posted by FreeBSD Security Advisories on Aug 14

=============================================================================
FreeBSD-SA-18:08.tcp Security Advisory
The FreeBSD Project

Topic: Resource exhaustion in TCP reassembly

Category: core
Module: inet
Announced: 2018-08-06
Credits: Juha-Matti Tilli from...

07:31

[slackware-security] openssl (SSA:2018-226-01) "IndyWatch Feed Tech"

Posted by Slackware Security Team on Aug 14

[slackware-security] openssl (SSA:2018-226-01)

New openssl packages are available for Slackware 14.2 and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/openssl-1.0.2p-i586-1_slack14.2.txz: Upgraded.
This update fixes two low severity security issues:
Client DoS due to large DH parameter.
Cache timing vulnerability in RSA Key Generation.
For more...

07:27

[SECURITY] [DSA 4272-1] linux security update "IndyWatch Feed Tech"

Posted by Salvatore Bonaccorso on Aug 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-4272-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 14, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2018-5391

CVE-2018-5391...

07:22

SpaceX preparing astronauts to return to space travel "IndyWatch Feed Tech"

We are not going to fly until we are ready to fly safely, said SpaceX Chief Operating Officer Gwynne Shotwell at the event Monday. We need to hit all the boxes and do everything we need to do to take astronauts from U.S. soil as often as NASA will let us.After SpaceX successfully completes Demo-2, NASA will certify the spacecraft and systems for regular crewed launches to the ISS, with astronauts Mike Hopkins and Victor Glover flying the first operational mission.

Even with all the safety precautions and testing, however, the astronauts remain aware that space flight is extremely hazardous.The only thing Im afraid of, said Glover, who is married and has four daughters, is not coming home to my family.

07:05

Tbx6 Revealed As Crucial To Heart And Skeleton Formation From Stem Cells "IndyWatch Feed Tech"

Many studies have attempted to identify a single transcription factor that can induce formation of the mesoderm, an early layer in embryonic development, without help from other cellular proteins. None have been successful, until now.

In a new study published in Cell Stem Cell, titled "Tbx6 Induces Nascent Mesoderm from Pluripotent Stem Cells and Temporally Controls Cardiac versus Somite Lineage Diversification," a research team, including experts from the University of Tsukuba, screened over 50 transcription factors and found that Tbx6 alone was able to stimulate mesoderm formation in laboratory-grown stem cells, and could cause those stem cells to become cardiovascular or musculoskeletal cells.

[...] In the study, temporary production of Tbx6 caused the formation of mesoderm that later produced cardiovascular cells, while continuous Tbx6 expression suppressed this cardiovascular-forming mesoderm and caused formation of mesoderm that later produced musculoskeletal cells.

"Our analyses revealed a connection between early Tbx6 expression and cardiovascular lineage differentiation, and we believe that our study and similar studies may change the current view of lineage specification during development," Dr. Ieda explains. "Importantly, this essential and unappreciated function of Tbx6 in mesoderm and cardiovascular specification is conserved from lower organisms to mammals, so this discovery may have wide-ranging applicability in regenerative medicine."

Tbx6 Induces Nascent Mesoderm from Pluripotent Stem Cells and Temporally Controls Cardiac versus Somite Lineage Diversification (DOI: 10.1016/j.stem.2018.07.001) (DX)


Original Submission

Read more of this story at SoylentNews.

07:00

Reinforce Happy Faces With Marshmallows And Computer Vision "IndyWatch Feed Tech"

Bing Crosby famously sang Just let a smile be your umbrella. George Carlin, though, said, Let a smile be your umbrella, and youll end up with a face full of rain. [BebBrabyn] probably agrees more with the former and used a Raspberry Pi with Open CV to detect a smile, a feature some digital cameras have had for a long time. This project however doesnt take a snapshot. It launches a marshmallow using a motor-driven catapult. We wondered if he originally tried lemon drops until too many people failed to catch them properly.

This wouldnt be a bad project for a young person as seen in the video below although you might have to work a bit to duplicate it. The catapult was upcycled from a broken kids toy. You might have to run to the toy store or rig something up yourself. Perhaps you could 3D print it or replace it with a trebuchet or compressed air.

In our darker moods, we can think of other things we might want to do upon detecting a smile, but that would sort of spoil the spirit of this light-hearted project. We were a little disappointed, though, that theres no automatic loading of the catapult. Perhaps that will be in phase two.

Wed be more likely to use the launcher for dog treats, but this is a great example of how easy it is to bake Open CV into a Pi project. Its certainly not as violent as the motion tracking air soft gun. If you want to have a go at replacing the catapult with a pneumatic cannon, you might start here.

05:33

Opportunity Rover Hasnt Woken Up and Engineers Are Getting Nervous "IndyWatch Feed Tech"

Submitted via IRC for cmn32480

NASA's Opportunity rover has had an incredible career already, spending years upon years studying the Martian surface and proving to be an incredibly reliable and hardy piece of hardware. Unfortunately, a NASA dust storm that began kicking up in May may have abruptly ended its historic run.

In mid-June, the solar-powered Opportunity ran out of juice and was forced to go into its dormant standby mode. The dust storm which swallowed the entirety of Mars had blocked out the Sun, cutting the rover off of its only available source of power. NASA engineers had remained optimistic that the rover would wake back up when the skies began to clear, but things aren't looking good thus far.

[...] That's...not great news. NASA knew that the rover would be forced to sit dormant for a while because of the intensity of the storm, but that was several weeks ago. The dust has since began to settle, and enough light should be pushing its way down to the surface to begin recharging Opportunity's batteries once again.

Source: NASA's Opportunity rover still hasn't woken up from a Mars dust storm, and engineers are getting nervous


Original Submission

Read more of this story at SoylentNews.

04:02

Intel Discloses a Speculative Execution Attack in Software Guard eXtensions (SGX) "IndyWatch Feed Tech"

Intel's SGX blown wide open by, you guessed it, a speculative execution attack

Another day, another speculative execution-based attack. Data protected by Intel's SGXdata that's meant to be protected even from a malicious or hacked kernelcan be read by an attacker thanks to leaks enabled by speculative execution.

Since publication of the Spectre and Meltdown attacks in January this year, security researchers have been taking a close look at speculative execution and the implications it has for security. All high-speed processors today perform speculative execution: they assume certain things (a register will contain a particular value, a branch will go a particular way) and perform calculations on the basis of those assumptions. It's an important design feature of these chips that's essential to their performance, and it has been for 20 years.

Read more of this story at SoylentNews.

04:00

A Radar Module Teardown And Measuring Fan Speed The Hard Way "IndyWatch Feed Tech"

If you have even the slightest interest in microwave electronics and radar, youre in for a treat. The Signal Path is back with another video, and this one covers the internals of a simple 24-GHz radar module along with some experiments that we found fascinating.

The radar module that [Shahriar] works with in the video below is a CDM324 that can be picked up for a couple of bucks from the usual sources. As such it contains a lot of lessons in value engineering and designing to a price point, and the teardown reveals that it contains but a single active device. [Shahriar] walks us through the layout of the circuit, pointing out such fascinating bits as capacitors with no dielectric, butterfly stubs acting as bias tees, and a rat-race coupler thats used as a mixer. The flip side of the PCB has two arrays of beam-forming patch antennas, one for transmit and one for receive. After a few simple tests to show that the center frequency of the module is highly variable, he does a neat test using gimbals made of servos to sweep the signal across azimuth and elevation while pointing at a receiving horn antenna. This shows the asymmetrical nature of the beam-forming array. He finishes up by measuring the speed of a computer fan using the module, which has some interesting possibilities in data security as well as a few practical applications.

Even though [Shahriar]s video tend to the longish side, he makes every second count by packing in a lot of material. He also makes complex topics very approachable, like whats inside a million-dollar oscilloscope or diagnosing a wonky 14-GHz spectrum analyzer.

03:42

Amazing New Brain Map of Every Synapse Points to the Roots of Thinking "IndyWatch Feed Tech"

There are more synapses in a human brain than there are stars in the galaxy. The brain is the most complex object we know of and understanding its connections at this level is a major step forward in unravelling its mysteries, said lead author Dr. Seth Grant at the Center for Clinical Brain Sciences.


Imagine a map of every single star in an entire galaxy. A map so detailed that it lays out what each star looks like, what theyre made of, and how each star is connected to another through the grand physical laws of the cosmos.

While we dont yet have such an astronomical map of the heavens, thanks to a momentous study published last week in Neuron, there is now one for the brain.

If every neuron were a galaxy, then synapsessmall structures dotted along the serpentine extensions of neuronsare its stars. In a technical tour-de-force, a team from the University of Edinburgh in the UK constructed the first detailed map of every single synapse in the mouse brain.

03:15

Pennsylvania Report Details Decades of Sexual Abuse by Priests "IndyWatch Feed Tech"

Via: Reuters: Roman Catholic priests in Pennsylvania sexually abused thousands of children over a 70-year period and silenced victims through the weaponization of faith and a systematic cover-up campaign by their bishops, the state attorney general said on Tuesday. An 884-page report made public by Pennsylvania Attorney General Josh Shapiro after a two-year investigation contained []

03:14

Twitter blocks Alex Jones from tweeting for a week "IndyWatch Feed Tech"

Twitter has blocked right-wing conspiracy theorist Alex Jones from tweeting on his personal account for one week after one of his posts violated the platforms policies.A Twitter spokesperson confirmed to The Hill that Jones's account will...

02:38

NEW 'Off The Wall' ONLINE "IndyWatch Feed Tech"

NEW 'Off The Wall' ONLINE

Posted 15 Aug, 2018 0:38:41 UTC

The new edition of Off The Wall from 14/08/2018 has been archived and is now available online.

02:23

Researcher accurately determines energy difference between two quantum states "IndyWatch Feed Tech"

A kiwi physicist has discovered the energy difference between two quantum states in the helium atom with unprecedented accuracy, a ground-breaking discovery that contributes to our understanding of the universe and space-time and rivals the work of the worlds most expensive physics project, the Large Hadron Collider.

Our understanding of the universe and the forces that govern it relies on the Standard Model of particle physics. This model helps us understand space-time and the fundamental forces that hold everything in the universe in place. It is the most accurate scientific theory known to humankind.

But the Standard Model does not fully explain everything, for example it doesnt explain gravity, dark matter, dark energy, or the fact that there is way more matter than antimatter in the universe.

02:23

Scientists find way to make mineral which can remove CO2 from atmosphere "IndyWatch Feed Tech"

Scientists have found a rapid way of producing magnesite, a mineral which stores carbon dioxide. If this can be developed to an industrial scale, it opens the door to removing CO2 from the atmosphere for long-term storage, thus countering the global warming effect of atmospheric CO2. This work is presented at the Goldschmidt conference in Boston.

Scientists are already working to slow by removing dioxide from the atmosphere, but there are serious practical and economic limits on developing the technology. Now, for the first time, researchers have explained how magnesite forms at low temperature, and offered a route to dramatically accelerating its crystallization. A tonne of naturally-occurring magnesite can remove around half a tonne of CO2 from the atmosphere, but the rate of formation is very slow.

Project leader, Professor Ian Power (Trent University, Ontario, Canada) said:

02:23

Einsteins equivalence principle updated with a dash of quantum "IndyWatch Feed Tech"

New, highly sensitive experiments required to find potential violations.

02:22

The Perfect Can Wait: Good Solutions to the Drone Swarm Problem "IndyWatch Feed Tech"

The nearly successful drone assassination attempt on Venezuelan President Nicolas Maduro earlier this month highlighted yet again a persistent worry for U.S. defense planners: the possibility that a swarm of cheap drone-borne bombs might overwhelm the sophisticated defenses a U.S. base or ship. While the defense industry has seized upon this concern and is currently at work developing new high-tech solutions to this problem, the Department of Defense cant rely on those alone. It makes sense to develop such solutions, but the Department of Defense procurement process is long and the threat is now. With a little ingenuity, there is much that can be done with existing technology to defend effectively against drone threats. Accordingly, this article focuses on the measures the Department of Defense can employ now, with existing technology, to mitigate the threat of drone swarms.

The Current Problem

The drone swarm threat to U.S. naval installations and ships is already quite serious. Only a small amount of explosives and shrapnel would be required to cause significant damage to many of the most important radars, cameras, and important flight systems on ships, missiles, and aircraft. Damaging critical equipment would put military platforms out of action for several weeks or even months and put intense pressure on naval logistics chains and maintenance organizations at a time when they are already hard pressed to keep up with current demands. Even more importantly, such an attack orchestrated on a grand scale could leave U.S. forces unable to respond to critical events around the world in sufficient time to fulfill U.S. defense commitments to allies and friends.

02:22

This Two Billion Year-Old Natural Reactor May Hold The Key To Safe Nuclear Waste Disposal "IndyWatch Feed Tech"

By studying the particular geological conditions found in a two-billion-year-old natural nuclear reactor scientists are hoping to find a safe way to dispose of our modern radioactive waste.

02:21

Lawsuit Claims the ACT Sells Students Disability Data to Colleges "IndyWatch Feed Tech"

Submitted via IRC for SoyCow1984

Students are suing a major college admissions test maker for allegedly selling information about their disability statuses with universities, which they say could hurt their chances at getting into schools and impact the rest of their lives.

When students register to take the ACTa standardized test used for college admissions taken by more than a million high schoolers each yearthey answer a barrage of personal questions. As part of this, they are asked to note if they have disabilities that require "special provisions from the educational institution."

The ACT, which is administered by ACT, Inc., is the only real competitor to the College Board's SAT exam. The lawsuit claims that the ACT is selling the data it gleans from those student questionnairesconnected directly to students' individual identitiesto colleges, which then use it to make important decisions about admissions and financial aid.

"A lot of students and parents have no idea how these testing agencies, which are gatekeepers to college, are using very sensitive and confidential data in the college admissions process," Jesse Creed, one of the plaintiffs' lawyers, told me in a phone call. "[Colleges are] hungry for disability data, because they have limited resources, and it's expensive to educate people with disabilities."

Source: https://motherboard.vice.com/en_us/article/43pbep/lawsuit-claims-the-act-sells-students-disability-data-to-colleges


Original Submission

Read more of this story at SoylentNews.

02:13

Updated Vega 20 Open-Source Driver Patches Posted, Including PSP & PowerPlay Support "IndyWatch Feed Tech"

Back in May AMD posted initial open-source "Vega 20" patches and support for that yet-to-launch graphics processor was subsequently merged for the Linux 4.18 kernel. More of the Vega 20 AMDGPU kernel driver enablement has now been posted...

02:00

HPR2618: Yesod - First Impressions "IndyWatch Feed Tech"

First place to start is probably Yesods web site at: https://www.yesodweb.com/ Often recommended environment for developing Haskell programs is Stack: https://docs.haskellstack.org/en/stable/README/ My road to Haskell started with Learn You a Haskell for Great Good: http://learnyouahaskell.com/ and going through lecture notes of CIS 194: http://www.seas.upenn.edu/%7Ecis194/spring13/lectures.html

01:30

Help Send EFF to SXSW 2019 "IndyWatch Feed Tech"

Want to see the Electronic Frontier Foundation at the annual SXSW conference and festival in 2019? Help us get there by voting for our panels in the SXSW Panel Picker!

Every year, the Internet has a chance to choose what panels will be featured at the event. Were asking friends and fans to take a moment to vote for us.

Here's how you can help EFF:

  1. Visit the Panel Picker site and login or register for a new account.
  2. Click each of the links below.
  3. Click the Vote up button on the left of the page, next to the panel description.
  4. Share this blog post!
    Suggested tweet: Help @EFF get to SXSW! You can vote in SXSW's Panel Picker: https://www.eff.org/deeplinks/2018/08/help-send-eff-sxsw-2019

Here are the panels with EFF staff membersplease upvote!

With four exciting panel proposals on subjects from combating misinformation on the web to a discussion of whether or not science-fiction is doing a good job at talking about AI, you can help us keep SXSW as an incubator of cutting-edge technologies and digital creativity, and also as a place where experts discuss what those technologies mean for digital rights.

Here is more info on the panels were hoping to join:

8-Bit Policies in a 4K World: Adapting Law to Tech

The speed at which technology is de...

01:28

Power Management Updates Land In The Linux 4.19 Kernel "IndyWatch Feed Tech"

Intel's Rafael Wysocki has submitted the ACPI and power management updates today for the Linux 4.19 kernel which were subsequently merged by Linus Torvalds...

01:19

Microsoft ADFS flaw allows attackers to bypass MFA safeguards "IndyWatch Feed Tech"

A vulnerability (CVE-2018-8340) in Microsoft Active Directory Federation Services (ADFS) allows a second authentication factor for one account to be used for all other accounts in an organization, Okta REX Security Engineer Andrew Lee has discovered. By employing some simple phishing and leveraging the flaw, an attacker could compromise accounts belonging to other employees or executives and access sensitive information through a variety of company resources. About the vulnerability (CVE-2018-8340) and possible attacks Many organizations More

The post Microsoft ADFS flaw allows attackers to bypass MFA safeguards appeared first on Help Net Security.

01:01

Foreshadow: The Sky Is Falling Again for Intel Chips "IndyWatch Feed Tech"

Its been at least a month or two since the last vulnerability in Intel CPUs was released, but this time its serious. Foreshadow is the latest speculative execution attack that allows balaclava-wearing hackers to steal your sensitive information. You know its a real 0-day because it already has a domain, a logo, and this time, theres a video explaining in simple terms anyone can understand why the sky is falling. The video uses ukuleles in the sound track, meaning its very well produced.

The Foreshadow attack relies on Intels Software Guard Extension (SGX) instructions that allow user code to allocate private regions of memory. These private regions of memory, or enclaves, were designed for VMs and DRM.

How Foreshadow Works

The Foreshadow attack utilizes speculative execution, a feature of modern CPUs most recently in the news thanks to the Meltdown and Spectre vulnerabilities. The Foreshadow attack reads the contents of memory protected by SGX, allowing an attacker to copy and read back private keys and other personal information. There is a second Foreshadow attack, called Foreshadow-NG, that is capable of reading anything inside a CPUs L1 cache (effectively anything in memory with a little bit of work), and might also be used to read information stored in other virtual machines running on a third-party cloud. In the worst case scenario, running your own code on an AWS or Azure box could expose data that isnt yours on the same AWS or Azure box. Additionally, countermeasures to Meltdown and Spectre attacks might be insufficient to protect from Foreshadown-NG

The researchers behind the Foreshadow attacks have talked with Intel, and the manufacturer has confirmed Foreshadow affects all SGX-enabled Skylake and Kaby Lake Core processors. Atom processors with SGX support remain unaffected. For the Foreshadow-NG attack, many more processors are affected, including second through eighth generation Core processors, and most Xeons. This is a significant percentage of all Intel CPUs currently deployed. Intel has released a security advisory detailing all the affected CPUs.

00:49

A New, Highly Effective And Selective Molecule To Fight Malaria "IndyWatch Feed Tech"

A novel laboratory-synthesized molecule, based on natural compounds known as marinoquinolines found in marine gliding bacteria, is a strong candidate for the development of a new antimalarial drug.

In tests, the molecule proved capable of killing even the strain that resists conventional antimalarials. The molecule displays low toxicity and high selectivity, acting only on the parasite and not on other cells of the host organism.

The molecule was developed in Brazil at the Center for Research and Innovation in Biodiversity and Drug Discovery (CIBFar). The researchers tested the molecule in strains cultured in vitro as well as in mice using Plasmodium berghei, since mice are immune to infection by Plasmodium falciparum, which causes the most aggressive type of malaria.

"In mice, the number of parasites in the bloodstream (parasitemia) had fallen 62 percent by the fifth day of the test. After 30 days, all the mice given doses of the molecule were still alive," said Rafael Guido, a professor at the University of So Paulo's So Carlos Physics Institute (IFSC-USP).

Guido co-authors an article published in the Journal of Medicinal Chemistry, in which the researchers describe the molecule's inhibitory action in the blood and liver stages of the parasite's asexual cycle, which is responsible for the signs and symptoms of the disease.

Read more of this story at SoylentNews.

00:13

Hillicon Valley: Omarosa drops bombshell claim about Trump, WikiLeaks | Dems turn up heat over fake FCC cyberattack | Uber hires ex-NSA official to improve security | FBI boosts cyber team "IndyWatch Feed Tech"

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers),...

00:10

Tesla creates committee to assess Musk proposal to go private "IndyWatch Feed Tech"

Tesla has created a special committee to consider taking the company private. The move, announced on Tuesday, follows a tweet from CEO Elon Musk last week saying that he had secured funding to take Tesla private at $420 a share, valuing it at $...

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Tuesday, 14 August

23:44

Twiddling Youtube; or, I mean, Innovations in Machine Learning "IndyWatch Feed Tech"

I mean, weve all been annoyed when we set up our USB monitor in our hallway that displays weather data, and then we decided to show videos from Youtube that somehow relate to the music thats playing our apartment; weve dreamed of having something like the following catch our eyes when passing by on the way to the kitchen.

Oh, what a marvellous dream we all had, but then it turned out that most of the videos that vaguely matched the song titles turn out to be still videos.

So many still photo videos. So very many.

I mean, this is a common problem, right? Something we all have?

Right?...

23:31

xf86-video-v4l X.Org Driver Sees First New Release In A Decade "IndyWatch Feed Tech"

The xf86-video-v4l v0.3.0 driver was announced today as the first new release for this DDX driver in ten years...

23:17

Astronomers Discover Supermassive Black Hole In An Ultracompact Dwarf Galaxy "IndyWatch Feed Tech"

A team of scientists from the Faculty of Physics and Sternberg State Astronomical Institute, MSU, leading an international collaboration with members from Europe, Chile, the U.S. and Australia discovered a supermassive black hole in the center of the Fornax galaxy. The results of the research were published in Monthly Notices of the Royal Astronomical Society journal.

Fornax UCD3 is a part of a Fornax galaxy cluster and belongs to a very rare and unusual class of galaxies, ultracompact dwarfs. The mass of such dwarf galaxies reaches several dozen millions of solar masses, and the radius does not typically exceed 300 light years. This ratio between mass and size makes UCDs the densest stellar systems in the universe.

"We have discovered a supermassive black hole in the center of Fornax UCD3. The black hole mass is 3.5 million that of the sun, similar to the central black hole in our own Milky Way," explained Anton Afanasiev, the first author of the article, a student of the department of the Faculty of Physics, MSU.

[...] The black hole discovered by the authors is the fourth ever to be found in UCDs and corresponds to 4 percent of the total galaxy mass. In average galaxies, this ratio is considerably lower (about 0.3 percent). Though there are few known examples, the existence of massive black holes in UCDs is a strong argument for the tidal origin of such galaxies. According to this hypothesis, an average-sized galaxy passed a bigger and more massive one at a certain stage of its evolution, and as a result of the influence of tidal forces, lost the majority of its stars. The remaining compact nucleus has become what we know as an ultracompact dwarf.

"To be able to say with complete assurance that this hypothesis is correct, we need to discover more supermassive black holes in UCDs. This is one of the prospects of this work.

Moreover, a similar methodology may be applied to more massive and less dense compact elliptical galaxies. In one of our next works, we will study the population of central black holes in objects of this kind," concluded the scientist.


Original Submission

Read more of this story at SoylentNews.

22:35

[$] CVE-2018-5390 and "embargoes" "IndyWatch Feed Tech"

A kernel bug that allows a remote denial of service via crafted packets was fixed recently and the resulting patch was merged on July 23. But an announcement of the flaw (which is CVE-2018-5390) was not released until August 6a two-week window where users were left in the dark. It was not just the patch that might have alerted attackers; the flaw was publicized in other ways, as well, before the announcement, which has led to some discussion of embargo policies on the oss-security mailing list. Within free-software circles, embargoes are generally seen as a necessary evil, but delaying the disclosure of an already-public bug does not sit well.

22:32

CVE-2018-5391: Linux kernel: IP fragments with random offsets allow a remote denial of service (FragmentSmack) "IndyWatch Feed Tech"

Posted by Vladis Dronov on Aug 14

Heololo,

A flaw named FragmentSmack was found in the way the Linux kernel handled
reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could
use this flaw to trigger time and calculation expensive fragment reassembly
algorithms by sending specially crafted packets which could lead to a CPU
saturation and hence a denial of service on the system.

External References:

https://www.kb.cert.org/vuls/id/641765...

22:30

Bad news conspiracy theorists. QAnon codes are just a guy mashing his keyboard "IndyWatch Feed Tech"

The codes in Qs posts arent actual codes, but instead just random typing by someone who might play an instrument and uses a qwerty keyboard, says password expert.

22:00

All the Badges of DEF CON 26 (vol 1) "IndyWatch Feed Tech"

Two or three years back you would see a handful of really interesting unofficial badges at DEF CON. Now, theres a deluge of clever, beautiful, and well executed badges. Last weekend I tried to see every badge and meet every badge maker. Normally, I would publish one megapost to show off everything I had seen, but this year Im splitting it into volumes. Join me after the break for the first upload of the incredible badges of DC26!

Telephreak Eleven Badge

...

21:58

Libinput 1.12 RC2 Continues Working On Improving Linux Touchpad Behavior "IndyWatch Feed Tech"

We've known libinput 1.12 is going to be a significant release and that's still holding true in looking at the second release candidate for this Wayland/X.Org input handling library...

21:45

When's A Backdoor Not A Backdoor? When The Oz Government Says It Isn't "IndyWatch Feed Tech"

Australia's promised not-a-backdoor crypto-busting bill is out and the government has kept its word - it doesn't want a backdoor, just the keys to your front one.

The draft of The Assistance and Access Bill 2018 calls for anyone using or selling communications services in Australia will be subject to police orders for access to private data.

That includes all vendors of computers, phones, apps, social media and cloud services in the Lucky Country, and anyone within national borders using them. These data-tapping orders will be enforced with fines of up to AU$10m (US$7.3m) for companies or $50,000 ($36,368) for individuals

The draft legislation also wants five years in prison for anyone who reveals a data-slurping investigation is going on. And while there's no explicit encryption backdoor requirements in the 110 page draft bill, our first look suggests there doesn't need to be.


Original Submission

Read more of this story at SoylentNews.

21:42

How Did The Mayans Disappear? Researchers Think They Finally Know "IndyWatch Feed Tech"

Sediment samples from Lake Chichancanab in Mexico show that annual rainfall decreased by more than 50 percent at the end of Mayan civilization.

21:22

"Citizens Police Academies" are used to improve community relations and influence voters "IndyWatch Feed Tech"


A recent article in KSFY revealed that the Lincoln County Sheriff's Office is training citizens to act like cops.

Because that is what America needs right now, more police.

These 'citizen cops' go through a ten-week training program called "Citizens Academy" which teaches them to take part in fingerprinting, shooting a taser, A.L.I.C.E. training and much more.

In Great Falls, Montana, Citizen Academy attendees can be tasered by the police.

"Along with learning so much attendees also get to ride with an officer, see a homicide investigation, be Tased (or just watch)."

A.L.I.C.E. training is an acronym for 'Alert, Lockdown, Inform, Counter, Evacuate' or Active Shooter Civilian Response techniques.

Why are police training citizens and corporations in active shooter drills?

A.L.I.C.E. training reduces corporate liability


At approximately 2:45 minutes into the video, the ALICE Institute reveals that active shooter training reduces an organization's liability.

Citizens are also trained to conduct mock traffic stops.

21:00

SolvedByData SSD Shared, Reseller Hosting & VPSs from $3/year! "IndyWatch Feed Tech"

Taylor from SolvedByData has submitted their very first offer to LowEndBox today. They are offering deals on their Shared, Reseller and OpenVZ based services out of Los Angeles and New York. Give them a try and let us know what you think about them so!

Their WHOIS is public, and you can find their ToS/Legal Docs here. They accept PayPal, Credit Cards, Alipay and Cryptocurrency (bitcoin and altcoins) as payment methods.

Heres what they had to say: 

SolvedByData provides purpose built hosting for mission critical sites, applications, stores, forums, and more. Our performance tuned platform takes the worry and guesswork out of hosting.

With SolvedByData, we provide hassle-free hosting, with a get-it-done attitude so you can focus on growing your business. With so many hosting companies to choose from, we at SolvedByData want to make this decision as easy and clear to you as possible. We believe in building long term business relationships with our customers, and we do that by understanding your needs and following through with that understanding. With our years of industry experience, we know what it takes in order to get you up and running, and keep you online every step of the way. You can always rely on SolvedByData day and night.

Heres the offers: 
** After your order, open a ticket and request *one* of the following freebies **

DOUBLE BANDWIDTH OR FREE MONTH EXTENSION

SHARED 20GB

  • 20GB SSD Space
  • 750GB Bandwidth
  • 2 Domains
  • DDoS Protection
  • cPanel/Softaculous
  • LiteSpeed/CloudLinux
  • Free Migrations
  • New York Datacenter
  • $3/yr
  • [ORDER]

SHARED 150GB

  • 150GB SSD Space...

20:42

What would it take to become a trillionaire? "IndyWatch Feed Tech"

Apple has crossed over into the four-comma club what would it take for a person to do the same?

20:36

Microsoft Releases Patches for 60 FlawsTwo Under Active Attack "IndyWatch Feed Tech"

Get your update caps on. Just a few minutes ago Microsoft released its latest monthly Patch Tuesday update for August 2018, patching a total of 60 vulnerabilities, of which 19 are rated as critical. The updates patch flaws in Microsoft Windows, Edge Browser, Internet Explorer, Office, ChakraCore, .NET Framework, Exchange Server, Microsoft SQL Server and Visual Studio. Two of these

20:30

DIY Wind Turbine for Where the Sun Doesnt Shine "IndyWatch Feed Tech"

There are plenty of places outside where you may like to have a project requiring electricity that may not get enough sun for solar power to be viable. Perhaps wind power could be used instead? [Greg] has a project to create a platform for using a small wind turbine to generate the power for your projects.

The wind turbine that [Greg] designing is a Savonius-style wind turbine that would put out between 5 and 12 volts. In a Savonius turbine, blades are mounted on a vertical axis allowing for a smaller, less complicated build than traditional horizontal axis wind turbines. The design is named for its inventor, Finnish engineer Sigurd Johannes Savonius.

After doing some research, the design will have a 2:1 height to blade ratio and use three pairs of overlapping curved blades stacked on top of each other, each pair offset by 120 degrees. This design, [Greg] figures, will come within a few percentage points of the efficiency of more exotic blade shapes while making the windmill easy to design and implement. Being half cylinders, the blades can easily be made from existing objects cut in half pop cans, for example, but there has been some designing the blades in Fusion 360 for 3D printing. The stator board has been designed and the initial prototypes of it and the rotor have arrived, so the testing can now commence.

Once the design is finalized and the prototype working, itd be interesting to see some projects start showing up using wind power instead of solar power. Take a look at this design for a vertical wind turbine, and this design for a simple, straightforward turbine.

The HackadayPrize2018 is Sponsored by:

19:59

[$] Meltdown strikes back: the L1 terminal fault vulnerability "IndyWatch Feed Tech"

The Meltdown CPU vulnerability, first disclosed in early January, was frightening because it allowed unprivileged attackers to easily read arbitrary memory in the system. Spectre, disclosed at the same time, was harder to exploit but made it possible for guests running in virtual machines to attack the host system and other guests. Both vulnerabilities have been mitigated to some extent (though it will take a long time to even find all of the Spectre vulnerabilities, much less protect against them). But now the newly disclosed "L1 terminal fault" (L1TF) vulnerability (also going by the name Foreshadow) brings back both threats: relatively easy attacks against host memory from inside a guest. Mitigations are available (and have been merged into the mainline kernel), but they will be expensive for some users.

19:51

How Militaries Should Plan for AI "IndyWatch Feed Tech"

Today we are publishing a new EFF white paper, The Cautious Path to Strategic Advantage: How Militaries Should Plan for AI. This paper analyzes the risks and implications of military AI projects in the wake of Google's decision to discontinue AI assistance to the US military's drone program and adopt AI ethics principles that preclude many forms of military work.

The key audiences for this paper are military planners and defense contractors, who may find the objections to military uses of AI from Google's employees and others in Silicon Valley hard to understand. Hoping to bridge the gap, we urge our key audiences to consider several guiding questions. What are the major technical and strategic risks of applying current machine learning methods in weapons systems or military command and control? What are the appropriate responses that states and militaries can adopt in response? What kinds of AI are safe for military use, and what kinds aren't?

Militaries must make sure they don't buy into the machine learning hype while missing the warning label.

We are at a critical juncture. Machine learning technologies have received incredible hype, and indeed they have made exciting progress on some fronts, but they remain brittle, subject to novel failure modes, and vulnerable to diverse forms of adversarial attack and manipulation. They also lack the basic forms of common sense and judgment on which humans usually rely.[1]

Militaries must make sure they don't buy into the machine learning hype while missing the warning label. There's much to be done with machine learning, but plenty of reasons to keep it away from things like target selection, fire control, and most command, control, and intelligence (C2I) roles in the near future, and perhaps beyond that too.

The U.S. Department of Defense and its counterparts have an opportunity to show leadership and move AI technologies in a direction that improves our odds of security, peace, and stability in the long runor they could quickly push us in the opposite direction. We hope this white paper will help them chart the former course.

Part I i...

19:46

Apple argued building was worth $200 not $1B to lower tax bill "IndyWatch Feed Tech"

Apple argued that buildings it owned around Cupertino, Calif., where it is headquartered, were only worth $200 instead of the $1 billion tax assessors deemed in 2015, according to appeals reviewed by the San Francisco Chronicle.The report...

19:43

Latest Apple Release to Defeat Browser Fingerprinting in Safari "IndyWatch Feed Tech"

Browser fingerprinting is where JavaScript or other means are used to scrape uniquely identifying information from the browser metadata and functions such as how it draws a canvas object. In it's latest release Apple will defeat browser fingerprinting by making all Mac users look alike to advertisers and websites that use fingerprinting to track users. Apple can afford to do this as it doesn't have skin in the online advertising game.

[This is likely only going to be for the Safari browser. - Ed]


Original Submission

Read more of this story at SoylentNews.

19:25

Xen Security Advisory 272 v2 - oxenstored does not apply quota-maxentity "IndyWatch Feed Tech"

Posted by Xen . org security team on Aug 14

Xen Security Advisory XSA-272

oxenstored does not apply quota-maxentity

UPDATES IN VERSION 2
====================

Ammend patch to reference XSA-272 in the commit message.

Public release.

ISSUE DESCRIPTION
=================

The logic in oxenstored for handling writes depended on the order of
evaluation of expressions making up a tuple.

As indicated in section 7.7.3...

19:24

PUBG: NetEase Masks Its Copyright Infringement With Game Updates "IndyWatch Feed Tech"

PlayerUnknowns Battlegrounds (PUBG) is without a doubt one of hottest games at the moment.

The success earned the company hundreds of millions of dollars, which inspired other developers to create similar games.

Some of these games are too similar, according to PUBG.

To protect its financial interests, the company, therefore, decided to take the developer of two alleged spinoffs to court. PUBG sued the Chinese company NetEase, the makers of Rules of Survival and Knives Out, accusing it of copyright infringement.

While NetEase readily admitted that its games operate in the same genre, it refuted the copyright infringement claims. Last month the company filed a motion to dismiss the lawsuit, describing it as an attempt to monopolize the popular battle royale genre.

This motion triggered a response from PUBG this week, in which it describes NetEases defense as baseless.

Defendants attack on PUBGs complaint is baseless. PUBG is not seeking to monopolize the popular battle royale genre of video games, instead, it seeks to protect its creative expression of unique and distinctive elements within its BATTLEGROUNDS game, PUBG writes.

NetEase argued that the infringement claims are unfounded, pointing at several elements that are clearly different. However, PUBG clearly disagrees, noting that individual elements and the overall selection and combination of these elements were copied.

Those distinctive and protectable elements have been blatantly copied by Defendants in not one, but two, competing games, the company writes.

NetEases defense also summed up a variety of elements that were clearly different in their games.

This is a non-issue according to PUBG, as copyright infringement is based on similarities between works. This means that the differences between the games provide no defense.

In addition, PUBG notes that this argument is improper, as many of the cited differences were introduced in updates that came out after the lawsuit was filed.

[M]any of Defendants claimed dissimilarities are a fallacy, strategically inserted by Defendants after this lawsuit was filed, in a clear attempt to mask Defendants blatant infringement, PUBG writes.

The developer provides several examples of Rules of Survival changes that were added after the complaint was filed. These range from changes to optimize the gameplay to the addition of...

19:24

Xen Security Advisory 271 v2 (CVE-2018-14007) - XAPI HTTP directory traversal "IndyWatch Feed Tech"

Posted by Xen . org security team on Aug 14

Xen Security Advisory CVE-2018-14007 / XSA-271

XAPI HTTP directory traversal

UPDATES IN VERSION 2
====================

Public release.

ISSUE DESCRIPTION
=================

XAPI has an unauthenticated HTTP endpoint update/ which exports the
contents of /var/update for other hosts to use.

However, the resolution of . and .. in paths is performed before url
unquoting is...

19:22

Xen Security Advisory 270 v2 - Linux netback driver OOB access in hash handling "IndyWatch Feed Tech"

Posted by Xen . org security team on Aug 14

Xen Security Advisory XSA-270

Linux netback driver OOB access in hash handling

UPDATES IN VERSION 2
====================

Public release.

ISSUE DESCRIPTION
=================

Linux's netback driver allows frontends to control mapping of requests
to request queues. When processing a request to set or change this
mapping, some input validation was missing or flawed....

19:21

Xen Security Advisory 269 v2 - x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS "IndyWatch Feed Tech"

Posted by Xen . org security team on Aug 14

Xen Security Advisory XSA-269

x86: Incorrect MSR_DEBUGCTL handling lets guests enable BTS

UPDATES IN VERSION 2
====================

Public release.

ISSUE DESCRIPTION
=================

The DEBUGCTL MSR contains several debugging features, some of which virtualise
cleanly, but some do not. In particular, Branch Trace Store is not
virtualised by the processor, and software has...

19:19

Xen Security Advisory 268 v2 - Use of v2 grant tables may cause crash on ARM "IndyWatch Feed Tech"

Posted by Xen . org security team on Aug 14

Xen Security Advisory XSA-268

Use of v2 grant tables may cause crash on ARM

UPDATES IN VERSION 2
====================

Public release.

ISSUE DESCRIPTION
=================

ARM never properly implemented grant table v2, either in the
hypervisor or in Linux.

Unfortunately, an ARM guest can still request v2 grant tables; they
will simply not be properly set up, resulting in...

19:18

Uber taps former NSA official to head security team "IndyWatch Feed Tech"

Uber announced Tuesday that it has named Matt Olsen, a former National Counterterrorism Center director and National Security Agency (NSA) general counsel, as its new chief security officer.Olsen, who served as the counterterrorism head...

19:17

Xen Security Advisory 273 v1 (CVE-2018-3620,CVE-2018-3646) - L1 Terminal Fault speculative side channel "IndyWatch Feed Tech"

Posted by Xen . org security team on Aug 14

Xen Security Advisory CVE-2018-3620,CVE-2018-3646 / XSA-273

L1 Terminal Fault speculative side channel

ISSUE DESCRIPTION
=================

In x86 nomenclature, a Terminal Fault is a pagetable walk which aborts
due to the page being not present (e.g. paged out to disk), or because
of reserved bits being set.

Architecturally, such a memory access will result in a page fault
exception, but some processors will speculatively...

19:10

L1 Terminal Fault - The Latest Speculative Execution Side Channel Attack "IndyWatch Feed Tech"

Details are still light but a new vulnerability is coming out called the L1 Terminal Fault. It's been described as a "train-wreck" and is another big deal in the security space as the latest speculative side-channel attack vector...

19:07

Turning off Location History doesnt prevent Google from knowing your location "IndyWatch Feed Tech"

If you believe that by turning off Location History on your Android device or iPhone means that Google wont be able to know your location, think again: Princeton University researchers have confirmed Google services store users location regardless of those settings. The research was performed on behalf of Associated Press, whose interest was piqued by a blog post by a graduate researcher at UC Berkeley, who noticed that her Android phone prompted her to rate More

The post Turning off Location History doesnt prevent Google from knowing your location appeared first on Help Net Security.

19:01

Behind The Pin: Logic Level Outputs "IndyWatch Feed Tech"

There is one thing that unites almost every computer and logic circuit commonly used in the hardware hacking and experimentation arena. No matter what its age, speed, or internal configuration, electronics speak to the world through logic level I/O. A single conductor which is switched between voltage levels to denote a logic 1 or logic zero. This is an interface standard that has survived the decades from the earliest integrated circuit logic output of the 1960s to the latest microcontroller GPIO in 2018.

The effect of this tried and true arrangement is that we can take a 7400 series I/O port on an 8-bit microcomputer from the 1970s and know with absolute confidence that it will interface without too much drama to a modern single-board computer GPIO. When you think about it, this is rather amazing.

Its tempting to think then that all logic level outputs are the same, right? And of course they are from a certain viewpoint. Sure, you may need to account for level shifting between for example 5V and 3.3V families but otherwise just plug, and go, right? Of course, the real answer isnt quite that simple. There are subtle electrical differences between the properties of I/O lines of different logic and microcontroller families. In most cases these will never be a problem at all, but can rear their heads as edge cases which the would-be experimenter needs to know something about.

Consider the Voltage

...

18:57

Google parent invests $375M in ObamaCare startup Oscar "IndyWatch Feed Tech"

Googles parent company, Alphabet, is investing $375 million in Oscar Health, a startup health insurance company seeking to redefine the industry by using technology and data. The infusion of funding from the parent of a major technology giant is a...

18:33

Millions of Android Devices At Risk of Man-in-the-disk Attack "IndyWatch Feed Tech"

By Waqas

Thanks to Ignorant App Developers At Defcon 2018, we have so far witnessed many innovative forms of compromising devices including electoral voting machines. However, this latest revelation Man-in-the-disk Attack is quite surprising and to a great extent concerning for Android users. According to researchers at CheckPoint security firm, the new attack method dubbed as Man-in-the-disk []

This is a post from HackRead.com Read the original post: Millions of Android Devices At Risk of Man-in-the-disk Attack

18:30

A Lot Of Spectre Changes Land In The Linux 4.19 Git Tree, Possible Performance Impact "IndyWatch Feed Tech"

"The Speck [Spectre slang, not to be confused with the controversial NSA algo] brigade sadly provides yet another large set of patches destroying the perfomance which we carefully built and preserved," began the latest x86/pti pull request by kernel maintainer Thomas Gleixner...

18:27

Links 14/8/2018: Virtlyst 1.2.0, Blender 2.8 Planning Update, Zorin OS 12.4, FreeBSD 12.0 Alpha "IndyWatch Feed Tech"

GNOME bluefish

Contents

GNU/Linux

  • Kernel Space

    • XArray Proposed For Merging In The Linux 4.19 Kernel

      Matthew Wilcox who most recently has been employed by Microsoft is looking to get the new XArray data structure added to the Linux 4.19 kernel.

      Earlier this year Wilcox was hoping for XArray in Linux 4.17 but that didnt pan out but he believes it is ready for Linux 4.19. XArray is intended to eventually replace the radix tree data structure in the Linux kernel. XArrays advantages include locking support as part of its design, memory not being pre-loaded, and page cache improvements in using XArray.

    • Btrfs Gets Fixes & Low-Level Improvements With Linux 4.19

      David Sterba of SUSE sent in the Btrfs file-system updates today for the Linux 4.19 kernel merge window.

      The most noticeable change with Btrfs for Linux 4.19 is that it now supports defragging opened read-only files that have read-write permissions. Btrfs in Linux 4.19 is also carrying some validation improvements, error code handling improvements, tree checker improvements, some fsync fixes, a possible deadlock fix, resetting the on-disk device stats value after replacing a drive, and a variety of other code clean-up...

18:21

House Dems press FCC chairman for answers on false cyberattack claim "IndyWatch Feed Tech"

Democratic lawmakers are putting heat on Federal Communications Commission (FCC) Chairman Ajit Pai over a recent inspector general (IG) report that found the agency falsely claimed it had suffered a cyberattack that briefly took down its electronic...

18:17

Free and fast ways to turn your favorite YouTube videos into MP3 files "IndyWatch Feed Tech"

Dont you just love the feeling of lying around and listening to music or watching your favorite singers videos on YouTube? It would be great if you could have their music with you all the time and listen to it without requiring an Internet connection. If you really like a song, you could turn it into a ringtone and thus, make your phone sound like your idol.

There are different programs which can help you convert videos from YouTube to MP3s

Those who want to turn their favorite videos into MP3 files need to start looking for an online converter. You will find a lot of these tools available for free download. Since there are a lot of options, its hard to know which is the right one. Another concern could be represented by the idea that you dont know much about hardware and you wont be able to set up the new program by yourself.

In this case, you dont have any reason to worry. Apart from the fact that YouTube converter installment is not brain surgery, we have compiled a list of the most popular programs dedicated to this process. Music fans from around the world are using them and their positive feedback determined us to mention these programs further in this article.

Legal matters

Before we start, we should mention an important detail. Downloading videos from YouTube is legal under certain terms and conditions. Firstly, its totally safe, secure and legal to download your own footages. In this case, you have to have created and uploaded the content to your personal account.

Secondly, nobody will sue you if you have a written permission for downloading their videos. On the other hand, if you want to get files from the public domain you dont need any permission, but make sure that is the case before proceeding.

YouTube to MP3 converters are not just simple apps

Like we mentioned before, you dont have to be a tech guru for using programs dedicated to turning YouTube videos into MP3 files. The following examples have been chosen from a long list and are safe, fast, easy to install and use and, above all, free.
1. VLC Media Player dedicated to Windows operating systems;
2. Audacity suitable for Windows, Linux and macOS;
3. GenYouTube the fastest way to convert YouTube videos to MP3 files;
4. YoutubeMP3.to its features are similar to GenYouTube, but users can customize the videos quality while converting them;
5. MediaHuman YouTube to MP3 Converter suitable to Windows, Mac and Ubuntu operating systems;
6. YouMp34 Android App it is dedicated to downloading videos from YouTube directly to an Android Phone or tablet;
7. Documents iPhone App suitable for iPhone users...

18:11

Defense in depth -- the Microsoft way (part 57): all the latest MSVCRT installers allow escalation of privilege "IndyWatch Feed Tech"

Posted by Stefan Kanthak on Aug 14

Hi @ll,

about 6 weeks ago, Microsoft updated their MSKB article
<<a href="https://support.microsoft.com/en-us/help/2977003/the-latest-supported-visual-c-downloads" rel="nofollow">https://support.microsoft.com/en-us/help/2977003/the-latest-supported-visual-c-downloads>,
listing the current/lastest downloads of their MSVCRT alias
Microsoft Visual C++ Redistributable for Visual Studio 201x

Guess what Microsoft used to build the executable installers
offered on that page: COMPLETELY outdated versions 3.7.3813.0
(and before) of Wix Toolset, which NOBODY...

18:11

Aboard The ISS, Researchers Investigate Complex Dust Behavior In Plasmas "IndyWatch Feed Tech"

[...] PK-4 is a collaboration between the European Space Agency and the Russian State Space Corporation "Roscosmos" to investigate complex plasmas. Complex or dusty plasmas contain electrons, ions and neutral gas, as well as microparticles such as dust grains. The microparticles become highly charged in the plasma and interact strongly with each other, which can lead to liquid or even crystalline behavior within the complex plasma. The most important property of such a system is that investigations of physical phenomena can be performed on the individual (micro-) particle level allowing new insights into fluid and solid-state physics.

[...] In the experiment, a microparticle cloud drifted in a plasma with a constant direct current and formed self-excited wave patterns. After that, the discharge polarity was reversed. Although the field strength was nearly identical for both discharge polarities, the wave patterns exhibited bifurcations: A new wave crest formed between the two old crests in the head of the microparticle cloud.

"The most interesting finding was the velocity of these waves strongly depends on the electric field, which is exciting the waves," said Mikhail Pustylnik, an author on the paper. "We expect to encounter these types of waves in astrophysical situations where you might have dust -- in a cometary tail, for example."

"Many plasma processes are also used in the semiconductor industry," Pustylnik said. Dust poses big challenges for the semiconductor industry because particles may damage a silicon wafer during manufacturing. Starting this fall, the researchers are planning additional experiments that will vary the range of electric fields by switching the polarity of the discharge.


Original Submission

Read more of this story at SoylentNews.

18:05

How WeChat Filters Images for One Billion Users "IndyWatch Feed Tech"

With over 1 billion monthly users, WeChat boasts the title of most popular chat application in China and the fourth largest in the world. However, a new report by Citizen Lab researchers reveals exactly how the platform is able to censor images sent by these billion users.

Building on previous research which shows that WeChat censors sensitive images, this new report demonstrates the technical underpinnings of how this censorship operates. Specifically, findings show that WeChat uses two different algorithms to filter images: an Optical Character Recognition (OCR)-based approach that filters images containing sensitive text and a visual-based one that filters images that are visually similar to those on an image blacklist.

Most censorship research has thus far focused on measuring website blocking or censorship of chat, posts, and other text media, says report author Jeffrey Knockel. As images become an increasingly large component of how we communicate online, we need to also have a good understanding of how image censorship is implemented.

And evidence suggests that images are gaining favour among WeChat users. In a recent study, images ranked as the most preferred type of message shared on WeChat Moments (similar to Facebooks Timeline feature), beating out text-based posts and short videos.

Understanding how the industry leader conducts censorship of different content formats offers us some insights into the trend of censorship and direction of future research, says report author Lotus Ruan.

To evaluate how image censorship functions, Citizen Lab researchers devised a series of tests that revealed the ways in which filters would reject or allow images in Moments. They discovered that the OCR-based algorithm has details common to many standard OCR algorithms in that it converts images to grayscale and uses blob merging to consolidate characters. Additionally, they found that the visual-based algorithm is not based on any machine learning approach that uses high level classification of an image to determine whether it is sensitive or not.

...

18:01

Looking Forward To Electromagnetic Field 2018 "IndyWatch Feed Tech"

There is an air of excitement among the hackerspaces of Europe, because this month is hacker camp season. In Denmark they have Bornhack beginning on Thursday, in Italy IHC was held earlier in the month, while here in the UK we are looking forward to Electromagnetic Field. Were excited be at Eastnor Castle for Electromagnetic Field at the cusp of August and September for several days under canvas surrounded by our communitys best and brightest work. Well even have a Hackaday Readers Village this year!

If youve never been to a hacker camp before, this is one thats not to be missed. Technically this is camping, but where every structure from the smallest tent upwards has mains power and gigabit Ethernet. Its the equivalent of a music festival if you replace the music with technology and other cool stuff from our world. There are talks on a huge variety of fascinating subjects, the chance to see up close some of the things youll have read about here on Hackaday, and best of all, a significant proportion of Europes hackerspace communities all together in one place. They are a uniquely stimulating and exciting environment.

Hackaday Readers Village Among the Highlights

...

17:58

CVE-2018-14722: btrfsmaintenance: Code execution "IndyWatch Feed Tech"

Posted by Marcus Meissner on Aug 14

Hi,

SUSE employee Fabian Vogt has found a shell code injection issue in the "btrfsmaintenance" tools.

https://bugzilla.suse.com/show_bug.cgi?id=1102721

Mounting btrfs images with a label including shell injection characters could cause
the cron jobs (running as root) to execute the include shellcode.

Our proposed fix attached to this email.

bad image can be created with:
mkfs.btrfs --label "`/evil/command`'...

17:43

An 11-Year-Old Changed Election Results On a Replica Florida State Website in Under 10 Minutes "IndyWatch Feed Tech"

Via: PBS: An 11-year-old boy on Friday was able to hack into a replica of the Florida state election website and change voting results found there in under 10 minutes during the worlds largest yearly hacking convention, DEFCON 26, organizers of the event said. Thousands of adult hackers attend the convention annually, while this year []

17:39

Key Reuse opens to attacks on IPsec IKE, Cisco, Huawei, ZyXEL products are affected "IndyWatch Feed Tech"

Security expert demonstrated that reusing a key pair across different versions and modes of IPsec IKE open the doors to attacks. Many vendors are affected

Security researchers from the University of Opole in Poland and the Ruhr-University Bochum in Germany have devised a new attack technique that allows cracking encrypted communications.

The products of several vendors, including Cisco, Huawei, ZyXEL, and Clavister, are vulnerable to the attack.

The experts will present their findings this week at the 27th USENIX Security Symposium, meantime they have released a research paper.

In this paper, we show that reusing a key pair across different versions and modes of IKE can lead to cross-protocol authentication bypasses, enabling the impersonation of a victim host or network by attackers. We exploit a Bleichenbacher oracle in an IKEv1 mode, where RSA encrypted nonces are used for authentication. reads the paper.

Using this exploit, we break these RSA encryption based modes, and in addition break RSA signature-based authentication in both IKEv1 and IKEv2.

The experts focused their analysis on the impact of key reuse on Internet Protocol Security (IPsec). IPsec is used for virtual private networks (VPNs). The cryptographic key for IPsec leverages the Internet Key Exchange (IKE) protocol, which has two versions, IKEv1 and IKEv2.

The experts have also described an offline dictionary attack against the PSK (Pre-Shared Key) based IKE modes, thus covering all available authentication mechanisms of IKE.

The researchers found Bleichenbacher oracles in the IKEv1 implementations of Cisco (CVE-2018-0131), Huawei (CVE2017-17305), Clavister (CVE-2018-8753), and ZyXEL (CVE-2018-9129).

Major vendors, including Cisco, Huawei and ZyXEL have published security advisories for this vulnerability.

The Ciscos advisory describes the issue as an issue in the implementation of RSA-encrypted nonces in the IOS and IOS XE software.  A remote unauthenticated attacker can obtain the encrypted nonces of an IKEv1 session by sending specially crafted ciphertexts to the targeted system.

A vulnerability in the implementation of RSA-encrypted nonces in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session. reads the advisory published by Cisco....

17:32

Google tracks Android, iPhone users location even with location history turned off "IndyWatch Feed Tech"

Google tracks your movements even when location services are disabled

Many of us turn off location services on our smartphones so that we can avoid being tracked. But what if you get to know that in spite of taking this precaution, Google tracks you everywhere.

According to an Associated Press report released Monday, Google services is storing users location data on Android devices and iPhones even if you have privacy settings explicitly set to not do it. These findings were confirmed by computer-science researchers at Princeton on APs request.

In fact, Googles own support page encourages user autonomy to decide what information to share. You can turn off Location History at any time. With Location History off, the places you go are no longer stored, reads the companys privacy page. However, even with Location History turned off, some Google apps automatically store time-stamped location data without permission, the AP found.

For instance, every time you use an app like Google Maps for navigating, the company asks permission to access your location information on its app. However, this isnt true, as AP found that Google tracks your location even when you have paused Location History on your mobile devices.

For example, Google stores a snapshot of where you are when you merely open its Maps app. Automatic daily weather updates on Android phones pinpoint roughly where you are, the AP explains.

And some searches that have nothing to do with location, like chocolate chip cookies, or kids science kits, pinpoint your precise latitude and longitudeaccurate to the square footand save it to your Google account.

In order to completely turn off location tracking, users must adjust settings in web and app activity, and not only location services. For those unaware, web and app activity is a setting that is enabled by default and stores a variety of information from Google apps and sites to your Google account. Despite turning off web and app activity and location services, it is still difficult to avoid the phone from recording users locations, according to the report.

Google Admits Tracking Users Location

Google issued the following statement in response to APs investigation:

There are a number of different ways that Google may use location...

17:22

Our Families Succumb "IndyWatch Feed Tech"

Everyone can find plenty of examples from his or her own life of what aging is doing to us all.


A few days ago, I wrote an article while on a plane. Im an expat, and I was flying back to my home country. Im now in my hometown, where I lived until I was 18. I come back here only seldom, and the last time I visited was four years ago.

For the vast majority of the time I lived at my parents house, I was a child. My most vivid memories of the place are from my childhood, when everything looked so much larger. So, even though I did live here as a grown-up as well, every time I come back here after years of absence, every room in the house looks far less spacious. Things have changed a bit since I left. Furniture has changed place and function; ornaments and knick-knacks have been moved, added, or removed; predictably, even the town has changed somewhat over the years.

What has changed the most, though, are the people.

17:20

Adobe releases important security patches for its 4 popular software "IndyWatch Feed Tech"

Adobe has released August 2018 security patch updates for a total of 11 vulnerabilities in its products, two of which are rated as critical that affect Adobe Acrobat and Reader software. The vulnerabilities addressed in this month updates affect Adobe Flash Player, Creative Cloud Desktop Application, Adobe Experience Manager, Adobe Acrobat and Reader applications. None of the security

17:19

Hack the Marine Corps bug bounty program kicks off "IndyWatch Feed Tech"

The U.S. Department of Defense (DoD) and HackerOne launched the Departments sixth bug bounty program, Hack the Marine Corps. The bug bounty challenge will focus on Marine Corps public-facing websites and services in order to harden the defenses of the Marine Corps Enterprise Network (MCEN). The bug bounty program will conclude on August 26, 2018. The Marine Corps bug bounty program kicked off with a live-hacking event in Las Vegas, Nev. on August 12, 2018 More

The post Hack the Marine Corps bug bounty program kicks off appeared first on Help Net Security.

17:02

R&D Special Report: Federally Funded Research Labs "IndyWatch Feed Tech"

Concept art: Air Force

National Defense magazine asked research laboratories involved in national security programs: What is your organizations number one R&D big bet, (in other words: a high-risk, high-reward technology investment) that you believe will have the biggest payoff for those in the military or national security realm? Why? And in what ways do you think it will benefit the end users?

17:01

Leather Working with a 3D Printer "IndyWatch Feed Tech"

No, you cant print in leather at least not yet. But [Make Everything] has a tutorial about how to produce a custom leather embossing jig with a 3D printer. From a 3D printing point of view, this isnt very hard to do and you might want to skip over the first six minutes of the video if youve done 3D printing before.

The real action is when he has the 3D print completed. He glues the stamp down to some wood and then fits the assembly to a vise that hell use as a press. After wetting the leather, the wood and 3D printed assembly sandwiches the piece and the vise applies pressure for ten minutes. He did make the leather a bit oversized to make alignment more forgiving. After the embossing is complete, he trims it out.

If you are experienced with leather, this probably isnt a revelation. But if you are not wise in the ways of tanned animal hide, this is an easy way to add a capability to your workshop using nothing more than what you already probably have. All you need is some leather.

If you decide you want to go all out working with textiles, we can help you. Weve actually seen 3D-printing done for leather book covers before, although the technique is quite a bit different as the plastic stays in and the text is outset.

16:57

Faxploit: Hackers can use Fax machines to inject malware into a targeted network "IndyWatch Feed Tech"

By Waqas

Think twice before sharing your fax number with someone. Many corporations provide their fax number in the contact information page on the websites. After all, it is considered completely harmless to share fax number with other information like the email address or phone number. However, it turns out that the fax number is also exploitable []

This is a post from HackRead.com Read the original post: Faxploit: Hackers can use Fax machines to inject malware into a targeted network

16:56

Security updates for Tuesday "IndyWatch Feed Tech"

Security updates have been issued by Arch Linux (thunderbird), Debian (gdm3 and samba), openSUSE (cgit and lxc), SUSE (grafana, kafka, logstash, openstack-monasca-installer and samba), and Ubuntu (gdm3 and libarchive).

16:51

Social Mapper Finds Social Media Profiles Using Only A Photo "IndyWatch Feed Tech"

Social Mapper This Free Tool Lets You Track People Across Social Media

Researchers at Trustwave, a company that provides ethical hacking services, have made it easier for penetration testers and red teamers to search for social media profiles. It has released an open source intelligence tool called Social Mapper that uses facial recognition to compare social media profiles across different sites based on a name and picture. This software tool is aimed at facilitating social engineering attacks.

Social Mapper automatically locates profiles on social media sites, such as Facebook, Instagram, LinkedIn, Google+, Vkontakte and microblogging websites like Weibo and Douban. Automated searching of profiles can be performed much faster and for many people simultaneously.

Performing intelligence gathering is a time-consuming process, it typically starts by attempting to find a persons online presence on a variety of social media sites. While this is an easy task for a few, it can become incredibly tedious when done at scale. Trustwave states in a blog post.

Introducing Social Mapper an open source intelligence tool that uses facial recognition to correlate social media profiles across a number of different sites on a large scale. Trustwave, which provides ethical hacking services, has successfully used the tool in a number of penetration tests and red teaming engagements on behalf of clients.

How does Social Mapper work?

Social Mapper doesnt require API access to social networks. On the basis of the requirement, the Social Mapper first prepares a list of targeted people for processing. It then uses names and photos as input to scan social media profiles online. The software tool then generates reports in the form of spreadsheets, which include profile information like photos, emails, etc. Based on provided names and photos, it takes approximately 60-70 seconds to scan one profile. It takes no less than 15 hours for searching details of 1,000 people.

Social Mapper takes an automated approach to searching popular social media sites for names and pictures of individuals to accurately detect and group a persons presence, outputting the results into a report that a human operator can quickly review.

How to install Social Mapper

Social Mapper is written in Python and runs on Linux, chromeOS (Developer Mode), Windows, and Mac. However, before installing Social Mapper,...

16:51

Intel Publishes New DRM Driver For Their Arria 10 FPGA System "IndyWatch Feed Tech"

An Intel engineer has published the "Intel FPGA Video and Image Processing Suite" DRM driver today for Linux. This Direct Rendering Manager is intended for use with their Arria 10 FPGA system when combined with Intel DisplayPort IP...

16:47

Def Con 26 Voting Village Sees an 11-Year-Old Crack a Voting Machine "IndyWatch Feed Tech"

Another item from Def Con 26, which ended the other day, an 11-year-old was easily able to change tallies on real electronic voting equipment within minutes. These machines are designed not to leave any evidence when tampering happens so it was useful that there were many witnesses present for her demo.

Election hackers [sic] have spent years trying to bring attention to flaws in election equipment. But with the world finally watching at DEFCON, the world's largest hacker conference, they have a new struggle: pointing out flaws without causing the public to doubt that their vote will count.

This weekend saw the 26th annual DEFCON gathering. It was the second time the convention had featured a Voting Village, where organizers set up decommissioned election equipment and watch hackers [sic] find creative and alarming ways to break in. Last year, conference attendees found new vulnerabilities for all five voting machines and a single e-poll book of registered voters over the course of the weekend, catching the attention of both senators introducing legislation and the general public. This year's Voting Village was bigger in every way, with equipment ranging from voting machines to tabulators to smart card readers, all currently in use in the US.

In a room set aside for kid hackers [sic], an 11-year-old girl hacked a replica of the Florida secretary of state's website within 10 minutes and changed the results.

Earlier on SN:
Georgia Defends Voting System Despite 243-Percent Turnout in One Precinct
South Carolina's 13k Electronic Voting Machines Vulnerable, Unreliable
Top Voting Machine Vendor Admits It Installed Remote-Access Software on Systems Sold to States


Original Submission

Read more of this story at SoylentNews.

16:42

Renewable Energy Could Basically Be Free by 2030, According to New Analysis "IndyWatch Feed Tech"

A research analyst at Swiss investment bank UBS believes the cost of energy renewables could be so near to zero by 2030 it will effectively be free, according to a projections published on Monday. If renewables could soon be cheaper than all the alternative energy sources, and that this is great news for the planet, and probably also for the economy.

The analysis, published in the Financial Times, explains that solar and wind farms are getting bigger, and that the potential of this sort of cheap, green energy is far-reaching and will only get cheaper. In 2010, using solar power to boil your kettle would have cost you about 0.03, the analyst writes in FT. By 2020, according to estimates by our research team at UBS, the cost will have fallen to half a penny. And just ten years later, the costs will be so minuscule, it will practically be free.

See also: 7 Massive Corporations Going Green to Boost Their Bottom Lines.

16:41

X41 D-Sec GmbH Security Advisory X41-2018-005: Multiple Vulnerabilities in Apple smartcardservices "IndyWatch Feed Tech"

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-005

Multiple Vulnerabilities in Apple smartcardservices
===================================================

Overview
--------
Confirmed Affected Versions: e3eb96a6eff9d02497a51b3c155a10fa5989021f
Confirmed Patched Versions: 8eef01a5e218ae78cc358de32213b50a601662de
Vendor: Apple
Vendor URL: https://smartcardservices.github.io/
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL:...

16:40

X41 D-Sec GmbH Security Advisory X41-2018-002: Multiple Vulnerabilities in OpenSC "IndyWatch Feed Tech"

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-002

Multiple Vulnerabilities in OpenSC
==================================

Overview
--------
Confirmed Affected Versions: 0.18.0
Confirmed Patched Versions: possibly 0.19.0
Vendor: OpenSC
Vendor URL: https://github.com/OpenSC/OpenSC
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/

Summary and Impact
------------------...

16:38

X41 D-Sec GmbH Security Advisory X41-2018-003: Multiple Vulnerabilities in pam_pkcs11 "IndyWatch Feed Tech"

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-003

Multiple Vulnerabilities in pam_pkcs11
======================================

Overview
--------
Confirmed Affected Versions: 0.6.9
Confirmed Patched Versions: -
Vendor: Unmaintained
Vendor URL: https://github.com/OpenSC/pampkcs11
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL:
https://www.x41-dsec.de/lab/advisories/x41-2018-003-pampkcs11/

Summary and Impact
------------------...

16:37

X41 D-Sec GmbH Security Advisory X41-2018-004: Multiple Vulnerabilities in Yubico libykneomgr "IndyWatch Feed Tech"

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-004

Multiple Vulnerabilities in Yubico libykneomgr
==============================================

Overview
--------
Confirmed Affected Versions: 0.1.9
Confirmed Patched Versions: -
Vendor: Yubico / Depreciated
Vendor URL: https://www.yubico.com/
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL:
https://www.x41-dsec.de/lab/advisories/x41-2018-004-libykneomgr/

Summary and Impact...

16:31

X41 D-Sec GmbH Security Advisory X41-2018-001: Multiple Vulnerabilities in Yubico Piv "IndyWatch Feed Tech"

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-001

Multiple Vulnerabilities in Yubico Piv
======================================

Overview
--------
Confirmed Affected Versions: 1.5.0
Confirmed Patched Versions: 1.6.0
Vendor: Yubico
Vendor URL: https://www.yubico.com/
Vendor Advisory URL: https://www.yubico.com/support/security-advisories
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL:...

16:30

New Sound Hardware Support & Other Improvements Playing In Linux 4.19 "IndyWatch Feed Tech"

SUSE's Takashi Iwai sent in the pull request this morning of the sound subsystem updates for the Linux 4.19 kernel and it includes a lot of new hardware support and other improvements for Linux's audio capabilities...

16:27

[SECURITY] [DSA 4271-1] samba security update "IndyWatch Feed Tech"

Posted by Salvatore Bonaccorso on Aug 14

-------------------------------------------------------------------------
Debian Security Advisory DSA-4271-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
August 14, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : samba
CVE ID : CVE-2018-10858 CVE-2018-10919...

16:04

Diversity Empowerment Summit Highlights Importance of Allies "IndyWatch Feed Tech"

Diversity and inclusion are hot topics as projects compete to attract more talent to power development efforts now as well as build their ranks to carry the projects into the future. The Diversity Empowerment Summit co-located with Open Source Summit coming up in Vancouver August 29-31, will offer key insights to help your project succeed in these endeavors.

16:04

Big CIFS/SMB3 Improvements Head To Linux 4.19 "IndyWatch Feed Tech"

Linus Torvalds has merged a rather significant set of patches for improving the CIFS/SMB3 support in the mainline kernel...

16:01

Virgin Orbit Readies First Launch "IndyWatch Feed Tech"

Ever since the Pan Am Space Clipper first slid into frame in 1968s 2001: A Space Odyssey, the world has been waiting for the day that privately funded spaceflight would become as routine as air travel. Unfortunately, its a dream thats taken a bit longer to become reality than many would have hoped. The loss of Challenger and Columbia were heartbreaking reminders that travel amongst the stars is not for the faint of heart or the ill-equipped, and pushed commercial investment in space back by decades.

Although Pan Am has since folded, we now have a number of companies working hard towards making the dream of commercial spaceflight a reality. SpaceX and Rocket Lab have shown private companies developing and operating their own orbital class vehicles is a concept no longer limited to science fiction. Now that private industry has a foot in the door, more companies are coming forward with their own plans for putting their hardware into orbit. In many ways were seeing the dawn of a second Space Race.

If all goes according to plan, a new challenger should be entering the ring in the very near future. Scheduled to perform their first test launch before the end of the year, Virgin Orbit (a spin-off of the passenger carrying Virgin Galactic) promises to deliver small payloads to Earth orbit fast...

15:59

Accenture forms strategic alliance, invests in Chinese AI start-up Malong Technologies "IndyWatch Feed Tech"

Accenture has formed a strategic alliance with and made an investment in Malong Technologies, an artificial intelligence (AI) start-up headquartered in Shenzhen, China. Through the alliance, Accentures Applied Intelligence practice and Malong will offer computer vision and product recognition capabilities to clients worldwide. The alliance gives Accenture an AI presence in China and forms part of its wider regional growth strategy. Malongs product recognition and auto-tagging technology, ProductAI, lets machines see physical objects the way More

The post Accenture forms strategic alliance, invests in Chinese AI start-up Malong Technologies appeared first on Help Net Security.

15:58

Zscaler receives FedRAMP authorization for a Zero Trust remote access platform "IndyWatch Feed Tech"

Zscaler announced that Zscaler Private Access-Government (ZPA-Government), its application access platform, meets the Federal Risk and Authorization Management Program (FedRAMP) Moderate security requirements and was granted Authority to Operate (ATO) by the Federal Communications Commission (FCC). FedRAMP Authorization enables Zscaler to expand its sales pursuit of Federal market share. FedRAMP is a federal program which assures a standardized, government-wide approach to security assessment, authorization, and continuous monitoring for cloud products and services. With this milestone, More

The post Zscaler receives FedRAMP authorization for a Zero Trust remote access platform appeared first on Help Net Security.

15:58

Samsung announces new SmartThings mesh Wi-Fi system "IndyWatch Feed Tech"

In an effort to eliminate the Wi-Fi buffering zone and prevent streaming latency, Samsung announced its new SmartThings Wifi mesh network system. Equipped with AI-based mesh Wi-Fi technology from Plume and a built-in SmartThings Hub, the system delivers an optimized whole home network with the added value of complete smart home control throughout every room of the home. Reliable and secure Wi-Fi is a need for consumers today, and internet use is no longer limited More

The post Samsung announces new SmartThings mesh Wi-Fi system appeared first on Help Net Security.

15:51

X41 D-Sec GmbH Security Advisory X41-2018-005: Multiple Vulnerabilities in Apple smartcardservices "IndyWatch Feed Tech"

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-005

Multiple Vulnerabilities in Apple smartcardservices
===================================================

Overview
--------
Confirmed Affected Versions: e3eb96a6eff9d02497a51b3c155a10fa5989021f
Confirmed Patched Versions: 8eef01a5e218ae78cc358de32213b50a601662de
Vendor: Apple
Vendor URL: https://smartcardservices.github.io/
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL:...

15:49

X41 D-Sec GmbH Security Advisory X41-2018-004: Multiple Vulnerabilities in Yubico libykneomgr "IndyWatch Feed Tech"

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-004

Multiple Vulnerabilities in Yubico libykneomgr
==============================================

Overview
--------
Confirmed Affected Versions: 0.1.9
Confirmed Patched Versions: -
Vendor: Yubico / Depreciated
Vendor URL: https://www.yubico.com/
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL:
https://www.x41-dsec.de/lab/advisories/x41-2018-004-libykneomgr/

Summary and Impact...

15:48

X41 D-Sec GmbH Security Advisory X41-2018-003: Multiple Vulnerabilities in pam_pkcs11 "IndyWatch Feed Tech"

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-003

Multiple Vulnerabilities in pam_pkcs11
======================================

Overview
--------
Confirmed Affected Versions: 0.6.9
Confirmed Patched Versions: -
Vendor: Unmaintained
Vendor URL: https://github.com/OpenSC/pampkcs11
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL:
https://www.x41-dsec.de/lab/advisories/x41-2018-003-pampkcs11/

Summary and Impact
------------------...

15:46

X41 D-Sec GmbH Security Advisory X41-2018-002: Multiple Vulnerabilities in OpenSC "IndyWatch Feed Tech"

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-002

Multiple Vulnerabilities in OpenSC
==================================

Overview
--------
Confirmed Affected Versions: 0.18.0
Confirmed Patched Versions: possibly 0.19.0
Vendor: OpenSC
Vendor URL: https://github.com/OpenSC/OpenSC
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL: https://www.x41-dsec.de/lab/advisories/x41-2018-002-OpenSC/

Summary and Impact
------------------...

15:45

X41 D-Sec GmbH Security Advisory X41-2018-001: Multiple Vulnerabilities in Yubico Piv "IndyWatch Feed Tech"

Posted by X41 D-Sec GmbH Advisories on Aug 14

X41 D-Sec GmbH Security Advisory: X41-2018-001

Multiple Vulnerabilities in Yubico Piv
======================================

Overview
--------
Confirmed Affected Versions: 1.5.0
Confirmed Patched Versions: 1.6.0
Vendor: Yubico
Vendor URL: https://www.yubico.com/
Vendor Advisory URL: https://www.yubico.com/support/security-advisories
Credit: X41 D-Sec GmbH, Eric Sesterhenn
Status: Public
Advisory-URL:...

15:42

California water managers vary in use of climate science "IndyWatch Feed Tech"

Historically, water managers throughout the thirsty state of California have relied on hydrology and water engineeringboth technical necessitiesas well as existing drought and flood patterns to plan for future water needs.

Now, is projected to shift as winters become warmer, spring snowmelt arrives earlier, and extreme weather-related events increase. Some water utilities have started to consider these risks in their management, but many do not. Lack of change adaptation among water utilities can put water supplies and the people dependent on them at risk, especially in marginalized communities, a new University of California, Davis, paper suggests.

The paper, which analyzes various approaches to climate science by drinking water utility managers in California, was presented along with new research at the American Sociology Association Conference in Philadelphia on Aug. 11. The paper, Climate Information? Embedding Climate Futures within Social Temporalities of California Water Management, was published this spring in the journal Environmental Sociology.

15:42

From office windows to Mars: Scientists debut super-insulating gel "IndyWatch Feed Tech"

A new, super-insulating gel developed by researchers at CU Boulder could dramatically increase the energy efficiency of skyscrapers and other buildings, and might one day help scientists build greenhouse-like habitats for colonists on Mars.

The aerogel, which looks like a flattened plastic contact lens, is so resistant to heat that you could put a strip of it on your hand and a fire on top without feeling a thing. But unlike similar products on the market, the material is mostly see-through.

Transparency is an enabling feature because you can use this gel in windows, and you could use it in extraterrestrial habitats, said Ivan Smalyukh, a professor in the Department of Physics. You could harvest sunlight through that thermally-insulating material and store the energy inside, protecting yourself from those big oscillations in temperature that you have on Mars or on the moon.

15:12

Sci-Hub Proves That Piracy Can be Dangerously Useful "IndyWatch Feed Tech"

Submitted via IRC for SoyCow1984

Despite two lost legal battles in the US, domain name seizures, and millions of dollars in damage claims, Sci-Hub continues to offer unauthorized access to academic papers. The site's founder says that she would rather operate legally, but copyright gets in the way. Sci-Hub is not the problem she argues, it's a solution, something many academics appear to agree with.

Sci-Hub has often been referred to as "The Pirate Bay of Science," but that description really sells the site short.

While both sites are helping the public to access copyrighted content without permission, Sci-Hub has also become a crucial tool that arguably helps the progress of science.

The site allows researchers to bypass expensive paywalls so they can read articles written by their fellow colleagues. The information in these 'pirated' articles is then used to provide the foundation for future research.

What the site does is illegal, according to the law, but Sci-Hub is praised by thousands of researchers and academics around the world. In particular, those who don't have direct access to the expensive journals but aspire to excel in their academic field.

Source: https://torrentfreak.com/sci-hub-proves-that-piracy-can-be-dangerously-useful-180804/


Original Submission

Read more of this story at SoylentNews.

15:02

Magic 8X Phone Lens "IndyWatch Feed Tech"

THIS CAMERA LETS YOU ZOOM TO THE MOON AND BACK!

Get 50% OFF NoahsCave.com/210Magic8X

14:55

CompTIA IT Certification Training 2018 12 Course Bundle "IndyWatch Feed Tech"

The Information Technology industry has witnessed exponential growth over the years, and if you want to be a part of this growing industry, it's important for you to earn certificates in this field. Organisations always prefer employees with strong internationally-recognized professional certifications that proof your skills, knowledge, and what you knowgiving you more credibility and

14:31

Berkheimer Changed Nothing and Invalidation Rates of Abstract Software Patents Remain Very High "IndyWatch Feed Tech"

Weight comparison

Summary: Contrary to repetitive misinformation from firms that sell services around patents, there is no turnaround or comeback for software patents; the latest numbers suggest a marginal difference at best one that may be negligible considering the correlation between expected outcomes and actions (the nature of risk analysis)

THE QUALITY of patents at the USPTO (existing and newly-awarded ones) isnt great, but at least it seems like its improving and the number of patent grants is declining (at long last).

Sadly, some people who write on patent matters are willfully cluelessThe psyche or mentality surrounding patents ought to change. Not all patents represent innovation and some kinds of patents actively suppress innovation. Its not even a controversial premise as many scholars have shown just that, even empirically.

Microsofts New Patent Will Let You Communicate With Others In 3D, said a headline from yesterday, but patents dont let anything. They restrict. Sadly, some people who write on patent matters are willfully clueless (this site is generally awful in its coverage on most topics because the writers dont specialise in the areas they cover; they do Microsoft ads a lot of the time, under the banner of FOSS)

Apple Could Let You Store Your Passport on an iPhone, said another new headline, misusing that word let again. Patents are not about letting but about monopolising. Another new article about Apple patents talks about so-called Augmented Reality (buzzword); its a patent or at least an application that we wrote about over a weekend. Its abstract, sure, but with trendy terms like Augmented Reality (or AR for short) will examiners see that? Andrew Rossow,...

14:15

Turkey plans boycott of US electronics "IndyWatch Feed Tech"

Turkey on Tuesday announced that it will boycott American electronic devices amid tensions with Washington that have led to a historic Turkish currency crisis.The Associated Press reported that Turkish President Recep Tayyip...

14:00

Connecting the dots to North Korea as a threat adversary "IndyWatch Feed Tech"

Reports of malware campaigns invariably focus on two critical conclusions: attribution and who was the intended target of the attack. It is challenging to draw swift conclusions on the former, due to the use of false flags designed to divert attention from the true source of the attack. Those swift conclusions are modified as more information becomes available, and it is much later before we achieve transparency on the campaign. Whilst this is a challenge More

The post Connecting the dots to North Korea as a threat adversary appeared first on Help Net Security.

13:45

Three As of SaaS adoption, and why every company goes through them "IndyWatch Feed Tech"

Ive noticed that as more and more companies turn to SaaS applications to power their business, they all experience the same journey along the way, more or less. Everyone goes through what I call the 3 As of SaaS adoption: aggravation, acceptance, and adoption. Companies go through distinct stages of SaaS adoption. As your SaaS environment matures, needs shift and challenges evolve. But if you know what to expect at each stage and whats coming More

The post Three As of SaaS adoption, and why every company goes through them appeared first on Help Net Security.

13:40

Lockton Insurance Brokers Exploiting Patent Trolls to Sell Insurance to the Gullible "IndyWatch Feed Tech"

LocktonSummary: Demonstrating what some people have dubbed (and popularised as) disaster capitalism, Lockton now looks for opportunities to profit from patent trolls, in the form of insurance (the same thing Microsoft does [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12...

13:37

mRNA Methylation: A Novel Mechanistic Link Between Stress Regulation and Psychiatric Disorders "IndyWatch Feed Tech"

It is well established that stress can alter the activation pattern of our genes. Stress also triggers epigenetic mechanisms which modulate how DNA, the carrier of genetic information, is read. The genetic information on the DNA is in the next step translated into RNA, which is the blueprint of proteins. In a groundbreaking study, scientists at the Max Planck Institute of Psychiatry (MPI) have shown for the first time that stress can also cause similar epigenetic changes on the RNA level. The research results were recently published in the internationally renowned journal Neuron.

It was recently rediscovered that RNA can be modified by chemical tags in a similar way to the epigenetic modifications seen on DNA. Messenger RNA (mRNA) is made up of four molecular building blocks: adenosine, cytidine, guanosine and uridine, which can be modified by the attachment of chemical tag. These tags or RNA modifications provide a sophisticated extra layer of gene regulation.

A modification of mRNA, which occurs post-transcriptionally is methylation of adenosine and the most abundant is N6-methyladenosine (m6A). Although m6A was first described in 1974, recent technological advances were necessary before more detailed analyses of the epitranscriptome could be carried out.

[...] Alon Chen, Director at the Institute and head of the project explains: Increasing evidence suggests that the fine-tuning seen with mRNA methylation may underlie the etiology of psychiatric disorders. We think that elucidating the role of mRNA methylation in regulating brain function will help us to better understand psychiatric disorders.


Original Submission

Read more of this story at SoylentNews.

13:36

RADV Now Supports On-Demand Compilation Of Built-In Shaders "IndyWatch Feed Tech"

For helping out the RADV Vulkan driver in cases where no shader cache is available, this open-source Mesa Radeon Vulkan driver now supports the on-demand compilation of built-in shaders...

13:30

10,644 vulnerabilities disclosed in the first half of 2018 "IndyWatch Feed Tech"

There have been 10,644 vulnerabilities disclosed through June 30th, according to Risk Based Securitys 2018 Mid Year VulnDB QuickView report. This is the highest number of disclosed vulnerabilities at the mid-year point on record. The 10,644 vulnerabilities cataloged during the first half of 2018 by Risk Based Securitys research team eclipsed the total covered by the CVE and National Vulnerability Database (NVD) by well over 3,000. The newly released 2018 mid-year report from Risk Based More

The post 10,644 vulnerabilities disclosed in the first half of 2018 appeared first on Help Net Security.

13:15

Five key security tips to avoid an IoT hack "IndyWatch Feed Tech"

Recently, Russian PIR Bank lost $1,000,000 because of a compromised router that allowed hackers to gain entry into their local network. Why did it happen and how companies can protect themselves? Malicious IoT hacking incidents are a norm today. That is not surprising, considering that by 2020, the IoT is expected to reach a staggering amount of 20.4 Bn devices. Homes and enterprises using legacy security measures are in danger because of the ever-growing IoT. More

The post Five key security tips to avoid an IoT hack appeared first on Help Net Security.

13:03

Patent Lawyers Writing Patent Law for Their Own Enrichment Rather Than for Innovation "IndyWatch Feed Tech"

Anathema, antithetical to the very concept/purpose of patents

A payment

Summary: We have become detached from the original goals and come to the point where patent offices arent necessarily run by people qualified for the job of advancing science and technology; they, unlike judges, only seem to care about how many patents get granted, irrespective of their quality/merit

THE conundrum which lawmakers sometimes face depends on who pays (or bribes) them. We recently wrote about Orrin Hatch, sponsored the most by the pharmaceutical industry, trying to make pharmaceutical patents immune/exempted from Patent Trial and Appeal Board (PTAB) inter partes reviews (IPRs). The USPTO is itself run by a lot of lawyers, not just scientists; look who has been appointed its Director.

There has always been this danger that nontechnical people (like Battistelli and Campinos) would doom patent offices, making them little more than litigation pipelines, preparing the patents for lawsuits, even frivolous ones.

There has always been this danger that nontechnical people (like Battistelli and Campinos) would doom patent offices, making them little more than litigation pipelines, preparing the patents for lawsuits, even frivolous ones.The UK will also be excluded from the EUs unitary patent framework, says a British magazine this week, perpetuating the false belief that something constructed by lawyers for personal gain is actually worthwhile for all of us. But more importantly, however, there is no such framework. The Unified Patent Court is dead, irrespective of Brexit. It nev...

13:02

The assembly line of the future: Automation, DNA construction, and synthetic biology "IndyWatch Feed Tech"

This story is brought to you by SynbiCITE, which is accelerating the commercialization of synthetic biology applications. To learn how SynbiCITE is nucleating a sustainable UK economy, visit www.synbicite.com.

Just as Henry Fords assembly line revolutionized the automobile industry, synthetic biology is being revolutionized by automated DNA assembly (see SynBioBetaLive! with Opentrons). The key features of an assembly line translate well into the field of synthetic biology speed, accuracy, reproducibility and validation. Instead of welding chassis together, small robotic arms are lifting delicate plates holding dozens of samples, adding and removing miniscule amounts of fluid.

In 2014, Imperial College London received 2 million to develop a DNA Synthesis and Construction Foundry to operate with SynbiCITE, the UK Innovation and Knowledge Centre for synthetic biology. Speaking at the Foundrys inception, SynbiCITE co-director Prof. Paul Freemont said, Standardizing the methods for synthesising DNA is crucial if we are going to scale up efforts to design and create this genetic material. The new DNA Synthesis and Construction Foundry will streamline and automate the writing of DNA at an industrial scale so that tens of thousands of designed DNA constructions can be built and tested.

13:01

Run a Linux Terminal on Cheap E-Ink Displays "IndyWatch Feed Tech"

If you havent kept up with the world of e-ink displays, heres some good news: they are pretty cheap now. For as little as $15 you can get a small e-ink display that has good enough performance and contrast to actually do something useful. Theres only one problem: figuring out how to drive them in your project.

Tired of seeing nothing but wiring diagrams and sample code when it came to actually putting these e-ink modules to use, [Jouko Strmmer] decided to try his hand at creating a turn-key application for these gorgeous little displays. The result is PaperTTY, a Python program that allows the user to open up a fully functional Linux virtual terminal on an e-ink display.

Of course, there are some caveats. For one, this all assumes youre using a Waveshare display (specifically their 2.13 inch HAT) connected to a Raspberry Pi over SPI. Not to say thats the only hardware combination that will work, but its the only one that [Jouko] has done any testing on at this point. If you want to try to shake things up in terms of hardware, you might need to get your hands dirty.

The advantage of being able to open a Linux VT on one of these e-ink displays is pretty simple: you can run basically any piece of software you want on it. Rather than having to come up with software that specifically features support for the display, you can just use (or write) standard Linux console progr...

12:51

EXT4 & XFS File-System Updates Submitted For Linux 4.19 "IndyWatch Feed Tech"

The pull requests updating the XFS and EXT4 file-system driver code have been sent in for the recently started Linux 4.19 kernel merge window...

12:38

A Quick Reminder on HTTPS Everywhere "IndyWatch Feed Tech"

HTTPS Everywhere! So the plugin says, and now browsers are warning users that sites not implementing https:// are security risks. Using HTTPS everywhere is good advice. And this really means "everywhere": the home page, everything. Not just the login page, or the page where you accept donations. Everything.

12:35

Hackers can compromise your network just by sending a Fax "IndyWatch Feed Tech"

What maximum a remote attacker can do just by having your Fax machine number? Believe it or not, but your fax number is literally enough for a hacker to gain complete control over the printer and possibly infiltrate the rest of the network connected to it. Check Point researchers have revealed details of two critical remote code execution (RCE) vulnerabilities they discovered in the

12:20

Pausing Location history doesnt stop Google tracking your location. Heres how to stop it "IndyWatch Feed Tech"

You would think that telling Google that you didnt want your location be tracked by disabling an option called Location History would stop the internet giant from errr.. storing data about your location.

Think again.

12:00

Investigating Global Air Pollution "IndyWatch Feed Tech"

At 10.30 a.m. on Tuesday morning the High-Altitude and Long-Range Research Aircraft (HALO) left the German Aerospace Center Airbase in Oberpfaffenhofen, and took off to the Cape Verde Islands.

This marked the official beginning of the Chemistry of the Atmosphere Field Experiment in Africa (CAFE-Africa)a mission coordinated by the Atmospheric Chemistry Department of the Max Planck Institute for Chemistry (MPIC) in Mainz.

The objective of the research mission is to study the influence of the massive biomass burning emissions from Africa on the atmospheric composition and oxidation capacity over the tropical and subtropical Atlantic Ocean. It is expected that these emissions combine with the strongly increasing urban-industrial pollution and with desert dust from the Sahara and may thus change chemically and physically.

The mission will be conducted out of Sal on the Cape Verde Islands and will continue until September 7th, 2018. During these five weeks the HALO research aircraft will fly along the coast and over several countries in Africa to collect unique data, needed for the understanding of long-distance pollution transport over the Atlantic and further areas downwind.


Original Submission

Read more of this story at SoylentNews.

11:25

SevenTorrents Shuts Down, Transfers Database to New Torrent Site "IndyWatch Feed Tech"

Hundreds of torrent sites have come and gone over the years with most disappearing after relatively short periods in action.

Sites like The Pirate Bay, which has just celebrated 15 years online, tend to drown out smaller players on the news front, but several have an impressive history behind them.

Take SevenTorrents, for example. The site has been serving torrents for around 10 years and last year serviced around six million unique visitors. Its not a giant by any means but its longevity is notable in a somewhat hostile and oppressive anti-piracy environment.

Now, however, the show is over for this long-term player. In an announcement yesterday, SevenTorrents operator said the towel had been thrown in.

We have been serving you for near 10 years and served over 40 Million visitors, with all troubles including copyright complaints, limitations, domain bans and ., we were able to keep this site up and running and make our visitors satisfied, the announcement reads.

Indeed, SevenTorrents has weathered the usual storms over the years. In 2014, the sites main domain was added to the UKs ISP blocking system following a complaint from the Motion Picture Association and in 2015, other domains were added to the list.

Unlike other sites on a downward spiral, no single event appears to have pressured SevenTorrents out of existence but they clearly feel the time is right to move on. However, the sites decision to hand over its database to another torrent site raises some questions.

Today we have decided to retire. But this is not the end for you and we will not let you down, there is a good news for you. We have talked with the owners of our professional friend site WatchSoMuch which is doing same thing as we were doing but in a better way, it has a super fast search and modern and mobile friendly design, SevenTorrents says.

We have transferred all the data and members to there, please visit and continue using your account in WatchSoMuch with same password and enjoy.

While SevenTorrents is an open index, according to its operator it has around 200,000 members, which means that WatchSoMuch a site that only surfaced in June now has the details those users signed up wi...

11:22

The Hidden Dangers of Home DNA Tests "IndyWatch Feed Tech"

Consumer DNA tests have taken off in popularity, promising to give you clues to your heritage and health. But after the test is done, who owns your personal genetic data? Bloomberg QuickTake explains why you should think twice before sending in that vial.

____

Bloomberg is the First Word in business news, delivering breaking news & analysis, up-to-the-minute market data, features, profiles and more: http://www.bloomberg.com
Connect with us on
Twitter: https://twitter.com/business
Facebook: https://www.facebook.com/bloombergbus
Instagram: https://www.instagram.com/bloombergbu
Twitter: https://twitter.com/business
Facebook: https://www.facebook.com/bloombergbusiness
Instagram: https://www.instagram.com/bloombergbusiness/

11:19

NVIDIA CUDA 10 Adding nvJPEG, Turing Support "IndyWatch Feed Tech"

NVIDIA is capitalizing upon SIGGRAPH 2018 as now in addition to launching the Quadro RTX GPUs and open-sourcing the MDL SDK they have announced their work on CUDA 10...

11:14

CVE-2018-14424: Use-after-free in GDM "IndyWatch Feed Tech"

Posted by Chris Coulson on Aug 14

Hi,

I recently discovered a use-after-free in the GDM daemon, which is
possible to trigger via a specially crafted sequence of D-Bus method
calls as an unprivileged user.

Details from https://gitlab.gnome.org/GNOME/gdm/issues/401 follow:

----
When GdmDisplayStore (daemon/gdm-display-store.c) emits the
"display-removed" signal, the GdmDisplay being removed has already been
removed from the store. Subsequent calls to...

11:09

FreeBSD 12.0 Alpha Hits The Web "IndyWatch Feed Tech"

The first alpha release of FreeBSD 12.0 was quietly uploaded a few days ago to the project's download servers as the first step to shipping this next major update to the FreeBSD operating system...

10:56

Linux 4.19 Will Fend Off Stack Attacks With STACKLEAK Plugin "IndyWatch Feed Tech"

As expected, Linux 4.19 is getting STACKLEAK as a GCC plug-in for the Linux kernel that will fend off various form of stack attacks...

10:48

ASUSTOR NAS ADM - 3.1.0 Remote Command Execution, SQL Injections "IndyWatch Feed Tech"

Posted by kyle Lovett on Aug 14

Product - ASUSTOR ADM - 3.1.0.RFQ3 and all previous builds
Vendor - https://www.asustor.com/
Patch Notes - http://download.asustor.com/download/docs/releasenotes/RN_ADM_3.1.3.RHU2.pdf

Issue: The Asustor NAS appliance on ADM 3.1.0 and before suffer from
multiple critical vulnerabilities. The vulnerabilities were submitted
to Asustor in January and February 2018. Several follow-up requests
were made in an attempt to obtain vendor acknowledgement,...

10:46

New Man-in-the-Disk attack leaves millions of Android phones vulnerable "IndyWatch Feed Tech"

Security researchers at Check Point Software Technologies have discovered a new attack vector against the Android operating system that could potentially allow attackers to silently infect your smartphones with malicious apps or launch denial of service attacks. Dubbed Man-in-the-Disk, the attack takes advantage of the way Android apps utilize 'External Storage' system to store app-related data,

10:43

4 Tips for Successful Remote 1-1s "IndyWatch Feed Tech"

Team dynamics are complicated enough even when everyone can grab lunch together. Its often the relationship side of your team that will need some different techniques in a remote setting. If youre a manager, building strong relationships with your direct reports is paramount for both their success and yours.

10:27

Google tracks users movements even if they have disabled the Location History on devices "IndyWatch Feed Tech"

According to the AP, many Google services on both Android and iPhone store records of user location even if the users have disabled the Location History.

According to a recent investigation conducted by the Associated Press, many Google services on both Android and iPhone devices store records of user location data, and the bad news is that they do it even if the users have disabled the Location History on devices.

When a user disables the Location History from the privacy settings of Google applications, he should prevent Google from stole location data.

Currently, the situation is quite different, experts from AP discovered that even when users have turned off the Location History, some Google apps automatically store time-stamped location data without explicit authorization.

Google says that will prevent the company from remembering where youve been. Googles support page on the subject states: You can turn off Location History at any time. With Location History off, the places you go are no longer stored.

That isnt true. Even with Location History paused, some Google apps automatically store time-stamped location data without asking. (Its possible, although laborious, to delete it .) reads the post published by AP.

For example, Google stores a snapshot of where you are when you merely open its Maps app. Automatic daily weather updates on Android phones pinpoint roughly where you are,

And some searches that have nothing to do with location, like chocolate chip cookies, or kids science kits, pinpoint your precise latitude and longitudeaccurate to the square footand save it to your Google account.

The AP has used location data from an Android smartphone with Location History disabled to desing a map of the movements of Princeton postdoctoral researcher Gunes Acar.

...

10:23

A Molecular Switch May Serve as New Target Point for Cancer and Diabetes Therapies "IndyWatch Feed Tech"

If certain signaling cascades are misregulated, diseases like cancer, obesity and diabetes may occur. A mechanism recently discovered by scientists at the Leibniz- Forschungsinstitut fr Molekulare Pharmakologie (FMP) in Berlin and at the University of Geneva has a crucial influence on such signaling cascades and may be an important key for the future development of therapies against these diseases. The results of the study have just been published in the prestigious scientific journal 'Molecular Cell'.

Cell growth and cell differentiation as well as the release and efficacy of hormones such as insulin depend on the presence of lipids. Lipids are small molecules resembling fat. They are the building blocks of cell membranes, and they also serve as molecular switches in signaling cascades.

Such cascades play a crucial role in the control of cell growth and division as well as in differentiation processes such as the formation of new blood vessels referred to as angiogenesis. If signaling cascades are disturbed, diseases such as cancer or metabolic disorders such as obesity and diabetes can occur. The ability to influence the enzymes involved in the biosynthesis of signaling lipids in cells could thus serve as a starting point for the treatment of these diseases.


Original Submission

Read more of this story at SoylentNews.

10:04

Video of Interactive OpenBSD Porting Workshop "IndyWatch Feed Tech"

[Dr.] Brian Callahan (bcallah@) recently live-streamed (at twitch.tv/NewAstroCity) an interactive OpenBSD Porting Workshop.

A recording of the workshop is now available.

10:01

Internet of Tea: Coaster Watches for Optimum Drinking Temperature "IndyWatch Feed Tech"

Ah, the age-old question: at what temperature does ones tea need to be for maximum enjoyment? Its subjective, of course, but subjective in a way that makes everyone elses opinion demonstrably wrong. Whats worse, the window of opportunity for optimum tea temperature is extremely narrow. Whats a tea drinker to do?

Throw a little technology at the problem, of course, in the form of this Internet of Tea smart coaster. Through careful experimentation, [Benjojo] determined the temperature of his favorite mug when the tea within was just right for drinking and designed a coaster to alert him to that fact. The coaster is 3D-printed and contains an MLX90616 IR temperature sensor looking up at the bottom of the mug. An ESP8266 lives inside the coaster too and watches for the Optimum Tea Window to open, sending an alert via Discord when the time is right. Yes, he admits that a simple blinking LED on the coaster would keep his tea habit metadata from being slurped up by the international tea intelligence community, but he claims he has nothing to hide. Good luck with that.

Whats next for [Dane]s tea preparation? Perhaps he can close the loop and automate the whole pre-consumption process.

09:00

DSP Satellite FastWalkers (UFOs) "IndyWatch Feed Tech"


Consider that the information provided here is already fifty years old.  What is important is that those satellites confirm several atmospheric transitions every week.  Other observations have actually seen them enter water in particular.  Other above sea level access points may exist as well particularly around the SW desert.

It is clear though that accessing a base by going underwater is a preferred method.
 
That quality of security will start to disappear though as our own deep sea tech has become effective.

Thus full disclosure must happen within the next three decades and is certainly underway already.  After all, actual sightings are increasing and disguised aliens are making like tourists as well..


DSP Satellite FastWalkers (UFOs)
 https://nationalufocenter.com/

The Defense Support Program (DSP) satellite has been detecting FastWalkers (UFOs) entering our atmosphere for decades. The DSP analyzes the temperature, location and trajectory of a hot infrared source could build up both a description of the type of missile as well as its target dramatically reducing the chances of a surprise ICBM attack. The satellite weighed about 2,000 pounds and had a 12-foot long Schmidt infrared telescope with a linear array of 2,048 lead sulfide detectors that detected infrared energy. The satellite rotated six times per minute as the sensor scanned the entire face of the Earth. The sensor provided below-the-horizon coverage by spotting the missiles exhaust plume and carried sensors for detecting nuclear explosions in the atmosphere....

09:00

China Forces All Religious Buildings to Fly Communist Flag "IndyWatch Feed Tech"



In this Thursday, June 14, 2018, file photo, a Chinese national flag at Tiananmen Square flutters against the capital city tallest skyscraper China Zun Tower under construction at the Central Business District in Beijing. China has threatened
 
 I find this hilarious.  From now on you advertise the religious nature of a building by hanging a huge flag.  Does hanging a flag make you legal as well?

Perhaps Falun Gong can practice their public exercises by also mounting a giant flag.  The spectacle of government enforcers tearing down a flag will do wonders for party credibility.

This can only bring attention to a religious movement and whatever else they attempt to impose, the public will merely ignore.  All this will trigger organized passive resistance.
.

China Forces All Religious Buildings to Fly Communist Flag
...

09:00

Qanon Media Deconsolidation "IndyWatch Feed Tech"



On the corporate front two major initiatives have long been powerfully indicated.I have little doubt that they are underway in the planning stages since Trump landed.

The easy one is the breakup of the Too big to fail crowd and the reestablishment of the original regulatory regime separating ordinary retail banking from any form of investment banking.  This was changed just as clinton left office and led directly to the 2008 crash and the need for 'quantative easing' or money printing.

The more difficult is the smashing of all forms of media monopoly whatsoever. Their access to capital has been through merger after merger and their capacity for internal promotion that came with it.  Thus today we have a single source media that acts exactly like a propaganda machine who even is trying to clumsily suppress competition.  Their abuses have now become visible and their breakup is certainly necessary and it is coming.

This item from Q merely confirms that this is at the top of the legislative agenda and will be underway during the next two years..  .


  Q !!mG7VJxZNCI No.141 
Aug 11 2018 12:23:43 (EST)

Q !!mG7VJxZNCI No.138 ...

09:00

Does removing sugar from your diet starve cancer cells? "IndyWatch Feed Tech"




Somewhere along the way an old doctor had success with his patients by essentially starving them of all foods except cabbage soup.  Sounds boring and all that but this would certainly impose the protocol indicated here.

I also keep coming back to this because it prevents backsliding which is the enemy of every dietary approach.  I am sure a few other veggies work as well but starting with a large bowl of cabbage soup is pretty safe.

I have never actually had any reports on all this and my experience is that no one takes good advice or even truly safe advice. .


Does removing sugar from your diet starve cancer cells? New study finds surprising answers

Sunday, July 22, 2018 by: Ralph Flores
 
Tags: added sugars, Cancer Cells, cancer prevention, fructose, glucose, goodfood, goodhealth, high-fructose corn syrup, sugar


https://www.naturalnews.com/2018-07-22-does-removing-sugar-from-your-diet-starve-cancer-cells.html

(Natural News) Cutting back on sugar may help decrease your likelihood of getting certain cancers, a recent study noted. The finding, which was part of an investigation made by researchers from Duke-NUS Medical School and the National University of Singapore, together with the Duke University School of Medicine and the Medical University of Vienna, is part of a unique approach explaining how reducing sugar can cause cancer cells to die.

The paper, which was published in the onli...

09:00

This Will Help You Grasp the Sizes of Things in the Universe - Facts So Romantic "IndyWatch Feed Tech"


In The Zoomable Universe, Scharf puts the notion of scalein biology and physicscenter-stage. The start of your journey through this book and through all known scales of reality is at that edge between known and unknown, he writes.Illustration by Ron Miller

Caleb Scharf wants to take you on an epic tour. His latest book, The Zoomable Universe, starts from the ends of the observable universe, exploring its biggest structures, like groups of galaxies, and goes all the way down to the Planck lengthless than a billionth of a billionth of a billionth of a meter. It is a breathtaking synthesis of the large and small. Readers journeying through the book are treated to pictures, diagrams, and illustrations all accompanied by Scharfs lucid, conversational prose. These visual aids give vital depth and perspective to the phenomena that he points out like a cosmic safari guide. Did you know, he offers, that all the Milky Ways stars can fit inside the volume of our solar system?

Scharf, the director of Columbia Universitys Astrobiology Center, is a suitably engaging guide. Hes the author of the 2012 book Gravitys Engines: How Bubble-Blowing Black Holes Rule Galaxies, Stars, and Life in the Universe, and
Read More

08:51

In Reply to Modern Einstein,Next Stephen Hawking and Freud-With Reply of Howard Bloom "IndyWatch Feed Tech"

Dear Mr Howard Bloom-The modern Einstein,next Stephen Hawking and Freud,

Its an honor to be known by you. Your work on Space Sciences are revolutionary Sir. Your association and projects with CalTech and other scientific organizations will change the world we live in.I also have great passion in Space and Astronomy Sciences and that led me attending multiple workshops of NASA apart from attending its three credit course and organizing its prestigious essay contest in Indian schools in India and Abroad. I have searched NASA websites for close to 16 years and have found that it stores trillions of pages of materials where you can learn and research without help of any other source. I also have written my fundamental concept called The Cosmic Mask which I have sent to National Research Council and The American Astronomical Society for their review. I plan to publish it on AAS website.My two booksThe Cosmic Mask(Not the Fundamental Concept) and NASA-The Story of Manned and Unmanned Missions is dedicated to youths of this world for their love and passion in Space and Astronomy Sciences.

I want to know how you can associate me with National Space Society and other organizations you are associated with.

You asked me few things and here is what I think.

Yes I am a Journalist also and I write for Russian International Affairs Council,Moscow,Life Boat Foundation,Nevada,USA,Global Ethics Network,Washington and few more places.

I think the concept of Globalization has brought many developments in countries. I traveled to China thrice and I am quite amazed kind of progress China has achieved in last 30 years. I will not be wrong if I say that in many aspects its way ahead to USA or western World. They care about their culture,language but at the same time have welcomed and have adopted foreign companies on their soil. Deng Xio Ping and his many successors including current President Xi Jin Ping has metamorphosed China in a way that its now called second super power in exiting world.

As for as Russia is concerned its now a bit stable but it still has to go a long way ahead. Russia and USA relation or Trump and Putin relation are in much better shape than their predecessors and its good for both countries.

Now about country which is my mother land-India. India has all potential to grow and is growing rapidly. From the days in immediate post independence time where it had to import literally everything it is now a giant nation in IT sector and launches satellite every month if not every week . The Great Indian Middle Class is back bone of Indian economy due to its spending capacity and Agriculture its soul. Railways,Metros,New Airports,Thousands of Kilometers of Roads,Seaway-Starting on 15th August from Varanasi to Kolkata Bullet train and curving corruption,Demonetization are few tasks out o...

08:51

ICS-CERT warns of critical flaws in NetComm industrial routers "IndyWatch Feed Tech"

Security researcher has found two critical vulnerabilities in the industrial routers manufactured by the Australian company NetComm Wireless.

Sood reported the flaws to the ICS-CERT in October 2017.

NetComm industrial routers.jpg

The CSRF and XSS flaws have been classified by as critical, while the information disclosure issues have been classified as high severity.The ICS-CERT published a security advisory that warns of four vulnerabilities that affect the industrial routers. The issues tracked with CVE identifiers CVE-2018-14782 through CVE-2018-14785, are an Information Exposure, a Cross-site Request Forgery, a Cross-site Scripting, an Information Exposure through Directory Listing.

The cross-site request forgery condition could be triggered by a remote attacker to change passwords of the device.

When a web server is designed to receive a request from a client without any mechanism for verifying that it was intentionally sent, then it might be possible for an attacker to trick a client into making an unintentional request to the web server which will be treated as an authentic request. This can be done via a URL, image load, XMLHttpRequest, etc. and can result in exposure of data or unintended code execution. reads the security advisory.

The Netcomm industrial routers are vulnerable to several cross-site scripting attacks, a remote attacker can carry out them to run arbitrary code on the device.

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. states the...

08:50

How to Join the Digital Disruption with Progressive E-Learning Design "IndyWatch Feed Tech"

Progressive e-learning design revolves around users and their lives. Sylvia Vorhauser-Smith writes in a Forbes article that the future of e-learning platforms will be making learning easier to find, more engaging to digest and accessible on-demand. So how does progressive e-learning design fit into all of this?

Its long past time that students only had access to the family PC for lessons. Today, 70% of e-learners use their smartphones. And, as well see, progressive design adapts content to suit the device, which is crucial for those who learn on their phones or tablets.

HTML5 is the golden ticket that allows e-learning developers to create online solutions that can automatically morph content to suit varying screen sizes. The crucial part here is to not only adapt the size of content but also make it easily digestible. Shrinking content from desktop to mobile devices isnt enough; the writing becomes all but illegible and frustrates the user.

Progressive design positions content in a way that delivers a delightful experience to the user.

Theres a lot you can also do with progressive design. Many e-learning frameworks, such as Adapt, have a tagging function, which allows you to choose the content that is hidden depending on the device used. Tagging prevents interface cluttering and gives a smooth on-the-go learning experience.

When progressive design is executed well, learners will feel that the course fits well into their lives. And those low completion rates that most e-learning businesses endure will improve.

Progressive Design vs. Apps

Progressive Design vs. Apps

E-learning website platforms have...

08:46

Google May Allow Windows 10 to Dual-Boot or Run Alongside ChromeOS on Chromebooks "IndyWatch Feed Tech"

Google may add Windows 10 dual-boot option to Chromebooks

Google appears to be working on dual-boot support for Chromebooks. XDA-Developers has discovered that Google has been working to support an "alt OS mode" for its Pixelbook laptop for months now. Dubbed "Campfire," an obvious nod to Apple's own Boot Camp feature, Google's dual-boot is rumored to support Windows 10 on Chromebooks.

XDA-Developers claims Google is attempting to pass Microsoft's hardware certification for Windows 10 to allow its Pixelbook to officially run the alternative operating system. References to Microsoft's Windows Hardware Certification Kit have appeared in development builds of Chrome OS, and Google's Campfire work might extend to other new Chromebooks in the future.

Dual-boot support is said to be arriving on the Pixelbook soon, as Google engineers are pushing through multiple changes for Chrome OS to support the new feature.

That makes Google's recent attack ad a little funnier.

Also at Engadget, The Register, 9to5Google, Tom's Hardware, and CNET.

See also: Why cheap Chromebooks running Windows will benefit Google, not you

Related: ChromeOS Gains the Ability to Run Linux Applications
Google's Fuchsia OS Adds Emulator for Debian Linux Applications


Original Submission

Read more of this story at SoylentNews.

07:12

GPS Satellite Essential to Space Force Has Been Delayed Again "IndyWatch Feed Tech"

Submitted via IRC for SoyCow1984

Vice President Mike Pence laid out plans for the US Space Force on Thursday, calling out an advanced type of satellite, GPS III, that is apparently resistant to tampering. According to Bloomberg, however, this specific orbital machinery has been delayed for the last four years, and the launch date has slipped yet again.

Bloomberg reports that the launch, originally scheduled for April of this year and delayed to October, will now happen in December. The Air Force confirmed to the site that the delay will accommodate "qualification testing" and a validation of SpaceX's Falcon 9 Block 5, the rocket that will boost the satellite into orbit.

Source: https://www.engadget.com/2018/08/10/gps-satellite-space-force-delayed-again/


Original Submission

Read more of this story at SoylentNews.

07:00

Raspberry Pi Foosball Scoreboard "IndyWatch Feed Tech"

Foosball, also known as table football, is a classic game from the 1920s that is completely devoid of the bells and whistles of modern gaming. Players control stoic little figures with the most simplistic of input devices in order to move a tiny ball to and fro on the playing field. So naturally, somebody thought they should add a Raspberry Pi to it and drag the whole thing kicking and screaming into the 21st century.

The team at [Matmi] spend a good portion of their down time huddled over a foosball table, but they found the experience was significantly less exciting for the spectators than the players. To add a little more pomp to their sessions they added a flashy display that not only shows the current score, but makes individual scores a bit more exciting by showing some celebratory confetti.

Micro switches mounted in the ball return tubes of the table allow the Raspberry Pi to know who scored and when. This information is picked up by the web-based scoreboard written in Vue.js and served out by nginx. The actual scoreboard is being displayed by a laptop thats connected to the Pi over Wi-Fi.

If the software setup seems a bit convoluted, its because the project itself was something of a learning experience for HTML5 and web programming in general. Further updates are planned to streamline the system a bit to make it more self-contained, as well as adding...

06:12

NVIDIA Announces Open-Source MDL SDK "IndyWatch Feed Tech"

In addition to announcing the Turing-based Quadro RTX GPUs with GDDR6 memory, NVIDIA used SIGGRAPH 2018 to announce their open-sourcing of the MDL SDK...

06:02

Mesa 18.1.6 Released With Build System Updates, Various OpenGL/Vulkan Driver Fixes "IndyWatch Feed Tech"

Mesa 18.1.6 is now available as the latest point release for Mesa 18.1 as the Q2'2018 release of this collection of open-source graphics drivers/infrastructure...

05:33

FCC Chairman Ajit Pai Passes Blame Over Lying About Public Comment System Being DDoSed "IndyWatch Feed Tech"

Ajit Pai admits FCC lied about "DDoS," blames it on Obama administration

Federal Communications Commission Chairman Ajit Pai acknowledged Monday that the FCC lied about its public comment system being taken down by a DDoS attack during the net neutrality repeal proceeding.

Pai blamed the spreading of false information on employees hired by the Obama administration and said that he isn't to blame because he "inherited... a culture" from "the prior Administration" that led to the spreading of false information. Pai wrote:

I am deeply disappointed that the FCC's former Chief Information Officer [David Bray], who was hired by the prior Administration and is no longer with the Commission, provided inaccurate information about this incident to me, my office, Congress, and the American people. This is completely unacceptable. I'm also disappointed that some working under the former CIO apparently either disagreed with the information that he was presenting or had questions about it, yet didn't feel comfortable communicating their concerns to me or my office."

Pai's admission came in a statement yesterday. "It has become clear that in addition to a flawed comment system, we inherited from the prior Administration a culture in which many members of the Commission's career IT staff were hesitant to express disagreement with the Commission's former CIO in front of FCC management," he also said.

Inspector General report.

Read more of this story at SoylentNews.

04:22

From windows to Mars: Scientists debut super-insulating gel "IndyWatch Feed Tech"

A new, super-insulating gel developed by researchers at CU Boulder could dramatically increase the energy efficiency of skyscrapers and other buildings, and might one day help scientists build greenhouse-like habitats for colonists on Mars.

04:00

MIT Makes Washable LED Fabric "IndyWatch Feed Tech"

Lets face it, one of the challenges of wearable electronics is that people are filthy. Anything you wear is going to get dirty. If it touches you, it is going to get sweat and oil and who knows what else? And on the other side its going to get spills and dirt and all sorts of things we dont want to think about on it. For regular clothes, thats not a problem, you just pop them in the washer, but you cant say the same for wearable electronics. Now researchers at MIT have embedded diodes like LEDs and photodetectors, into a soft fabric that is washable.

Traditionally, fibers start as a larger preform that is drawn into the fiber while heated. The researchers added tiny diodes and very tiny copper wires to the preform. As the preform is drawn, the fibers polymer keeps the solid materials connected and in the center. The polymer protects the electronics from water and the team was able to successfully launder fabric made with these fibers ten times.

The waterproofing isnt just good for the laundry. The fibers even work underwater as the team demonstrated by transmitting music through water in a fish tank.

We often see research like this and have to admit that practical use of it will be many years away, if ever. However, according to reports, commercial products using these fibers will start appearing in 2019.

04:00

Kodi Addon Repo Operator Shuts Down Following Threats from BREIN "IndyWatch Feed Tech"

A Dutch-based developer and Kodi addon repository administrator has shut down his operation following threats from anti-piracy outfit BREIN. Due to the XvBMC-NL repo offering addons including Covenant and IPTV Bonanza, BREIN accused its operator of facilitating access to infringing content. He is now required to sign an abstention agreement and pay a settlement of 2,500 euros.

As the battle to prevent unauthorized content getting into the hands of the masses continues, Kodi remains one of the leading platforms for such consumption.

Completely legal as it leaves its official download platform, the Kodi software is easily modified to provide access to pirated movies, TV shows, and live sports. From here on in, usage of such a setup to infringe copyright is illegal in Europe.

With this established, anti-piracy outfit BREIN has been attempting to stem the tide of platforms offering 'pirate' addons in the Netherlands. One of those was XvBMC-NL, a repository which contained addons including the hugely popular Covenant and live TV addon IPTV Bonanza.

According to a report by BREIN, last month the Dutch developer and administrator of XvBMC-NL received an unwelcome visit to his home by bailiffs sent by the anti-piracy group. BREIN hasn't made the precise contents of its message to 'Z' known but it's clear that it views his work as illegal and contrary to copyright law. The developer shut down soon after.


Original Submission

Read more of this story at SoylentNews.

03:23

Novel optics for ultrafast cameras create new possibilities for imaging "IndyWatch Feed Tech"

MIT researchers have developed novel photography optics that capture images based on the timing of reflecting light inside the optics, instead of the traditional approach that relies on the arrangement of optical components. These new principles, the researchers say, open doors to new capabilities for time- or depth-sensitive cameras, which are not possible with conventional photography optics.

Specifically, the researchers designed new optics for an ultrafast sensor called a streak that resolves images from ultrashort pulses of light. Streak cameras and other ultrafast cameras have been used to make a trillion-frame-per-second video, scan through closed books, and provide depth map of a 3D scene, among other applications. Such cameras have relied on conventional optics, which have various design constraints. For example, a with a given , measured in millimeters or centimeters, has to sit at a distance from an imaging sensor equal to or greater than that focal length to capture an image. This basically means the lenses must be very long.

In a paper published in this weeks Nature Photonics, MIT Media Lab researchers describe a technique that makes a reflect back and forth off carefully positioned mirrors inside the lens system. A fast imaging sensor captures a separate image at each reflection time. The result is a sequence of imageseach corresponding to a different point in time, and to a different distance from the lens. Each image can be accessed at its specific time. The researchers have coined this technique time-folded optics.

03:23

Printed electronics breakthrough could lead to flexible electronics revolution "IndyWatch Feed Tech"

A new form of electronics manufacturing which embeds silicon nanowires into flexible surfaces could lead to radical new forms of bendable electronics, scientists say.

In a new paper published today in the journal Microsystems and Nanoengineering, engineers from the University of Glasgow describe how they have for the first time been able to affordably print high-mobility semiconductor onto flexible surfaces to develop high-performance ultra-thin electronic layers.

Those surfaces, which can be bent, flexed and twisted, could lay the foundations for a wide range of applications including video screens, improved health monitoring devices, implantable devices and synthetic skin for prosthetics.

03:22

Terahertz technology creates new insight into how semiconductor lasers work "IndyWatch Feed Tech"

Lasers are widely used as high power sources of light operating at a specific frequency. But how does this frequency get selected when a laser is turned on, and how quickly?

Pioneering engineers working with technology have been researching how individual frequencies are selected when a laser is turned on, and how quickly the selection is made.

The development of specific terahertz equipment has allowed them to investigate this process for the first time. Their results, published in Nature Communications, will underpin the future development of semiconductor lasers, including those used in public and private sector-owned telecommunications systems.

03:22

The behavior of waterscientists find new properties of H2O "IndyWatch Feed Tech"

A team of scientists has uncovered new molecular properties of watera discovery of a phenomenon that had previously gone unnoticed.

Liquid water is known to be an excellent transporter of its own autoionization products; that is, the charged species obtained when a water molecule (H2O) is split into protons (H+) and hydroxide ions (OH). This remarkable property of water makes it a critical component in emerging electrochemical energy production and storage technologies such as fuel cells; indeed, life itself would not be possible if water did not possess this characteristic.

Water is known to consist an intricate network of weak, directional interactions known as . For nearly a century, it was thought that the mechanisms by which water transports the H+ and OH ions were mirror images of each other identical in all ways except for directions of the hydrogen bonds involved in the process.

03:22

3D printed biomaterials for bone tissue engineering "IndyWatch Feed Tech"

When skeletal defects are unable to heal on their own, bone tissue engineering (BTE), a developing field in orthopedics can combine materials science, tissue engineering and regenerative medicine to facilitate bone repair. Materials scientists aim to engineer an ideal biomaterial that can mimic natural bone with cost-effective manufacturing techniques to provide a framework that offers support and biodegrades as new bone forms. Since applications in BTE to restore large bone defects are yet to cross over from the laboratory bench to clinical practice, the field is active with burgeoning research efforts and pioneering technology.

Cost-effective three-dimensional (3D) printing (additive manufacturing) combines economical techniques to create scaffolds with bioinks. Bioengineers at the Pennsylvania State University recently developed a composite ink made of three materials to 3D print porous, -like constructs. The core materials, polycaprolactone (PCL) and poly (D, L-lactic-co-glycolide) acid (PLGA), are two of the most commonly used synthetic, biocompatible biomaterials in BTE. Now published in the Journal of Materials Research, the materials showed biologically favorable interactions in the laboratory, followed by positive outcomes of in an animal model in vivo.

Since bone is a complex structure, Moncal et al. developed a bioink made of biocompatible PCL, PLGA and hydroxyapatite (HAps) particles, combining the properties of bone-like mechanical strength, biodegradation and guided reparative growth (osteoconduction) for assisted natural bone repair. They then engineered a new custom-designed mechanical extrusion system, which was mounted on t...

03:02

A Particle Accelerator Between Your Fingertips "IndyWatch Feed Tech"

An early prototype of the silicon-chip-sized particle accelerator that scientists at Stanford University are developing. Later, this could be made smaller to be inserted into the body and used to treat tumour.

02:42

Robotics Solutions Using Deep Learning "IndyWatch Feed Tech"

Kinema Systems and GhostRobotics faced off and shared their pitches with the live audience at NVIDIAS GPU Technology Conference (GTC) to showcase different approaches with autonomous systems using deep learning, machine learning and AI.

Kinema Systems, based in Menlo Park, Calif., is building innovative deep learning and 3D vision-based robotic solutions for logistics and manufacturing.

From Philadelphia, Pa., GhostRobotics is revolutionizing legged robotics and the market for autonomous unmanned ground vehicles used in unstructured terrain and harsh environments.

02:42

Solar-powered aircraft stays aloft for record-breaking 25 days "IndyWatch Feed Tech"

While Facebook and Google recently pulled the plug on their solar-powered internet drones, another company with a lot more experience is having success with the idea. Airbus announced that its solar-powered Zephyr S HAPS (high altitude pseudo-satellite) flew for 25 straight days, setting a time aloft record for any airplane, ever. It shattered the previous record of 14 days, marked by a previous prototype Zephyr aircraft.

The Zephyr flies on sun power alone at over 70,000 feet, an altitude that just a few aircraft like the Concorde and SR-71 Blackbird have reached. Thats well above any weather, and lets it perform reconnaissance, surveillance and communications/internet duties. [It fills a] capability gap complimentary to satellites, UAVs and manned aircraft to provide persistent local satellite-like services, Airbus said in a press release. A video of the takeoff (below) shows that it can be lifted and launched by hand. Once aloft, it can be operated for a fraction the cost of a satellite.

02:42

FBI warns banks about ATM cash-out scheme "IndyWatch Feed Tech"

The FBI is warning banks about a fraud scheme called an ATM cash-out, Krebs on Security reports. With this type of heist, attackers typically compromise a bank or payment card processor with malware, disable fraud controls and withdraw large sums of money sometimes millions of dollars with cloned bank cards. The FBI reportedly sent an alert to banks last week. The FBI has obtained unspecified reporting indicating cyber criminals are planning to conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an unlimited operation, said the notice.

Once hackers gain access to a financial institutions system, often through phishing, theyll alter account balances as well as disable maximum ATM withdrawal amounts and transaction limits. That way, they can quickly take out large amounts of cash from ATMs with fraudulent bank cards made from stolen card data and gift cards.

Last month, Krebs on Security reported on two successful applications of this type of scheme. Hackers were able to steal around $2.4 million from The National Bank of Blacksburg through two ATM cash-outs in 2016 and 2017.

02:30

DeepMind Subsidiary's Software Can Diagnose Eye Diseases "IndyWatch Feed Tech"

DeepMind's AI can detect over 50 eye diseases as accurately as a doctor

Step by step, condition by condition, AI systems are slowly learning to diagnose disease as well as any human doctor, and they could soon be working in a hospital near you. The latest example is from London, where researchers from Google's DeepMind subsidiary, UCL, and Moorfields Eye Hospital have used deep learning to create software that identifies dozens of common eye diseases from 3D scans and then recommends the patient for treatment.

The work is the result of a multiyear collaboration between the three institutions. And while the software is not ready for clinical use, it could be deployed in hospitals in a matter of years. Those involved in the research described is as "ground-breaking." Mustafa Suleyman, head of DeepMind Health, said in a press statement that the project was "incredibly exciting" and could, in time, "transform the diagnosis, treatment, and management of patients with sight threatening eye conditions [...] around the world."

The software, described in a paper published in the journal Nature Medicine, is based on established principles of deep learning, which uses algorithms to identify common patterns in data. In this case, the data is 3D scans of patients' eyes made using a technique known as optical coherence tomography, or OCT. Creating these scans takes around 10 minutes and involves bouncing near-infrared light off of the interior surfaces of the eye. Doing so creates a 3D image of the tissue, which is a common way to assess eye health. OCT scans are a crucial medical tool, as early identification of eye disease often saves the patient's sight. [...] In a test where the AI's judgments were compared with diagnoses by a panel of eight doctors, the software made the same recommendation more than 94 percent of the time.

Move over, Watson.

Also at BBC and VentureBeat.

Clinically applicable deep learning for diagnosis and referral in retinal disease (DOI: 10.1038/s41591-018-0107-6) (DX)


Original Submission

...

02:01

NVIDIA Announces Turing-Based Quadro RTX GPUs As The "World's First Ray-Tracing GPU" "IndyWatch Feed Tech"

This morning AMD announced the Vega-based Radeon Pro WX 8200 graphics card as the "best workstation GPU under $1,000 USD" while tonight NVIDIA is trying to steal the thunder by announcing the Quadro RTX series as the "world's first ray-tracing GPU" that is also based on their new Turing architecture...

02:00

HPR2617: Exposing a Raspberry Pi database through a REST API "IndyWatch Feed Tech"

Links from the episode Wikipedia - REST API Wikipedia - WSGI Bottle Framework SQLite

01:23

Hillicon Valley: FBI fires Strzok after anti-Trump tweets | Trump signs defense bill with cyber war policy | Google under scrutiny over location data | Sinclair's troubles may just be beginning | Tech to ease health data access | Netflix CFO to step down "IndyWatch Feed Tech"

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Morgan Chalfant (@mchalfant16) and Olivia Beavers (@olivia_beavers),...

00:23

Tech companies earn White House praise for committing to easier health data access "IndyWatch Feed Tech"

Major technology companies on Monday announced their commitment to making it easier to share data across the healthcare sector, in a move backed by the White House.The companies said that theyre pushing to make data more accessible for the...

Monday, 13 August

23:38

Fax machines ripe for hacking, says new study "IndyWatch Feed Tech"

Often overlooked office fax machines pose a huge vulnerability to the cybersecurity of businesses and other organizations, according to a new study. Many such machines run on decades-old protocols that are easy for hackers to penetrate, says...

22:05

Defcon: 11-year-old modifies Florida Presidential voting results "IndyWatch Feed Tech"

By Waqas

At the largest hacking conference in the world, Defcon 2018, there have been many surprising discoveries. However, the news that has shocked the United States is the hacking and modifications of election results by young kids. The 26th Defcon conference is being held in Las Vegas. Reportedly, the 11-year-old Emmert Brewer managed to modify election []

This is a post from HackRead.com Read the original post: Defcon: 11-year-old modifies Florida Presidential voting results

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog