IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Thursday, 18 October


NVIDIA GeForce RTX 2070 OpenCL, CUDA, TensorFlow GPU Compute Benchmarks "IndyWatch Feed Tech"

Here are the first of our benchmarks for the GeForce RTX 2070 graphics card that launched this week. In our inaugural Ubuntu Linux benchmarking with the GeForce RTX 2070 is a look at the OpenCL / CUDA GPU computing performance including with TensorFlow and various models being tested on the GPU. The benchmarks are compared to an assortment of available graphics cards and also include metrics for power consumption, performance-per-Watt, and performance-per-dollar.


Industry groups sue Vermont over state's net neutrality rules "IndyWatch Feed Tech"

Internet, cable and wireless providers are suing Vermont because of the states efforts to impose net neutrality rules following the Federal Communications Commissions repeal of its popular national open internet regulations.The coalition ...


Rocket Lab to Build U.S. Launch Site at Wallops Island, Virginia "IndyWatch Feed Tech"

Rocket Lab selects Wallops for U.S. launch site

Small launch vehicle company Rocket Lab announced Oct. 17 that it will build its second launch pad, and first in the United States, at Wallops Island in Virginia.

The company, headquartered in the United States but with much of its operations in New Zealand, said it will build Launch Complex (LC) 2 at the Mid Atlantic Regional Spaceport, located at NASA's Wallops Flight Facility here. Construction of the pad is set to start almost immediately, with the company planning a first launch from the site in the third quarter of 2019.

Rocket Lab selected Wallops after what Rocket Lab Chief Executive Peter Beck called an "exhaustive nationwide search" for a launch site to complement its existing facility in New Zealand, known as LC-1. The company announced four finalists in July that included Wallops as well as Cape Canaveral in Florida, Vandenberg Air Force Base in California and Pacific Spaceport Complex Alaska.

Wallops Island.

Also at Ars Technica.

Previously: Rocket Lab Plans to Build its Next Launch Site in the US

Related: NASA Awards Launch Contracts to Rocket Lab and Virgin Orbit

Original Submission

Read more of this story at SoylentNews.


Announcing keynote speakers for LibrePlanet -- and don't miss your chance to give a talk "IndyWatch Feed Tech"

Today, we are proud to announce all four keynote speakers who will appear at the LibrePlanet 2019 conference, which takes place in the Boston area, March 23-24, 2019. They are: Debian Project contributor Bdale Garbee, free software activist Micky Metts, physician Tarek Loubani, and FSF founder and president Richard Stallman, all of whom are trailblazers of free software in their own right.


Bdale Garbee

Bdale Garbee has contributed to the free software community since 1979. He was an early participant in the Debian Project, helped port Debian GNU/Linux to five architectures, served as the Debian Project Leader, then chairman of the Debian Technical Committee for nearly a decade, and remains active in the Debian community. For a decade, Bdale served as president of Software in the Public Interest. He also served on the board of directors of the Linux Foundation, representing individual affiliates and the developer community. Bdale currently serves on the boards of the Freedombox Foundation, the Linux Professional Institute, and Aleph Objects. He is also a member of the Evaluations Committee at the Software Freedom Conservancy. In 2008, Bdale became the first individual recipient of a Lutece d'Or award from the Federation Nationale de l'Industrie du Logiciel Libre in France.

Micky Metts

Micky Metts is an owner of Agaric, a worker-owned technology cooperative. She is an activist hacker, industry organizer, public speaker, connector, advisor, and visionary. Micky is a member of the MayFirst People Link Leadership Committee, and is a liaison between the Solidarity Economy Network (SEN) and the United States Federation of Worker Cooperatives (USFWC), with an intention to bring communities together. Micky is also a founding member of a cohort that is building a new Boston public high school based in cooperative learning: BoCoLab. She is a member of the Free Software Foundation and of, a community based in free software. She is a published author contributing to the book Ours to Hack and to Own, one of the top technology books of 2017 in Wired magazine.



Bell and Rogers Ask Government to Simplify Site Blocking and Criminalize Streaming "IndyWatch Feed Tech"

The Canadian Government is currently exploring if and how the current Copyright Act should be amended to better fit the present media landscape.

One of the key issues is the compensation that artists receive for their work. This was also the focus of a hearing before the House Heritage Committee this week, at which Bell (BCE) and Rogers both made an appearance.

The companies are Canadas largest Internet providers, but both also have their own media branches. As such, they have an interest in copyright issues, which they made quite apparent during the hearing.

Bell and Rogers called for several changes to the Copyright Act to address the piracy issue. Interestingly, the proposals were identical on many fronts, with both companies highlighting how piracy is causing millions in lost revenue.

First up was Rob Malcolmson, Bells Senior Vice President of Regulatory Affairs. Instead of addressing artist compensation directly, he drew the focus to the impact of organized content theft instead.

This issue is fundamental to the topic the committee is studying because no matter what remuneration model you adopt, creators can never be fairly compensated if their work is being widely stolen, Malcolmson said.

He went on to cite a series of piracy statistics published in recent years, including the increased popularity of pirate streaming boxes, and the fact that more than a quarter of all Canadians are self-proclaimed pirates.

To address this rampant theft, Bell presented three recommendations. The first is to criminalize online streaming of pirated material. This doesnt mean that any end-users would end up in jail, but it should act as a deterrent for operators of pirate streaming sites and services.

Rob Malcolmson

Bells second suggestion is to get the authorities and public officials actively involved in anti-piracy enforcement actions. The UK and US were cited as examples where local police and special units help to deal with piracy issues.

We recommend that the government should create and consider enshrining in the Copyright Act an administrative enforcement office and should direct the RCMP to prioritize digital piracy investigations, Malcolmson notes.

Finally, Bell also reintroduces the piracy blocking proposal of the Fairplay Canada Coalition. The CRTC denie...


SandBot Happily And Tirelessly Rolls Patterns In Sand "IndyWatch Feed Tech"

The patience and precision involved with drawing geometric patterns in sand is right up a robots alley, and demonstrating this is [rob dobson]s SandBot, a robot that draws patterns thanks to an arm with a magnetically coupled ball.

SandBot, SCARA version. The device sits underneath a sand bed, and a magnet (seen at the very top at the end of the folded arm) moves a ball bearing through sand.

SandBot is not a cartesian XY design. An XY frame would need to be at least as big as the sand table itself, but a SCARA arm can be much more compact. Sandbot also makes heavy use of 3D printing and laser-cut acrylic pieces, with no need of an external frame.

[rob]s writeup is chock full of excellent detail and illustrations, and makes an excellent read. His previous SandBot design is also worth checking out, as it contains all kinds of practical details like what size of ball bearing is best for drawing in fine sand (between 15 and 20 mm diameter, it turns out. Too small and motion is jerky as the ball catches on sand gra...


Doctors Can Finally 3D Print Human Tissue, Ligaments and Tendons "IndyWatch Feed Tech"

Biomedical engineers have successfully 3D printed human ligaments and tendons, giving hope to patients suffering from tears and ruptures.

After two years of intensive research, biomedical engineers have successfully 3D printed the complex structures of human ligaments and tendons.


GreyEnergy cyberespionage group targets Poland and Ukraine "IndyWatch Feed Tech"

Security researchers from ESET published a detailed analysis of a recently discovered cyber espionage group tracked as GreyEnergy.

Security experts from ESET published a detailed analysis of a recently discovered threat actor tracked as GreyEnergy, its activity emerged in concurrence with BlackEnergy operations.

ESET researchers have spotted a new strain of malware tracked as Exaramel that links the not Petya wiper to the Industroyer ICS malware.

Experts from ESET speculate the BlackEnergy threat actor evolved into two separate APT groups, namely TeleBots and GreyEnergy.

Following this attack, the BlackEnergy group evolved into at least two subgroups:
TeleBots and GreyEnergy.   reads the report.

The main goal of the TeleBots group is to perform cybersabotage attacks on Ukraine, which are achieved through computer network attack (CNA) operations.

GreyEnergy conducted reconnaissance and cyber espionage activities in Ukraine and Poland, it focused its activities on energy and transportation industries, and other high-value targets.

The APT group leverage the GreyEnergy malware, a malicious code that implements a modular architecture to extend its capabilities by adding the appropriate modules.

Like many complex threats, the GreyEnergy malware has a modular architecture. The functionality of the malware can be easily extended with additional modules. A GreyEnergy module is a DLL file that gets executed by calling the function with the first ordinal. Each module, including the main GreyEnergy module, accepts text commands with various parameters. continues the analysis.

The list of available modules includes components for file extraction, screenshot capturing, keylogging, password, and credential stealing, and of course a backdoor.

Experts pointed out that they havent found modules that specifically target Industrial Control Systems software or devices. ESET pointed out that GreyEnergy operators have been strategically targeting ICS control workstations running SCADA software and servers.

In one case, hackers used a disk-wiping component to disrupt operating processes on the target systems.

GreyEnergy attackers in one case also used a valid digital certificate, likely stolen from Taiwanese company Advantech, to sign a sample.



Twitter to show if tweet has been removed for violating rules "IndyWatch Feed Tech"

Twitter will now make it clear as to why a tweet has been removed from its platform. The company wrote in a post on Thursday that tweets removed for violating its rules will display a notice explaining that the deleted tweet was removed for...


Flight of the Dandelion "IndyWatch Feed Tech"

Dandelion seeds fly using 'impossible' method never before seen in nature

Dandelion seeds fly using a method that researchers thought couldn't work in the real world, according to a study published on 17 October in Nature.

When some animals, aeroplanes or seeds fly, rings of circulating air called vortices form in contact with their wings or wing-like surfaces. These vortices can help to maintain the forces that lift the animal, machine or seed into the air.

Researchers thought that an unattached vortex would be too unstable to persist in nature. Yet the light, puffy seeds of dandelions use vortices that materialize just above their surfaces and lift the seed into the air.

Also at the University of Edinburgh and BBC.

A separated vortex ring underlies the flight of the dandelion (DOI: 10.1038/s41586-018-0604-2) (DX)

Original Submission

Read more of this story at SoylentNews.


Roku devices to be back on sale in Mexico following court ruling "IndyWatch Feed Tech"

Roku to resume sales in Mexico after court ruling

A favorable ruling from the 11th Collegiate Court in Mexico City will now allow the popular streaming device, Roku, to resume sales of its set-top boxes in Mexico in the coming weeks.

Roku devices were prohibited for sale in Mexico back in July 2017 due to a piracy lawsuit filed by TV company Cablevision, the cable TV operator owned by Mexican media giant Televisa. Cablevision took Roku to court alleging that the devices manufactured by Roku were being hacked to allow users to watch pirated channels. However, this ruling has now been overturned and Roku has been declared legal that allows it to enter the streaming market in Mexico once again.

Roku General Counsel Stephen Kay says, Todays decision is an important victory for Roku and its Mexican distributor, Latamel Distribuidora, S. de R.L. de C.V. and Mexican retailers in the legal battle against an improper ban on sales of its popular streaming players in Mexico. We are pleased with the Collegiate Courts decision and look forward to continuing to build Rokus TV streaming business in Mexico.

Also, Roku CMO Matthew Anderson after the latest ruling said, Streaming is the future of TV. It offers a great opportunity for consumers in Mexico by providing more entertainment choices, the ability to watch TV on their schedules and more value for money. We are grateful for our customers in Mexico who, despite the sales ban, continued to stream more and more hours; and for our retail partners and content providers who supported us throughout this past year. We look forward to launching the latest Roku devices in Mexico soon and giving customers an even richer streaming experience.

However, Cablevision also issued a statement warning Roku that it would take further legal action if it found pirate channels appearing on Roku devices in the future. In the event they fail to take due care about carrying unauthorized content, we will continue with legal action such as the dozens of actions that the Mexican Intellectual Property Institute (IMPI) and various judicial, local and federal governments have taken to block pirated sites on Roku, said Cablevision.

Roku devices are expected to become available for sale via distributors including Amazon, Best Buy, Office Depot, Radio Shack, Sears, and Walmart in the coming weeks.

The post Roku devices to be back on sale in Mexico following court ruling appeared first on TechWorm.


Mesa 18.2.3 Coming This Week With Fixes/Workarounds For Several Steam Play Games "IndyWatch Feed Tech"

Igalia's Juan Suarez Romero as the Mesa 18.2 series release manager is putting the finishing touches on the 18.2.3 point release to benefit Steam Play / Proton / Wine games...


"Covert" facial recognition street lights coming to a neighborhood near you "IndyWatch Feed Tech"

image credit: WISX 

A recent Reuters article reveals that ST Engineering has been awarded $5.5 million to install facial recognition street lights in Singapore.

ST's smart street lights come equipped with sensors, LED screens and covert cameras already installed.

Incredibly, ST claims their spying street lights can bring "healthcare benefits to residents."

Just like smart city projects everywhere, Singapore claims that spying street lights "are not built by the government but by all of us - citizens, companies, agencies."  And just like Riverhead, New York who claimed that police surveillance drones will revitalize downtown, Singapore claims their spying street lights will "lead to meaningful and fulfilled lives."

Facial recognition street lights are designed to be covert

ST Engineering has even gone so far as to rename it's covert facial recognition program: ST Countenance.

"ST Countenance identifies people from a distance, without being intrusive. Covert and scalable, the system has the capability to be integrated with CCTV systems, reducing awareness that it is in operation."

ST boasts that their street lights can secretly identify people in real-time 24/7.

"Their system is able to achieve identification of persons covertly 24/7 by utilizing the right design and engineering."

But it doesn't end there, ST has also won a contract to install their smart street lights in Hong Kong.


Fedora 29 Is Blocked From Release Due To 11 Open Bugs "IndyWatch Feed Tech"

Fedora 29 will not be managing to deliver its final release right on time due to lingering blocker bugs...


Are Engineers Educated? "IndyWatch Feed Tech"

Or are they merely trained?

illustration Illustration: Dan Page

Every now and then, Ive wondered how people view a person graduating with an engineering degree. Do they generally think that he or she is truly educated, or is this instead someone who has undergone vocational training aimed at a specific job?

I was thinking about this recently when I read an article about why a liberal arts education is more important than ever. This led me to read a number of other essays about the value of a liberal education versus one in science, technology, engineering, and mathematics (STEM). As far as I could tell, virtually all the essays I saw had been written by liberal arts graduates or faculty. Perhaps thats not surprising: They are more inclined to write essays, and understandably may feel defensive about the current emphasis on STEM.

Its not my intention either to advocate STEM or to denigrate liberal arts, but rather to muse about the value of education from my engineers perspective. The two disciplines are increasingly intertwined, in any event. Looking back on my own schooling, I think of all the wasted hours hearing about things that I either failed to absorb or instantly forgot. On the other hand, there were things I learned that would last a lifetime. In my retrospective view of high school, two courses stand out as having been particularly valuable. One was plane geometry, where I learned logical thought and a first appreciation of mathematics beyond the limited world of arithmetic. But the other course was typinga vocational class that taught me a skill that I employ at this moment, so very many years later.

There are also many essays about what it means to be well educated. After browsing a number of them, I saw little agreement in their conclusions. Nonetheless, there were common themes about what subjects should be mastered and what skills learned. Needless to say, I could find no mention of software coding. An emphasis was often placed on the inclusion of what is called in liberal arts critical thinking. I had thought engineers did critical thinking too, but in reviewing the essays I saw that it meant something different than what we engineers do. While we often argue within the bounds of our own technological domain, most definitions of critical thinking stress broader sociological and philosophical considerations.

Perhaps an engineering curriculum is indeed aimed...

Graphene Printing Technique "Silk Screens" Flexible Electronics "IndyWatch Feed Tech"

Graphene-based remote epitaxy enables inexpensive copying of gallium arsenide and gallium nitride chips

Future high-efficiency solar cells molded to the surface of a car; ultra-small photonics chips; and low-power, long-lasting wearable devices will all require something no ones yet been able to achieve, namely chips made from high-efficiency materials that are flexible, thin and inexpensive to manufacture.

A research group at MIT has announced a couple of developments in recent weeks that bring such a confluence of innovations closer to the achievable. Jeehwan Kims research group announced separately this month in Nature Materials and Science that they can inexpensively mass-produce ultra-thin gallium arsenide and gallium nitride chips as well as a harvest the monolayer materials necessary for manufacturing other 2-D electronics like tiny photonics devices.

We [found] the way to go to expensive semiconducting materials so you can keep producing high-quality, high-performance semiconductors with a cheaper price, says Kim, associate professor of mechanical engineering and materials science at MIT. The bonus is you can have flexible semiconducting devices, and because theyre really thin, you can stack them up.

As Spectrum reported last year, Kims group essentially uses graphene sheets as nano-sized silk screens through which expensively manufactured exotic material-based semiconductors can be laid down.

The recipe: Take a costly, manufactured, ultra-thin film of pure semiconducting material like gallium arsenide and lay a...


First proof of quantum computer advantage "IndyWatch Feed Tech"

For many years, quantum computers were not much more than an idea. Today, companies, governments and intelligence agencies are investing in the development of quantum technology. Robert Knig, professor for the theory of complex quantum systems at the TUM, in collaboration with David Gosset from the Institute for Quantum Computing at the University of Waterloo and Sergey Bravyi from IBM, has now placed a cornerstone in this promising field.


UK lawmakers warned memes may normalize trolling, body shaming "IndyWatch Feed Tech"

Memes may be contributing to the U.K.s teenage obesity crisis and normalizing online "trolling, body shaming and bullying" a group of British researchers told lawmakers in the U.K."A substantial number of individuals on Twitter share health-related...


Opus 1.3 Released - One Of The Leading Lossy Open-Source Audio Codecs "IndyWatch Feed Tech"

The busy release date continues with Mozilla/Xiph.Org announcing the release of the Opus 1.3 audio codec...


Ubuntu 18.10 (Cosmic Cuttlefish) released "IndyWatch Feed Tech"

Ubuntu has announced the release of its latest version, 18.10 (or "Cosmic Cuttlefish"). It has lots of updated packages and such, and is available in both a desktop and server version; there are also multiple flavors that were released as well. More information can be found in the release notes. "The Ubuntu kernel has been updated to the 4.18 based Linux kernel, our default toolchain has moved to gcc 8.2 with glibc 2.28, and we've also updated to openssl 1.1.1 and gnutls 3.6.4 with TLS1.3 support. Ubuntu Desktop 18.04 LTS brings a fresh look with the community-driven Yaru theme replacing our long-serving Ambiance and Radiance themes. We are shipping the latest GNOME 3.30, Firefox 63, LibreOffice 6.1.2, and many others. Ubuntu Server 18.10 includes the Rocky release of OpenStack including the clustering enabled LXD 3.0, new network configuration via, and iteration on the next-generation fast server installer. Ubuntu Server brings major updates to industry standard packages available on private clouds, public clouds, containers or bare metal in your datacentre."


Laser Cut Cardboard Robot Construction Kit Eases Learning And Play "IndyWatch Feed Tech"

It has never been easier to put a microcontroller and other electronics into a simple project, and that has tremendous learning potential. But when it comes to mechanical build elements like enclosures, frames, and connectors, things havent quite kept the same pace. Its easier to source economical servos, motors, and microcontroller boards than it is to arrange for other robot parts that allow for cheap and accessible customization and experimentation.

Thats where [Andy Forest] comes in with the Laser Cut Cardboard Robot Construction Kit, which started at STEAMLabs, a non-profit community makerspace in Toronto. The design makes modular frames, enclosures, and basic hardware out of laser-cut corrugated cardboard. Its an economical and effective method of creating the mechanical elements needed for creating robots and animatronics while still allowing easy customizing. The sheets have punch-out sections for plastic straws, chopstick axles, SG90 servo motors, and of course, anything thats missing can be easily added with hot glue or cut out with a knife. In addition to the designs being open sourced, there is also an activity guide for educators that gives visual examples of different ways to use everything.

Cardboard makes a great prototyping materia...


Links 18/10/2018: New Ubuntu and Postgres "IndyWatch Feed Tech"

GNOME bluefish



  • Desktop

    • New Details On System76s Open-Source Hardware Plans Come To Light

      Longtime Ubuntu/Linux PC vendor System76 has been teasing their efforts around an open-source computer and other open-source hardware efforts now that they are in the home stretch of setting up their own US-based manufacturing facility. Some new details on their initial aspirations are now out there.

      The open-source computer speculations have fueled speculation quite wide ranging from some thinking system76 is working on RISC-V or ARM designs to others thinking they may be doing a Coreboot effort for Intel x86 CPUs Harris Kenny of system76 shed some light on their open-source hardware journey a few days back on Twitter. System76 founder Carl Richell also chimed in with some additional details.

  • Kernel Space


Last Nights Hype "IndyWatch Feed Tech"

If youre a Friend of the IAS ($1750/year and up), you were invited to a talk last night, at which IAS member Thomas Rudelius promised to explain to you How to Test String Theory. The video of the talk is now available here.

After a long introduction involving large amounts of misleading hype, Rudelius in the last couple minutes finally gets to the promised explanation of How to Test String Theory. What is it? Its his discovery that some versions of axion cosmology are incompatible with the Weak Gravity Conjecture, and thus conjecturally incompatible with string theory.

I assume that the IAS Friends in attendance, besides being financially well off, are also not so dim-witted that they wouldnt notice that theyd been had (theres no evidence for axion cosmology, so conjectures about whether or not various axion cosmology models are consistent or not with string theory are completely irrelevant to testing string theory). Any questions asked after the talk didnt make it to the video, so its unclear if anyone bothered to complain about what had just been done to them.


Ubuntu 18.10 Officially Released "IndyWatch Feed Tech"

It should come as no surprise, but the official release of Ubuntu 18.10 "Cosmic Cuttlefish" is now available with the announcement just hitting the wire...


At Facebook, Public Funds Join Push to Remove Zuckerberg as Chairman "IndyWatch Feed Tech"

Submitted via IRC for Bytram

At Facebook, public funds join push to remove Zuckerberg as chairman

Four major U.S. public funds that hold shares in Facebook Inc on Wednesday proposed removing Chief Executive Officer Mark Zuckerberg as chairman following several high-profile scandals and said they hoped to gain backing from larger asset managers. State treasurers from Illinois, Rhode Island and Pennsylvania, and New York City Comptroller Scott Stringer, co-filed the proposal. They oversee money including pension funds and joined activist and original filer Trillium Asset Management.

A similar shareholder proposal seeking an independent chair was defeated in 2017 at Facebook, where Zuckerberg's majority control makes outsider resolutions effectively symbolic. Rhode Island State Treasurer Seth Magaziner said that the latest proposal was still worth filing as a way of drawing attention to Facebook's problems and how to solve them. "This will allow us to force a conversation at the annual meeting, and from now until then in the court of public opinion," Magaziner said in a telephone interview.

[...] At least three of the four public funds supported the 2017 resolution as well. The current proposal, meant for Facebook's annual shareholder meeting in May 2019, asks the board to create an independent board chair to improve oversight, a common practice at other companies. It cites controversies that have hurt the reputation of the worlds largest social media network, including the unauthorized sharing of user information, the proliferation of fake news, and foreign meddling in U.S. elections.

[...] Zuckerberg has about 60 percent voting rights, according to a company filing in April.

Also at TechCrunch, Tech2, Tech Insider, CNBC, and Fortune.



The End of Moores Law? "IndyWatch Feed Tech"

This video is the second in a multi-part series discussing computing. In this video, well be discussing computing more specifically, Moores Law with the exponential growth of technology due to our ability to pack more and more transistors into integrated circuits and the potential death of Moores Law!

[0:303:50] Starting off well look at, how the integrated circuit has shaped the world due to our ability to pack more and more transistors into them, more specifically, in their usage in computing in the form of microprocessors (CPUs) and other computation related hardware.

[3:507:11] Following that well discuss, how the transistor will continue to shrink onwards from this year, 2017 and the latest innovations that can shrink them even further, such as FinFETs.


Trump Threatens to Use Military to Shut Southern U.S. Border "IndyWatch Feed Tech"

Via: Reuters: U.S. President Donald Trump threatened to deploy the military and close the southern U.S. border on Thursday as more Hondurans and Salvadorans joined thousands of migrants in Guatemala headed north. I must, in the strongest of terms, ask Mexico to stop this onslaught and if unable to do so I will call []


Re: Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Jordan Glover on Oct 18

Original Message

In normal, boring times yes but 9.25 was available just 10 days after 9.24 as urgent security
release and it seems it was still not enough.



PostgreSQL 11 released "IndyWatch Feed Tech"

The PostgreSQL 11 release is out. "PostgreSQL 11 provides users with improvements to overall performance of the database system, with specific enhancements associated with very large databases and high computational workloads. Further, PostgreSQL 11 makes significant improvements to the table partitioning system, adds support for stored procedures capable of transaction management, improves query parallelism and adds parallelized data definition capabilities, and introduces just-in-time (JIT) compilation for accelerating the execution of expressions in queries." See this article for a detailed overview of what is in this release.


Ask Hackaday: Why Arent We Hacking Cellphones? "IndyWatch Feed Tech"

When a project has outgrown using a small microcontroller, almost everyone reaches for a single-board computer with the Raspberry Pi being the poster child. But doing so leaves you stuck with essentially a headless Linux server: a brain in a jar when what you want is a Swiss Army knife.

It would be a lot more fun if it had a screen attached, and of course the market is filled with options on that front. Then theres the issue of designing a human interface: touch screens are all the rage these days, so why not buy a screen with a touch interface too? Audio in and out would be great, as would other random peripherals like accelerometers, WiFi, and maybe even a cellular radio when out of WiFi range. Maybe Bluetooth? Oh heck, lets throw in a video camera and high-powered LED just for fun. Sounds like a Raspberry Pi killer!

And this development platform should be cheap, or better yet, free. Free like any one of the old cell phones that sit piled up in my hack me box in the closet, instead of getting put to work in projects. While I cobble together projects out of Pi Zeros and lame TFT LCD screens, the advanced functionality of these phones sits gathering dust. And Im not alone.

Why is this? Why dont we see a lot more projects based around the use of old cellphones? Theyre abundant, cheap, feature-rich, and powerful. For me, theres two giant hurdles to overcome: the hardware and the software. Im going to run down what I see as the problems with using cell phones as hacker tools, but Id love to be proven wrong. Hence the Ask Hackaday: why dont we see more projects that re-use smartphones?

Hardware Encounters Smartphone

Its absolutely impossible to beat the convenience of simply hooking up some wires to the pins of a robust microcontroller. Ill admit that even today, in this era of low-voltage logic, I like to keep a number of chips on hand that have five-volt tolerant GPIOs. And its super handy to have a microcontroller thatll source 20 mA on a pin (per the datasheet, and maybe more in practice). Its already a tiny hassle to migrate some projects to a Raspberry Pi, where you have to be careful with 3.3 V inputs and a slightly weaker output buffer. But its not that big of a deal: connecting directly to anything that speaks I2C or SPI, or just needs a logic-level signal on a wire, is childs play. Just wire pin to pin, and youre set.

And then I look at my cell phone. Where do I even plug my motor controller into this thing? Theres the audio jack and the USB, and thats it. Im not sticking my Hello World LED into either of those ports and expecting success.



BigID adds consent governance capabilities ahead of CCPA "IndyWatch Feed Tech"

BigID introduced new consent governance capabilities to the BigID platform. The enhancements help organizations correlate consent logs from existing applications with data and people to provide a centralized view of consent without centralizing its collection. Under the EUs General Data Protection Regulation (GDPR), consent is one of the principal bases for lawful processing. The regulation requires organizations to obtain consent from data subjects and provide clear language on what data they collect and how it More

The post BigID adds consent governance capabilities ahead of CCPA appeared first on Help Net Security.


Accused Pirate Cant Escape Liability By Pointing at a Family Member Without Detail "IndyWatch Feed Tech"

More than eight years ago, German citizen Michael Strotzer was the subscriber of an Internet connection from where an audiobook was made available on a peer-to-peer network.

The copyright holder, Germany company Bastei Lbbe AG, was not pleased and demanded that he stop the infringing activity.

This later escalated to a full-blown lawsuit in which the publisher demanded damages. Strotzer, however, denied that he had personally shared the work. While his network was secure, he noted that his parents, who lived at the same address, had access to his network.

The defendant, however, did not provide any further details as to where and when his parents used his connection.

The court initially dismissed the action against Strotzer on the grounds that the copyright infringement could not be directly attributed to him, since his parents could also have shared the audiobook.

In response, Bastei Lbbe filed an appeal with the Regional Court of First Instance in Munich. Here it eventually hit a roadblock.

Strotzer denied that he shared the pirated content. At the same time, German law protects the fundamental right to protection of family life, which means that he didnt have to provide detailed information on other family members.

Faced with this dilemma, the Munich court referred the case to the Court of Justice of the European Union (CJEU) for guidance, which came in today.

Siding in large part with an earlier opinion from EU Advocate General Szpunar, the CJEU ruled that the right to protection of family life doesnt shield Internet subscribers from liability.

The Court considers that a fair balance must be struck between the various fundamental rights, namely the right to an effective remedy and the right to intellectual property, on the one hand, and the right to respect for private and family life, on the other.

There is no such fair balance where almost absolute protection is guaranteed for the family members of the owner of an internet connection, through which copyright infringements were committed by means of file-sharing, the CJEU adds.

The CJEU notes that if a defendant cant be required to provide evidence on which member of the household carried out the infringement, the fundamental rights of copyright holders are at stake.



U.S. Greenhouse Emissions Fell in 2017 as Coal Plants Shut "IndyWatch Feed Tech"

Submitted via IRC for Bytram

U.S. greenhouse emissions fell in 2017 as coal plants shut

Greenhouse gases emissions from the largest U.S. industrial plants fell 2.7 percent in 2017, the Trump administration said, as coal plants shut and as that industry competes with cheap natural gas and solar and wind power that emit less pollution.

The drop was steeper than in 2016 when emissions fell 2 percent, the Environmental Protection Agency (EPA) said.

EPA acting administrator Andrew Wheeler said the data proves that federal regulations are not necessary to drive carbon dioxide reductions.

[...] While Wheeler gave the administration credit for the reductions, which mainly came from the power sector, the numbers also underscore that the administration has not been able to stop the rapid pace of coal plant shutdowns.

[...] Natural gas releases far less carbon dioxide when burned than coal and a domestic abundance of gas has driven a wave of closures of coal plants. In 2017 utilities shut or converted from coal-to-gas nearly 9,000 megawatts (MW) of coal plants.

[...] The trend of U.S. coal plant shutdowns is expected to pick up this year, with power companies expecting to shut 14,000 MW of coal plants in calendar year 2018.

Original Submission

Read more of this story at SoylentNews.


OpenBSD Foundation gets a second Iridium donation from Handshake! "IndyWatch Feed Tech"

Ken Westerback (krw@ when wearing his dev hat) wrote in with some great news:

The OpenBSD Foundation is excited to announce that it has received a second 2018 Iridium level (>$100K) donation from Handshake.

Read more


Packing a Lot Into a Little PCB: Winners of the Square Inch Project "IndyWatch Feed Tech"

It is mind-boggling when you think about the computing power that fits in the palm of your hand these days. It wasnt long ago when air-conditioned rooms with raised floors hosted computers far less powerful that filled the whole area. Miniaturization is certainly the order of the day. Things are getting smaller every day, too. We were so impressed with the minuscule entries from the first Square Inch Project a contest challenging designers to use 1 inch2 of PCB or less that we decided bring it back with the Return of the Square Inch Project. The rules really were simple: build something with a PCB that was a square inch.

Grand Prize

It was hard to pick, but there can only be one grand prize winner. This time around that honor goes to [Danny FR] for a very small smart motor driver for robotics. The little board takes an I2C link to a microcontroller and does PID control with RPM feedback. No need for an H-bridge or any sophisticated control electronics thats all onboard.

The board is a great fit for a motor and makes it easy to build moving projects. That was the grand prize, but there were some other great entries that won in...


A Q&A With Micron Technologys Memory Mastermind "IndyWatch Feed Tech"

Gurtej Sandhu has propelled Moores Law with his innovations, and is now looking at whats beyond

For over fifty years, the exponential shrinking of circuit components on chips predicted by Gordon Moore has allowed all sorts of modern wonders from personal computers and mobile phones to social media and smart cars.

Gurtej Sandhu, a senior fellow and vice president at Micron Technology in Boise, Idaho is behind key innovations that have driven Moores Law forward all these years. And now as the electronics scaling law declines, hes overlooking advanced technologies that can keep accelerating computing. An IEEE Fellow, Sandhu won the 2018 IEEE Andrew S. Grove Award for his contributions to silicon CMOS process technology that have enabled extreme scaling of dynamic random access memory (DRAM) and NAND flash memory. He also holds the seventh-most number of U.S. patents.

Sandhu spurred the development of atomic layer deposition for high-k dielectric films to make DRAM devices. He also invented a semiconductor patterning process called pitch doubling, which drastically shrunk NAND flash memory. His chemical vapor deposition process for metal barrier layers is still used to make DRAM and NAND chips.

Sandhu spoke to us about memory technology developments at Micron and why theres no better time to be a computer engineer.

IEEE Spectrum: What are some key innovations from Micron Technology that have kept Moores Law going all these years?

Sandhu: A lot of the innovations at Micron were in processes and techniques to enable new materials and complex structures. And many of them were quietly adopted in the memory space long before anybody else in the industry had heard of them.

For DRAM, for example, Micron had 3D capacitors. We were working with high-k dielectrics long before they were adopted in logic. We enabled pitch-doubling patterning in 2005, long before others started talking about it. We were using 3D transistors in the early 2000s, long before the 3D FinFET was adopted in logic.

The latest innovation is a technology called 3D XPoint Memory. This is a transistor-less architecture where memory cells sit at the intersection of word lines and bit lines. The memory layers can be stacked. Each cell holds one bit of data, and each can be written or read individually by changing the voltage sent to it. So you dont need transistors. The data can be written and read in small packets, and its...



Single-board computer guide updated: Free software is winning on ARM! "IndyWatch Feed Tech"

In many geeky circles, single-board computers are popular machines. SBCs come in small form factors and generally run GNU/Linux, but unfortunately, many boards like the popular Raspberry Pi are dependent on proprietary software to use. The Free Software Foundation maintains a list of system-on-chip families, sorted by their freedom status.

Unfortunately, this list had not been updated in several years. While it was accurate when it was published, free software is constantly improving. Today, more and more boards are usable with free software. On the graphical side, the Etnaviv project has reached maturity, and the Panfrost project, with which I have been personally involved, has sprung up. The video processing unit on Allwinner chips has been reverse-engineered and liberated by the linux-sunxi community in tandem with Bootlin. Rockchip boards have become viable competitors to their better known counterparts. Even the Raspberry Pi has had a proof-of-concept free firmware replacement developed. Free software is winning on ARM.

Accordingly, I have researched the latest developments in single-board computer freedom, updating the list. The revised list includes much more detail than its predecessors, groups boards by system-on-chip rather than brand name for concision, documents previously-unidentified freedom flaws, and of course describes progress liberating the remaining elements.

The new guide is, I hope, clearer, more comprehensive, and more useful to free software users seeking to purchase a board that respects their freedom.

Check it out!

Alyssa is a former intern at the FSF -- you can read more about her work here.


Facebooks major investors want Mark Zuckerberg to step down as chairman "IndyWatch Feed Tech"

Major Facebook shareholders propose the removal of Mark Zuckerberg as chairman

Several major public investment funds on Wednesday proposed removing Facebook CEO Mark Zuckerberg as the companys chairman of the board. The proposal comes right after the recent data breach that affected 30 million Facebook accounts.

State treasurers from Illinois, Rhode Island and Pennsylvania, and New York City Comptroller Scott Stringer, who oversees money including pension funds co-filed the proposal. They joined a proposal originally filed by the investor, Trillium Asset Management in June that called for Zuckerberg to resign as chairman.

Also Read- Hackers accessed 29 million user accounts, says Facebook

The proposal is largely symbolic since Zuckerberg holds absolute control of the board. The removal demand comes at a time when recent security lapses at the social networking giant have raised questions over the companys leadership.

We need Facebooks insular boardroom to make a serious commitment to addressing real risks reputational, regulatory, and the risk to our democracy that impact the company, its share owners, and ultimately the hard-earned pensions of thousands of New York City workers, New York City Comptroller Scott Stringer said in a statement.

An independent board chair is essential to moving Facebook forward from this mess, and to reestablish trust with Americans and investors alike, Stringer said.

The proposal by the investors calls for a separation of the roles of CEO and the Chairman, that is currently held by Zuckerberg. They argue that separating Facebooks chairman and CEO roles is in the best interest of shareholders, employees, users, and our democracy.

Considering Zuckerbergs outsized influence on the company, the proposal is likely to go in vain. A similar shareholder proposal looking for an independent chair had gone down in 2017 at Facebook. Zuckerberg holds a majority of supervoting shares and controls 59.9 percent of the companys voting power.

While Facebook declined to comment, it quoted its response to the prior proposal in which it said that it did not believe an independent chairman would provide appreciably better direction and performance, and instead could cause uncertainty, confusion, and inefficiency in board and management function and relations.

The post Facebooks major investors want Mark Zuckerberg to step down as chairman appeared first on TechWorm.


KPN Ventures provides growth capital to CUJO AI "IndyWatch Feed Tech"

CUJO AI announces an investment from KPN Ventures, the venture capital investment arm of KPN. The capital provided is part of a series B investment round to fuel international growth. CUJO AI will use the capital to accelerate growth in building and expanding new AI-driven services for network operators. With this investment, CUJO AI will continue to evolve AI-powered technology and to meet growing international demand. The company is actively working with several network operators. More

The post KPN Ventures provides growth capital to CUJO AI appeared first on Help Net Security.


How Solar-Powered, Mobile Water Purifiers Can Help Cities Cope With Bad Water "IndyWatch Feed Tech"

Quench Water & Solar is selling its solar-powered water purifiers to private owners as U.S. cities wrestle with clean drinking water issues

When WorldWater and Solar Technologies deploys its mobile water purifiersarrays of solar panels, batteries, and high-pressure pumpsthe machines usually wind up in natural disaster zones, off-grid villages, or military operations around the world.

Now the company is expanding within the United States, where cities are grappling with contaminated water supplies and dwindling freshwater reserves. Quench Water & Solar lets entrepreneurs sell cleanand ideally cheapdrinking water to their neighbors, local businesses, and at large events like festivals, where plastic water bottles pour down like rain.

The water infrastructure throughout most of the U.S., and certainly way beyond, is very old...and municipalities dont have the wherewithal or the resources to be able to address these things, says David Hammes, president of Quench and vice president of international development at WorldWater. We see this as an opportunity to take our technology and really benefit people that are subject to contaminated water.

The mobile systems range from the size of golf carts to food trucks, depending on their desired output. Solar panels lay on top, generating electricity that charges the GEL-sealed, lead-acid batteries, which in turn run the motor that pumps water through filters. Clean water pours out a hose and, depending on the filtration process, contaminants flow out a discharge stream or remain in mechanical membranes. Internet-connected monitors remotely display the systems water quality, output, and equipment performance.

"We can deploy it anywhere and literally take contaminated, poisoned water and turn it into drinking water in minutes," Hammes says.

If water comes from ponds, lakes, or municipal taps, it passes through four filters to remove microbes, sediment, and other contaminants. An ultraviolet light then sterilizes the filtered water. Brackish or seawater undergo reverse osmosis, in which water is forced through a thick membrane that blocks sodium and chloride ions and lets freshwater pass. The process uses a substantial amount of energy, so those units require more solar panels and batteries and cost thousands of dollars more.

Lead-tainted water also requires reverse osmosis, because of the metals low molecular wei...


[$] Making the GPL more scary "IndyWatch Feed Tech"

For some years now, one has not had to look far to find articles proclaiming the demise of the GNU General Public License. That license, we are told, is too frightening for many businesses, which prefer to use software under the far weaker permissive class of license. But there is a business model that is based on the allegedly scary nature of the GPL, and there are those who would like to make it more lucrative; the only problem is that the GPL isn't quite scary enough yet.


Dr. James Peyer A Portfolio Approach To Longevity "IndyWatch Feed Tech"

Earlier this year, we hosted the Ending Age-Related Diseases 2018 conference at the Cooper Union in New York City. This conference was designed to bring together the best in the aging research and biotech investment worlds and saw a range of industry experts sharing their insights.

Dr. James Peyer is the founder and Managing Partner of Apollo Ventures, an early-stage life science investor and company builder that focuses on breakthrough technologies for treating age-related diseases.

He discusses the strategic paths to bringing longevity-promoting therapeutics to market as quickly as possible, with a particular focus on engaging pharmaceutical companies via disease-focused, proof-of-concept trials.


Explore the Worlds Coolest Robots, All in One Place "IndyWatch Feed Tech"

New IEEE site features 200 robots from 19 countries with hundreds of photos, videos, and interactives to get people excited about robotics and STEM

Were launching today a new massive guide to all things robotic, with over 820 photos, 680 videos, and 40 interactives. Its a fun site designed for robot enthusiasts of all ages and backgrounds. You should go check it out right now. Seriously, stop reading this and go to


Hey youre back! Found some cool robots? Clicked on any creepy ones? We really hope there was something that captured your interest. A major goal of the ROBOTS sitewhich is an expansion of our Robots App from a few years backis being a resource for anyone interested in robotics, no matter if youre a beginner or a robot legend.

It is great to see all those robots, photos and videos, organized in one place, says Marc Raibert, CEO of Boston Dynamics and a robot legend. A good way to keep track of what is going on.

Boston Dynamics Atlas robot Screenshot: IEEE Spectrum Robot profiles, like this one for Boston Dynamics Atlas humanoid, include a photo and video gallery plus ratings, interesting tidbits, and technical specs.

This is the repository that future generations of humans and robots will look back upon with nostalgia, says Rodney Brooks, MIT emeritus professor and cofounder of iRobot and Rethink Robotics, and a robot legend, too.

Brooks argues that weve just entered the Cambrian explosion period of robot history, when the number and variety of robots will expand to something beyond our wildest dreams.

Well try to keep up. The site today has 192 robots, and our plan is to add every major robotics projectcommercial, research, startupson the planet. Our country count right now is 19 (hello Luxembourg, we just added one of your robots!), which we think is a bit low, so if you have a robot from a place currently not on the site, let us know!

Were also excited to b...


Re: Travis CI MITM RCE "IndyWatch Feed Tech"

Posted by Jakub Wilk on Oct 18

* zugtprgfwprz () spornkuller de, 2018-08-31, 22:25:

Nitpicking, but for an ideal n-bit hash function, on avergage you need
2 (not 2) evalutations of the function to find the preimage.


Mechatronic Hand Mimics Human Anatomy to Achieve Dexterity "IndyWatch Feed Tech"

Behold the wondrous complexity of the human hand. Twenty-seven bones working in concert with muscles, tendons, and ligaments extending up the forearm to produce a range of motions that gave us everything from stone tools to symphonies. Our hands are what we use to interface with the physical world on a fine level, and its understandable that wed want mechanical versions of ourselves to include hands that were similarly dexterous.

Thats a tall order to fill, but this biomimetic mechatronic hand is a pretty impressive step in that direction. Its [Will Cogley]s third-year university design project, which he summarizes in the first video below. There are two parts to this project; the mechanical hand itself and the motion-capture glove to control it, both of which we find equally fascinating. The control glove is covered with 3D-printed sensors for each joint in the hand. He uses SMD potentiometers to measure joint angles, with some difficulty due to breakage of the solder joints; perhaps he could solve that with finer wires and better strain relief.

The hand that the glove controls is a marvel of design, like something on the end of a Hollywood androids arm. Each finger joint is operated by a servo in the forearm pulling on cables; the joints are returned to the neutral position by springs. The hand is capable of multiple grip styles and responds fairly well to the control glove inputs, although there is some jitter in the sensors for some joints.

The second video below gives a much more detailed overview of the project and shows how [Will]s design has evolved and where its going. Anthropomorphic hands are far from rare projects hereabouts, but wed say this one has a lot going for it.

Thanks again, [Baldpower].


How Political Campaigns Weaponize Social Media Bots "IndyWatch Feed Tech"

Analysis of computational propaganda in the 2016 U.S. presidential election reveals the reach of bots

opening illustration Illustration: Jude Buffum

In the summer of 2017, a group of young political activists in the United Kingdom figured out how to use the popular dating app Tinder to attract new supporters. They understood how Tinders social networking platform worked, how its users tended to use the app, and how its algorithms distributed content, and so they built a bot to automate flirty exchanges with real people. Over time, those flirty conversations would turn to politicsand to the strengths of the U.K.s Labour Party.

To send its messages, the bot would take over a Tinder profile owned by a Labour-friendly user whod agreed to the temporary repurposing of his or her account. Eventually, the bot sent somewhere between 30,000 and 40,000 messages, targeting 18- to 25-year-olds in constituencies where the Labour candidates were running in tight races. Its impossible to know precisely how many votes are won through social media campaigns, but in several targeted districts, the Labour Party did prevail by just a few votes. In celebrating their victory, campaigners took to Twitter to thank their teamwith a special nod to the Tinder election bot.

How a Political Social Media Bot Works

Illustration: Jude Buffum

1. The bot automatically sets up an account on a social media platform. 2. The bots account may appear to be that of an actual person, with personal details and even family photos. 3. The bot crawls through content on the site, scanning for posts and commen...


Re: Using quilt on untrusted RPM spec files "IndyWatch Feed Tech"

Posted by Jakub Wilk on Oct 18

* Randy Barlow , 2018-09-27, 22:39:

Quilt is a tool to manage patch series, so maybe not that similar. :-)

If it's really just chroot, then I'm afraid that's not a sufficient
protection. One can easily escape the chroot with ptrace(2).


Understanding Linux Links: Part 1 "IndyWatch Feed Tech"

Understanding Linux Links: Part 1


Puppeteer Caroll Spinney Announces Retirement from Sesame Street "IndyWatch Feed Tech"

Puppeteer Caroll Spinney today announced that he is stepping down from the roles of Big Bird and Oscar the Grouch, which he has performed on Sesame Street since its 1969 premiere.

"Big Bird brought me so many places, opened my mind and nurtured my soul," said Spinney. "And I plan to be an ambassador for Sesame Workshop for many years to come. After all, we're a family! But now it's time for two performers that I have worked with and respected and actually hand-picked for the guardianship of Big Bird and Oscar the Grouch to take my alter-egos into their hands and continue to give them life."

Original Submission

Read more of this story at SoylentNews.


Stable kernels 4.18.15, 4.14.77, and 4.9.134 "IndyWatch Feed Tech"

Greg Kroah-Hartman has announced the release of the 4.18.15, 4.14.77, and 4.9.134 stable kernels. As usual, there are important fixes throughout the tree and users should upgrade.


Take Our Cloud Providers Survey and Enter to Win a Maker Kit "IndyWatch Feed Tech"

Todays most dynamic and innovative FOSS projects boast significant  involvement by well-known cloud service and solution providers. We are launching a survey to better understand the perception of these solution providers by people engaging in open source communities.

Visible participation and application of corporate resources has been one of the key drivers of the success of open source software. However, some companies still face challenges:


Facebook believes hack was carried out by spammers: report "IndyWatch Feed Tech"

Facebook believes that the hack it discovered last month that affected nearly 30 million users was not conducted by a foreign state but rather spammers hoping to profit off deceptive advertising, according to The Wall Street Journal.The Journal,...


Security updates for Thursday "IndyWatch Feed Tech"

Security updates have been issued by Arch Linux (chromium, libssh, and net-snmp), Debian (libssh and xen), Fedora (audiofile), openSUSE (axis, GraphicsMagick, ImageMagick, kernel, libssh, samba, and texlive), Oracle (java-1.8.0-openjdk), Red Hat (java-1.8.0-openjdk, rh-nodejs6-nodejs, and rh-nodejs8-nodejs), SUSE (binutils and fuse), and Ubuntu (paramiko).


BSD Release: OpenBSD 6.4 "IndyWatch Feed Tech"

OpenBSD is a security-focused operating system with a design that emphasises correct code and accurate documentation. The project has released OpenBSD 6.4 which includes many driver improvements, a feature which allows OpenSSH's configuration files to use service names instead of port numbers, and the Clang compiler will now....


ILLIAC was HAL 9000s Granddaddy "IndyWatch Feed Tech"

Science fiction is usually couched in fact, and its fun to look at an iconic computer like HAL 9000 and trace the origins of this artificial intelligence gone wrong. You might be surprised to find that you can trace HALs origins to a computer built for the US Army in 1952.

If you are a fan of the novel and movie 2001: A Space Oddessy, you may recall that the HAL 9000 computer was born in Urbana, Illinois. Why pick such an odd location? Urbana is hardly a household name unless you know the Chicago area well. But Urbana has a place in real-life computer history. As the home of the University of Illinois at UrbanaChampaign, Urbana was known for producing a line of computers known as ILLIAC, several of which had historical significance. In particular, the ILLIAC IV was a dream of a supercomputer that while not entirely successful pointed the way for later supercomputers. Sometimes you learn more from failure than you do successes and at least one of the ILLIAC series is the poster child for that.

The Urbana story starts in the early 1950s. This was a time when the 1945 book First Draft of a Report on the EDVAC was sweeping through the country from its Princeton origins. This book outlined the design and construction of the Army computer that succeeded ENIAC. In it, Von Neumann proposed changes to EDVAC that would make it a stored program computer that is, a computer that treats data and instructions the same.



OpenBSD 6.4 Released "IndyWatch Feed Tech"

The release of OpenBSD 6.4 has been announced:

We are pleased to announce the official release of OpenBSD 6.4.
This is our 45th release.  We remain proud of OpenBSD's record of more
than twenty years with only two remote holes in the default install.

Rather than reproducing the full list of new features here, we refer readers to the official OpenBSD 6.4 page.

Selected highlights include:

  • Support has been added for qcow2 images and external snapshots in vmm(4)/vmd(8).
  • "join" has been added for Wi-Fi networks.
  • Security enhancements include unveil(2), MAP_STACK, and RETGUARD. Meltdown/Spectre mitigations have been extended further, and SMT is disabled by default.
  • rad(8) has replaced rtadvd(8).
  • bgpd(8) has undergone numerous improvements, including the addition of support for BGP Origin Validation (RFC 6811).
  • smtpd.conf(5) uses a new, more flexible grammar.
  • For the first time, there are more than 10,000 (binary) packages (for amd64 and i386).

Readers are encouraged to show their appreciation in the conventional manner.


Cosmologist Martin Rees gives humanity a 5050 chance of surviving the 21st century "IndyWatch Feed Tech"

In the medieval period, life was miserable and there wasnt anything people could do to improve it. Today, the gap between the way the world is and the way it could be is enormous.

But hes still an optimist.


PostgreSQL 11.0 Released With Better Robustness, Performance Improvements "IndyWatch Feed Tech"

Besides Ubuntu 18.10 releasing today, another cause for celebration today is the official debut of the PostgreSQL 11 database server...


Google will start charging licensing fee for its Android apps in Europe "IndyWatch Feed Tech"

Google to charge device makers in Europe for Android apps in response to EU fine

Google will start charging a licensing fee for Android device makers who want to pre-install apps like Gmail, Google Maps and YouTube on handsets sold in Europe. The announcement made by Google comes in response to a record $5 billion EU antitrust fine.

For those unaware, the EU Commission in July this year had imposed on Google a record $5 billion (4.34 billion euros) fine for illegally abusing the dominance of its Android operating system. Back then, EU said that the U.S. tech giant has been unlawfully using Androids near-monopoly since 2011 to improve usage of its own search engine and browser and to strengthen its dominant position in general Internet search.

Google argued that Android has created more choice, not less. It also said that pre-installation of Google Search and Chrome together with other apps helped it fund the development and free distribution of Android. Hence, earlier this month, Google challenged the $5 billion fine imposed by EU antitrust regulators and filed an appeal at the General Court of the European Union.

While the appeal is still pending, Google is working on to comply with EUs decision. The search giant will change how it bundles its apps on Android phones and also end restrictions on phone makers selling modified or forked versions of the mobile operating system.

First, were updating the compatibility agreements with mobile device makers that set out how Android is used to develop smartphones and tablets. Going forward, Android partners wishing to distribute Google apps may also build non-compatible, or forked, smartphones and tablets for the European Economic Area (EEA), said the company in a blog post.

Second, device manufacturers will be able to license the Google mobile application suite separately from the Google Search App or the Chrome browser. Since the pre-installation of Google Search and Chrome together with our other apps helped us fund the development and free distribution of Android, we will introduce a new paid licensing agreement for smartphones and tablets shipped into the EEA. Android will remain free and open source.

Third, we will offer separate licenses to the Google Search app and to Chrome.

The company also added, Well also offer new commercial agreements to partners for the non-exclusive pre-installation and placement of Google Search and Chrome. As before, competing apps may be pre-installed alongside ours.

The new licensing options...


Taking a Back Seat "IndyWatch Feed Tech"

Some of you will recall that I recently underwent several bouts of surgery and, despite your welcome comments and good wishes, your best guesses that I was having a sex change, having my breasts enhanced in either size or number, or receiving some fairly radical treatment for hemorrhoids, were all fairly wide of the mark. The surgery is now long past and I have made a reasonable recovery for someone of my age. But I do wish to thank you all for your comments because, almost without exception, they raised a smile when things were not going too well for me.

My wife suffers from a severe medical condition and I have been her full-time carer for over a decade now. Although I wish she had never developed the condition, I expend great effort, and also receive considerable personal satisfaction, in providing many hours of care each day so that she can remain in our home and we can continue our lives to the fullest extent possible. However, she has recently suffered from a deterioration in her condition. This was not unexpected but no-one could say when the next problems would affect her. But the result is that I now have to provide more support to her and my free time is reduced.

I joined this site at its inception and have enjoyed every minute of my time here. But I cannot dedicate the time that role of Editor-in-Chief (E-in-C) deserves and, several weeks ago, I made the difficult decision to stand down from the post. (I can hear the cheering from some in our community even here in France!) The fact that most of you will not have noticed any of this means that the transition has been successful. The entire editorial team (which is nowhere near as large as that phrase makes it sound!) has stepped up to the plate and has maintained the output as it was before, ably led by Martyb who has assumed the role as E-in-C in addition to his numerous other roles on this site. I am grateful to them for their efforts and support both during my time as E-in-C and more recently in their work in editing the stories that we read each day. Thanks guys, you do a tremendous job with relatively little recognition. I've asked the powers-that-be to increase your salaries by an appropriate percentage.[*] I am also grateful to the other folk who do so much in the background keeping this site on-line. You have all become good friends although we could be standing next to each other and wouldn't know it.

Equally important to the site's success are you - the community. You provide the submissions, the comments, the funding, and you are the reason that we have a site at all. I thank each and every one of you for your contribution; from the regular submitters, the ACs, the 'characters', and those of you who just visit to read the stories that we publish. If I have offended anyone then I apologise but being E-in-C has been likened to herding cats in the dark: an almost impossible task and one in which you...


How To Unblock Torrent Sites "IndyWatch Feed Tech"

Pirated content and the Torrent websites that redistribute this content have always been on the radar of copyright holders. Many Government organizations and ISPs have completely blocked users access to torrent websites. Consequently, it becomes very difficult for users to unblock torrent sites and access them.

There can be numerous reasons if a torrent website is not working in your region or country. One of the primary reason behind the unavailability of torrent sites is the blockage of these major websites by your ISP or government. So heres how to unblock torrent websites and access them.

NOTE: Techworm does not condone using torrents to illegally obtain content. Using the following methods to access torrent websites for illegal purposes is done entirely at your own risk. Techworm takes no responsibility for any legal problems you encounter.

ALSO READ: Best Torrent Sites- 2018

4 Ways To Unblock Torrent Sites

1. Connect To A Different Internet Network To Unblock Torrents

A majority of offices and universities block access to torrent and other websites for downloading pirated content. Well, a simple method to unblock torrent sites on these WiFi networks is by connecting to a different WiFi network.

You can access a torrent by tethering the internet from your smartphone and later connecting back to the University website to continue downloads. Moreover, you can use this same process for accessing blocked websites. This method will work fine until and unless the organizations WiFi network has some adept Firewall security.

2. Use A Free Or Paid VPN Service To Unblock Torrents

Next easy method to unblock torrent sites is using a VPN or virtual private network. A VPN helps you to access the internet from a different region where a particular torrent website is not blocked. You can check out our list of the 5 Best VPNs for torrenting in 2018.


A majority of free VPN services gets the job done. That said, you can still invest in a paid VPN service if you prefer a highly secure and encrypted VPN.



Group-IB: 14 cyber attacks on crypto exchanges resulted in a loss of $882 million "IndyWatch Feed Tech"

Group-IB has estimated that crypto exchanges suffered a total loss of $882 million due to targeted attacks between 2017 and 2018.

Group-IB, an international company that specializes in preventing cyber attacks,has estimated that cryptocurrency exchanges suffered a total loss of $882 million due to targeted attacks in 2017 and in the first three quarters of 2018. According to Group-IB experts, at least 14 crypto exchanges were hacked. Five attacks have been linked to North Korean hackers from Lazarus state-sponsored group, including the infamous attack on Japanese crypto exchange Coincheck, when $534million in crypto was stolen.

This data was included in the annual Hi-Tech Crime Trends 2018 report, presented by Group-IB CTO, Dmitry Volkov, at the sixth international CyberrimeCon conference. A separate report chapter is dedicated to the analysis of hackers and fraudsters activity in crypto industry.

Crypto exchanges: in the footsteps of Lazarus 

In most cases, cybercriminals, while attacking cryptocurrency exchanges, use traditional tools and methods, such as spear phishing, social engineering, distribution of malware, and website defacement. One successful attack could bring hackers tens of millions of dollars in crypto funds, whilst reducing the risks of being caught to a minimum:  the anonymity of transactions allows cybercriminals to withdraw stolen funds without putting themselves at greater risk.

Spear phishing remains the major vector of attack on corporate networks. For instance, fraudsters deliver malware under the cover of CV spam: they send an email containing a fake CV with the subject line Engineering Manager for Crypto Currency job or the file Investment Proposal.doc in attachment, that has a malware embedded in the document.

In the last year and a half, the North-Korean state-sponsored Lazarus group attacked at least five cryptocurrency exchanges: Yapizon, Coins, YouBit, Bithumb, Coinckeck. After the local network is successfully compromised, the hackers browse the local n...


Re: Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Tavis Ormandy on Oct 18

On Thu, Oct 18, 2018 at 3:51 AM Jordan Glover

AFAIK upstream only makes quarterly releases, so I think you need to



Its Almost 2019 and Team UPC is Still Pretending Unitary Patent (UPC) Exists, Merely Waiting for Britain to Join "IndyWatch Feed Tech"

Amplifying those two lies (twisting facts) still

Female gymnast

Summary: Refusing to accept that the Unified Patent Court Agreement (UPCA) has reached its death or is at a dead end, UPC proponents i.e. lawyers looking to profit from frivolous litigation resort to outright lies and gymnastics in logic/intellectual gymnastics

EUROPEAN patent courts dont quite tolerate software patents in Europe. National courts have pretty clear laws (excepting or excluding abstract things), so the Antnio Campinos-run EPO hopes to bypass/replace these courts with UPC, which rumours say Battistelli still wants to manage. IAM keeps him in the loop, as does CEIPI.

Earlier this week Womble Bond Dickinson LLPs Patrick Cantrill, Rose Smalley and Tim Barber spoke about UPC. They clarify that everything is conditional although they stop short of saying its dead. To quote:

The current membership of the EPO numbers 38 countries, i.e. a far greater number than the current 28 Member States of the EU. Therefore, as far as the EPO, EPC and UK patent profession are concerned, it is business as usual. To put into context this continuation of the UK in the operations of the EPC and the EPO, it may be recalled that UK patent attorneys comprise one-fifth of the total number of professionals across the EPO signatory states, and they handle one-third of all of the European patent (EP) applications. Moreover, of the 40,000 EPs filed last year by UK patent attorneys, 90% originated from outside the UK. Consequently, the prosecution of EP applications, whether at the EPO or through the Patent Cooperation Treaty, will not change. New and pending applications will continue to designate the UK and as before, at the grant stage, the applicant will...


Re: Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Jordan Glover on Oct 18

Original Message

Do you know if upstream is going to make new release soon or distros should take the
pain and backport all of those themselves?


RAT author jailed for 30 months, ordered to hand over $725k worth of Bitcoin "IndyWatch Feed Tech"

A US court has sentenced a programmer to 30 months in a federal prison in connection with software that claimed to be a legitimate tool for Windows sysadmins to remotely manage computers, but was actually used by criminals to backdoor PCs and secretly spy on victims.

Read more in my article on the Tripwire State of Security blog.


Trivial Authentication Bypass in Libssh Leaves Servers Wide Open "IndyWatch Feed Tech"

Submitted via IRC for Bytram

Trivial authentication bypass in libssh leaves servers wide open

Theres a four-year-old bug in the Secure Shell implementation known as libssh that makes it trivial for just about anyone to gain unfettered administrative control of a vulnerable server. While the authentication-bypass flaw represents a major security hole that should be patched immediately, it wasnt immediately clear what sites or devices were vulnerable since neither the widely used OpenSSH nor Githubs implementation of libssh was affected.

[...] only vulnerable versions of libssh running in server mode are vulnerable, while the client mode is unaffected. Peter Winter-Smith, a researcher at security firm NCC who discovered the bug and privately reported it to libssh developers, told Ars the vulnerability is the result of libssh using the same machine state to authenticate clients and servers. Because exploits involve behavior thats safe in the client but unsafe in the server context, only servers are affected.

Read more of this story at SoylentNews.


Vulnerable controllers could allow attackers to manipulate marine diesel engines "IndyWatch Feed Tech"

Researchers have found several authentication and encryption vulnerabilities in the firmware of marine diesel engine controllers by Norwegian company Auto-Maskin, as well as the accompanying Android app. These security flaws could be exploited by attackers to change the firmware and configuration files, install malware, and perform actions that effectively allow them to take control of a vessels engines. The vulnerabilities The four vulnerabilities were unearthed by infosec researchers Brian Satira and Brian Olson, who share More

The post Vulnerable controllers could allow attackers to manipulate marine diesel engines appeared first on Help Net Security.


Ubuntu 18.10 Is A Nice Upgrade For Radeon Gamers, Especially For Steam VR "IndyWatch Feed Tech"

Among the changes to find in Ubuntu 18.10 are the latest stable Linux kernel as well as a significant Mesa upgrade and also the latest X.Org Server. These component upgrades make for a better Linux gaming experience particularly if using a modern AMD Radeon graphics card. Here are some results as well as whether it's worthwhile switching to Linux 4.19 and Mesa 18.3-dev currently on Ubuntu 18.10.


IAM and IP Kat Are Still Megaphones of Battistelli and His Agenda "IndyWatch Feed Tech"

(The new IP Kat (after Merpel 'died'), the one which deletes comments about Battistelli and Antnio Campinos)

Battistelli revisionism

Summary: IAM reaffirms its commitment to corrupt Battistelli and IP Kat maintains its stance, which is basically not caring at all about EPO corruption (to the point of actively deleting blog comments that mention such corruption, i.e. sanitising facts)

THE EPO said goodbye and good riddance to Battistelli almost 4 months ago. He has since then maintained a low profile except when French media approached him as he may be criminally liable but immune nonetheless.

Joff Wild of IAM, where the corrupt Battistelli writes on occasions (promoting software patents in Europe), is still whitewashing this man. This is the man IAM does revisionism for even in October. See the screenshot above.

Curiously enough, not only was the above behind paywall (which makes it harder for Battistellis critics to assess). It only appeared in searches more than a fortnight late. Why?

On the same day (Tuesday) Annsley Merelle Ward (Bristows LLP), who dominated IP Kat last year, returned for a change to carry on cheering for patent trolls in the UK. One of the key issues on appeal from Mr Justice Birss decision, she said, is basically whether companies can use their proxy patent trolls to shake down the competition....


Popup Notification Dinosaur "IndyWatch Feed Tech"

Theres a lot going on our virtual spaces, and anyone with a smart phone can attest to this fact. There are pop-up notifications for everything you can imagine, and sometimes its possible for the one really important notification to get lost in a sea of minutiae. To really make sure you dont miss that one important notification, you can offload that task to your own personal dinosaur.

The 3D-printed dinosaur has a rack-and-pinion gear set that allows it to extend upwards when commanded. It also has a set of LEDs for eyes that turn on when it pops up. The two servos and LEDs are controlled by a small Arduino in the base of the dinosaur. This Arduino can be programmed to activate the dinosaur whenver you like, for an email from a specific person, a reply to a comment on Reddit, or an incoming phone call to name a few examples. Be sure to check out the video below the break.

With this dinosaur on your desk, its not likely youll miss its activation. If youd like something that has the same function but with less movement and more lights, theres also a notification 3D cube made out of LEDs thats sure to catch your eye as well.


Think Global: How to Overcome Cultural Communication Challenges "IndyWatch Feed Tech"

In today's workplace, our colleagues may not be located in the same office, city, or even country. A growing number of tech companies have a global workforce comprised of employees with varied experiences and perspectives. This diversity allows companies to compete in the rapidly evolving technological environment.


India gets its first cryptocurrency ATM in Bengaluru "IndyWatch Feed Tech"

Crypto Exchange Unocoin Launches Its First Cryptocurrency ATM In India

Unocoin, the oldest crypto exchange, and blockchain company in India, officially launched its first cryptocurrency ATM in Bengalurus Kemp Fort Mall on October 14, 2018. The decision to open the ATM is to circumvent the ban imposed by Indias central bank, the Reserve Bank of India (RBI), that prevents the banks from doing any transaction involving cryptocurrencies.

The ATMs installed by Unocoin does not require any banking partnerships and are stand-alone machines that can accept and dispense cash.

We at Unocoin have always believed in serving our customers with the best of their interest and with the most secure services. Since December 2013, our team has been serving the Indian bitcoin and blockchain community by continuously innovating and making ways for a smoother and wider experience, the company said in a post on its official website.

The company has plans to expand the network by opening more ATMs in Mumbai and Delhi in a couple of weeks.

Sathvik Vishwanath, co-founder, and CEO of Unocoin, revealed to on Sunday: The 1st ATM will be operational in Bangalore tomorrow. In the first phase we plan to deploy 30 machines, the first one is in Bangalore followed by Mumbai and New Delhi in the upcoming week.

The ATM is meant exclusively for Unocoin and Unodax (crypto-to-crypto trading platform) customers, who can use it to deposit or withdraw Indian currency from the ATM. This can later be used by customers to buy cryptocurrencies (such as Bitcoin, Ethereum, or other crypto coins) from Unocoins website or mobile app.

In accordance with RBI ATM rules, the company has imposed daily limits transactions. The companys post explains, Users are subject to some limits on deposit and withdrawals per transaction and per day subject to cash handling restrictions in India. The minimum amount for deposit and withdraw is 1000 INR and must be in multiples of 500 INR.

Vishwanath emphasized, All coins on Unocoin and Unodax can be bought using the money deposited through ATM machines. We presently have 30 coins that can be bought.

Solution to RBI Crypto Banking Ban

In April this year, RBI had issued a circular that bans financial institutions under its control from providing services to crypto businesses. The ban went into effect in July that saw all crypto exchanges in India lose their ability to provide rupee deposit and withdrawal services. The biggest example is Zebpay, the largest Indian crypto exchange, who had to recently close their cryptocurrency exchange...


The EPO Under Antnio Campinos Relaxes the Rules on Software Patenting and the Litigation Industry Loves That "IndyWatch Feed Tech"

Easier to tax coders, whose projects will be undermined or never come to fruition in the first place (due to fear of lawsuits)

EPO white flag

Summary: EPO management, which is nontechnical, found new terms by which to refer to software patents terms that even the marketing departments can endorse (having propped them up); they just call it all AI, augmented intelligence and so on

THE EPO seems eager to handicap Europes software industry. What does it care anyway? All it wants to do is grant as many patents as possible and get a pat on the back from litigators. Antnio Campinos has taken this lunacy to new levels as the EPO under his leadership constantly promotes software patents in Europe. It does so not only every day but several times per day. Campinos recently saw the need to write a blog post about it.

now that nontechnical people (promoted based on loyalties rather than merit) run the EPO theyre more easily swayed by law firms and marketing departments, not scientists.Not everyone is upset about this abomination. Some people make a living not from creation but from destruction; put another way, they sue things out of existence. Like patent trolls do

Patent law firms, unlike patent trolls, win irrespective of the courts outcomes. It doesnt matter if European Patents are nowadays presumed invalid; all that matters is that lawyers are needed

We recently wrote about the leveraging of "AI" as a byword or surrogate for software patents. Philip Naylor (Carpmaels & Ransford LLP) took note of that too; writing in IAM, the EPOs propaganda rag, Naylor said this:

The EPO has updated its official guidelines to include a specific section on how th...


Panasonic Shows Off Blinders for Humans "IndyWatch Feed Tech"

There's nothing dystopian at all about these high-tech blinkers for humans

Ever feel like you're having too much fun in the office? Like your boss just isn't getting enough value out of your life? Fear not: Panasonic has designed a pair of high-tech blinkers* that block out your peripheral vision to help you concentrate on the job at hand.

The concept is called Wear Space, which consists of a lightweight, wraparound fabric screen that conceals a pair of Bluetooth headphones. The screen cuts your horizontal field of view by around 60 percent, while the headphones come with a built-in noise-canceling feature that can pipe in music of your choice. It charges over USB and has a battery life of 20 hours.

[...] *Also known as blinders. The metaphor we're going for here is the equipment used to restrict a horse's vision, so we're using the correct terminology, as recommended by the Kentucky Derby.

See also: Open offices have driven Panasonic to make horse blinders for humans

Original Submission

Read more of this story at SoylentNews.


Elon Musk says Teslaquila is coming soon as Tesla files trademark "IndyWatch Feed Tech"

Billionaire tweets visual approximation of bottle as company applies to use the name for tequila branded after the electric cars.


RELPOLINES: A New Spectre V2 Approach To Lower Overhead Of Retpolines "IndyWatch Feed Tech"

Nadav Amit of VMware has announced their (currently experimental) work on "dynamic indirect call promotion" or what they have dubbed "RELPOLINES" -- not to be confused with the traditional Retpolines for "return trampolines" as one of the Spectre Variant Two software-based mitigation approaches. Relpolines is designed to have lower overhead than Retpolines...


The data revolution: privacy, politics and predictive policing | The Economist "IndyWatch Feed Tech"

Ms. Powell does not have any easy or obvious ideas for how to address techs monoculture. She thinks of her book as starting a conversation. But any solution, she said, will involve a fundamental, bottoms-up cultural change and one that we should not expect to see overnight.

In a satirical new novel, a former Google executive identifies the technology industrys chief issue: its narrow engineering-focused bubble.


American tech giants are making life tough for startups "IndyWatch Feed Tech"

The behemoths annual conferences, held to announce new tools, features, and acquisitions, always send shock waves of fear through entrepreneurs, says Mike Driscoll, a partner at Data Collective, an investment firm. Venture capitalists attend to see which of their companies are going to get killed next. But anxiety about the tech giants on the part of startups and their investors goes much deeper than such events. Venture capitalists, such as Albert Wenger of Union Square Ventures, who was an early investor in Twitter, now talk of a kill-zone around the giants. Once a young firm enters, it can be extremely difficult to survive. Tech giants try to squash startups by copying them, or they pay to scoop them up early to eliminate a threat.

Big, rich and paranoid, they have reams of data to help them spot and buy young firms that might challenge them.


Ways to Insert Degree Symbol in MS Word 2018 "IndyWatch Feed Tech"

MS Word is indeed a very popular and important program launched by Microsoft Corporation. Its basically a word processing software which lets you create all types of documents such as letters, newsletters, worksheets and much more. It also allows you to style the documents by putting images, colorful fonts, charts, and symbols etc. But what if the symbol you need in your word document is actually not present on your keyboard?. Will you be able to add it?. The answer is yes, especially by the use of MS Word. In this case, we will be providing you with the 3 Ways to Insert Degree Symbol in MS Word 2018 version.

What does a degree symbol denote?

Well, a degree symbol is mainly used to denote the temperature in the form of Celsius and Fahrenheit. The symbol consists of a small raised circle, historically a zero glyph. In Unicode, it is encoded at U+00B0 degree sign.

Ways to Insert Degree Symbol in Word

1. Use of Symbol Menu in the MS Word

degree symbol

As you can judge by the title name itself, its one of the easiest methods you can use to insert a degree symbol in your word document.

All you need is to navigate towards the symbol menu option and follow the steps which are mentioned below:

  1. First of all, select the Insert tab and navigate towards the right section of the screen. There you will see the Symbols section. Click on it and you will be able to see a drop-down list of most common and recently used symbols.
  2. degree symbolIf you want to see more symbols then simply click on the More symbols option just below the recently use symbols. There you will find lots of symbols and you can easily locate the degree symbol you want to use in the word document (check the blue mark in the above image, its a degree symbol we already selected).
  3. Move the cursor towards the point where you want to insert the degree symbol, then click the Insert button in the characters menu option. Now, every time you open the Symbols menu, you should see the degree sign in the list of the recently used symbols. Its as simple as that.

This method saves a hell lot of time and effort. So keep that in mind.

2. Use of Keyboard Shortcuts

The use of Shortcut key is the most reliable and fast method to do anything you like.

Similarly, you can insert the degree symbol in word by simply making the use...


Open-Source Qualcomm Graphics Support Continues Flourishing With Freedreno "IndyWatch Feed Tech"

When it comes to open-source ARM graphics drivers, the Raspberry Pi / VC4 effort and Freedreno continue to be the two best examples of fully open-source graphics driver coverage including 3D support. Freedreno has been attracting contributions from Qualcomm / CodeAurora in what started out as solely a community reverse-engineered effort and with the latest-generation Adreno 600 series hardware the open-source support is in great shape...


A Look at Fundamental Linux sed Commands "IndyWatch Feed Tech"

A Look at Fundamental Linux sed Commands


GCC 9 Compiler Adds -std=c2x And -std=gnu2x For Future C Language Update "IndyWatch Feed Tech"

With GCC 9 feature development ending in a few weeks, it's now a mad dash by developers to land their last minute additions into this annual open-source compiler update -- including a look ahead for what is coming down the pipe in the compiler space...


The author of the LuminosityLink RAT sentenced to 30 Months in Prison "IndyWatch Feed Tech"

The author of the infamous LuminosityLink RAT, Colton Grubbs (21), was sentenced to 30 months in federal prison.

Colton Grubbs, 21, of Stanford, Kentucky, the author of the infamous LuminosityLink RAT, was sentenced to 30 months in federal prison,

In February, the Europols European Cybercrime Centre (EC3) along with the UK National Crime Agency (NCA) disclosed the details of an international law enforcement operation that targeted the criminal ecosystem around the Luminosity RAT (aka LuminosityLink).

According to the EC3, the joint operation was conducted in September 2017, it involved more than a dozen law enforcement agencies from Europe, the US, and Australia.

The Luminosity RAT was first spotted in 2015 but it became very popular in 2016.

The malware was offered for sale in the criminal underground for as little as $40, it allows attackers to take complete control over the infected system.

The Luminosity RAT was one of the malicious code used in Business Email Compromise attacks and was also used Nigerian gangs in attacks aimed at industrial firms.

Luminosity RAT

In September 2016, the UK law enforcement arrested Colton Grubbs, the man admitted to designing, marketing, and selling LuminosityLink.

Grubbs offered for sale the malware for $39.99 to more than 6,000 customers, he also helped them to hack computers worldwide.

Grubbs previously admitted to designing, marketing, and selling a software, called
LuminosityLink, that Grubbs knew would be used by some customers to remotely access and control their victims computers without the victims knowledge or consent. Among other malicious features, LuminosityLink allow...


BepiColombo Mission to Mercury Set for Launch on October 20 "IndyWatch Feed Tech"

The BepiColombo mission to Mercury is set for launch on Saturday, October 20. The spacecraft consists of two satellites which will eventually detach and settle into two separate orbits around Mercury:

BepiColombo is a joint mission of the European Space Agency (ESA) and the Japan Aerospace Exploration Agency (JAXA) to the planet Mercury. The mission comprises two satellites to be launched together: the Mercury Planetary Orbiter (MPO) and Mio (Mercury Magnetospheric Orbiter, MMO). The mission will perform a comprehensive study of Mercury, including its magnetic field, magnetosphere, interior structure and surface. It is scheduled to launch in October 2018, with an arrival at Mercury planned for December 2025, after a flyby of Earth, two flybys of Venus, and six flybys of Mercury. The mission was approved in November 2009, after years in proposal and planning as part of the European Space Agency's Horizon 2000+ program; it will be the last mission of the program to be launched.

[...] The main objectives of the mission are:

  • Study the origin and evolution of a planet close to its parent star
  • Study Mercury as a planetits form, interior, structure, geology, composition and craters
  • Investigate Mercury's exosphere, composition and dynamics, including generation and escape
  • Study Mercury's magnetised envelope (magnetosphere) - structure and dynamics
  • Investigate the origin of Mercury's magnetic field
  • Verify Einstein's theory of general relativity by measuring the parameters gamma and beta of the parameterized post-Newtonian formalism with high accuracy.

The first event will be an Earth flyby on April 6, 2020, followed by a Venus flyby on October 12, 2020. The spacecraft's first Mercury flyby will be on October 2, 2021.

ESA and JAXA pages.

Previously: ESA Shows off BepiColombo Mercury Orbiters Ahead of 2018 Launch

Original Submission



Set Up CI/CD for a Distributed Crossword Puzzle App on Kubernetes (Part 4) "IndyWatch Feed Tech"

Set Up CI/CD for a Distributed Crossword Puzzle App on Kubernetes (Part 4)


Operation Oceansalt research reveals cyber-attacks targeting South Korea, USA and Canada "IndyWatch Feed Tech"

McAfee released a report announcing the discovery of a new cyber espionage campaign targeting South Korea, the United States and Canada. The new campaign uses a data reconnaissance implant last used in 2010 by the hacker group APT1, or Comment Crew, a Chinese military-affiliated group accused of launching cyber-attacks on more than 141 U.S. companies from 2006 to 2010. The actors of this new campaign have not been identified; however, they reused code from implants More

The post Operation Oceansalt research reveals cyber-attacks targeting South Korea, USA and Canada appeared first on Help Net Security.


Reverse Engineering CMOS "IndyWatch Feed Tech"

ICs have certainly changed electronics, but how much do you really know about how they are built on the inside? While decapsulating and studying a modern CPU with 14 nanometer geometry is probably not a great first project, a simple 54HC00 logic gate is much larger and much easier to analyze, even at low magnification. [Robert Baruch] took a die image of the chip and worked out what was going on, and shares his analysis in a recent video. You can see that video, below.

The CMOS structures are simple because a MOSFET is so simple to make on an IC die. The single layer of aluminum conductors also makes things simple.

One disadvantage to working with a picture is you cant etch off the passivation the thin layer of glass over the top of the chip and then remove the aluminum to see underneath. However, there isnt much going on in a chip this simple and you can usually see outlines of contacts under the aluminum.

At this scale, it is possible to put the part under a microscope after removing the passivation and actually probe or even cut conductors with a very sharp probe. The probes are typically made from wire sharpened electrically using sodium hydroxide. Of course, thats a nasty chemical and so is the hydrofluoric acid that takes off the glass.

One of the hallmarks of CMOS is that you have two transistors driving a signal. One drives it high and another drives it low. Some other logic families will only have one type of transistor, usually pulling a signal low and rely on a pull-up resistor for high outputs. This is why some logic families can sink more than they source and also explains higher current consumption and heating. Also, accurate resistors are not easy to make on a chip. Usually, they are made of highly-doped semiconductor material or polysilicon and the actual resistance can vary quite a bit from part to part.

If youve ever wondered whats behind the curtain, [Roberts] video is pretty lucid and easy to understand. After you watch it, we have a challenge for you: look at a relatively simple 8088 CPU die and imagine doing the exercise on that. Now, look at a really modern CPU. With practice, you can pick out zones pretty easy (registers, an ALU, and so on).

It used to be this kind of thing was what people did in reverse engineering and failure analysis labs, but we are seeing more and more of it lately. We used to decap chips with fuming nitric acid, but there are...


Australia Targets Google With Tough New Anti-Piracy Law "IndyWatch Feed Tech"

Section 115a of Australias Copyright Act allows copyright holders to apply for injunctions that force ISPs to prevent subscribers from accessing overseas online locations that facilitate access to infringing content.

The legislation has been used on a number of occasions since its adoption in 2015 and as a result, dozens of notorious pirate sites are now inaccessible via regular means. However, pirate sites are often quick to adapt, with mirrors, proxies and other sites popping up to reactivate access.

Additionally, search engines Google in particular provide a handy reference guide for those looking for these kinds of resources. The entertainment industries are therefore keen to plug this loophole, to ensure that their web-blocking efforts are as effective as possible. That has resulted in the publication today of proposed amendments to copyright law.

The aims of the Copyright Amendment (Online Infringement) Bill 2018 are fairly straightforward.

Where existing legislation compels ISPs to prevent access to sites listed in an injunction, the amendments attempt to deal with sites that have started to provide access to the online location after the injunction is made, meaning that subsequently appearing mirrors and proxies can be dealt with much more quickly.

Turning to the perceived problems with search engines, the amendments will allow rightsholders to apply for injunctions that will not only target infringing online locations but also their appearance in search results.

Companies including Google will be required to take such steps as the Court considers reasonable so as not to provide a search result that refers users to the online location. Search providers will also be compelled to deal with the subsequent appearance of mirrors and proxies by ensuring that these dont appear in search results either.

In a statement published this morning, the Department of Communications offered the following summary.

The Copyright Amendment Bill will ensure a broader range of overseas websites and file-hosting services widely used for sharing music and movies are within the scope of the scheme, and provide a means for proxy and mirror pirate sites to be blocked quickly, the statement reads.

The amendments will also further empower copyright owners to seek Federal Court orders requiring search results for infringing sites.

That search engines are being targeted in this manner is not a surprise. Entertainm...


FBI Investigator Charged With Child Rapes Found Dead "IndyWatch Feed Tech"

This means he is no longer the star witness in ongoing investigations, but this tells me he has already sung like a canary, so the information is not lost.  There is little doubt here that this man was simply suicided and is a clear reminder just how deep this corruption goes.

We need to do much better in protecting these assets and surely that is on the table after this.

Do look at those charges though.  We never had anything like this in the past and this was awfully functioning human being who was employed at a professional life giving him a clean middle class lifestyle.  This could be your brother..

FBI Investigator Charged With Child Rapes Found Dead in New York City Hotel Room Just Hours Before Plea Deal Testimony

Posted on October 2, 2018 by admin

Was there fear that the FBIs Jeffrey Wilson would Rat out others?

One New York FBI source says there was. But that is no longer a concern because Wilson was found dead in a New York City hotel room Saturday, literally hours before he was scheduled to sign a plea deal.

There was fear of what he would testify to because he was a wildcard, one FBI insider said. The Bureau was trying to keep this entire case away from the media. Its a mess.

Wilson worked computer crimes for the FBI in New York City. He may have known too much or was ready to trade some of that knowledge for a sweet plea deal.

Wilson was facing two counts of child rape with force, and six counts of indecent assault and battery on a child under 14 years old.

There are two victims in this case, and the attacks allegedly occurred in Grafton, Massachusetts. The alleged attacks dated back to 1998 and continued to 2006.

Court records indicate at the time of his arrest, Jeffrey Wilson was employed by the New York Office of the FBI working computer investigations.

The New York FBI...


Corrupt Scientists Driven To Resign, but Not Climate Scientists? "IndyWatch Feed Tech"

The fundamental problem is that manipulation of data is often an accepted casting out of a small group of anomalies as lab error or its equivalent.  It is my contention that this is a grave mistake.  those 'errors' need to be carefully vetted for the possibility of new information. In fact i would invest as much on anomalies as on well behaving data which could well be defining the media.

 In fact twenty anomalies just by themselves if conforming represent a new phenomena, no matter how large the primary universe of samples.  I use this all the time to winkle out new information.  It allowed me to determine and refine the living presence of the supposedly extinct Giant Sloth.

It also allowed me to understand that mind to mind communication is universal in the animal kingdom and that we are the likely exceptions.  This generated further work that nicely confirmed the phenomena.

Some science is also simply bought and sold and this is profoundly corrupt and even dangerous as we are discovering with the Vaccine meme. Then there is climate science which has become a laughing stock in terms of scientific rigor and  fraud.

Corrupt Scientists Driven To Resign, but Not Climate Scientists?

Dr. Jos Baselga (Wikipedia Commons)

Written By: AFP September 24, 2018

Top researchers and scientists are being forced to resign over egregious ethical violations and conflicts of interest, but it appears that climate scientists are still getting a free pass. Climate science has been rife with purposely falsified data and the same kind of ethical breaches as found in this story. TN Editor

Three prominent US scientists have been pushed to resign over the past 10 days after damning revelations about their methods, a sign of greater vigilance and decreasing...


Economics Everywhere, Politics Nowhere: The Benefits of Swiss Decentralization "IndyWatch Feed Tech"

 The fundamental error of hierarchical economic thinking is that good management at the upper level has any chance of working down to the lowest level.  It does not.  However good management at the lowest level has every chance of working its way up the food chain.

Now imagine a world in which tribes or ethnic groups establish nation states with little land attachment except to a designated city state to which all are enrolled as citizens.  This even allows dual citizens at the least and arrangements such as made by italy with long gone non residents.  After all this means exactly two things.  One the right to vote and two the right to buy a property in the designated city State.

After all that the population goes where they are welcome and can prosper.  The Swiss merely prove my point by having done just what i say.

Economics Everywhere, Politics Nowhere: The Benefits of Swiss Decentralization


Kavanaugh accuser Christine Blasey Ford ran mass hypnotic inductions of psychiatric subjects "IndyWatch Feed Tech"


Now that she has dropped out of the picture, we can pay attention to the real story here.  This lady is as good as it gets in terms of an example of mind manipulation as likely practiced by the CIA to undertake a variety of tasks.

Those tasks have included producing a pilot able to shut of the fuel line in an aircraft and then interfere to prevent its recovery as well.  This appears to be what happened to JFKjr's aircraft and shortly after to an Egyptian bound aircraft.  That is why i think that the JFKjr crash was actually faked in order to prevent an actual attempt on his life.  Of course this means a Navy SEAL intervention which the pattern of events easily supports.  I cannot prove any of this but the pattern supports just that and it is clearly possible.

Here we get more into the the science been developed and the side effects are not trivial either.

I have seen a number of example or at least suspected examples and it has reached a point in which law enforcement needs to become aware of the possiblity and just how it may compare to biologically and drug induced mental illness.

. .

Kavanaugh accuser Christine Blasey Ford ran mass hypnotic inductions of psychiatric subjects as part of mind control research funded by foundation linked to computational psychosomatics neuro-hijacking 



Qualcomm Announces 802.11ay Wi-Fi Chips that Can Transmit 10 Gbps Within Line-of-Sight "IndyWatch Feed Tech"

Qualcomm's new Wi-Fi chips are meant to rival 5G speeds

Qualcomm is launching a family of chips that can add incredibly high-speed Wi-Fi at speeds up to 10 gigabits per second to phones, laptops, routers, and so on. It's the start of a new generation of this super-fast Wi-Fi standard, but it isn't going to be used to speed up your typical web browsing. And whether it catches on at all remains an open question.

[...] WiGig relies on a connection standard known as 802.11ad, which can hit speeds up to 5 gigabits per second over close to 10 meters, according to Dino Bekis, the head of Qualcomm's mobile and compute connectivity group. Qualcomm's latest chips move WiGig up to a new generation of that wireless standard, called 802.11ay, which Bekis says can reach speeds twice as fast, and can do so up to 100 meter away. The Wi-Fi Alliance says the new standard "increases the peak data rates of WiGig and improves spectrum efficiency and reduces latency."

So why not just use this as normal Wi-Fi, given how fast it gets? Because that range is only line-of-sight when there's literally nothing in the way between the transmitter and the receiver. This high-speed Wi-Fi is based on millimeter wave radio waves in the 60GHz range. That means it's really fast, but also that it has a very difficult time penetrating obstacles, like a wall. That's a problem if you want a general purpose wireless technology.

With 5:1 "visually lossless" compression, 10 Gbps could be enough for 5K @ 120 Hz.

Qualcomm press release.

Also at Engadget.

Related: AMD Acquire...


Chaining three critical vulnerabilities allows takeover of D-Link routers "IndyWatch Feed Tech"

Researchers from the Silesian University of Technology in Poland discovered several flaws that could be exploited to take over some D-Link routers.

A group of researchers from the Silesian University of Technology in Poland has discovered three vulnerabilities in some models of D-Link routers that could be chained to take full control over the devices.

The flaws are a Directory Traversal (CVE-2018-10822), Password stored in plaintext (CVE-2018-10824), and a Shell command injection (CVE-2018-10823).

I have found multiple vulnerabilities in D-Link router httpd server. These vulnerabilities are present in multiple D-Link types of routers. All three taken together allow to take a full control over the router including code execution. reads the security advisory.

The vulnerabilities reside in the httpd server of some D-Link routers, including DWR-116, DWR-111, DIR-140L, DIR-640L, DWR-512, DWR-712, DWR-912, and DWR-921.

Researchers found a directory traversal vulnerability, tracked as CVE-2018-10822, that could be exploited by remote attackers to read arbitrary files using an HTTP request.

The issue was initially reported to D-Link as CVE-2017-6190, but the vendor did not correctly fix the flaw.

This flaw could be exploited to gain access to a file that stores the admin password for the device in clear text.

The storage of password in clear text is tracked as CVE-2018-10824, to avoid abuses the experts did not reveal the path of the files

Researchers also reported another flaw, tracked as CVE-2018-10823, that could be exploited by an authenticated attacker to execute arbitrary commands and take over the device.

Below a video that shows how the flaws could be chained to takeover a device:

The experts reported the flaws to D-Link in May but the vendor still hasnt addressed them, then the experts publicly disclosed the vulnerabilities.

Waiting for a patch to address the vulnerabilities, users can make their devices not accessible from the Internet.



Solving the cloud infrastructure misconfiguration problem "IndyWatch Feed Tech"

Security incidents involving cloud infrastructure have become a regular occurrence since many organizations began shifting their assets to the cloud. Many of these incidents happen because of misconfiguration. Cloud misconfiguration is a pervasive issue for a variety of reasons, says Phillip Merrick, CEO of Fugue. Development teams might provision cloud infrastructure that contains compliance violations or security vulnerabilities because they either lack sufficient training or theres a lack of proper controls to ensure compliance up More

The post Solving the cloud infrastructure misconfiguration problem appeared first on Help Net Security.


Targeted attacks on crypto exchanges resulted in a loss of $882 million "IndyWatch Feed Tech"

Group-IB has estimated that cryptocurrency exchanges suffered a total loss of $882 million due to targeted attacks in 2017 and in the first three quarters of 2018. According to Group-IB experts, at least 14 crypto exchanges were hacked. Five attacks have been linked to North Korean hackers from Lazarus state-sponsored group, including the infamous attack on Japanese crypto exchange Coincheck, when $534 million in crypto was stolen. Crypto exchanges: In the footsteps of Lazarus In More

The post Targeted attacks on crypto exchanges resulted in a loss of $882 million appeared first on Help Net Security.


Clarity and focus on security required for successful digital transformation "IndyWatch Feed Tech"

Digital transformation is all around us. Even if you are living under a rock, I am sure you have great Wi-Fi reception and are still able to do your shopping, pay your bills, access entertainment (which is especially important because life under the rock can be boring), and pretty much do everything else you can think of, with just a computer or a smart device with internet access. Things get even more interesting if you More

The post Clarity and focus on security required for successful digital transformation appeared first on Help Net Security.


Knowing how to define, screen and monitor your third parties is essential to minimizing risk "IndyWatch Feed Tech"

A new NAVEX Global survey found that more than a third of organizations still use paper-based records or disparate office productivity software to administer their third-party risk assessment and management programs. How best-in-class organizations address third-party risks Theres a growing realization that third-party risk management should operate within an organizations larger ethics and compliance program, said Michael Volkov, CEO of The Volkov Law Group. Enforcement agencies expect companies to use the same level of automation More

The post Knowing how to define, screen and monitor your third parties is essential to minimizing risk appeared first on Help Net Security.


IT and security professionals unprepared for Windows 7 end of life "IndyWatch Feed Tech"

An Avecto survey of over 500 individuals from Europe, the United Arab Emirates and the United States revealed that, while some organisations have already migrated to Windows 10 and are using the move as a catalyst to improve their security posture, many are lagging behind and dont understand the potential risks of the migration. Specifically, the survey highlighted global uncertainty about Windows 7 end of life. 31% of respondents believed that it had already occurred, More

The post IT and security professionals unprepared for Windows 7 end of life appeared first on Help Net Security.


Stephen Hawkings words from beyond the grave bring tears to "IndyWatch Feed Tech"

Speaking from beyond the grave, Professor Stephen Hawking has told a new generation growing up in an increasingly insular world: Remember to look up at the stars and not down at your feet.

The eminent cosmologist, who had motor neurone disease and died in March, had his final public thoughts broadcast at a special event to launch his last book, Brief Answers To The Big Questions.

Prof Hawkings words of advice and defiance, echoing from an Imax screen at Londons Science Museum, brought tears to the eyes of his daughter Lucy.


Stephen Hawking left us bold predictions on AI, superhumans, and aliens "IndyWatch Feed Tech"

The good news: Humanity will survive climate change. The bad news: The only ones who do will be genetically modified superhumans.


Weird state of matter produced in space for first time "IndyWatch Feed Tech"

Atoms cooled to make a Bose-Einstein condensate during on brief rocket flight.


What is the speed of gravity? "IndyWatch Feed Tech"

According to Einsteins General Relativity, gravity travels at the speed of light. Proving it is far from simple, though: unlike light, gravity cant simply be switched on and off, and is also extremely weak.

Over the years, various attempts have been made to measure the speed using studies of astronomical phenomena, such as the time delay of light as it passes through the huge gravitational field of Jupiter. While the results have been broadly in line with Einsteins prediction, theyve lacked the precision needed for compelling evidence. Thats now been provided by the celebrated detection of gravitational waves. Analysis of the signals picked up by the two giant LIGO instruments in the US has confirmed that gravity does indeed travel through space at the speed of light.


We can now customize cancer treatments, tumor "IndyWatch Feed Tech"

But can any company afford to manufacture one-off medical care?


Netflix Burns More Cash, Set to Spend $8 Billion on Original Content in 2018 "IndyWatch Feed Tech"

Netflix burns cash at a record pace, but investors love it

In its third quarter earnings statement on Tuesday, the company reported negative free cash flow of $859 million, the biggest figure in its history. Netflix continues to increase spending on original content as it seeks to compete with other players like Hulu, HBO and planned streaming services like Disney's, scheduled for next year. Netflix will reportedly spend at least $8 billion on content in 2018.

It would be a shame if someone were to pirate or illicitly stream that content.

Netflix has criticized the EU's local content quotas:

Netflix used its third quarter earnings report to criticize the European Union over a new content quota for streaming services. The EU, writes Netflix CEO Reed Hastings in the report, is "currently rewriting its audio visual rules" that will demand streaming services like Netflix "devote a minimum of 30 percent of their catalog to European works." Netflix's report acknowledged that catering to a specific audience encouraged more regional original programming for international audiences, but suggested that enforcing quotas on a streaming service could have unwanted negative effects.

Netflix is already set to spend $1 billion on European content this year.

Also at MarketWatch.

Read more of this story at SoylentNews.


Top strategic predictions for IT organizations and users in 2019 and beyond "IndyWatch Feed Tech"

Gartner revealed its top predictions for 2019 and beyond. Gartners top predictions examine three fundamental effects of continued digital innovation: artificial intelligence (AI) and skills, cultural advancement, and processes becoming products that result from increased digital capabilities and the emergence of continuous conceptual change in technology. As the advance of technology concepts continues to outpace the ability of enterprises to keep up, organizations now face the possibility that so much change will increasingly seem chaotic. More

The post Top strategic predictions for IT organizations and users in 2019 and beyond appeared first on Help Net Security.


US Announces Withdraw From Postal Treaty; International Shipping Prices Expected to Rise "IndyWatch Feed Tech"

The United States has announced plans to withdraw from a 144-year postal treaty that sets lower international shipping rates. The US claims this treaty gives countries like China and Singapore an unfair advantage that floods the US market with cheap packages. The BBC reports the withdraw of this treaty will increase shipping costs from China by between 40% and 70%.

The treaty in question is the Universal Postal Union, which established that each country should retain all money it has collected for international postage. The US Chamber of Commerce has said this treaty, leads to the United States essentially paying for Chinese shipping. This is especially true since 2010, when the US Postal Service entered an agreement with eBay Greater China & Southeast Asia and the China Post Express & Logistics Corporation. This agreement established e-packet delivery where packages weighing up to 2 kg would be delivered at lower prices. If you have ordered inexpensive products shipped from abroad, it is likely the e-packet price that made this possible.

This will affect businesses that capitalize on imports and exports; the storefronts on Amazon and eBay that resell Chinese goods rely on cheap shipping from China. It will also affect companies based outside of the United States that ship to US customers. Small businesses within the US who manufacture at low enough quantities to get their components/raw-materials shipped under the e-packet rates will also see a hit. An increase in shipping costs will mean higher prices for all of these products.

The move is also being justified as a way to even the playing field for US manufacturers who are shipping from within the US and may be paying higher rates to ship to the same customers as foreign-bought goods. It is the latest development in a growing trade war between the US and China which has already seen several rounds of tarrifs on goods like electronics, and even 3D printing filament. Its hard to see how the compounding effect of these will be anything but higher prices for consumers. Manufacturers seeing the pinch on raw materials and components will pass this on to customers who will also soon see higher shipping prices than they are used to.


Ubuntu 18.10 Set For Release Today With Some Nice Improvements "IndyWatch Feed Tech"

It's Cosmic Cuttlefish day! Assuming no last minute delays, Ubuntu 18.10 and its downstream flavors will be out today with their newest six-month non-LTS releases to be supported through July of 2019...


Organs are not just bystanders, may be active participants in fighting autoimmune disease "IndyWatch Feed Tech"

Findings from mouse study suggest organs affected by autoimmune disease suppress immune cells using methods similar to those used by cancer cells to evade detection.


West Coast earthquake warning system becomes operational "IndyWatch Feed Tech"

PASADENA, Calif. (AP) Developers testing an earthquake early warning system for the West Coast say its automated alerts are ready to be used more broadly, but not for mass public notification.

U.S. Geological Survey official Doug Given told reporters Wednesday at California Institute of Technology that the ShakeAlert system has transitioned from a production prototype to operational mode.

The system built for California, Oregon and Washington detects an earthquake is occurring and send out alerts that may give warnings of few seconds to perhaps a minute before shaking arrives at locations away from the epicenter.


Could this venture-backed zero energy house revolutionize the home building industry? "IndyWatch Feed Tech"

Backed by startup incubator Y Combinator, Acre Designs is poised to transform the house building industry with prefabricated, net zero energy homes that are affordable and sustainable.


PCI Peer-To-Peer Memory Support Queued Ahead Of Linux 4.20~5.0 "IndyWatch Feed Tech"

With the upcoming Linux 4.20 kernel cycle (that given past comments by Linus Torvalds might be renamed to Linux 5.0), a new PCI feature queued ahead of the upcoming merge window is peer-to-peer memory support...


Cannabis Becomes Legal in Canada "IndyWatch Feed Tech"

Recreational cannabis is now legal in Canada... to a point. Here are some ground rules:

Adults of at least 18 years old will be allowed to carry and share up to 30 grams of legal marijuana in public, according to a bill that passed the Senate in June. They will also be allowed to cultivate up to four plants in their households and make products such as edibles for personal use.

[...] The supply of recreational marijuana could be limited, at least early on, in some stores. Officials in Nova Scotia and Manitoba said they won't have a large selection, at least not on the first day, CNN affiliate CBC News reported. [...] Marijuana will not be sold in the same location as alcohol or tobacco. Consumers are expected to purchase the drug from retailers regulated by provinces and territories or from federally licensed producers when those options are not available.

[...] Authorities will soon announce plans to pardon Canadians who have been convicted with possession of 30 grams or less of marijuana, CNN partner CTV reported. The production, distribution or sale of cannabis products will still be an offense for minors.

Read more of this story at SoylentNews.


SailPoints latest SaaS release makes security and compliance accessible to all enterprises "IndyWatch Feed Tech"

SailPoint unveiled a series of new innovations in IdentityNow, the SaaS identity governance platform. Enhancements have been made with an eye towards both closing security and compliance gaps and simplifying identity implementations for organizations who may not have dedicated identity teams and resources. New in IdentityNow is the Dynamic Discovery Engine, an innovation that allows users to create policies, access reviews, dashboards and reporting. As a result, IdentityNow customers are better able to address the More

The post SailPoints latest SaaS release makes security and compliance accessible to all enterprises appeared first on Help Net Security.


Hitler and the Naming of the Shrew - Issue 65: In Plain Sight "IndyWatch Feed Tech"

On March 3, 1942, a brief item with a rather peculiar headline appeared tucked away in the Berliner Morgenpost newspaper. Fledermaus No Longer! the bold letters proclaimed. The following short text was printed underneath:

At its 15th General Assembly, the German Society for Mammalogy passed a resolution to change the zoologically misleading names Spitzmaus [shrew] and Fledermaus [bat] to Spitzer and Fleder. Fleder is an old form for Flatterer [one that flutters]. The Spitzmaus, as it happens, has borne a variety of names: Spitzer [one that is pointed], Spitzlein, Spitzwicht, Spitzling. Over the course of the conference, several important lectures were held in the auditorium of the Zoologisches Museum [...].

To this day, despite the problems announced by Germanys leading specialists on mammals on the pages of one of the capitals daily papers, Fledermaus and Spitzmaus remain the common German names for bats and shrews. Neither dictionaries nor specialized nature guides contain entries for Fleder or Spitzer (provided one disregards the primary definition of Spitzer, which is a small implement used for the sharpening of pencils).

Indeed, a swift response to the item in question arrived from an unexpected source. Martin Bormann, Adolf Hitlers private secretary, sent a message
Read More

The Robot Economy Will Run on Blockchain - Issue 65: In Plain Sight "IndyWatch Feed Tech"

Our future will be bright, fastand full of robots. Itll be more Asimov than Terminator: servant robots, more or less similar to us. Some will be upright androids, but most will be boxes filled with computer chips running software agents. And there will be a lot of them. Forecasts predict that, within just three years, well have 1.7 million robots in industry, 32 million in our households, and 400,000 in professional offices.1

Robots will begin to run our factories. Autonomous sensors will monitor infrastructure. Robots will order parts for themselves and raw materials for production. Logistics will be run by chains of unmanned vehicles stationed at autonomous bases. Factories will communicate with each other. Drone traffic control systems will request weather information from meteorological stations belonging to other companies.

All of this will be based on the exchange of information. Not just technical informationrobots will need to develop and maintain economic relationships. Whether for a parts order or a service agreement with another company, many aspects of their work will revolve around currency transactions. Human operators will be too slow to oversee these transactions, which we can expect to happen at 20,000 transactions per second (assuming there is at least
Read More

Why Doesnt Ancient Fiction Talk About Feelings? - Issue 65: In Plain Sight "IndyWatch Feed Tech"

Reading medieval literature, its hard not to be impressed with how much the characters get doneas when we read about King Harold doing battle in one of the Sagas of the Icelanders, written in about 1230. The first sentence bristles with purposeful action: King Harold proclaimed a general levy, and gathered a fleet, summoning his forces far and wide through the land. By the end of the third paragraph, the king has launched his fleet against a rebel army, fought numerous battles involving much slaughter in either host, bound up the wounds of his men, dispensed rewards to the loyal, and was supreme over all Norway. What the saga doesnt tell us is how Harold felt about any of this, whether his drive to conquer was fueled by a tyrannical fathers barely concealed contempt, or whether his legacy ultimately surpassed or fell short of his deepest hopes.

Jump ahead about 770 years in time, to the fiction of David Foster Wallace. In his short story Forever Overhead, the 13-year-old protagonist takes 12 pages to walk across the deck of a public swimming pool, wait in line at the high diving board, climb the ladder, and prepare to jump. But over
Read More


Reddit has dedicated war room to fight Russian misinformation "IndyWatch Feed Tech"

Reddit CEO Steve Huffman on Wednesday detailed the "war room" the company has created to fend off foreign misinformation campaigns on the fifth most-visited U.S. site, saying the collaborative effort has helped the company address the...


1670 Nova May Have Been Caused by a Collision Between a White Dwarf and a Brown Dwarf "IndyWatch Feed Tech"

When white dwarf meets brown dwarf, pow!

In the 1600s, western astronomers were just emerging from centuries of medieval thought, when the heavens were thought to be unchanging. You can imagine their astonishment when in July of 1670, in what had been a blank, dark sky some observers witnessed a bright pinprick of light that appeared, faded, reappeared, and then disappeared entirely from view. At that time, astronomers called such an event a nova or new star. This one was located in front of the constellation Cygnus the Swan and so received the name Nova sub Capite Cygni (a New Star below the Head of the Swan). Modern astronomers have learned it wasn't a new star. It wasn't even a spectacular collision of two main-sequence stars, as announced in 2015. Instead, using data from the ALMA telescope in Chile, astronomers now believe the event was a collision between an aging white dwarf star and a brown dwarf (star with too little mass to ignite thermonuclear fusion and thereby shine as most stars do).

The object in question is now called CK Vulpeculae.

The new work is based on observations with the Atacama Large Millimeter/submillimeter Array (ALMA) in northern Chile. The astronomers studied the debris from this explosion, which takes the form of dual rings of dust and gas resembling an hourglass with a compact central object (see image at top). Sumner Starrfield of Arizona State University is a co-author on a paper published in the peer-reviewed journal Monthly Notices of the Royal Astronomical Society. He said in a statement:

It now seems what was observed centuries ago was not what we would today describe as a classic 'nova.' Instead, it was the merger of two stellar objects, a white dwarf and a brown dwarf. When these two objects collided, they spilled out a cocktail of molecules and unusual isotopes, which gave us new insights into the nature of this object.



Cypress expands collaboration with Arm to deliver IoT platform with secure device management "IndyWatch Feed Tech"

Cypress Semiconductor has expanded its collaboration with Arm to enable secure, easy-to-use management of Internet of Things (IoT) edge nodes based on Cypress compute and connectivity hardware. The solution integrates the Arm Pelion IoT Platform with Cypress PSoC 6 microcontrollers (MCUs) and CYW4343W Wi-Fi and Bluetooth combo radios for wireless connectivity. PSoC 6 provides Arm v7-M hardware-based security that adheres to the highest level of device protection defined by the Arm Platform Security Architecture (PSA). More

The post Cypress expands collaboration with Arm to deliver IoT platform with secure device management appeared first on Help Net Security.


Use Nodes to Code Loads of G-code for 3D CNC Carving "IndyWatch Feed Tech"

Most CNC workflows start with a 3D model, which is then passed to CAM software to be converted into the G-code language that CNC machines love and understand. G-code, however, is simple enough that rudimentary coding skills are all you need to start writing your very own programmatic CNC tool paths. Any language that can output plain text is fully capable of enabling you to directly control powerful motors and rapidly spinning blades.

[siemenc] shows us how to use Grasshopper  a visual node-based programming system for Rhino 3D to output G-code that makes some interesting patterns and shapes in wood when fed to a ShopBot. Though the Rhino software is a bit expensive and thus is not too widely available, [siemenc] walks through some background, theory, and procedures that could be useful and inspirational no matter what software or programming language youre using to create your bespoke G-code.

For links to code and related blog posts, plus more lovely pictures of intricately carved plywood, check out [siemenc]s personal site as well.

[via Bantam Tools]


AI will impact 100% of jobs, professions, and industries, says IBMs Ginni Rometty "IndyWatch Feed Tech"

Give me my data and no one gets hurt (Ill lease it back to you, no problem:-)

At the Gartner Symposium/ITExpo, Rometty laid out three principles for companies working ethically with AI.


A10 Networks provides cloud, Internet and gaming providers with 1 RU DDoS defense appliance "IndyWatch Feed Tech"

A10 Networks launched the A10 Thunder 7445 Threat Protection System (Thunder TPS), the performance 1 rack unit (RU) and density of throughput per RU appliance. Now cloud, Internet and gaming providers can protect their infrastructure with A10 DDoS defense while enjoying the cost benefits of 100 GbE networking in the smallest form factor. A10 Networks Thunder TPS is a DDoS protection solution that offers precision in detecting and mitigating against the full spectrum of DDoS More

The post A10 Networks provides cloud, Internet and gaming providers with 1 RU DDoS defense appliance appeared first on Help Net Security.


Kushner and Saudi crown prince communicated informally on WhatsApp: report "IndyWatch Feed Tech"

White House senior adviser Jared Kushner raised concerns among administration officials by communicating with Saudi Crown Prince Mohammed bin Salman on private channels, including through the encrypted messaging service WhatsApp, CNN reported...


InSpec by Chef 3.0 accelerates compliance automation for DevSecOps "IndyWatch Feed Tech"

Chef released updates to its InSpec by Chef compliance automation platform, including a new plugin architecture, improved ease-of use, improved exception management and automated compliance for Terraform. InSpec 3.0 increases the velocity of compliance audits and remediation, while reducing risk for cross-functional security, development and operations (DevSecOps) teams and their organizations. InSpec has helped us break down silos between the application developers, operations and security teams as we migrate to the cloud, said Ben Peterson, More

The post InSpec by Chef 3.0 accelerates compliance automation for DevSecOps appeared first on Help Net Security.


Medtronic Locks Out Vulnerable Pacemaker Programmer Kit "IndyWatch Feed Tech"

Submitted via IRC for BoyceMagooglyMonkey

The US Food and Drug Administration (FDA) is advising health professionals to keep an eye on some of the equipment they use to monitor pacemakers and other heart implants.

The watchdog's alert this week comes after Irish medical device maker Medtronic said it will lock some of its equipment out[pdf] of its software update service, meaning the hardware can't download and install new code from its servers.

That may seem counterintuitive, however, it turns out security vulnerabilities in its technology that it had previously thought could only be exploited locally could actually be exploited via its software update network. Malicious updates could be pushed to Medtronic devices by hackers intercepting and tampering with the equipment's internet connections the machines would not verify they were actually downloading legit Medtronic firmware and so the biz has cut them off.

To get the latest patches, the software will have to be installed by hand via USB by a Medtronic technician. Both the FDA and Medtronic said there is no immediate danger to any patients or doctors.

The security bugs are not present in the implants themselves, but rather in Medtronic "programmers," which doctors and medics connect to patients' implants during and after surgery, allowing them to check battery levels, monitor heart rhythms, and adjust any settings.

[...] As a result, Medtronic said, it has cut both device models' access to the SDN, meaning the only way for hospitals and clinics to get firmware updates will be on-site by Medtronic techs. In the meantime, the FDA said the devices will continue to operate as normal and no immediate action needs to be taken.

In short, nobody's pacemaker is getting hacked any time soon, and doctors and patients have nothing to worry about, but updating the programmers is going to be a bit of a pain.


Original Submission



[$] Weekly Edition for October 18, 2018 "IndyWatch Feed Tech"

The Weekly Edition for October 18, 2018 is available.


Extraterrestrials Might Look Like Us, Says Astrobiologist "IndyWatch Feed Tech"

Maybe theyre not alien doppelgangers mirror images of us.

But extraterrestrial lifeshould it existmight look eerily similar to the life we see on Earth, says Charles Cockell, professor of astrobiology at the University of Edinburgh in Scotland.

Indeed, Cockells new book (The Equations of Life: How Physics Shapes Evolution, Basic Books, 352 pages) suggests a universal biology. Alien adaptations, significantly resembling terrestrial lifefrom humanoids to hummingbirdsmay have emerged on billions of worlds.


Edgecore Gateway will bring economics of open disaggregated networking to mobile networks "IndyWatch Feed Tech"

Edgecore Networks is developing and will market Odyssey-DCSG, an open networking cell site gateway that conforms to the Disaggregated Cell Site Gateway (DCSG) specification developed by Vodafone, Telefonica, Orange, and TIM Brazil within the Telecom Infra Project (TIP). Edgecore will contribute the hardware design of the cell site gateway to TIP, and will make the Odyssey-DCSG product generally available in Q3 2019. The Edgecore Odyssey-DCSG gateway will enable service providers to deploy 4G and 5G More

The post Edgecore Gateway will bring economics of open disaggregated networking to mobile networks appeared first on Help Net Security.


HPR2664: My git workflow "IndyWatch Feed Tech"

My git workflow In this episode of HPR I present the workflow I use to contribute to opensource projects using git. I have no idea if this workflow is something that is commonly used, but it is working for me, so I thought Id share it with the HPR community. The first thing I do is fork the project I want to contribute to. This is done on github most of the time, although this workflow can work on gitlab, bitbucket, or even some self hosted git platform. Once the project is forked, I clone it on my machine : $ git clone git://server/path/to/myproject.git Git automatically names my remote project origin. Then I add a reference to the original project : $ git remote add upstream https://server/path/to/originalproject.git Now my local repository references my fork under the name origin and the original project under the name upstream. In this workflow, I never work on the master branch. So, when I need to fix a bug for example, I create a new branch : $ git checkout -b bugfix I can then make changes, test my code, make sure everything is ok, stage and commit my changes : $ git add . $ git commit -m "commit message" Now I need to push this local branch to my repository on github : $ git push -u origin bugfix Since I forked the original project, github knows that origin and upstream are linked. If there are no conflicts, github will show me a big green button to create a pull request. Once the pull request is created, I just have to wait for the maintainer to merge it in upstreams master branch. Then, I need to sync both my local copy and my fork on github with the original project. In order to do that, on my local copy, I checkout my master branch, fetch upstreams changes, and merge them : $ git checkout master $ git fetch upstream $ git merge upstream/master Now my local master branch is ahead of origins master branch, so I push those changes to github : $ git push I dont need the bugfix branches (the local one and the github one), so I can delete those : $ git branch -d bugfix $ git push origin -d bugfix And now, my local repository is even with both origin and upstream, and I can start again. To summarize, heres the complete workflow : $ git checkout -b myawesomefeature $ git add . $ git commit -m "Awesome commit message" $ git push -u origin myawesomefeature Create a pull request, wait for the maintainer to merge it. $ git checkout master $ git fetch upstream $ git merge upstream/master $ git push $ git branch -d myawesomefeature $ git push origin -d myawesomefeature


Hillicon Valley: Russia-linked hackers hit Eastern European companies | Twitter shares data on influence campaigns | Dems blast Trump over China interference claims | Saudi crisis tests Silicon Valley | Apple to let customers download their data "IndyWatch Feed Tech"

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen...


WhiteSource raises $35M to mainstream open source security management "IndyWatch Feed Tech"

WhiteSource raised a $35 million funding round led by Susquehanna Growth Equity, with participation by existing investors 83North and M12 Microsoft Ventures. This $35 million Series-C adds to the $11 million raised by WhiteSource in previous financing rounds. Founded in 2011, WhiteSource was created with the mission to help businesses harness the power of open source without compromising on security or slowing development. With the latest funding, WhiteSource plans to double down on serving More

The post WhiteSource raises $35M to mainstream open source security management appeared first on Help Net Security.


OpenSUSE Begins Preparing For Leap 15.1 (15 Service Pack 1) "IndyWatch Feed Tech"

As part of some brief openSUSE news today, some early details concerning Leap 15 Service Pack 1 (Leap 15.1) were shared...


Smashing Security #100: One flippin hundred "IndyWatch Feed Tech"

Smashing Security #100: One flippin' hundred

Yes, its the 100th edition of the Smashing Security podcast.

Theres a little celebration at both ends of this weeks podcast - but the meat of the sandwich is our normal look at the security stories of the last week - including an alarming IoT failure and a dating app disaster for Donald Trump devotees.


3D Printing, Halloween Style "IndyWatch Feed Tech"

The wonders of 3D printing dont stop coming. Whether its printing tools on the International Space Station, printing houses out of concrete, or just making spare parts for a childs toy, theres virtually nothing you cant get done with the right 3D printer, including spicing up your Halloween decorations.

Not only is this pumpkin a great-looking decoration for the season on its own, but it can also transform into a rather unsettling spider as well for a little bit of traditional Halloween surprise. The print is seven parts, which all snap into place and fold together with a set of ball-and-socket joints. While it doesnt have any automatic opening and closing from a set of servos, perhaps we will see someone come up with a motion-activated pumpkin spider transformer that will shock all the trick-or-treaters at the end of this month.

Its not too late to get one for yourself, either. The files are available on Thingiverse or through the project site. And weve seen plenty of other Halloween hacks and projects throughout the years too if youre looking for other ideas, like the recent candy machine game, a rather surprising flying human head, or this terrifying robot.


Harvard Calls for Retraction of Dozens of Studies by Noted Cardiologist "IndyWatch Feed Tech"

A prominent cardiologist formerly at Harvard Medical School and Brigham and Women's Hospital in Boston fabricated or falsified data in 31 published studies that should be retracted, officials at the institutions have concluded.

The cardiologist, Dr. Piero Anversa, produced research suggesting that damaged heart muscle could be regenerated with stem cells, a type of cell that can transform itself into a variety of other cells.

Although other laboratories could not reproduce his findings, the work led to the formation of start-up companies to develop new treatments for heart attacks and stroke, and inspired a clinical trial funded by the National Institutes of Health.

"A couple of papers may be alarming, but 31 additional papers in question is almost unheard-of," said Benoit Bruneau, associate director of cardiovascular research at the Gladstone Institutes in San Francisco. "It is a lab's almost entire body of work, and therefore almost an entire field of research, put into question."

Read more of this story at SoylentNews.


[$] A new direction for i965 "IndyWatch Feed Tech"

Graphical applications are always pushing the limits of what the hardware can do and recent developments in the graphics world have caused Intel to rethink its 3D graphics driver. In particular, the lower CPU overhead that the Vulkan driver on Intel hardware can provide is becoming more attractive for OpenGL as well. At the 2018 X.Org Developers Conference Kenneth Graunke talked about an experimental re-architecting of the i965 driver using Gallium3Da development that came as something of a surprise to many, including him.


Twitter says it won't suspend Louis Farrakhan over tweet comparing Jews to termites "IndyWatch Feed Tech"

Twitter said Wednesday that it will not suspend Nation of Islam leader Louis Farrakhan over a tweet comparing Jews to termites, the company confirmed to The Hill. Farrakhan, who has been accused of making anti-Semitic remarks for years,&...

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Wednesday, 17 October


Naked celebrity photo hacker used to be a high school teacher "IndyWatch Feed Tech"

Former teacher admits hacking into celebrity accounts to steal naked photos

A former high school teacher is to plead guilty to hacking into the online accounts of celebrities and stealing naked photographs and other private information.


Mesa VCN JPEG Decode Patches Posted For AMD Raven Ridge "IndyWatch Feed Tech"

With the imminent Linux 4.19 kernel release there is VCN JPEG decode support within the AMDGPU DRM driver for use with Raven Ridge APUs. The accompanying user-space patches for the Radeon Gallium3D code have now been posted for making this functionality work on the Linux desktop with these Zen+Vega APUs...


GCC's Test Suite To Begin Testing C++17 By Default "IndyWatch Feed Tech"

GCC's test suite will soon begin testing the C++17 standard as part of its C++98/11/14 standard tests by default... This doesn't affect the default C++ standard used by the GCC G++ compiler at this point, but at least will help eliminate any lingering C++17 bugs as well as helping to stop regressions in the future...


The Longevity Project: Surprising Discoveries for Health and Long Life from the Landmark Eight-Decade Study: Howard S. Friedman, Leslie R. Martin: 9780452297708: Books "IndyWatch Feed Tech"

An extraordinary eighty-year study has led to some unexpected discoveries about long life.

-O, The Oprah Magazine

For years we have been told to obsessively monitor when were angry, what we eat, how much we worry, and how often we go to the gym. So why isnt everyone healthy? Drawing from the most extensive study of long life ever conducted, The Longevity Project busts many long- held myths, revealing how:


Cumulative Sub-Concussive Impacts in a Single Season of Youth Football "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

In an investigation of head impact burden and change in neurocognitive function during a season of youth football, researchers find that sub-concussive impacts are not correlated with worsening performance in neurocognitive function.

[...] A research team, led by Sean Rose, MD, pediatric sports neurologist and co-director of the Complex Concussion Clinic at Nationwide Children's Hospital, followed 112 youth football players age 9-18 during the 2016 season in a prospective study.

"When trying to determine the chronic effects of repetitive sub-concussive head impacts, prospective outcomes studies are an important complement to the existing retrospective studies," says Dr. Rose. "In this study of primary school and high school football players, a battery of neurocognitive outcomes tests did not detect any worsening of performance associated with cumulative head impacts."

[...] In their secondary analysis, they found that younger age and reported history of attention deficit hyperactivity disorder (ADHD) predicted score changes on several cognitive testing measures and parent-reported ADHD symptoms. Additionally, a reported history of anxiety or depression predicted changes in scores of symptom reporting.

-- submitted from IRC

Original Submission

Read more of this story at SoylentNews.


Public funds support proposal to remove Zuckerberg as Facebook chairman "IndyWatch Feed Tech"

Several public funds that hold shares of Facebook stock are backing a proposal to remove CEO Mark Zuckerberg from his role as chairman of the company's board.State treasurers in Illinois, Rhode Island and Pennsylvania as well as New York City...


Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Tavis Ormandy on Oct 17

Apparently it wasn't clear that this allowed reading and writing of
arbitrary files, here is a full exploit (I just modified the CVE-2018-17961

$ convert executeonly-bypass.pdf exploit.jpg
$ tail -1 ~/.bashrc
echo pwned by postscript

Thanks, Tavis.


Authorities search & seize properties of GTA Vs Infamous cheat developers "IndyWatch Feed Tech"

By Carolina

Cheat developers are constantly under the radar of Take-Two Interactive and Rockstar Games. Both companies have previously taken legal action against cheat developers for protecting their games including the very popular Grand Theft Auto V (GTA V). Last month, they launched an operation against Australian developers, who had released a well-known mod-menu cheat for GTA []

This is a post from Read the original post: Authorities search & seize properties of GTA Vs Infamous cheat developers


Advertisers accuse Facebook of hiding false video metrics for over a year "IndyWatch Feed Tech"

A group of advertisers suing Facebook has filed a new complaint accusing the social media giant of knowing about glitches in its ad software that misrepresented viewership for videos but not disclosing the glitch to advertisers for over a...


DIY Arc Light Makes An Unnecessarily Powerful Bicycle Headlight "IndyWatch Feed Tech"

Remember when tricking out a bike with a headlight meant clamping a big, chrome, bullet-shaped light to your handlebar and bolting a small generator to your front fork? Turning on the headlight meant flipping the generator into contact with the front wheel, powering the incandescent bulb for the few feet it took for the drag thus introduced to grind you to a halt. This ridiculous arc-lamp bicycle headlight is not that. Not by a long shot.

Were used to seeing [Alex] doing all manner of improbable, and sometimes impossible, things on his popular KREOSAN YouTube channel. And were also used to watching his videos in Russian, which detracts not a whit  from the entertainment value for Andglophones; subtitles are provided for the unadventurous, however. The electrodes for his arc light are graphite brushes from an electric streetcar, while the battery is an incredibly sketchy-looking collection of 98 18650 lithium-ion cells. A scary rats nest of coiled cable acts as a ballast to mitigate the effects of shorting when the arc is struck. The reflector is an old satellite TV dish covered in foil tape with the electrodes sitting in a makeshift holder where the feedhorn used to be. Its bright, its noisy, its dangerous, and it smokes like a fiend, but we love it.

Mounting it to the front of the bike was just for fun, of course, and it works despite the janky nature of the construction. The neighbors into whose apartments the light was projected could not be reached for comment, but we assume they were as amused as we were.

Thanks for the tip, [Nikolai].


99.7 Percent of Unique FCC Comments Favored Net Neutrality "IndyWatch Feed Tech"

Submitted via IRC for BoyceMagooglyMonkey

After removing all duplicate and fake comments filed with the Federal Communications Commission last year, a Stanford researcher has found that 99.7 percent[pdf] of public commentsabout 800,000 in allwere pro-net neutrality.

"With the fog of fraud and spam lifted from the comment corpus, lawmakers and their staff, journalists, interested citizens and policymakers can use these reports to better understand what Americans actually said about the repeal of net neutrality protections and why 800,000 Americans went further than just signing a petition for a redress of grievances by actually putting their concerns in their own words," Ryan Singel, a media and strategy fellow at Stanford University, wrote in a blog post Monday.


Original Submission

Read more of this story at SoylentNews.


Spectre V2 "Lite" App-To-App Protection Mode Readying For The Linux Kernel "IndyWatch Feed Tech"

We are approaching one year since the Spectre and Meltdown CPU vulnerabilities shocked the industry, and while no new CPU speculative execution vulnerabilities have been made public recently, the Linux kernel developers continue improving upon the Spectre/Meltdown software-based mitigation techniques for helping to offset incurred performance costs with current generation hardware...


MartyMcFly Malware: new Cyber-Espionage Campaign targeting Italian Naval Industry "IndyWatch Feed Tech"

Yoroi security firm uncovered a targeted attack against one of the most important companies in the Italian Naval Industry leveraging MartyMcFly Malware.

Today Id like to share an interesting analysis of a Targeted Attack found and dissected by Yoroi (technical details are available here). The victim was one of the most important leaders in the field of security and defensive military grade Naval ecosystem in Italy. Everything started from a well-crafted email targeting the right office asking for naval engine spare parts prices. The mail was quite clear, written in a great language within detailed spare parts matching the real engine parts. The analyzed email presented two attachments to the victim:
  • A company profile, aiming to present the company who was asking for spare parts
  • A Microsoft.XLSX where (apparently) the list of the needed spare parts was available

The attacker asked for a quotation of the entire spare part list available on the spreadsheet. In such a way the victim needed to open-up the included Microsoft spreadsheet in order to enumerate the fake customer needs. Opening up The Excel File it gets infected.

Lets go deep into that file and see what is happening there. At a first sight, the office document had an encrypted content available on OleObj.1 and OleObj.2. Those objects are real Encrypted Ole Objects where the Encrypted payload sits on EncryptedPackage section and information on how to decrypt it are available on EncryptionInfo xml descriptor. However, in that time, the EncryptionInfo was holding the encryption algorithm and additional information regarding the payload but no keys were provided. The question here was disruptive. How Microsoft Excel is able to decrypt such a content if no password is requested to the end user?  In another way, if the victim opens the document and he/she is not aware of secret key how can he/she get infected? And why the attacker used an encrypted payload if the victim cannot open it?


Stage1: Encrypted Content


Arm CEO on 5G, the Fifth Wave of Computing, and the Trillion-Device World "IndyWatch Feed Tech"

The future of technology will be brought to you by the number five, say speakers at Arm TechCon

5G report logo, link to report landing page

Its not exactly clear which emerging technology will bring the next major advance that rocks the world but, like an episode of Sesame Street, theres a good chance that it will be brought to you by the number 5.

That was the theme of keynote addresses that kicked off Arm TechCon 2018, a gathering of 4,000 embedded-systems specialists held in San Jose, Calif., this week. Arm CEO Simon Segars counted through computing history: Wave 1, the era of mainframe computing; Wave 2, personal computing and software; Wave 3, the Internet; and Wave 4, mobile and cloud computing.

That brought Segars to Wave 5, something not so easy to define, at least at this early stage. It will, he indicated, involve computers in everything, but simply seeing it as the Internet of Things is too narrow. The 5th Wave, he said, is an era of computing that will be data driven. The traditional algorithmic computing will give way to data flowing through machines and decisions made based on what data is telling us.

We are thinking about the system, how it works end-to-end; it is the combined compute power that is this 5th Wave, he added.

The 5th Wave will also make traditional ways of measuring computing power obsolete, Segars pointed out: We shouldnt measure devices on megahertz, gigaflops, or terawhatever. It is about the system: the devices, network, and the cloud all coming together.

This wave is going to create massive change across the tech sector and drive everything we will do for the next couple of decades, he adds.

And we are at the earliest stages of this wave. That means there is the opportunity for an awful lot of invention, said Drew Henry, Arm senior vice president.

Because the 5th Wave of computing is all about devices that communicate, Segars took attendees on a quick trip through the history of mobile communications: 2G created the ability to send text messages; 3G involved being able to load music and videos onto a device; and 4G made it possible to stream video and music,...


Steal This Show S04E07: Bangladesh Bank Heist, Part 1 "IndyWatch Feed Tech"

Had it succeeded, the Bangladesh Bank Heist would easily have been the biggest bank robbery in history.

It was carried out almost entirely in the digital realm, using a variety of exploits and malware, in order to leverage access to the SWIFT banking network and the US Federal Reserve.

In Part One, we look at exactly what happened in the Bangladesh heist, and walk through how it was carried out. To help us through the complex story, we hear from Cheryl Biswas, Strategic Threat Intel Analyst in Cyber Security at a Big Four consulting firm.

After covering the how of the robbery, we consider whether trusted systems like SWIFT can remain secure in an information environment replete with radically heterogeneous, eminently hackable device

Cheryl Biswas wishes to make clear that she speaks here on her own behalf Her views do not represent those of her employer.

Steal This Show aims to release bi-weekly episodes featuring insiders discussing crypto, privacy, copyright and file-sharing developments. It complements our regular reporting by adding more room for opinion, commentary, and analysis.

Host: Jamie King

Guest: Cheryl Biswas

Produced by Jamie King
Edited & Mixed by Lucas Marston
Original Music by David Triana
Web Production by Eric Barch

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.


Linux kernel: BPF verifier bug leads to out-of-bounds access (CVE-2018-18445; 4.14.9-4.14.74; 4.15-4.18.12) "IndyWatch Feed Tech"

Posted by Jann Horn on Oct 17

NOTE: I have requested a CVE identifier, and I'm sending this message,
to make tracking of the fix easier; however, to avoid missing security
fixes without CVE identifiers, you should *NOT* be cherry-picking a
specific patch in response to a notification about a kernel security

In Linux kernel versions 4.14.9-4.14.74 and 4.15-4.18.12, faulty
computation of numeric bounds in the BPF verifier permits
out-of-bounds memory accesses because...


Court: ISPs Lack of Terminations Didnt Lure Pirating Subscribers "IndyWatch Feed Tech"

Last year several major record labels, represented by the RIAA, filed a lawsuit against ISP Grande Communications, accusing it of turning a blind eye to pirating subscribers.

According to the labels, the Internet provider knew that some of its subscribers were frequently distributing copyrighted material, but failed to take any meaningful action in response.

Grande refuted the accusations and filed a motion to dismiss the case. The ISP partially succeeded as the claims against its management company Patriot were dropped.

In addition, the vicarious infringement allegations were also dismissed. The court saw no evidence that potential customers would specifically sign up with Grande because it did not police infringing conduct by its subscribers.

The labels disagreed, however, and tried to convince the court otherwise. In May they submitted a motion for leave to file an amended complaint including new evidence obtained during discovery. Among other things, they argued that Grande willingly kept pirating subscribers aboard, to generate more revenue.

This second attempt also failed.

Yesterday, US District Court Judge Lee Yeakel denied the record labels request to file an amended complaint. He agrees with the earlier recommendation from the Magistrate Judge, who saw no new evidence which shows that pirate subscribers were specifically drawn to Grande.

First, the original Complaint alleged essentially the same or similar facts, the recommendation reads.

Second, the new allegations still fail to say anything about the motivations of Grandes subscribers when they sign up with Grande. That is, Plaintiffs still fail to plead facts showing Grande gained or lost customers because of its failure to terminate infringers.

The record labels didnt agree with this recommendation and filed their objections two weeks ago, noting that their claims are more than sufficient. The Magistrates report and recommendation lack legal grounds and overlooks important elements, they claim.

[T]he Report effectively ignores Plaintiffs other ground to satisfy the financial benefit element: that Grande profits from known repeat infringing customers to whom it provides ongoing internet service, even despite receiving notice of their infringing conduct, the labels...


Sonic Robots Dont Play Instruments, They Are The Instruments "IndyWatch Feed Tech"

[Moritz Simon Geist]s experiences as both a classically trained musician and a robotics engineer is clearly what makes his Techno Music Robots project so stunningly executed. The robotic electronic music he has created involves no traditional instruments of any kind. Instead, the robots themselves are the instruments, and every sound comes from some kind of physical element.

A motor might smack a bit of metal, a hard drive arm might tap out a rhythm, and odder sounds come from stranger devices. If its technological and can make a sound, [Moritz Simon Geist] has probably carefully explored whether it can be turned into one of his Sonic Robots. The video embedded below is an excellent example of his results, which is electronic music without a synthesizer in sight.

Weve seen robot bands before, and theyre always the product of some amazing work. The Toa Mata Lego Band are small Lego units and Compressorhead play full-sized instruments on stage, but robots that are the instruments is a different direction that still keeps the same physical element to the music.

The HackadayPrize2018 is Sponsored by:


2018: The Rise of Spying Transit Police (Updated) "IndyWatch Feed Tech"

Today's Public Transit Police Departments offer a frightening glimpse into the future of commuter surveillance.

Last year the Bay Area Rapid Transit (BART) was accused of creating an app that spied on commuters travel plans, texts and emails. At the same time the Los Angeles Metropolitan Transportation Authority began a pilot program that used facial biometric body scanners to spy on commuters.

Also in 2017 the Southeastern Pennsylvania Transportation Authority (SEPTA) unveiled their new SEPTA Transit Watch app that allows commuters to "discretely" spy on anyone. The app also sends commuters BOLO or "Be On the Look Out" alerts, essentially turning commuters into Transit Police spies. 

In New Jersey politicians considered cutting Transit Police Department funding from...


Apple launches feature giving US customers access to their data "IndyWatch Feed Tech"

Apple is now allowing customers to download copies of all of the data it holds on them as part of its initiative to contrast its data collection practices with other tech giants that have been under scrutiny in recent months.The iPhone maker...


Plans for a Modular Martian Base on that Would Provide its own Radiation Shielding "IndyWatch Feed Tech"

At this years AIAA Space and Astronautics Forum and Exposition, engineer Marco Peroni presented his proposal for a modular Martian base that would provide its own radiation shielding.


Tumblr Patches A Flaw That Could Have Exposed Users Account Info "IndyWatch Feed Tech"

Tumblr today published a report admitting the presence of a security vulnerability in its website that could have allowed hackers to steal login credentials and other private information for users' accounts. The affected information included users email addresses, protected (hashed and salted) account passwords, self-reported location (a feature no longer available), previously used email


Huawei Introduces a Memory Card That Fits into a Nano SIM Slot "IndyWatch Feed Tech"

Huawei's Nano Memory Cards are replacing microSD on its latest phones

Alongside the slate of new phones Huawei announced today was an interesting addition: a new type of expandable storage the company is calling Nano Memory (NM), which replaces the traditional microSD card in the newly announced Mate 20 and Mate 20 Pro.

On the Mate 20 and Mate 20 Pro, the NM Card goes in one of the slots on the dual-SIM tray, with users having to choose between extra storage or a second SIM card.

The SD 5.0 standard added a 90 MB/s write speed class, intended to allow for 8K and 360 video recording.

The densest microSD cards available store 512 GB, so this 45% smaller 256 GB card could be of a comparable storage density.

Related: Samsung to Offer New Type of Flash Memory Card
Western Digital Demos SD Card Using PCIe Gen 3 x1 Interface for 880 MB/s Read Speed
SD Association Raises Max Capacity to 128 TB, Speed to 985 MB/s Using PCIe and NVMe

Original Submission

Read more of this story at SoylentNews.


Scammers posted over a thousand fake Womens March events on Facebook to sell T-shirts: report "IndyWatch Feed Tech"

Scammers in Bangladesh created more than 1,700 fake Women's March Facebook pages in order to sell T-shirts, according to a CNN report.CNN reported the Facebook pages appeared to be run by local Women's March organizers when in reality they...


GreyEnergy: New malware targeting energy sector with espionage "IndyWatch Feed Tech"

By Waqas

After BlackEnergy, critical infrastructure around the world is among key targets of the new malware called GreyEnergy. In its recent research, ESET has revealed details of a new group of cybercriminals dubbed as GreyEnergy, which seems to be the replacement of BlackEnergy APT group. The BlackEnergy groups last activity was observed in December 2015 when []

This is a post from Read the original post: GreyEnergy: New malware targeting energy sector with espionage


Breaking News "IndyWatch Feed Tech"

Two midday breaking news items:

  • The ACME II experiment is reporting today a new, nearly order of magnitude better, limit on the electric dipole moment of the electron:
    $$|d_e|\leq 1.1 \times 10^{-29} e\ cm$$
    The previous best bound was from ACME I in 2014:
    $$|d_e|\leq 9.4 \times 10^{-29} e\ cm$$

    One significance of this is that while the SM prediction for the electron EDM is unobservably small, generically extensions of the SM predict much larger values. Already the 2014 bound was in conflict with typical SUSY models with LHC-scale supersymmetry, and was starting to rule out parts of the ranges expected for split-SUSY models (Arkani-Hameds current best bet) as well as the expected range for SO(10) GUTs (see for instance slide 25 here).

    Todays result pretty much completely rules out generic versions for both the most popular SUSY models still standing (Split SUSY), as well as the most popular class of GUTs. This provides another nail in the coffin of the SUSY-GUT paradigm which has dominated expectations for physics beyond the SM over the past forty years.

  • The Breakthrough Prize people are having their usual sort of ceremony for the 2019 prizes on November 4, with an Oscars-like production, this year hosted by Pierce Brosnan. In a break with the past, this year theyre announcing the winners in advance, see here. The $3 million physics prize goes to Kane and Mele for their work on topological insulators.

    The $3 million mathematics prize goes to Vincent Lafforgue, for his work on the Langlands correspondence. The prize description has some information about him I was unaware of:

    Deeply concerned about the ecological crisis, Lafforgue is now focused on operator algebras in quantum mechanics and devising new materials for clean energy technologies.

Update: The promotional videos for the Breakthrough Prize winners that will be shown at the November ceremony are already available on Youtube.


The Supercon Badge is a Freakin Computer "IndyWatch Feed Tech"

It hangs around your neck, comes with the cost of admission, and would blow away a desktop computer from the 1980s. This is the Hackaday Superconference badge and you can get your hands on one for the price of admission to the ultimate hardware conference.

Everyone through the door gets one of these badges featuring a 320 x 240 color display, a full qwerty keyboard, and limitless hacking potential! The stock firmware runs a BASIC interpreter, the CP/M operating system, and includes games and Easter Eggs. Its a giant playground, and we want to see what you can do with this custom hardware during the three days of Supercon. Get your ticket now, then join me after the break for a demo video and plenty more info.

This badge design by Voja Antonic was premiered at the Hackaday Belgrade conference in May and is seeing an encore performance for Supercon. It looks amazing, but what you dont realize until you have it in your hands is how much fun it is to hammer out some BASIC code on the incredibly clicky keyboard. Check out this fun figure: we ordered over 30,000 momentary switches for the assembly of these badges!

Hardware Design and Hacking



Swedish firm buys Falcon Heavy launch "IndyWatch Feed Tech"

WASHINGTON A Swedish company with plans for a geostationary communications satellite announced Oct. 16 a contract with SpaceX for a Falcon Heavy launch no earlier than the fourth quarter of 2020.

Ovzon of Solna, Sweden, has not yet purchased the satellite, but paid Eutelsat $1.6 million earlier this year to move one of its satellites to an unspecified Ovzon orbital slot to preserve spectrum rights at that location.

In a statement, Ovzon CEO Per Wahlberg said procurement of the companys first satellite is in the final stage, and that production of an advanced onboard processor started earlier this month.


Physicist describes the shape of a wormhole "IndyWatch Feed Tech"

A RUDN physicist demonstrated how to describe the shape of any symmetrical wormholea black hole that theoretically can be a kind of a portal between any two points in space and timebased on its wave spectrum. The research would help understand the physics of wormholes and better identify their physical characteristics. The article was published in the Physics Letters B journal.

Modern concepts of the universe provide for the existence of wormholesunusual curvatures in space and time. Physicists imagine a as a black hole through which one can see a distant point of the universe in four dimensions. Astrophysicists are still unable to determine the shape and sizes of precisely, let alone theoretical wormholes. A RUDN physicist has now demonstrated that the shape of a wormhole can be calculated based on observable .

In practice, physicists can observe only indirect properties of wormholes, such as red shifta downward shift in the frequency of gravitational waves in the course of moving away from an object. Roman Konoplya, a research assistant from the RUDN Institute of Gravitation and Cosmology, the author of the work, used quantum mechanical and geometrical assumptions and showed that the shape and mass of a wormhole can be calculated based on the red shift value and the range of gravitational waves in high frequencies.


New Details On System76's Open-Source Hardware Plans Come To Light "IndyWatch Feed Tech"

Longtime Ubuntu/Linux PC vendor System76 has been teasing their efforts around an "open-source computer" and other open-source hardware efforts now that they are in the home stretch of setting up their own US-based manufacturing facility. Some new details on their initial aspirations are now out there...


Raspberry Pi Fans Up in Arms as Mathematica Disappears From Raspbian Downloads "IndyWatch Feed Tech"

Submitted via IRC for Bytram

Raspberry Pi fans up in arms as Mathematica disappears from Raspbian downloads

Knickers have become ever so twisty over the last few days as fans of the diminutive Raspberry Pi computer and its Raspbian operating system noted that Mathematica had been "removed".

Discussions soon popped up on the Raspberry Pi Foundation's own forums and elsewhere as to what the exclusion might mean.

The leading theory was that the contract that allowed the Foundation to bundle the pricey system for free for the education-orientated Pi had expired. Mathematica Desktop for Students, after all, starts at 105 (plus taxes), so getting it for free made the Pi somewhat of a steal.

A Raspberry Pi engineer confirmed the expiration theory in a forum posting, stating: "The contract was for five years and has expired."

However, Wolfram Research contradicted this yesterday with a tweet confirming that Mathematica would indeed continue to be available on the Pi and even gave some handy commands to download the thing.

[...] El Reg additionally got in touch with the Raspberry Pi Foundation and were told by its head honcho, Eben Upton, that the issue was also one of download size (as observed by several forum posters). Upton observed that removing Mathematica "takes a chunk of size out of the most commonly downloaded image (it's never been present in the 'lite' image, but this also lacks the desktop and various other bits)".

However, with not a little bit of understatement, he added: "That said, there's been lots of grumbling, so we might end up putting it back."

Going forwards, Mathematica could well end up being installed on physical media (such as SD cards) but left as an option for downloads.

Original Submission



[$] Secure key handling using the TPM "IndyWatch Feed Tech"

Trusted Computing has not had the best reputation over the years Richard Stallman dubbing it "Treacherous Computing" probably hasn't helped though those fears of taking away users' control of their computers have not proven to be founded, at least yet. But the Trusted Platform Module, or TPM, inside your computer can do more than just potentially enable lockdown. In our second report from Kernel Recipes 2018, we look at a talk from James Bottomley about how the TPM works, how to talk to it, and how he's using it to improve his key handling.


Links 17/10/2018: Elementary OS 5.0 Juno Released, MongoDBs Server Side Public Licence "IndyWatch Feed Tech"

GNOME bluefish




Friday Hack Chat: Visual Synthesis "IndyWatch Feed Tech"

For this weeks Hack Chat, were going to be discussing generating analog video for visual synthesis. Whats on the front porch?

Our guest for this weeks Hack Chat will be Jonas Bers, an audiovisual artist and performer. For their work they used hacked video mixers, a hand-built video synthesizer, and various pieces of restored/modded lab equipment and military surplus devices. Jonas has also developed the CHA/V, the Cheap, Hacky, A/V, an open source, DIY, audiovisual video synthesizer. This video synth has been built by people around the world, and has been the subject of international workshops in fancy art schools. Its a dirt-cheap video synth, quick and easy to make, expandable and customization as a part in a larger system, and requires no computer, Arduino, microcontroller, or programming.

Jonas will be discussing entry points into hardware-based real-time video synthesis such as their own tutorial for the CHA/V, and the LZX cadet/castle DIY series. If you enjoy making analog audio circuits, and you are interested in video synthesis, they can suggest some good places to start and helpful resources. Jonass personal practi...


The 69th Congress of the International Astronautical Federation, in Bremen, celebrated NewSpace, without Musk, Bezos, and Branson "IndyWatch Feed Tech"

SRI Newsletter #06 2018 Great success both for the public and for the speakers, despite the enrollment fees definitely out of budget for many: more than 6300 registered participants, of which almost 50% very young, more than 2000 papers presented in the various symposia. The title of the Congress was very interesting: Involving everyone. This gave the impression that there was plenty of space at the Congress for the themes of civil development in space. The attention to the impetuous development of the NewSpace sector is now felt everywhere, and the most important global space congress could not avoid being impacted. After all, it is thanks to the growth of the NewSpace sector if the IAF Congress has recorded this remarkable success. But which were the predominant themes of the Congress? Has the promise announced in the title been kept? In part, yes, but a lot of work remains to be done. And the main NewSpace entrepreneurs didnt come to Bremen. Read the whole article.

The 69th Congress of the International Astronautical Federation took place in the halls of the Bremen exhibition center from 1 to 5 October.

Great success both for the public and for the speakers, despite the enrollment fees definitely out of budget for many: more than 6300 registered participants, of which almost 50% very young, more than 2000 papers presented in the various symposia. The title of the Congress was very interesting: Involving everyone. This gave the impression that there was plenty of space at the Congress for the themes of civil development in space. The attention to the impetuous development of the NewSpace sector is now felt everywhere, and the most important global space congress could not avoid being impacted. After all, it is thanks to the growth of the NewSpace sector if the IAF Congress has recorded this remarkable success. But which were the predominant themes of the Congress? Has the promise announced in the title been kept? In part, yes, but a lot of work remains to be done.

One aim was to include everyone, for example, in the exploration of the Moon. And we have seen some concrete cases of inclusion. The company Part Time Scientists, earlier in the context of the Lunar X-Prize, and then with the development of subsequent innovative projects, has put in place a lunar exploration project, in which some industries not belonging to the aerospace sector are involved as technological partners, as well as sponsors, s...


The Pirate Bay And Other Sites Ordered To Be Blocked By ISP Telia "IndyWatch Feed Tech"

ISP Telia has been ordered by the court to block The Pirate Bay, Fmovies, Dreamfilm, and other sites

Telia, an internet service provider (ISP) which operates in Sweden, in an interim ruling on Monday has been ordered by Swedens Patent and Market Court to block large torrent and streaming platforms, such as The Pirate Bay, Dreamfilm, FMovies, and NyaFilmer.

The decision comes following a complaint by a huge association of content companies and groups including the Swedish Film Industry, Nordisk Film, Disney, Paramount, Columbia, Disney, and Twentieth Century Fox.

Also Read: The Pirate Bay Alternatives- 10 Best Torrent Sites like TPB (2018)

Site-blocking has become one of the preferred anti-piracy tools by many content companies and distributors who are looking to decrease the level of copyright infringement.

It all started in Sweden last year when the Swedish Patent and Market Court of Appeal ordered local ISP Bredbandsbolaget (Broadband Company) to block The Pirate Bay and streaming site Swefilmer. Back then, Telia said that it would not block The Pirate Bay, unless it is forced to do so by law and that the decision only affected Bredbandsbolaget.

The order by the Patent and Market Court has now put Telia in the same situation that Bredbandsbolaget was last year.

Per Strmbck of the Film and TV Industry Cooperation Committee said in a statement that a favorable decision was expected, reported IDG.

The decision was expected and complies with the current legal situation. Now its high time that Telia takes the same responsibility in Sweden as it already does in Denmark and Norway, Strmbck said.

However, site blocking in Sweden is not as easy as it seems, as the same was observed in last years decision in the Bredbandsbolaget case.

Apparently, the Court discovered that under EU law, the copyright holders can obtain an injunction against ISPs whose services are used to carry out copyright infringement, mentioning that the Swedish Copyright Act should be interpreted in the light of EU law.

The Court also wanted to ensure before deciding on an injunction that any blocking would be proportional. A blocking order is now considered an appropriate response since sites like The Pirate Bay and similar platforms primarily offer illegally-distributed copyright-protected content.

The interim ruling handed by the Court on Monday will be valid from October 30. Effective that date, Telia will stop providing subscribers access to the sites that are mentioned in the complaint and will continue to follow it until the cas...


Balancing Robots From Off-The-Shelf Parts "IndyWatch Feed Tech"

In this day and age, we are truly blessed as far as the electronics hobby is concerned. Advanced modules such as gyros and motor controllers are readily available, not just as individual parts, but as pre-soldered modules that can be wired together with a minimum of fuss and at low cost. This simple balancing robot is a great example of what can be done with such parts (Google Translate link).

The robot has an ESP32 running the show, which provides both the processing power required, as well as the WiFi interface used to control the bot from a smartphone. This is achieved using an app from JJRobots, an open-source robotics teaching resource. Stepper motors are controlled by DRV8825 modules sourced from amazon, and an MPU6050 gyro rounds out the major components. Naturally, source code is available on GitHub for your reading pleasure.

Its remarkable that in this day and age, its possible to build such a project with little to no soldering required at all. With a credit card and a healthy supply of patch leads, its possible to whip up complex digital projects quite quickly. Weve seen a similar approach before, too. Video after the break.

[Thanks to Baldpower for the tip!]


Windows 10 October 2018 Update Build 17763.104 released to Insiders with fixes "IndyWatch Feed Tech"

Patched Windows 10 October 2018 Update Build 17763.104 Released To Slow And Release Preview Rings

This cumulative update KB4464455 that brings the build number up to 17763.104 comes after the file deletion bug that saw Microsoft pausing the rollout of Windows 10 October 2018 update to the public.

The new update adds no new features. According to Microsoft, the Cumulative Update contains the following fixes:

  • We have fixed the issue where the incorrect details were being shown in Task Manager under the Processes tab.
  • We fixed an issue where in certain cases IME would not work in the first process of a Microsoft Edge user session.
  • We fixed an issue where in some cases applications would become unresponsive after resuming from Connected Standby.
  • We fixed several issues causing application compatibility problems with 3rd-party antivirus and virtualization products.
  • We fixed several issues with driver compatibility.

While the new update adds no new features, it, however, does fix the bug in Task Manager in Windows 10 October 2018 Update that caused it to incorrectly report CPU usage. It has also fixed driver compatibility issues and capability issues with 3rd-party antivirus product experienced by some users.

Currently, Microsoft has paused the Windows 10 October 2018 Update and it is unclear when it would re-release the final patch that has fixed all the critical issues.

Insiders in the Slow and Release Preview Ring can install the latest updates by opening Settings, then navigating to Updates & Security and tapping on check for updates button.

The post Windows 10 October 2018 Update Build 17763.104 released to Insiders with fixes appeared first on TechWorm.


Security updates for Wednesday "IndyWatch Feed Tech"

Security updates have been issued by CentOS (tomcat), Debian (asterisk, graphicsmagick, and libpdfbox-java), openSUSE (apache2 and git), Oracle (tomcat), Red Hat (kernel and Satellite 6.4), Slackware (libssh), SUSE (binutils, ImageMagick, and libssh), and Ubuntu (clamav, libssh, moin, and paramiko).


Re: ghostscript: bypassing executeonly to escape -dSAFER sandbox (CVE-2018-17961) "IndyWatch Feed Tech"

Posted by Rich Felker on Oct 17

I don't, but one further idea that might appeal to upstream if they
want the fs bindings for the sake of executing ancient programs
written in postscript that operate on files: rather than binding to
actual fs operations on the host, implement a virtual filesystem
within the interpreter, and require explicit command line options to
import/export files from/to the real filesystem at entry/exit.



A Techies Tour of New York City "IndyWatch Feed Tech"

Here are some NYC attractions that you wont find in the guidebooks

Do your travel plans include New York City? Are you a techie? If the answer to those questions is yes, let IEEE Spectrum be your guide! Weve put together a list of some of our favorite places to visit, including important locations in the history of electrotechnology (New York was once the center of the electrical and electronic world) and places where fun and interesting things are happening today. See where Nikola Tesla lived, check out cutting-edge artists working with technology, or take the kids to see an Atlas and Titan rocket. 

All the locations are accessible via the subway, and many are free to visit. If you do visit, take a selfie and post a link in the comments below. 


Jaguar Considers Transformation to EV-Only Brand "IndyWatch Feed Tech"

Autocar reports:

Jaguar Land Rover bosses are considering a plan to turn Jaguar into an EV-only brand within the next decade, Autocar has learned.

It is understood that company product planners have produced an outline strategy under which Jaguar's conventional vehicle range would be phased out over the next five to seven years, to be replaced by pure-electric vehicles.

Jaguar Land Rover bosses are considering a plan to turn Jaguar into an EV-only brand within the next decade, Autocar has learned.  

It is understood that company product planners have produced an outline strategy under which Jaguar's conventional vehicle range would be phased out over the next five to seven years, to be replaced by fully electric vehicles. 

Under the plans being considered, a full-on luxury electric saloon, replacing the unloved XJ, is expected within two years. It will be a direct competitor for Porsche's upcoming Taycan, alongside strong-selling cars such as the Tesla Model S

Rethought as an electric vehicle, the new XJ will both play to the strengths of the 1967 original by offering segment-leading refinement and ride and look to the future by completely reinventing the classic Jaguar interior. 

It is understood that the new XJ will be a no-holds-barred luxury car in every sense, offering customers a zero-pollution alternative to a Mercedes-Benz S-Class or even a Bentley Flying Spur.

Original Submission

Read more of this story at SoylentNews.


Arm Launches Mbed Linux and Extends Pelion IoT Service "IndyWatch Feed Tech"

Politics and international relations may be fraught with acrimony these days, but the tech world seems a bit friendlier of late. Last week Microsoft joined the Open Invention Network and agreed to grant a royalty-free, unrestricted license of its 60,000-patent portfolio to other OIN members, thereby enabling Android and Linux device manufacturers to avoid exorbitant patent payments.


Startups in the Aging Sector Ending Age-Related Diseases 2018 "IndyWatch Feed Tech"

Earlier this year, we hosted the Ending Age-Related Diseases 2018 conference at the Cooper Union in New York City. This conference was designed to bring together the best in the aging research and biotech investment worlds and saw a range of industry experts sharing their insights.

Dr. Oliver Medvedik, LEAF vice president and Director of the Maurice Kanbar Center for Biomedical Engineering at the Cooper Union, chaired a panel with a focus on starting up biotech companies and dealing with the challenges inherent to launching a company in this industry.


LuminosityLink Hacking Tool Author Gets 30-Months Prison Sentence "IndyWatch Feed Tech"

A 21-year-old Kentucky man who previously pleaded guilty to developing, marketing, and selling an infamous remote access trojan (RAT) called LuminosityLink has now been sentenced to 30 months in prison. According to a press release published Monday by U.S. Attorneys Office, Colton Grubbs, who used online moniker 'KFC Watermelon,' was pleaded guilty for three counts--unlawfully accessing


DragonFlyBSD Continues Squeezing More Performance Out Of AMD's Threadripper 2990WX "IndyWatch Feed Tech"

DragonFlyBSD 5.4 should be a really great release if you are a BSD user and have an AMD Threadripper 2 box, particularly the flagship Threadripper 2990WX 32-core / 64-thread processor.


Hacking When It Counts: Setting Sail in a Submarine "IndyWatch Feed Tech"

By the early 20th century, naval warfare was undergoing drastic technological changes. Ships were getting better and faster engines and were being outfitted with wireless communications, while naval aviation was coming into its own. The most dramatic changes were taking place below the surface of the ocean, though, as brave men stuffed themselves into steel tubes designed to sink and, usually, surface, and to attack by stealth and cunning rather than brute force. The submarine was becoming a major part of the worlds navies, albeit a feared and hated one.

For as much animosity as there was between sailors of surface vessels and those that chose the life of a submariner, and for as vastly different as a battleship or cruiser seems from a submarine, they all had one thing in common: the battle against the sea. Sailors and their ships are always on their own dealing with forces that can swat them out of existence in an instant. As a result, mariners have a long history of doing whatever it takes to get back to shore safely even if that means turning a submarine into a sailboat.

Pigs of the Sea

R-14 at the pier. Source:

The first generation of militarily important submarines were, to modern eyes, terribly primitive affairs. Compared to...


These Researchers Want to Send Smells Over the Internet "IndyWatch Feed Tech"

Electrical stimulation of cells in the nasal passages produces sweet fragrances and chemical odors

Imagine a virtual reality movie about the Civil War where you can smell the smoke from the soldiers rifles. Or an online dating site where the profiles are scented with perfume or cologne. Or an augmented reality app that lets you point your phone at a restaurant menu and sample the aroma of each dish. 

The researchers who are working on digital smell are still a very long way from such applicationsin part because their technologys form factor leaves something to be desired. Right now, catching a whiff of the future means sticking a cable up your nose, so electrodes can make contact with neurons deep in the nasal passages. But theyve got some ideas for improvements. 

This digital smell research is led by Kasun Karunanayaka, a senior research fellow at the Imagineering Institute in Malaysia. He started the project as a Ph.D. student with Adrian Cheok, now director of the institute and a professor at the City University of London, whos on a quest to create a multisensory Internet. In one of Cheoks earliest projects he sent hugs to chickens, and his students have also worked with digital kisses and electric taste.

Karunanayaka says most prior experiments with digital smell have involved chemical cartridges in devices that attach to computers or phones; sending a command to the device triggers the release of substances, which mix together to produce an odor.

Working in that chemical realm, Karunanayakas team is collaborating with a Japanese startup called Scentee that he says is developing the worlds first smartphone gadget that can produce smell sensations. Theyre working together on a Scentee app that integrates with other apps to add smells to various smartphone functions. For example, the app could link to your morning alarm to get the day started with the smell of coffee, or could add fragrances to texts so that messages from different friends come with distinct aromas.

But Karunanayakas team wanted to find an alternative to chemical devices with cartridges that req...


Tesla secures land in China for first plant abroad "IndyWatch Feed Tech"

Tesla said Wednesday that it has secured land in Shanghai to build its first plant outside of the U.S., according to The Associated Press.The electric carmaker first announced its plans to expand overseas in July after the Chinese government...


Twitter releases data on Iranian, Russian influence campaigns "IndyWatch Feed Tech"

Twitter is releasing an archive of all of the content it has discovered from Russian and Iranian disinformation campaigns since 2016.The company announced Wednesday that the release of the datasets is intended to allow researchers to analyze how the...


Thousands of servers easy to hack due to a LibSSH Flaw "IndyWatch Feed Tech"

The Libssh library is affected by a severe flaw that could be exploited by attackers to completely bypass authentication and take over a vulnerable server.

The Secure Shell (SSH) implementation library, the Libssh, is affected by a four-year-old severe vulnerability that could be exploited by attackers to completely bypass authentication and take over a vulnerable server without requiring a password.

The issue tracked as CVE-2018-10933 was discovered by Peter Winter-Smith from NCC Group, it ties a coding error in Libssh.

The exploitation of the flaw is very trivial, an attacker only needs to send an SSH2_MSG_USERAUTH_SUCCESS message to a server with an SSH connection enabled when it expects an SSH2_MSG_USERAUTH_REQUEST message.

libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials. reads the security advisory.

The library fails to validate if the incoming successful login packet was sent by the server or the client, and also fails to check if the authentication process has been successfully completed.

This means that if a remote attacker sends the SSH2_MSG_USERAUTH_SUCCESS response to libssh, the library considers that the authentication has been successfully completed.

Thousands of vulnerable servers are exposed online, by querying the Shodan search engine we can see that more than 6,500 servers are affected by the issue.

But before you get frightened, you should know that neither the widely used OpenSSH nor Githubs implementation of libssh was affected by the vulnerability.

The Libssh maintainers addressed the flaw with the release of the libssh versions 0.8.4 and 0.7.6.

Experts pointed out that GitHub and OpenSSH implementations of the libssh library are not affected by the flaw.


Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Bob Friesenhahn on Oct 17

Memory allocations would build to extremely large values across
hundreds of rendered pages. Use of Ghostscript in interactive
programs is still surely common. Programs using libgs will inherit
any leaks. These leaks and other issues should be fixed.

Keep in mind that Ghostscript is also used to render/view PDF files.
When interactively viewing it is common to do just-in-time rendering.


Re: ghostscript: bypassing executeonly to escape -dSAFER sandbox (CVE-2018-17961) "IndyWatch Feed Tech"

Posted by Perry E. Metzger on Oct 17

On Wed, 17 Oct 2018 02:09:28 -0400 Rich Felker

Does anyone other than Tavis know their way around the inside of the
codebase? Perhaps we can collaborate on patches.



Facepunch - 342,913 breached accounts "IndyWatch Feed Tech"

In June 2016, the game development studio Facepunch suffered a data breach that exposed 343k users. The breached data included usernames, email and IP addresses, dates of birth and salted MD5 password hashes. Facepunch advised they were aware of the incident and had notified people at the time. The data was provided to HIBP by whitehat security researcher and data analyst Adam Davies.


Prototyping IoT Applications using Beaglebone and Debian "IndyWatch Feed Tech"

Prototyping IoT Applications using Beaglebone and Debian


Oracle CPU October 2018: 301 vulnerabilities patched "IndyWatch Feed Tech"

Oracle has released its Critical Patch Update for October 2018, fixing 301 vulnerabilities across a wide range of its products, including Oracle Database Server, Oracle E-Business Suite, Oracle Java SE, and others. As with previous Critical Patch Update releases, a significant proportion of the patches is for third-party components (non-Oracle CVEs, including open source components), Oracle Software Security Assurance Director Eric Maurice has noted. This CPU is the last one scheduled for 2018, and brings More

The post Oracle CPU October 2018: 301 vulnerabilities patched appeared first on Help Net Security.


Re: CVE-2018-10933: libssh: authentication bypass in server code "IndyWatch Feed Tech"

Posted by Minh Tuan Luong on Oct 17

I have coded a simple POC for this CVE:

--- ----

import paramiko
import socket
import sys

nbytes = 4096
hostname = ""
port = 2222

sock = socket.socket()
    sock.connect((hostname, port))
    # instantiate transport
    m = paramiko.message.Message()
    transport = paramiko.transport.Transport(sock)



Why Scientists Had Trouble Predicting Hurricane Michaels Rapid Intensification "IndyWatch Feed Tech"

Submitted via IRC for Bytram

Why scientists had trouble predicting Hurricane Michael's rapid intensification

Hurricane Michael roared into Mexico Beach, Florida, on 10 October as the strongest storm ever to strike the Florida Panhandle in terms of wind speed, and the third strongest to make landfall in the continental United States. The storm caused severe damage to several coastal communities, Tyndall Air Force Base, and Florida State University's Panama City campus. Officials have attributed 18 deaths to the storm and dozens of people have been reported missing.

Although National Hurricane Center (NHC) forecasters were able to predict where and when Michael was likely to make landfall several days in advance, the storm's rapid intensificationjumping from a Category 2 to just shy of a Category 5 in 24 hoursproved tougher to anticipate. NHC defines "rapid intensification" as a storm's maximum sustained winds increasing by at least 56 kilometers per hour in 24 hours or less. Michael underwent at least three intensification periods on its 5-day march toward the coast.

"Predicting a hurricane's track is relatively straightforward because storms are propelled in one direction or another by the large-scale air currents in the atmosphere," says Robert Rogers, a meteorologist at the National Oceanic and Atmospheric Administration's (NOAA's) Hurricane Research Division in Miami, Florida. "We've gotten a much better handle on predicting those large-scale currents over the past 20 years."

But when it comes to predicting changes to a storm's intensity, the underlying physics becomes much more complicated, says Kerry Emanuel, a professor of atmospheric sciences at the Massachusetts Institute of Technology in Cambridge. That's because hurricanes are complex, massive rotating heat engines, Emanuel says, fueled by a favorable combination of warm ocean water, moist air, and consistent atmospheric winds.

Original Submission

Read more of this story at SoylentNews.


China May Have $5.8 Trillion in Hidden Debt With Titanic Risks "IndyWatch Feed Tech"

Via: Bloomberg: Chinas local governments may have accumulated 40 trillion yuan ($5.8 trillion) of off-balance sheet debt, or even more, suggesting further defaults are in store, according to S&P Global Ratings. The potential amount of debt is an iceberg with titanic credit risks, S&P credit analysts led by Gloria Lu wrote in a report Tuesday. []


CVE-2018-12617 Qemu: qemu-guest-agent: Integer overflow in qmp_guest_file_read may lead to crash "IndyWatch Feed Tech"

Posted by P J P on Oct 17


The QEMU Guest Agent in QEMU is vulnerable to an integer overflow in the
qmp_guest_file_read(). An attacker could exploit this by sending a crafted QMP
command (including guest-file-read with a large count value) to the agent via
the listening socket to trigger a g_malloc() call with a large memory chunk
resulting in a segmentation fault.

A user could use this flaw to crash the Qemu-guest-agent resulting in DoS.

Upstream Patch:...


Howard S. Friedman "IndyWatch Feed Tech"

Surprising discoveries for health and long life.

An extraordinary eighty-year study has led to some unexpected discoveries about long life.

-O, The Oprah Magazine

For years we have been told to obsessively monitor when were angry, what we eat, how much we worry, and how often we go to the gym. So why isnt everyone healthy? Drawing from the most extensive study of long life ever conducted, The Longevity Project busts many long- held myths, revealing how:


What can neuroscience tell us about ethics? "IndyWatch Feed Tech"

Today on The Neuroethics Blog is a post by Adina L. Roskies, Professor of Philosophy and chair of the Cognitive Science Program and Helman Family Distinguished Professor at Dartmouth College, entitled What can neuroscience tell us about ethics?

By Adina L. Roskies Image courtesy of Bill Sanderson, Wellcome Collection What can neuroscience tell us about ethics? Some say nothing ethics is a normative discipline that concerns the way the world should be, while neuroscience is normatively insignificant: it is a descriptive science which tells us about the way the world is. This seems in line with what is sometimes called Humes Law, the claim that one cannot derive an ought from an is (Cohon, 2018). This claim is contentious and its scope unclear, but it certainly does seem true of demonstrative arguments, at the least. Neuroethics, by its name, however, seems to suggest that neuroscience is relevant for ethical thought, and indeed some have taken it to be a fact that neuroscience has delivered ethical consequences. It seems to me that there is some confusion about this issue, and so here Id like to clarify the ways in which I think neuroscience can be relevant to ethics.


Pirate Party enters parliament in Luxembourg, gets 17% in Prague "IndyWatch Feed Tech"

Photo by Jewel Mitchell on Unsplash

Pirate Parties:This past weekend, elections were held in Luxembourg and the Czech Republic. The Pirate Party of Luxembourg tripled their support and entered the Luxembourg Parliament with two MPs, and in the Czech Republic, the Pirate Party increased their support further now receiving a full 17% in Prague.

With 6.45% of the votes of the final tally, the Luxembourg Pirate Party is entering its national Parliament, being the fifth Pirate Party to enter a national or supranational legislature (after Sweden, Germany, Iceland, and the Czech Republic). This may not seem like much, but it is a very big deal, for reasons Ill elaborate on later. A big congratulations to Sven Clement and Marc Goergen, new Members of Parliament for Luxembourg!

Further, the Czech Republic has had municipal elections, and the Czech Pirate Party showed a full 17.1% support in Prague, the Czech capital, making the Pirates the second biggest party with a very narrow gap to the first place (at 17.9%). This may or may not translate to votes for the Czech national legislature, but is nevertheless the highest score recorded so far for a Pirate Party election day. I understand the Czech Pirates have as many as 275 (two hundred and seventy-five!) newly-elected members of city councils, up from 21 (twenty-one). Well done, well done indeed!

For people in a winner-takes-all system, like the UK or United States, this may sound like a mediocre result. In those countries, there are usually only two parties, and the loser with 49% of the vote gets nothing. However, most of Europe have so-called proportional systems, where 5% of the nationwide votes gives you 5% of the national legislation seats. In these systems, the parties elected to Parliament negotiate between themselves to find a ruling majority coalition of 51%+ of the seats, trying to negotiate common positions between parties that are reasonably close to each other in policy. This usually requires a few weeks of intense negotiations between the elections and the presentation of a successfully negotiated majority coalition.



Carnegie Mellon is Saving Old Software from Oblivion "IndyWatch Feed Tech"

A prototype archiving system called Olive lets vintage code run on todays computers.

Researchers growing dependence on computers and the difficulty they encounter when attempting to run old software are hampering their ability to check published results. The problem of obsolescent software is thus eroding the very premise of reproducibilitywhich is, after all, the bedrock of science. ...


News From M.I.T. "IndyWatch Feed Tech"

M.I.T. Plans College for Artificial Intelligence, Backed by $1 Billion

Submitted via IRC for BoyceMagooglyMonkey

M.I.T. Plans College for Artificial Intelligence, Backed by $1 Billion

Every major university is wrestling with how to adapt to the technology wave of artificial intelligence how to prepare students not only to harness the powerful tools of A.I., but also to thoughtfully weigh its ethical and social implications. A.I. courses, conferences and joint majors have proliferated in the last few years.

But the Massachusetts Institute of Technology is taking a particularly ambitious step, creating a new college backed by a planned investment of $1 billion. Two-thirds of the funds have already been raised, M.I.T. said, in announcing the initiative on Monday.

The linchpin gift of $350 million came from Stephen A. Schwarzman, chief executive of the Blackstone Group, the big private equity firm. The college, called the M.I.T. Stephen A. Schwarzman College of Computing, will create 50 new faculty positions and many more fellowships for graduate students.

It is scheduled to begin in the fall semester next year, housed in other buildings before moving into its own new space in 2022.

Read more of this story at SoylentNews.


Coreboot's Flashrom Working On Radeon GPU Flashing Support "IndyWatch Feed Tech"

Former RadeonHD driver developer Luc Verhaegen is back at the AMD Radeon GPU reverse-engineering game. He's now pursuing Radeon firmware flashing with the Coreboot Flashrom utility...


Run and Scale a Distributed Crossword Puzzle App with CI/CD on Kubernetes (Part 3) "IndyWatch Feed Tech"

Run and Scale a Distributed Crossword Puzzle App with CI/CD on Kubernetes (Part 3)


Flamethrower Gets Update, Retains Some Sketchiness "IndyWatch Feed Tech"

Part of what makes flamethrowers fun is their inherent danger. This is what makes a lot of things fun, though, from snowboarding to skydiving to motorcycle riding. As with all of these sensible hobbies, though, its important to take as much unnecessary risk out of the activity as possible to make sure youre around as long as possible to enjoy your chosen activity. With that in mind, [Stephen] decided to make some improvements on his classic wrist-mounted flamethrower.

To start, he ditched the heavy lead-acid battery that powered the contraption in favor of a smaller 5 V battery. In fact, the entire build is much more compact and efficient. He was also able to use the same battery to run a tiny taser that acts as an ignition source for the flamethrowers fuel. The fuel itself is butane, and the modified flamethrower is able to launch flames much further than the original due to improvements in the fuel delivery system. These improvements also include Finding a way to prevent butane droplets from lighting and landing on [his] hand which seems like a necessary feature as well.

The entire build now is very well refined and professional-looking, which is also a major improvement from the first version. Its also worth watching the video after the break as well, which includes a minor run-in with the New York City fire marshal. And, it still retains some of the danger and all of the fun of the original builds which is something we always like to see.



LibSSH Flaw Allows Hackers to Take Over Servers Without Password "IndyWatch Feed Tech"

A four-year-old severe vulnerability has been discovered in the Secure Shell (SSH) implementation library known as Libssh that could allow anyone to completely bypass authentication and gain unfettered administrative control over a vulnerable server without requiring a password. The security vulnerability, tracked as CVE-2018-10933, is an authentication-bypass issue that was introduced in


Undoing Aging 2019 is on the horizon "IndyWatch Feed Tech"

It will be our second conference totally focussed on the science of actual human rejuvenation therapies to repair the damage of aging.

We are happy to begin introducing the speakers, starting with Dr. Jerry Shay.

Dr. Shay is the Vice Chairman of the Department of Cell Biology at The University of Texas Southwestern Medical Center in Dallas. Dr. Shays work on the relationships of telomeres and telomerase to aging and cancer is well recognized.

Jerry has been a stalwart supporter of the SENS concept for well over a decade, and a world leader in the telomere biology field for much longer than that. He spoke at the very first SENS conference, back in 2003, and it will be a joy to welcome him again. says Aubrey de Grey.


4-Phase Approach for Taking Over Large, Messy IT Systems "IndyWatch Feed Tech"

Everyone loves building shiny, new systems using the latest technologies and especially the most modern DevOps tools. But that's not the reality for lots of operations teams, especially those running larger systems with millions of users and old, complex infrastructure.

It's even worse for teams taking over existing systems as part of company mergers, department consolidation, or changing managed service providers (MSPs). The new team has to come in and hit the ground running while keeping the lights on using a messy system they know nothing about.


Silicon Valley tested by Saudi crisis "IndyWatch Feed Tech"

Saudi Arabias alleged involvement in the disappearance and possible murder of a dissident Washington Post columnist is putting Silicon Valley in a difficult position, with potentially billions in business deals at stake.The diplomatic crisis is...


GreyEnergy group targeting critical infrastructure with espionage "IndyWatch Feed Tech"

ESET has uncovered details of a successor to the BlackEnergy APT group. Named GreyEnergy by ESET, this threat actor focuses on espionage and reconnaissance, quite possibly in preparation for future cyber-sabotage attacks. BlackEnergy has been terrorizing Ukraine for years and rose to prominence in December 2015 when they caused a blackout that left 230,000 people without electricity the first-ever blackout caused by a cyberattack. Around the time of that incident, ESET researchers began detecting More

The post GreyEnergy group targeting critical infrastructure with espionage appeared first on Help Net Security.


Brazil expert discovers Oracle flaw that allows massive DDoS attacks "IndyWatch Feed Tech"

Oracle has just released a security update to prevent 2.3 million servers running the RPCBIND service from being used in amplified DDoS attacks.

The flaw was discovered by the Brazilian researcher Mauricio Corra, founder of Brazilian security company XLabs. The exploitation of this vulnerability could cause major problems on the Internet.

A proof of concept (POC) made in only one XLabs server generated a traffic of 69 gigabits per second, Mauricio told

At the time of the discovery, the expert queried Shodan and found that there were nearly 2.6 million servers running RPCBIND on the Internet. The multiplication of this exploit in a 2.6 million server farm leads to a frightening conclusion.


RPCBIND is software that provides client programs with the information they need about server programs available on a network. It runs on port 111 and responds with universal addresses of the server programs so that client programs can request data through RPCs (remote procedure calls).

These addresses are formed by the server IP pool plus port. Since its launch, RPCBIND has been receiving updates that cover several failures, including security. This, however, is the most serious finding so far.

The discovery of the crash began on June 11 this year. On that day, one of the web application firewalls (WAFs) installed in the XLabs SOC (security operations center) detected an abnormal pattern of network traffic that caught the eye of Mauricio.

The data showed that a DDoS attack was in progress, coming from port 111 of several servers, all from other countries.

We then decided to open a server with port 111 exposed on the Internet, with the same characteristics as those who were attacking us and we were monitoring that server for weeks. We found that he was receiving requests to generate attacks, he explained. 

After further analysis of the subject, it was possible to reproduce the attack in the laboratory.

By analyzing the servers exposed at Shodan, the extent of the problem was confirmed, continues Mauricio.

The problem discovered by Mauricio is worse than Memcrashed, detected...


FCC Says Hurricane Michael Victims in Florida Deserve a Month of Free Cell Service "IndyWatch Feed Tech"

Ars Technica:

Wireless carriers' failure to fully restore cellular service in Florida after Hurricane Michael "is completely unacceptable," Federal Communications Commission Chairman Ajit Pai said today in a rare rebuke of the industry that he regulates.

Verizon in particular has been under fire from Florida Governor Rick Scott, who says Verizon hasn't done enough to restore service. By contrast, Scott has praised AT&T for its disaster response.

The FCC will open an investigation into the post-hurricane restoration efforts, Pai said. Pai and Scott urged wireless carriers to immediately disclose plans for restoring service, waive the October bills of affected customers, and let customers switch providers without penalty.

Pai's statement didn't name specific carriers. but Verizon seems to be struggling the most to restore service, based on criticism from the governor. Verizon was the only wireless carrier mentioned specifically by Scott today in a statement that called on telecom companies to "treat Floridians fairly."

Gov. Scott suggested that Verizon has misled the public about its progress in restoring service. He said:

Verizon recently said in a press release that 98 percent of Florida has service. This statement, which includes customers in Florida that were hundreds of miles away from impacted areas, does not help Florida's law enforcement in Bay County and families communicate with loved ones in Panama City and does not help those needing medicine call their pharmacy in Lynn Haven.

[...] Verizon announced shortly after Pai's statement today that it will give three months of free mobile service to "every Verizon customer in Bay and Gulf counties."

"Verizon is 100 percent focused on repairing our network in the Florida Panhandle," the company said in a press release. "We are making progress every hour, and we expect that trend to continue at a rapid pace. We won't rest until service is completely restored."

Also at...


Endpoint security solutions challenged by zero-day and fileless attacks "IndyWatch Feed Tech"

There is an endpoint protection gap against modern threats, the result of a recent survey by the Ponemon Institute and Barkly have shown. The organizations polled 660 IT and security professionals to get insight on the state of endpoint security risk, and have found that: 64% of organizations experienced a successful endpoint attack in 2018 (a 20% increase from the previous 12-month period). 63 percent say that the frequency of attacks theyre facing has also More

The post Endpoint security solutions challenged by zero-day and fileless attacks appeared first on Help Net Security.


VMware addressed Code Execution Flaw in its ESXi, Workstation, and Fusion products "IndyWatch Feed Tech"

VMware has addressed a critical arbitrary code execution flaw affecting the SVGA virtual graphics card used by its ESXi, Workstation, and Fusion products.

VMware has released security updated to fix a critical arbitrary code execution vulnerability (CVE-2018-6974) in the SVGA virtual graphics card used by its ESXi, Workstation, and Fusion solutions.

The issue in the VMware products is an out-of-bounds read vulnerability in the SVGA virtual graphics card that could be exploited by a local attacker with low privileges on the system to execute arbitrary code on the host.

VMware ESXi, Fusion and Workstation contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host. reads the security advisory published by the company.

VMware credited an anonymous researcher for reporting the flaw through Trend Micros Zero Day Initiative (ZDI).

According to the ZDIs own advisory, the vulnerability was reported to VMware in mid-June.

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the guest system in order to exploit this vulnerability. read the ZDIs advisory.

The specific flaw exists within the handling of virtualized SVGA. The issue results from the lack of proper validation of user-supplied data, which can result in an overflow of a heap-based buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the host OS.

VMware classified the issue as medium severity and assigned it a CVSS score of 6.9.

The same anonymous expert also reported an out-of-bounds write vulnerability in the e1000 virtual network adapter, tracked as CVE-2018-6973, used by Workstation and Fusion.

The CVE-2018-6973 flaw could be exploited by a local attacker to execute arbitrary code, VMware addressed this flaw in September.

This flaw is similar to the previous one, an attacker requires at low-privileged access to the exploit the issue on the target system.

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the abil...


GNOME Developers Are Looking At Sprucing Up Pango "IndyWatch Feed Tech"

GNOME developers want to make sure they have a competitive text rendering stack with other platforms and as such are looking to make some modernization improvements to Pango...


GCC 9 Feature Development Is Ending Next Month "IndyWatch Feed Tech"

There is just three weeks left for GNU toolchain developers to finish landing new feature material in GCC 9.0 ahead of next year's GCC 9.1 stable release...


Google Will Charge Android Phone Makers to Use Its Apps In Europe "IndyWatch Feed Tech"

Would you prefer purchasing an Android device that doesn't have any apps or services from Google? No Google Maps, No Gmail, No YouTube! And NOT even the Google Play Storefrom where you could have installed any Android apps you want Because if you live in Europe, from now on, you have to spend some extra cash on a smartphone with built-in Google services, which were otherwise until now


How Robots and Drones Will Change Retail Forever "IndyWatch Feed Tech"

We are in the early days of what might be called the physical cloud, an e-commerce ecosystem that functions like the internet itself. Netflix caches the movies you stream at a data center physically close to you; Amazon is building warehouse after warehouse to store goods closer to consumers. And the storage systems at those warehouses are looking more like the data-storage systems in the cloud. Instead of storing similar items in the same placea helpful practice when humans were fetching the goodsAmazons warehouses store multiples of the same item at random locations, known only to the robots. Trying to find an Instapot at one of Amazons warehouses would be like trying to find where in the cloud one of your emails is stored. Of course, you dont have to. You just tap your screen and the email appears. No humans are involved.

What if you could store and deliver goods as easily as data? Amazon, Walmart and others are using AI and robotics to transform everything from appliance shopping to grocery delivery. Welcome to the physical cloud.


Raptor Computing Systems Is Working On Bringing Up Chrome's POWER Support "IndyWatch Feed Tech"

With Raptor Computing Systems' Talos II Lite and especially the forthcoming Blackbird positioning the POWER architecture in a prime spot for use by libre Linux users who want a system that's open-source down to the firmware, they've been trying to make sure the Linux desktop stack is in order. The latest area they've been working on is browser coverage...


Improving US Patent Quality Through Reassessments of Patents and Courts Transparency "IndyWatch Feed Tech"

Transparency in CD

Summary: Transparency in US courts and more public participation in the patent process (examination, litigation etc.) would help demonstrate that many patents are being granted and sometimes asserted that are totally bunk, bogus, fake

THE new leadership is oftentimes frustrating if now downright depressing; they put the so-called swamp in charge. A new event about patents issued the following nonsensical tweet: A new twist has recently entered the debate about how #patents and #opensource interact and whether the two principles are compatible with each other or not.

So stop granting software patents; the principal problem would be solved.Theyre obviously not compatible, but the sponsors would pay for us to believe otherwise. The event took place yesterday and attending as well as speaking was Director Iancu, who said, according to third-party accounts: lack of predictability on Section 101 limits investment in innovation. [] gets specific: Step 1 of Alice-Mayo test must be a category analysis not a claim analysis. If the matter is sometimes patentable then it is not a subject matter Section 101 problem.

So stop granting software patents; the principal problem would be solved. Well probably say more in the weekend (once all the patent maximalists are done boosting him).

Totally meaningless is the message above (lots of mythology embedded in it, pure fiction from the patent microcosm). He just wants to find ways to defy the courts, ignore caselaw, and grant software patents anyway.

Last night Josh Landau (CCIA) spoke about history and noted that [w]hile the PTO no longer operates under a registration system, that situation still exists today. The PTOunlike many other patent offices around the worldis unable to permanently refuse a patent application.

Here are some key bits:



Anaxi App Shows the State of Your Software Project "IndyWatch Feed Tech"

If you work within the world of software development, youll find yourself bouncing back and forth between a few tools. Youll most likely use GitHub to host your code, but find yourself needing some task/priority software. This could be GitHub itself or other ones like Jira. Of course, you may also find yourself collaborating on several tools, like Slack, and several projects. Considering that its already hard to keep track of the progress on one of your projects, working across several of them becomes a struggle.


LLVM 7 Improves Performance Analysis, Linking "IndyWatch Feed Tech"

The compiler framework that powers Rust, Swift, and Clang offers new and revised tools for optimization, linking, and debugging.

The developers behind LLVM, the open-source framework for building cross-platform compilers, have unveiled LLVM 7. The new release arrives right on schedule as part of the projects cadence of major releases every six months.


Roku to Go Back on Sale in Mexico After Copyright Victory "IndyWatch Feed Tech"

Commercial streaming-capable devices are often designed to receive officially licensed programming but many can be reprogrammed to do illegal things.

Manufacturers say they are not responsible for this behavior but last year in Mexico, that position was successfully challenged.

Following a complaint filed by cable TV provider Cablevision, the Superior Court of Justice of the City of Mexico handed down an order preventing the importation of Roku devices and prohibiting stores such as Amazon, Liverpool, El Palacio de Hierro, and Sears from putting them on sale.

Cablevision complained that pirated content was being made available through Roku devices, with claims of more than 300 channels of unauthorized content being supplied to consumers.

Following a swift appeal by Roku, the sales ban was quickly overturned by a federal judge. However, on June 28, 2017, a Mexico City tribunal upheld the previous decision which banned importation and distribution of Roku devices. Several appeals followed, without success, leading to Roku declaring the ban unjust.

Now, however, and after an extended period off the shelves, Roku has booked a significant legal victory. A ruling handed down by the 11th Collegiate Court in Mexico City has found that the original ban was incorrect and the Roku device isnt illegal, which means that the streaming hardware will soon be back on sale.

The Court reportedly acknowledged Rokus efforts to keep pirated content away from its platform, an opinion also shared by Cablevision. However, should pirate channels appear on Roku in the future, Cablevision warned that it would take further legal action to have those sources blocked via the Mexican Institute of Industrial Property and other local authorities.

The decision of the Mexico City Court was welcomed by Roku General Counsel Stephen Kay.

Todays decision is an important victory for Roku and its Mexican distributor, Latamel Distribuidora, S. de R.L. de C.V. and Mexican retailers in the legal battle against an improper ban on sales of its popular streaming players in Mexico. We are pleased with the Collegiate Courts decision and look forward to continuing to build Rokus TV streaming business in Mexico, Kay said.

Noting that streaming is the future of TV, offering greater choice for consumers alongside better value for money, Roku Chief Marketing Officer Matthew...


Can A Motorized Bicycle Run On Trees? "IndyWatch Feed Tech"

Some of the earliest automobiles werent powered by refined petrochemicals, but instead wood gas. This wood gas is produced by burning wood or charcoal, capturing the fumes given off, and burning those fumes again. During World War II, nearly every European country was under gasoline rations, and tens of thousands of automobiles would be converted to run on wood gas before the wars end.

The basic setup for this experiment is a tiny, tiny internal combustion engine attached to a bicycle. Add a gas tank, and you have a moped, no problem. But this is meant to run on firewood, and for that you need a wood gas generator. This means [NightHawkinLight] will need to burn wood without a whole lot of oxygen, similar to how you make charcoal. There is, apparently, the perfect device to do this, and itll fit on the back of a bike. Its a bee smoker, that thing bee keepers use to calm down a hive of honeybees.

The bee smoker generates the wood gas, which is filtered and cooled in a gallon paint bucket filled with cedar chips. The output from this filter is fed right into where the air filter for the internal combustion engine should be, with an added valve to put more air into the carburetor.

So, with that setup, does the weird bike motorcycle wood gas thing turn over? Yes. The engine idled for a few seconds without producing any useful power. Thats alright, though, because this is just a proof of concept and work in progress. Getting this thing to run and be a useful mode of transportation will require a much larger wood gas generator, but right now [NightHawkinLight] knows his engine can run on wood gas.


35 Million Voter Records For Sale on Popular Hacking Forum "IndyWatch Feed Tech"

Approximately 35 Million voter registration records from 20 states have appeared for sale online. These records include Full Name, Phone, Address, Voting History and 'other' data. There have been other larger leaks and breaches of voter registration records in the past (for example, in 2015 191 Million were found to be freely accessible online)

Details including the affected states are available here:

Why is our voting history retained beyond the current election? This is especially worrisome if you vote in the wrong primaries in an area that has a prevailing opinion that differs sharply from your own.

Original Submission

Read more of this story at SoylentNews.


DataLocker Sentry K300 features encrypted micro SSD keypad flash drive "IndyWatch Feed Tech"

The DataLocker Sentry K300 encrypted flash drive is in stock and now available for order. When the company introduced the K300, the company received a positive reaction to the menu driven encrypted keypad flash drive featuring AES 256-bit encryption, an alpha-numeric keypad, enhanced security features, and up to 256GB capacity, all developed around DataLockers Simply Secure design principles. The K300 has passed FIPS 197 and IP57 certifications. The Sentry K300 is the platform-independent and OS More

The post DataLocker Sentry K300 features encrypted micro SSD keypad flash drive appeared first on Help Net Security.


BestCrypt Explorer: Create and access storage space for data encryption on Android "IndyWatch Feed Tech"

Jetico released of BestCrypt Explorer, a mobile file manager on Android and an extension of BestCrypt Container Encryption. Jeticos Android file encryption app is now available for free download on Google Play. Throughout the digital world, our privacy is constantly threatened by hardware theft, cyber attack and unauthorized account access. says Jetico CEO, Michael Waksman. BestCrypt Explorer is a welcome addition to our family of data protection products, continuing Jeticos mission to ensure a safer More

The post BestCrypt Explorer: Create and access storage space for data encryption on Android appeared first on Help Net Security.


Zyxel launches SD-WAN solution for SMBs and MSPs "IndyWatch Feed Tech"

Zyxel Communications launches Zyxel SD-WAN, the software-defined wide area network solution. Zyxel SD-WAN enables SMBs and Managed Service Providers (MSP) to optimize network connections between distributed sites over the internet to achieve enterprise-class network performance, stability and security for critical applications across the organization. Zyxel SD-WAN is a solution that mitigates network issues faced by businesses and organizations that depend upon the internet to provide connectivity between distributed sites and remote users. Packet-level routing provides More

The post Zyxel launches SD-WAN solution for SMBs and MSPs appeared first on Help Net Security.


CVE-2018-18438 Qemu: Integer overflow in ccid_card_vscard_read() allows memory corruption "IndyWatch Feed Tech"

Posted by P J P on Oct 17


An integer overflow issue was found in the CCID Passthru card device
emulation, while reading card data in ccid_card_vscard_read() function. The
ccid_card_vscard_read() function accepts a signed integer 'size' argument,
which is subsequently used as unsigned size_t value in memcpy(), copying large
amounts of memory.

A user inside guest could use this flaw to crash the Qemu process resulting in

Upstream patch:...


Kolanovic: The Market Is Disagreeing With The Fed, Raising Risk Of "Policy Error" "IndyWatch Feed Tech"


Here we go again.  Interest rates were at historic lows and badly needed to be brought back into balance.  That has now happened and we will likely see no more.

Rising markets reflect improving future business prospects and this allows massive cdapital inflows as well.  This needs to now be cooled down and consolidated.  The USA economy has now recovered or is recovering from the 2008 crash and only eight years late.

Otherwise folks need to catch on that Trump opens negotiations by repudiating the status quo.  What truly matters is the deal arrived at and that is usually unexciting.  .

Kolanovic: The Market Is Disagreeing With The Fed, Raising Risk Of "Policy Error"


UN Admits Latest Outbreak of Polio in Syria Was Caused by the Polio Vaccine "IndyWatch Feed Tech"

 Polio is practically extinct thanks to modern ideas of sanitation and this is merely unfortunate.  Where do they find these people?  The aggressive sale of all forms of vaccines is a criminal outrage.

Yet all our own mothers have been totally brainwashed into trusting these scientific scammers because that is exactly what it has become.

Applying only what is totally necessary would collapse the racket.  Applying what is clearly safe would still cover our childhood nasties which is generally safe enough though we still need to resolve the dangers of the carriers.

UN Admits Latest Outbreak of Polio in Syria Was Caused by the Polio Vaccine

In war-torn Syria, theres little doubt that the conflict has taken a toll on health. Now, the United Nations Childrens Fund (UNICEF) reports that their attempt at using vaccines to protect children against polio has backfire infecting more children with the devastating disease rather than saving them.



The HPV Vaccine On Trial: Seeking Justice For A Generation Betrayed "IndyWatch Feed Tech"

 First off, far too little science was done on this. This means that we were sold a real pig in a poke.

Now the chickens have come home to roost and this will mean extensive settlements not least because of the shoddy science.

The marketing drive associated with this turkey has done huge damage to the vaccination meme.


The HPV Vaccine On Trial: Seeking Justice For A Generation Betrayed

This article represents something Ive never done in my life or as a researcher, writ......


The United Nations reported that 2.6 million Venezuelans are now living abroad "IndyWatch Feed Tech"

Venezuelan migrants living in Medellin, Colombia sleep as they wait to attend a job fair on 27 September. The United Nations reported that 2.6 million Venezuelans are now living abroad.

We gave been fed a lot of bunkum here whose intent it to rationalize the landing of USA troops.  Other reports are saying nothing of the kind and even here we quote 1000,000 making it into Columbia.  Any other direction is impossible.  The real numbers are likely much lower and may actually be around a couple hundred thousand.

We have an apparent effort to remove Maduro who may or may not have been fairly elected. 

What we now lack is real facts on the ground..  The whole situation can surely be settled since sanctions are actually blocking money transfers.

Venezuela: nearly 2m people have fled country since 2015, UN says UN refugee agency chief called for a non-political and humanitarian response to the exodus

Agence France-Presse in Geneva

Mon 1 Oct 2018 18.10 BST Last modified on Mon 1 Oct 2018 18.32 BST 

Nearly two million people have fled Venezuelas economic and political crisis since 2015, according to the UN which called for a non-political response to an exodus that is straining regional resources.

Some 5,000 people are now leaving Venezuela daily the largest population movement in Latin Americas recent history, UN refugee agency (UNHCR) chief Filippo Grandi told the organisations executive committee on Monday.......


Ask OIN How It Intends to Deal With Microsoft Proxies Such as Patent Trolls "IndyWatch Feed Tech"

Microsoft does not need to sue GNU/Linux (and hasnt done so in quite a while); there are tentacles for enforcement

Bill and Nathan
The "Microsoft spinoff" Intellectual Ventures is still managed by the same man. Credit: Reuters

Summary: OIN continues to miss the key point (or intentionally avoid speaking about it); Microsoft is still selling protection from the very same patent trolls that it is funding, arming, and sometimes even instructing (who to pass patents to and sue)

WE HAD been writing about Microsofts attacks especially by means of patents and defensive aggregators (DPAs) long before the Open Invention Network (OIN) added Microsoft as a member (or even LOT Network). We wrote many articles about why OIN wasnt the solution, except perhaps to large companies such as Red Hat and IBM (which already cross-licenses with Microsoft anyway). We foresaw Microsoft joining as a member and clarified that it would not mean very much. OIN cannot really tackle some of the key problems. Even if Microsoft threw away all of its patents (voiding everything) however unlikely that is that would still leave many patents out there that it gave to patent trolls such as MOSAID (now known as Conversant). For well over a decade Microsoft has polluted several spaces/domains with trolls, flooding them with risks that help Microsoft sell Azure IP Advantage [1,...


Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Rich Felker on Oct 16

An obvious fix for UaF's would be just removing the frees. Use of gs
as an interactive program where leaks would matter is a historical
curiosity; the only meaningful modern use is as a converter.

If someone insists there are still uses where freeing matters,
something like talloc may be a reasonable solution, removing all the
internal frees and only performing frees of the whole context.



Re: ghostscript: bypassing executeonly to escape -dSAFER sandbox (CVE-2018-17961) "IndyWatch Feed Tech"

Posted by Rich Felker on Oct 16

This. It's utterly ridiculous that the interpreter even has bindings
for accessing the filesystem and such. But I wonder if some of its
library routines (e.g. font loading) are implemented in Postscript,
using these bindings, rather than being implemented in C outside of
the language interpreter. If so it might be harder to extricate. But I
still think it's worthwhile to try. Once there are patches I would
expect all reasonable distros...


Researchers Produce Virus-resistant Pigs, Could Vastly Improve Global Animal Health "IndyWatch Feed Tech"

Submitted via IRC for Bytram

Researchers produce virus-resistant pigs, could vastly improve global animal health

Researchers at the University of Missouri have successfully produced a litter of pigs that are genetically resistant to a deadly porcine virus.

Coronaviruses, highly contagious and widespread viruses known for their distinctive microscopic halos, are responsible for a variety of deadly intestinal diseases in livestock. One such virus, Transmissible Gastroenteritis Virus (TGEV), commonly infects the intestines of pigs, causing almost 100 percent mortality in young pigs. Now, a team of researchers from MU, Kansas State University and Genus plca global leader in animal genetics has succeeded in breeding pigs that are resistant to the virus by means of gene editing.

"Previous research had identified an enzyme called ANPEP as a potential receptor for the virus, meaning it could be an important factor in allowing the virus to take hold in pigs," said Randall Prather, distinguished professor of animal sciences in the College of Agriculture, Food and Natural Resources. "We were able to breed a litter of pigs that did not produce this enzyme, and as a result, they did not get sick when we exposed them to the virus."

Original Submission

Read more of this story at SoylentNews.


Why we need to bridge the gap between IT operations and IT security "IndyWatch Feed Tech"

Thycotic released the findings from its 2018 VMworld survey of more than 250 IT operations professionals which looked into their experiences in using cybersecurity tools on a daily basis, including their concerns and preferences. According to the findings, even though IT operations personnel help influence the selection of cybersecurity tools, nearly two out of three say complexity in deployment (30 percent) and complexity in daily use (34 percent) are the biggest hindrances in security tool More

The post Why we need to bridge the gap between IT operations and IT security appeared first on Help Net Security.


Protecting applications from malicious scripts "IndyWatch Feed Tech"

In 2018, malicious client-side scripts are still posing a problem for large organizations. This year, British Airways revealed that they suffered a data breach in which 380,000 records were exfiltrated. Now, NewEgg has been hit with a similar data breach. This follows a string of attacks from a group known as Magecart, who were also responsible for publicized data breaches of Ticketmaster and Feedlify. Any time malicious Javascript is loaded onto a critical page for More

The post Protecting applications from malicious scripts appeared first on Help Net Security.


How corporate boards are navigating cybersecurity risks and data privacy "IndyWatch Feed Tech"

Digital transformation initiatives have transcended beyond the sole domain of IT to involve the entire organization, elevating digital strategy to the top of the board agenda, according to BDO USA. Developing a strategic path for an organizations digital transformation and devoting company resources and board oversight to cybersecurity and data privacy are now necessities for businesses to survive and thrive during this time of intense change, said Amy Rojik, national assurance partner and director of More

The post How corporate boards are navigating cybersecurity risks and data privacy appeared first on Help Net Security.


Few organizations use cyber wargaming to practice response plan "IndyWatch Feed Tech"

Nearly half (46 percent) of executive-level respondents to a Deloitte poll say their organizations have experienced a cybersecurity incident over the past year, with more than 1,500 surveyed professionals feeling only somewhat confident in their organizations ability to respond to and remediate a cyber incident. With cybercrime expected to reach $6 trillion annually and no indication of a slowdown in cyber threats, the Deloitte poll taken during a webcast on cyber preparedness and wargaming exposes More

The post Few organizations use cyber wargaming to practice response plan appeared first on Help Net Security.


A crippling ransomware attack hit a water utility in the aftermath of Hurricane Florence "IndyWatch Feed Tech"

A water utility in the US state of North Carolina suffered a severe ransomware attack in the week after Hurricane Florence hit the East Coast of the U.S.

According to the Onslow Water and Sewer Authority (aka ONWASA) some internal systems were infected with the Emotet malware, but the regular water service was not impacted.

According to ONWASA, the infections would require several of the main databases to be completely recreated, fortunately, no customer information was compromised.

We are in the middle of another disaster following Hurricane Florence and tropical storm Michael, CEO Jeff Hudson said employees in a video posted on Facebook,

With a very sophisticated attack they penetrated our defenses, just as they penetrated the city of Atlanta and Mecklenburg county.

hurricane florence

ONWASA CEO Jeffrey Hudson confirmed the ransomware attack began on October 4, the IT staff initially thought to have locked out the threat, however, on October 13 the malware started dropping the Ryuk ransomware into the infected systems.

An ONWASA IT staff member was working was working at 3am and saw the attack, ONWASA said.

IT staff took immediate action to protect system resources by disconecting ONWASA from the internet, but the crypto-virus spread quickly along the network encrypting databases and files.

Operators at the utility did not pay the ransom and opted out to recreate the infected systems.

Ransom monies would be used to fund criminal, and perhaps terrorist activities in other countrie...


Researchers expose security vulnerabilities in terahertz data links "IndyWatch Feed Tech"

A new study shows that terahertz data links, which may play a role in ultra-high-speed wireless data networks of the future, arent as immune to eavesdropping as many researchers have assumed. The research shows that it is possible for a clever eavesdropper to intercept a signal from a terahertz transmitter without the intrusion being detected at the receiver. Terahertz eavesdropping (Mittleman lab / Brown University) The conventional wisdom in the terahertz community has been that More

The post Researchers expose security vulnerabilities in terahertz data links appeared first on Help Net Security.


LibSSH Vuln: You Dont Need to See my Authentication "IndyWatch Feed Tech"

Another day, another CVE (Common Vulnerabilities and Exposures). Getting a CVE number assigned to a vulnerability is a stamp of authenticity that you have a real problem on your hands. CVE-2018-10933 is a worst case scenario for libssh.  With a single response, an attacker can completely bypass authentication, giving full access to a system.

Before you panic and yank the power cord on your server, know that libssh is not part of OpenSSH. Your Linux box almost certainly uses OpenSSH as the SSH daemon, and that daemon is not vulnerable to this particular problem. Libssh does show up in a few important places, the most notable is probably Github and their security team already announced their implementation was not vulnerable.

The libssh project shares code between their client and server implementations, as one would expect. There are different callbacks to handle packet types as a new connection completes the handshake process. The SSH protocol defines several responses that are to be sent as an authentication request is handled. One of those messages is USERAUTH_SUCCESS, which the server sends to inform the client that authentication was successful, and the requested service is ready.

 * @internal
 * @brief Handles a SSH_USERAUTH_SUCCESS packet.
 * It is also used to communicate the new to the upper levels.
SSH_PACKET_CALLBACK(ssh_packet_userauth_success) {

  SSH_LOG(SSH_LOG_DEBUG, "Authentication successful");

  session->auth.state = SSH_AUTH_STATE_SUCCESS;

You may already begin to guess the vulnerability here. Libssh didnt have a mechanism to determine if an incoming packet was allowed for the current state of the connection. An attacker could start a connection, the server would send the authentication challenge, and the attacker could reply with the USERAUTH_SUCCESS response. The problem is that this response is only meant to be sent by the server, not the client, and only after authentication is completed.

Because of the shared code, the server incorrectly jumps to the handler for this message type, and marks the authentication phase completed. At that point, the daemon sets up the SSH connection just as if the client had authenticated, rolling out the red carpet for the attacker.



Palm Rises From the Dead as a Zombie Brand, Launches Tiny Smartphone "IndyWatch Feed Tech"

Submitted via IRC for BoyceMagooglyMonkey

Palm rises from the dead as a zombie brand, launches tiny smartphone

If you recall, Palm, creator of the Palm Pilot and WebOS, bombed out of the smartphone market and was purchased by HP. Palm died at HP after a short run of tablets and smartphones, and eventually Chinese smartphone company TCL snatched up the rights to the Palm brand in 2014, and things have been quiet since then. You might know TCL from running that other smartphone zombie brand, Blackberry.

Today, TCL's Palm presents itself as actual new company with new co-founders, a new logo, and an office in San Francisco. The company is launching the, uh, "Palm" phone (Do we call it the Palm Palm?) and it's taking the "Palm" name literally, with a device small enough to fit in the palm of your hand. The Palm Palm has a practically microscopic 3.3-inch display, and it measures just 96.6mm tall by 50.6mm wide, which is close to the size of a credit card. Palm is pitching the Palm as a "companion" device to your main smartphone, allowing you to leave your big phone behind and bring the Palm in a wallet, on a lanyard, or in any tiny pocket.

This tiny phone also comes with a really tiny spec sheet. You're getting a 3.3-inch 1280720 display with a respectable 445ppi. This is powered by a Qualcomm Snapdragon 435 SoC (that's eight Cortex A53 cores, usually at 1.4GHz) 3GB of RAM, and an 800mAh battery. There's 32GB of storage, a 12MP rear camera, 8MP front camera, IP68 dust and water resistance, USB-C, Wi-Fi, Bluetooth, GPS, and LTE.

Original Submission

Read more of this story at SoylentNews.


YouTube Went Down for Millions Around the World "IndyWatch Feed Tech"

YouTube is down and reports are coming in worldwide about the service being unavailable.


LLVM Still Proceeding With Their Code Relicensing "IndyWatch Feed Tech"

It's been three years since the original draft proposal for relicensing the LLVM compiler code was sent out and while there hasn't been a lot to report on recently about the effort, they are making progress and proceeding...


YouTube experiences global outage "IndyWatch Feed Tech"

YouTube on Tuesday night went down for more than an hour, impacting users across the globe.The video-sharing website, which is a subsidiary of Google, acknowledged the outage in a tweet after users began posting about it on other social...


Two Degrees Decimated Puerto Rico's Insect Populations "IndyWatch Feed Tech"

Submitted via IRC for Bytram

Two degrees decimated Puerto Rico's insect populations

While temperatures in the tropical forests of northeastern Puerto Rico have climbed two degrees Celsius since the mid-1970s, the biomass of arthropodsinvertebrate animals such as insects, millipedes, and sowbugshas declined by as much as 60-fold, according to new findings published today in the Proceedings of the National Academy of Sciences.

The finding supports the recent United Nations Intergovernmental Panel on Climate Change warnings of severe environmental threats given a 2.0 degree Celsius elevation in global temperature. Like some other tropical locations, the study area in the Luquillo rainforest has already reached or exceeded a 2.0 degree Celsius rise in average temperature, and the study finds that the consequences are potentially catastrophic.

"Our results suggest that the effects of climate warming in tropical forests may be even greater than anticipated" said Brad Lister lead author of the study and a faculty member in the Department of Biological Sciences at Rensselaer Polytechnic Institute. "The insect populations in the Luquillo forest are crashing, and once that begins the animals that eat the insects have insufficient food, which results in decreased reproduction and survivorship and consequent declines in abundance."

Original Submission

Read more of this story at SoylentNews.


Can Analogies Reveal the Laws of Physics? - Facts So Romantic "IndyWatch Feed Tech"

Reprinted with permission from Quanta Magazines Abstractions blog.

So-called analogue experiments are becoming increasingly common in physics, but do they teach or mislead?Image by National Institute of Standards and Technology / Wikicommons

Hoping to gain insight into domains of nature that lie beyond experimental reachthe interiors of black holes, the subtleties of the quantum realm, the Big Bangphysicists are experimenting on analogue systems made of fluids and other easily manipulable materials that can be modeled by similar equations. Results from these analogue experiments often end up in top scientific journals, with a sense that they say something about the systems of interest. But do they? And how do we know?

As Stephan Hartmann, philosopher of physics at Ludwig Maximilian University in Munich put it, Under which conditions can evidence that we obtain here in a certain experiment confirm or support claims about a different system, which is far away?

The issue keeps coming up.

In 2014, researchers reported in Nature that they had discovered a particle-like state in a fluid of supercold rubidium atoms that is analogous to a magnetic monopolea long-sought, hypothetical elementary particle that would act like one end of a magnet. One physicist quoted in Nature News deemed the discovery one more
Read More


SpaceX successfully landed its Falcon 9 rocket on the California coast for the first time "IndyWatch Feed Tech"

Original Story: This evening, SpaceX is set to launch a used Falcon 9 rocket from California, a flight that will be followed by one of the companys signature rocket landings. But this time around, SpaceX will attempt to land the vehicle on a concrete landing pad near the launch site not a drone ship in the ocean. If successful, itll be the first time that the company does a ground landing on the West Coast.

Up until now, all of SpaceXs ground landings have occurred out of Cape Canaveral, Florida, the companys busiest launch site. SpaceX has two landing pads there, and has managed to touch down 11 Falcon 9 rockets on them. And each time the company has attempted to land on land, its been a success.


How will NASA transform by joining forces with private space travel? "IndyWatch Feed Tech"

60 years of NASA has brought us the first moon landing, the Voyagers, a progression of Mars rovers, Hubble, Cassini, TESSand the next six decades are going to see it venturing even further into uncharted territory, but this time, the space agency will not be alone on the voyage.

NASA couldnt even start fantasizing about private spaceflightor collaborating with the private sectorwhen it first took off in 1958. Now companies like SpaceX, Boeing and Blue Origin will bring dreams that originally lived between the pages of science fiction books into reality. Dreams like space travel for anyone.

Private companies could potentially lower the cost of suborbital flights from hundreds of thousands to tens of thousands. That still might sound astronomical to the average Earthling, but to NASA, it could mean more opportunities than ever. NASAs Commercial Crew Program is a collab with Boeing and SpaceX to fly astronauts to and from the ISS (which is not going to end up as space junk after all). SpaceXs Crew Dragon and Boeings CST-100 Starliner will start making crewed flights into low-Earth orbit as soon as next year.


Autonomous Flights Are One Step Closer to Reality "IndyWatch Feed Tech"

The air cargo industry is already considering one-person flight crews. Self-flying planes may be next.


Yuval Harari & Russell Brand in conversation | Penguin Talks "IndyWatch Feed Tech"

Hacking humanity russell brand & noah yuval harari

Penguin Talks is a new series of free creative events which gives young people the opportunity to hear


Space Force is not a crazy idea "IndyWatch Feed Tech"

The famed astrophysicist sits down with CBS News Chief White House Correspondent Major Garret for The Takeout.


FIDO2 Authentication In All The Colors "IndyWatch Feed Tech"

Here at Hackaday, we have a soft spot for security dongles. When a new two-factor-authentication dongle is open source, uses USB and NFC, and supports FIDO2, the newest 2FA standard, we take notice. That just happens to be exactly what [Conor Patrick] is funding on Kickstarter.

Weve looked at [Conor]s first generation hardware key, and the process of going from design to physical product.  With that track record, the Solo security key promises to be more than the vaporware that plagues crowdfunding services.

Another player, Yubikey, has also recently announced a new product that supports FIDO2 and NFC. While Yubikey has stepped away from their early open source policy, Solo is embracing the open source ethos. The Kickstarter promises the release of both the software and hardware design as fully open, using MIT and CC BY-SA licenses.

For more information, see the blog post detailing the project goals and initial design process.  As always, caveat emptor, but this seems to be a crowdfunding project worth taking a look at.


Stephen Hawking Essay Warns of Gene Editing; Final Hawking Research Paper Published "IndyWatch Feed Tech"

Essays reveal Stephen Hawking predicted race of 'superhumans'

The late physicist and author Prof Stephen Hawking has caused controversy by suggesting a new race of superhumans could develop from wealthy people choosing to edit their and their children's DNA. Hawking, the author of A Brief History of Time, who died in March, made the predictions in a collection of articles and essays.

[...] In Brief Answers to the Big Questions, Hawking's final thoughts on the universe, the physicist suggested wealthy people would soon be able to choose to edit genetic makeup to create superhumans with enhanced memory, disease resistance, intelligence and longevity. Hawking raised the prospect that breakthroughs in genetics will make it attractive for people to try to improve themselves, with implications for "unimproved humans". "Once such superhumans appear, there will be significant political problems with unimproved humans, who won't be able to compete," he wrote. "Presumably, they will die out, or become unimportant. Instead, there will be a race of self-designing beings who are improving at an ever-increasing rate."

Stephen Hawking's last paper on black holes is now online

Stephen Hawking never stopped trying to unravel the mysteries surrounding black holes -- in fact, he was still working to solve one of them shortly before his death. Now, his last research paper on the subject is finally available online through pre-publication website arXiv, thanks to his co-authors from Cambridge and Harvard. It's entitled Black Hole Entropy and Soft Hair, and it tackles the black hole paradox. According to Hawking's co-author Malcolm Perry, the paradox "is perhaps the most puzzling problem in fundamental theoretical physics today" and was the center of the late physicist's life for decades.

Read more of this story at SoylentNews.


Updated Proton 3.16 Beta For Steam Play Has DXVK 0.90, D3D11 Fixes "IndyWatch Feed Tech"

Valve in cooperation with CodeWeavers and other developers continues making rapid progress on Steam Play and their "Proton" downstream flavor of Wine...


NEW 'Off The Wall' ONLINE "IndyWatch Feed Tech"

NEW 'Off The Wall' ONLINE

Posted 17 Oct, 2018 1:03:30 UTC

The new edition of Off The Wall from 16/10/2018 has been archived and is now available online.


Google Engineer Proposes KUnit As New Linux Kernel Unit Testing Framework "IndyWatch Feed Tech"

Google engineer Brendan Higgins sent out an experimental set of 31 patches today introducing KUnit as a new Linux kernel unit testing framework to help preserve and improve the quality of the kernel's code...


Chrome 70 Now Officially Available With AV1 Video Decode, Opus In MP4 & Much More "IndyWatch Feed Tech"

Google's Chrome/Chromium 70 web-browser made it out today for Linux users as well as all other key supported platforms...


HPR2663: Short review on a 2.5 inch SSD/HDD caddy "IndyWatch Feed Tech"

Well Ken made another call for shows and as my recent interview series has come to an end by the time you listen to this here is a short review of a USB3 2.5inch HDD/SSD caddy I got from E-bay a few weeks ago. As many of you who have listened to my previous ramblings know I frequent a local Computer auction and recently they have had some cheap 128Gig SSDs for sale and I managed to pick several up at a good price. After using some to upgrade some desktop PCs to SSD I had a couple of these spare and as I have USB3 on my main laptop thought it would be good to be able to use one or two of these as portable storage or even for boot drives to test out odd Linux distro or 2. So I purchased a caddy off that font of all things techie E-bay for 5.50, link here: So after it arrived I plugged in one of the drives and tested it out. The first thing to notice is that SSDs being 7mm in depth flop about a bit in the case but this is easily resolved by a bit of card under the drive to help it fit snug in the case and it does mean that the case will support the larger 9mm 2.5inch spinners if needed. Ive not tested a larger older spinner but I suspect they will not fit as 9mm ones are very snug in the case. Anyway the drive was detected by the PC/Laptop and works flawlessly and as it is so quick to swap drives in the caddy means I can carry large data files and my music and video library when on the move with the advantage that it is less likely to be damaged if accidentally dropped or knocked off a surface, which is quite likely with a portable spinner HDD. I am very happy with this purchase and it has already become a regular part of my travelling tool kit/laptop bag.

Saudi Arabia Reportedly Prepared to Admit Involvement in Journalist's Death "IndyWatch Feed Tech"

Saudis preparing to admit Jamal Khashoggi died during interrogation, sources say

The Saudis are preparing a report that will acknowledge that Saudi journalist Jamal Khashoggi's death was the result of an interrogation that went wrong, one that was intended to lead to his abduction from Turkey, according to two sources.

One source says the report will likely conclude that the operation was carried out without clearance and transparency and that those involved will be held responsible.

One of the sources acknowledged that the report is still being prepared and cautioned that things could change.

The Washington Post columnist was last seen in public when he entered the Saudi consulate in Istanbul in Turkey on October 2. Previously, Saudi authorities had maintained Khashoggi left the consulate the same afternoon of his visit, but provided no evidence to support the claim.

Saudi Arabia could hike oil prices over the Khashoggi case. Here's why it would backfire

Saudi Arabia's not-so-veiled threat issued in a government statement Sunday emphasized its "vital role in the global economy" and that any action taken upon it will be met with "greater action". But as oil ticks upward, a look at history and geopolitics suggests that while a Saudi-driven oil price spike would bring pain for much of the world, it would ultimately backfire on itself.

"If this is something the Saudis were allowed to do, they'd be really shooting themselves in the foot," Warren Patterson, commodities analyst at ING, told CNBC's Squawk Box Europe on Tuesday. "In the short to medium term we'll definitely see an incremental amount of demand destruction, but the bigger issue is in the longer term."

Any action in withholding oil from the market, he said, "would only quicken the pace of energy transition."

Previously: Turkey Says that a Missing Critic of the Saudi Government was Killed in Saudi Consulate in Istanbul

Original Submission

Read more of t...


Hillicon Valley: Agencies show progress on email security | DHS pushes back on report claiming spike in election attacks | Judge approves SEC-Elon Musk settlement | Uber IPO proposal valued at $120B "IndyWatch Feed Tech"

Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley.Welcome! Follow the cyber team, Olivia Beavers (@olivia_beavers) and Jacqueline Thomsen (@jacq_thomsen...


What To Do If Your Account Was Caught in the Facebook Breach "IndyWatch Feed Tech"

Keeping up with Facebook privacy scandals is basically a full-time job these days. Two weeks ago, it announced a massive breach with scant details. Then, this past Friday, Facebook released more information, revising earlier estimates about the number of affected users and outlining exactly what types of user data were accessed. Here are the key details you need to know, as well as recommendations about what to do if your account was affected.

30 Million Accounts Affected

The number of users whose access tokens were stolen is lower than Facebook originally estimated. When Facebook first announced this incident, it stated that attackers may have been able to steal access tokensdigital keys that control your login information and keep you logged infrom 50 to 90 million accounts. Since then, further investigation has revised that number down to 30 million accounts.

The attackers were able to access an incredibly broad array of information from those accounts. The 30 million compromised accounts fall into three main categories. For 15 million users, attackers access names and phone numbers, emails, or both (depending on what people had listed).

For 14 million, attackers access those two sets of information as well as extensive profile details including:

  • Username
  • Gender
  • Locale/language
  • Relationship status
  • Religion
  • Hometown
  • Self-reported current city
  • Birthdate
  • Device types used to access Facebook
  • Education
  • ...


Modular Violin Takes A Bow "IndyWatch Feed Tech"

They say the only difference between a violin and a fiddle is the way you play it. If thats so, this modular violin will need a new name, since it can be broken apart and changed in ways that make it sound completely different, all within a few minutes.

The fiddle is the work of [David Perry] and has 3D printed body, neck, pegbox, and bridge. While it might seem useful on the surface as a way to get less expensive instruments out in the world where virtually anyone has access to them, the real interesting qualities are shown when [David] starts playing all of the different versions hes created. The sound changes in noticeable ways depending on the style of print, type of plastic used, and many other qualities.

Of course you will need a bow, strings, pegs, and a fingerboard, but the rest is all available if you have a 3D printer around. If youre already a skilled violinist this could be a very affordable way to experiment with new sounds. Its not the first time weve seen 3D printed violins, but it is the first time weve seen them designed specifically to alter the way they sound rather than their physical characteristics. If you want to make your own, all of the .stl files are available on the projects site.


Toward Community-Oriented, Public & Transparent Copyleft Policy Planning "IndyWatch Feed Tech"

More than 15 years ago, Free, Libre, and Open Source Software (FLOSS) community activists successfully argued that licensing proliferation was a serious threat to the viability of FLOSS. We convinced companies to end the era of vanity licenses. Different charities from the Open Source Initiative (OSI) to the Free Software Foundation (FSF) to the Apache Software Foundation all agreed we were better off with fewer FLOSS licenses. We de-facto instituted what my colleague Richard Fontana once called the Rule of Three assuring that any potential FLOSS license should be met with suspicion unless (a) the OSI declares that it meets their Open Source Definition, (b) the FSF declares that it meets their Free Software Definition, and (c) the Debian Project declares that it meets their Debian Free Software Guidelines. The work for those organizations quelled license proliferation from radioactive threat to safe background noise. Everyone thought the problem was solved. Pointless license drafting had become a rare practice, and updated versions of established licenses were handled with public engagement and close discussion with the OSI and other license evaluation experts.

Sadly, the age of license proliferation has returned. It's harder to stop this time, because this isn't merely about corporate vanity licenses. Companies now have complex FLOSS policy agendas, and those agendas are not to guarantee software freedom for all. While it is annoying that our community must again confront an old threat, we are fortunate the problem is not hidden: companies proposing their own licenses are now straightforward about their new FLOSS licenses' purposes: to maximize profits.

Open-in-name-only licenses are now common, but seem like FLOSS licenses only to the most casual of readers. We've succeeded in convincing everyone to check the OSI license list before you buy. We can therefore easily dismiss licenses like Common Clause merely by stating they are non-free/non-open-source and urging the community to...


Initial thoughts on MongoDB's new Server Side Public License "IndyWatch Feed Tech"

MongoDB just announced that they were relicensing under their new Server Side Public License. This is basically the Affero GPL except with section 13 largely replaced with new text, as follows:

MongoDB admit that this license is not currently open source in the sense of being approved by the Open Source Initiative, but say:We believe that the SSPL meets the standards for an open source license and are working to have it approved by the OSI.

At the broadest level, AGPL requires you to distribute the source code to the AGPLed work[1] while the SSPL requires you to distribute the source code to everything involved in providing the service. Having a license place requirements around things that aren't derived works of the covered code is unusual but not entirely unheard of - the GPL requires you to provide build scripts even if they're not strictly derived works, and you could probably make an argument that the anti-Tivoisation provisions of GPL3 fall into this category.

A stranger point is that you're required to provide all of this under the terms of the SSPL. If you have any code in your stack that can't be released under those terms then it's literally impossible for you to comply with this license. I'm not a lawyer, so I'll leave it up to them to figure out whether this means you're now only allowed to deploy MongoD...


Ubuntu Server Is Making It Easier To Deploy Let's Encrypt SSL Certificates "IndyWatch Feed Tech"

The Ubuntu Server developers are looking to make it easier to deploy free SSL/TLS certificates from Let's Encrypt...


[$] A farewell to email "IndyWatch Feed Tech"

The free-software community was built on email, a distributed technology that allows people worldwide to communicate regardless of their particular software environment. While email remains at the core of many projects' workflow, others are increasingly trying to move away from it. A couple of recent examples show what is driving this move and where it may be headed.


Internet Relay Chat Turns 30and We Remember How It Changed Our Lives "IndyWatch Feed Tech"

Submitted via IRC for BoyceMagooglyMonkey

Internet Relay Chat turns 30and we remember how it changed our lives

Internet Relay Chat (IRC) turned 30 this August.

The venerable text-only chat system was first developed in 1988 by a Finnish computer scientist named Jarkko Oikarinen. Oikarinen couldn't have known at the time just how his creation would affect the lives of people around the world, but it became one of the key early tools that kept Ars Technica running as a virtual workplaceit even lead to love and marriage.

To honor IRC's 30th birthday, we're foregoing the cake and flowers in favor of some memories. Three long-time Ars staffers share some of their earliest IRC interactions, which remind us that the Internet has always been simultaneously wonderful and kind of terrible.

Original Submission

Read more of this story at SoylentNews.


Notes on the UK IoT cybersec "Code of Practice" "IndyWatch Feed Tech"

The British government has released a voluntary "Code of Practice" for securing IoT devices. I thought I'd write some notes on it.

First, the good parts

Before I criticize the individual points, I want to praise if for having a clue. So many of these sorts of things are written by the clueless, those who want to be involved in telling people what to do, but who don't really understand the problem.

The first part of the clue is restricting the scope. Consumer IoT is so vastly different from things like cars, medical devices, industrial control systems, or mobile phones that they should never really be talked about in the same guide.

The next part of the clue is understanding the players. It's not just the device that's a problem, but also the cloud and mobile app part that relates to the device. Though they do go too far and include the "retailer", which is a bit nonsensical.

Lastly, while I'm critical of most all the points on the list and how they are described, it's probably a complete list. There's not much missing, and the same time, it includes little that isn't necessary. In contrast, a lot of other IoT security guides lack important things, or take the "kitchen sink" approach and try to include everything conceivable.

1) No default passwords

Since the Mirai botnet of 2016 famously exploited default passwords, this has been at the top of everyone's list. It's the most prominent feature of the recent California IoT law. It's the major feature of federal proposals.

But this is only a superficial understanding of what really happened. The issue wasn't default passwords so much as Internet-exposed Telnet.

IoT devices are generally based on Linux which maintains operating-system passwords in the /etc/passwd file. However, devices almost never use that. Instead, the web-based management interface maintains its own password database. The underlying Linux system is vestigial like an appendix and not really used.

But these devices exposed Telnet, providing a path to this otherwise unused functionality. I bought several of the Mirai-vulnerable devices, and none of them used /etc/passwd for anything other than Telnet.

Another way default passwords get exposed in IoT devices is through debugging interfaces. Manufacturers configure the system one way for easy development, and then ship a separate "release" version. Sometimes they make a mistake and ship the...

Tuesday, 16 October


Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Perry E. Metzger on Oct 16

Good question. One obstacle for me is a lack of familiarity with the
codebase (which others here seem to have), but on the other hand, I
appear to have more motivation.



Ecuador to Assange: Look after cat, clean bathroom if you want internet "IndyWatch Feed Tech"

The government of Ecuador reportedly is making WikiLeaks founder Julian Assange's internet access subject to a series of rules, including cleaning the bathroom, taking care of his cat and steering clear of hot political topics.Assange is&...


Google to start charging phone makers for app store in Europe "IndyWatch Feed Tech"

Google is set to start charging phone makers to use its Google Play app store and it will also allow them to use rivals of its Android mobile operating system, as a part steps to comply with a European Union antitrust order. The...


Lawsuit Seeking to Unmask Contributors to Shitty Media Men List Would Violate Anonymous Speakers First Amendment Rights "IndyWatch Feed Tech"

A lawsuit filed in New York federal court last week against the creator of the Shitty Media Men list and its anonymous contributors exemplifies how individuals often misuse the court system to unmask anonymous speakers and chill their speech. Thats why were watching this case closely, and were prepared to advocate for the First Amendment rights of the lists anonymous contributors.

On paper, the lawsuit is a defamation case brought by the writer Stephen Elliott, who was named on the list. The Shitty Media Men list was a Google spreadsheet shared via link and made editable by anyone, making it particularly easy for anonymous speakers to share their experiences with men identified on the list. But a review of the complaint suggests that the lawsuit is focused more broadly on retaliating against the lists creator, Moira Donegan, and publicly identifying those who contributed to it.

For example, after naming several anonymous defendants as Jane Does, the complaint stresses that Plaintiff will know, through initial discovery, the names, email addresses, pseudonyms and/or Internet handles used by Jane Doe Defendants to create the List, enter information into the List, circulate the List, and otherwise publish information in the List or publicize the List.

In other words, Elliott wants to obtain identifying information about anyone and everyone who contributed to, distributed, or called attention to the list, not just those who provided information about Elliot specifically.

The First Amendment, however, protects anonymous speakers like the contributors to the Shitty Media Men list, who were trying to raise awareness about what they see as a pervasive problem: predatory men in media. As the Supreme Court has ruled, anonymity is a historic and essential way of speaking on matters of public concernit is a shield against the tyranny of the majority.

Anonymity is particularly critical for people who need to communicate honestly and openly without fear of retribution. People rely on anonymity in a variety of contexts, including reporting harassment, violence, and other abusive behavior theyve experienced or witnessed. This was the exact purpose behind the Shitty Media Men list. Donegan, who after learning she would be identified as the creator of the list, came forward and ...


New York AG subpoenas 14 companies in net neutrality comments probe: report "IndyWatch Feed Tech"

New York Attorney General Barbara Underwood (D) has subpoenaed more than a dozen companies and organizations as part of the states investigation into widespread fake public comments submitted to the Federal Communications Commission (FCC) over net...


Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Hanno Bck on Oct 16

I think nobody here will disagree with you that this would be good to
The question is: Who's gonna do it? Will you?


Uber valued at $120 billion in IPO proposals: report "IndyWatch Feed Tech"

Uber received valuations from Wall Street banks that could put the value of the company up to $120 billion for an initial public offering that could happen as soon as early next year, according to the Wall Street Journal. That value...


Re: ghostscript: 1Policy operator gives access to .forceput CVE-2018-18284 "IndyWatch Feed Tech"

Posted by Tavis Ormandy on Oct 16

We have to work with what we've got.

Even with the easy to exploit stuff compiled out (which upstream do not
support), I haven't been bothering to get CVE's for all the memory
corruption or UaF I've been reporting, because nobody can keep up with
these operator leaks anyway.



Convert Screenshots of Equations into LaTeX Instantly With This Nifty Tool "IndyWatch Feed Tech"

Mathpix is a nifty little tool that allows you to take screenshots of complex mathematical equations and instantly converts it into LaTeX editable text.

LaTeX editors are excellent when it comes to writing academic and scientific documentation.

There is a steep learning curved involved of course. And this learning curve becomes steeper if you have to write complex mathematical equations.

Mathpix is a nifty little tool that helps you in this regard.


400% increase in cryptomining malware attacks against iPhones "IndyWatch Feed Tech"

By Waqas

It wouldnt be wrong to state that Apple has become the apple of the eyes of cryptomining enthusiasts and cybercriminals. According to Check Points latest Global Threat Index, the company is being targeted more frequently in cryptomining malware attacks. The report discloses some startling new facts about the sudden rise in cryptomining malware attacks against []

This is a post from Read the original post: 400% increase in cryptomining malware attacks against iPhones


Ten Legislative Victories You Helped Us Win in California "IndyWatch Feed Tech"

 Your strong support helped us persuade Californias lawmakers to do the right thing on many important technology bills debated on the chamber floors this year. With your help, EFF won an unprecedented number of victories, supporting good bills and stopping those that would have hurt innovation and digital freedoms.

Heres a list of victories you helped us get the legislature to pass and the governor to sign, through your direct participation in our advocacy campaigns and your other contributions to support our work.

Net Neutrality for California

Our biggest win of the year, the quest to pass Californias net neutrality law and set a gold standard for the whole country, was hard-fought. S.B. 822 not only prevents Internet service providers from blocking or interfering with traffic, but also from prioritizing their own services in ways that discriminate.

California made a bold declaration to support the nations strongest protections of a free and open Internet. As the state fights for the ability to enact its lawfollowing an ill-conceived legal challenge from the Trump administrationyou can continue to let lawmakers know that you support its principles.

Increased Transparency into Local Law Enforcement Policies

Transparency is the foundation of trust. Thanks to the passage of S.B. 978, California police departments and sheriffs offices will now be required to post their policies and training materials online, starting in January 2020. The California Commission on Peace Officer Standards and Training will be required to make its vast catalog of trainings available as well. This will encourage better and more open relationships between law enforcement agencies and the communities they serve.

Increasing public access to police materials about training and procedures benefits everyone by making it easier to understand what to expect from a police encounter. It also helps ensure that communities have a better grasp of new police surveillance technologies, including body cameras and drones.

Public Access to Footage from Police Body Cameras...

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog