IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Saturday, 24 February

01:02

MIT predicts 10 breakthrough technologies of 2018 "IndyWatch Feed Tech"

The MIT Technology Review has released a list of technologies it believes will make the most impact over the next 12 months, including smarter cities, genetic fortune telling and babel fish earphones.

The Massachusetts Institute of Technologys magazine has published the annual list online in its March/April 2018 issue, and based its contents on the innovations that will shape the coming year.

What Tech Review looks for when selecting the list is to identify what will have a profound effect on our lives, said a statement from the institution, based in Cambridge, Massachusetts.

01:00

Tiny Quad Core Module Available Soon "IndyWatch Feed Tech"

We get a lot of new product announcements here at Hackaday, and we run across even more. As excited as a manufacturer might be about their latest Raspberry Pi killer or cheaper Arduino clone, we usually dont have much to say about new products unless there is something really interesting about them. Our attention was piqued though when we saw the Neutis N5. Shipping in April, the device packs a quad-core ARM processor running at 1.3 GHz with 8 GB of flash memory and 512 MB of RAM, has an extended temperature range, WiFi (802.11N), and Bluetooth (including BLE). Theres also a crypto chip, and all this is packed into a tiny package. Really tiny. Less than 4130 mm square and less than 4.5 mm thick. Theres a Debian-based distribution and a development board. Oh and the really interesting thing is the price, which is $49 in single quantities.

Some of the I/O ports are multiplexed, but there are plenty of options including audio, Ethernet, HDMI, USB, and more. They clearly mean for these to be put into products. The module claims UL and CE certification, each unit has a unique serial number, and there is a gang programming capability.

For comparison purposes, an SD card is 32 mm x 24 mm and not quite as thick (2.1 mm). So the N5 is a little larger, but not by much. A Raspberry Pi is huge by comparison at just under 86 mm x 57 mm. Even a Pi Zero is 65 mm x 30 mm.

Admittedly we havent seen one of these yet, and everything always looks good on paper. Still, if it lives up to its promise it could give a run for the money to the Raspberry Pi and Beaglebone markets. Especially if you are trying to build it into something.

We have seen lots of cheaper or smaller Pi killers, like the Orange Pi. If you want to go the opposite direction on the price and performance scale, there is always try the HiKey 290.

00:42

LA Times website hacked to mine Monero cryptocurrency "IndyWatch Feed Tech"

By Waqas

Another day, another Monero cryptocurrency miner This time, the target

This is a post from HackRead.com Read the original post: LA Times website hacked to mine Monero cryptocurrency

00:36

San Francisco: Building Community Broadband to Protect Net Neutrality and Online Privacy "IndyWatch Feed Tech"

Like many cities around the country, San Francisco is considering an investment in community broadband infrastructure: high-speed fiber that would make Internet access cheaper and better for city residents. Community broadband can help alleviate a number of issues with Internet access that we see all over America today. Many Americans have no choice of provider for high-speed Internet, Congress eliminated user privacy protections in 2017, and the FCC decided to roll back net neutrality protections in December.

This week, San Francisco published the recommendations of a group of experts, including EFFs Kit Walsh, regarding how to protect the privacy and speech of those using community broadband.

This week, the Blue Ribbon Panel on Municipal Fiber released its third report, which tackles competition, security, privacy, net neutrality, and more. It recommends San Franciscos community broadband require net neutrality and privacy protections. Any ISP looking to use the citys infrastructure would have to adhere to certain standards. The model of community broadband that EFF favors is sometimes called dark fiber or open access. In this model, the government invests in fiber infrastructure, then opens it up for private companies to compete as your ISP. This means the big incumbent ISPs can no longer block new competitors from offering you Internet service. San Francisco is pursuing the open access option, and is quite far along in its process.

The open access model is preferable to one in which the government itself acts as the ISP, because of the civil liberties risks posed by a government acting as your conduit to information.

Of course, private ISPs can also abuse your privacy and restrict your opportunities to speak and learn online.

To prevent such harms, the expert panel explained how the city could best operate its network so that competition, as well as legal requirements, would prevent ISPs from violating net neutrality or the priv...

00:28

Ancient Britons Replaced By Newcomers "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

The ancient population of Britain was almost completely replaced by newcomers about 4,500 years ago, a study shows.

The findings mean modern Britons trace just a small fraction of their ancestry to the people who built Stonehenge.

The astonishing result comes from analysis of DNA extracted from 400 ancient remains across Europe.

The mammoth study, published in Nature, suggests the newcomers, known as Beaker people, replaced 90% of the British gene pool in a few hundred years.

Lead author Prof David Reich, from Harvard Medical School in Cambridge, US, said: "The magnitude and suddenness of the population replacement is highly unexpected."

The reasons remain unclear, but climate change, disease and ecological disaster could all have played a role.

Read more of this story at SoylentNews.

00:02

Enzyme Designed Entirely From Scratch Opens a World of Biological Possibility "IndyWatch Feed Tech"

Ann Donnelly was utterly confused the first time she examined her protein. On all counts, it behaved like an enzymea protein catalyst that speeds up biological reactions in cells. One could argue that enzymes, sculpted by eons of evolution, make life possible.

There was just one problem: her protein wasnt evolved. It wasnt even natural. It was, in fact, a completely artificial construct made with random sequences of DNAsomething thats never existed in nature before.

Donnelly was looking at the first artificial enzyme. An artificial protein that, by all accounts, should not be able to play nice with the intricate web of biochemical components and reactions that support life.

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Friday, 23 February

23:50

Wine "PBA" Shows Potential For Improving Direct3D-Over-OpenGL Performance "IndyWatch Feed Tech"

University student Andrew Comminos wasn't too familiar with Direct3D or Wine development, but out of a desire for better World of Warcraft performance on Linux, he figured out the code-base and a means of enhancing the WineD3D code...

23:47

[SECURITY] CVE-2017-15693 Apache Geode unsafe deserialization of application objects "IndyWatch Feed Tech"

Posted by Anthony Baker on Feb 23

CVE-2017-15693 Apache Geode unsafe deserialization of application objects

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Geode 1.0.0 through 1.3.0

Description:
The Geode server stores application objects in serialized form.
Certain cluster operations and API invocations cause these objects to
be deserialized. An user with DATA:WRITE access to the cluster may be
able to cause remote code execution if...

23:45

[SECURITY] CVE-2017-15692 Apache Geode unsafe deserialization in TcpServer "IndyWatch Feed Tech"

Posted by Anthony Baker on Feb 23

CVE-2017-15692 Apache Geode unsafe deserialization in TcpServer

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Geode 1.0.0 through 1.3.0

Description:
The TcpServer within the Geode locator opens a network port that
deserializes data. If an unprivileged user gains access to the Geode
locator, they may be able to cause remote code execution if certain
classes are present on the classpath.

A malicious...

23:26

SUNY math professor makes the case for free and open educational resources (Opensource.com) "IndyWatch Feed Tech"

Opensource.com looks at the availability of open educational resources (OERs), where to find them, and what the advantages of OERs are. Math and computer science professor David Usinski is a strong advocate for OERs and was interviewed for the article. "The ability to customize the curriculum is one of David's favorite benefits of OER. 'The intangible aspect is that OER has allowed me to reinvent my curriculum and take ownership of the content. With a textbook, I am locked into the chapter-by-chapter approach by one or two authors,' he says. Because of OER 'I am no longer hindered or confined by published materials and now have the flexibility to create the curriculum that truly addresses the course outcomes.' By freely sharing the content he creates, other instructors can also benefit."

23:05

Uiterwijk: Fedora package delivery security "IndyWatch Feed Tech"

On his blog, Patrick Uiterwijk writes about about Fedora packaging and how the distribution works to ensure its users get valid updates. Packages are signed, but repository metadata is not (yet), but there are other mechanisms in place to keep users from getting outdated updates (or to not get important security updates). "However, when a significant security issue is announced and we have repositories that include fixes for this issue, we have an 'Emergency' button. When we press that button, we tell our servers to immediately regard every older repomd.xml checksum as outdated. This means that when we press this button, every mirror that does not have the very latest repository data will be regarded as outdated, so that our users get the security patches as soon as possible. This does mean that for a period of time only the master mirrors are trusted until other mirrors sync their data, but we prefer this solution over delaying getting important fixes out to our users and making them vulnerable to attackers in the meantime."

23:03

See Jupiters South Pole Change Over Time in Incredible Time-Lapse View "IndyWatch Feed Tech"

New photos by NASAs Juno spacecraft show Jupiters south pole as seen from above during a recent close encounter on Feb. 7, 2018.

23:02

A Little Robotic Submarine Could Ply Alien Seas "IndyWatch Feed Tech"

NASA is designing a robot submarine to explore the ultrachilly, hydrocarbon-filled seas on Saturns moon Titan the only body in the solar system, apart from Earth, with liquid on its surface. Researchers have been testing the probe with a bucket-sized mock alien ocean in a lab.

The seas of Titan are very different from their counterparts on Earth: instead of seawater, Titans seas consist mainly of a frigid mixture of methane and ethane, at a temperature of around minus 300 degrees Fahrenheit (minus 184 degrees Celsius). Thats what NASAs Cassini spacecraft and its Huygens probe, which landed on Titan in 2005, found.

The plan is to send the autonomous submarine into the largest sea on Titan. called Kraken Mare, from the name of a Scandinavian sea-monster and the Latin word for sea, the extraterrestrial sea covers 155,000 square miles (400,000 square kilometers) of the moons surface. (The second-largest sea on Titan, about a quarter the size of Kraken, is Ligeia Mare, named after one of the monstrous sirens of Greek mythology.) [See Photos of Titans Oceans].

23:02

Bigelow Aerospace Reveals Plans For Space Hotels "IndyWatch Feed Tech"

The rise of commercial spaceflight companies such as SpaceX and Bigelow Aerospace sparked the age of space tourism as the ultra-wealthy became able to buy a ticket for a rocket ride into space. Of course, there is a huge limit on tourism if there isnt a place to stay in ones intended destination, but thats about to change in space. Bigelow has announced plans to build two space stations that will float in low-Earth orbit. The company has big plans for these space stations and ideas about who might pay to use them. Essentially, the stations will be like orbiting space hotels where astronauts and possibly even tourists might stay one day.

In a press release this week, Bigelow Aerospace announced that it has created a spin-off venture called Bigelow Space Operations, which will operate and manage two space stations that will serve as hotels. The company expects to launch both hotels in 2021, and its beginning to work toward building them this year. Bigelow describes the two space stations as the largest, most complex structures ever known as stations for human use in space.

The two stations are currently being referred to as B330-1 and B330-2, and they arent the only two that Bigelow Space Operations plans to build. The two space stations are inflatable and will provide shelter for up to six people in low-Earth orbit with about 12,000 cubic feet of living space.

22:55

Disney's Lawsuit Against Redbox May Have Backfired "IndyWatch Feed Tech"

Disney's attempt to prevent Redbox from buying its discs for rental and resale may have blown up in the House of Mouse's face. The Hollywood Reporter describes how District Court Judge Dean Pregerson sided with Redbox to shoot down a Disney-mandated injunction. In addition, Pregerson contended that Disney may itself be misusing copyright law to protect its interests and its own forthcoming streaming service.

If you're unfamiliar with the backstory, Redbox didn't have a deal in place to procure Disney DVDs and Blu-rays for its disc rental kiosks. So, the company simply bought the discs at retail, often snagging combo packs that include a DVD, Blu-ray and a download code for the movie as well. Redbox would then offer up the discs for rental, and sell on the codes at its kiosks for between $8 and $15.

Such a move enraged Disney, which includes language in its packaging and on the website demanding that users must own the disc if they download a copy. But this is where Pregerson began to disagree, saying that Disney cannot dictate what people do with copyrighted media after they have bought it. Specifically, that there's no law, or explicit contract term, that prevents folks from doing what Redbox did with Disney discs.

Source: https://www.engadget.com/2018/02/22/disney-redbox-lawsuit/


Original Submission

Read more of this story at SoylentNews.

22:19

The Federal Circuit Should Not Allow Patents on Inventions that Should Belong to the Public "IndyWatch Feed Tech"

One of the most fundamental aspects of patent law is that patents should only be awarded for new inventions. That is, not only does someone have to invent something new to them in order to receive a patent, is must also be a new to the world. If someone independently comes up with an idea, it doesnt mean that person should get a patent if someone else already came up with the same idea and told the public.

Theres good reason for this: patents are an artificial restraint on trade. They work to increase costs (the patent owner is rewarded with higher prices) and can impede follow-on innovation. Policy makers generally try to justify what would otherwise be considered a monopoly through the argument that without patents, inventors may never have invested in research or might not want to make their inventions public. Thus, the story goes, we should give people limited monopolies in the hopes that overall, we end up with more innovation (whether this is actually true, particularly for software, is debatable).

A U.S. Court of Appeals for the Federal Circuit rule, however, upends the patent bargain and allows a second-comersomeone who wasnt the first inventorto get a patent under a particular, albeit fairly limited, circumstance. A new petition challenges this rule, and EFF has filed an amicus brief  in support of undoing the Federal Circuits misguided rule.

The rule is based on highly technical details of the Patent Act, which you can read about in our brief along with those of Ariosa (the patent challenger) and a group of law professors (not yet available). Our brief argues that the Federal Circuit rule is an incorrect understanding of the law. We ask the Federal Circuit to rehear the issue with the full court, and reverse its current rule.

While the Federal Circuit rule is fairly limited and doesnt arise in many situations, we have significant concerns about the policy it seems to espouse. Contrary to decades of Supreme Court precedent, the rule allows, under certain circumstances, someone to get a patent on something had a...

22:00

3D Printing Brings a Childs Imagination to Life "IndyWatch Feed Tech"

Telling somebody that youre going to make their dreams come true is a bold, and potentially kind of creepy, claim. But its one of those things that isnt supposed to be taken literally; it doesnt mean that youre actually going to peer into their memories, extract an idea, and then manifest it into reality. Thats just crazy talk, its a figure of speech.

Original sketch of the CURV II

As it turns out, theres at least one person out there who didnt get the memo. Remembering how his father always told him about the elaborate drawings of submarines and rockets he did as a young boy, [Ronald] decided to 3D print a model of one of them as a gift. Securing his fathers old sketchpad, he paged through until he found a particularly well-developed idea of a personal sub called the CURV II.

The final result looks so incredible that we hear rumors manly tears may have been shed at the unveiling. As a general rule you should avoid making your parents cry, but if youre going to do it, you might as well do it in style.

Considering that his father was coming up with detailed schematics for submarines in his pre-teen days, it...

22:00

AMDGPU In Linux 4.17 Exposes WattMan Features, GPU Voltage/Power Via Hwmon "IndyWatch Feed Tech"

AMD's Alex Deucher today sent in the first pull request to DRM-Next of AMDGPU (and Radeon) DRM driver feature material that will in turn be merged with the Linux 4.17 kernel down the road. There's some fun features for AMDGPU users coming with this next kernel!..

21:26

Camera Technology In Vehicles: Low-Latency Image Data Compression "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

The number of cameras in cars is increasing. However, through the flood of data the internal networks are being pushed to their limits. Special compression methods reduce the amount of video data, but exhibit a high degree of latency for coding. Fraunhofer researchers have adapted video compression in such a way that a latency is almost no longer perceivable. It is therefore of interest for use in road traffic or for autonomous driving. This technology will be on display at the Embedded World from 27 February until 1 March 2018 in Nuremberg in hall 4 (booth 4-470).

[...] The Fraunhofer HHI, for example, has made a decisive contribution to the development of the two video coding standards H.264/Advanced Video Coding (AVC) and H.265/MPEG High Efficiency Video Coding (HEVC). "With these methods, the data quantities can be sharply reduced. In this way, more than ten times the quantity of data can be transmitted," emphasizes the group leader of the "Video Coding and Machine Learning" department at the Fraunhofer HHI.

Read more of this story at SoylentNews.

21:24

Mesa 18.1 Receives OpenGL 3.1 With ARB_compatibility For Gallium3D Drivers "IndyWatch Feed Tech"

Going back to last October, Marek of AMD's open-source driver team has been working on ARB_compatibility support for Mesa with a focus on RadeonSI/Gallium3D. Today that work was finally merged...

21:15

ISO 27001 & cybersecurity training and qualifications: Now in New York "IndyWatch Feed Tech"

Achieve globally recognized ISO 27001 qualifications by learning from experienced practitioners. Get practical and interactive instruction with classroom and live and online training from Foundation level through to Lead Implementer or Lead Auditor qualifications.

21:00

Build Your Own Altair 8800 Personal Computer "IndyWatch Feed Tech"

Go back to 1974 and the dawn of home computing with this Arduino-based kit Photo: Randi Klett

Altair 8800 Computer Gif: Randi Klett

The MITS Altair 8800 was the first commercially successful personal computer. Created by Ed Roberts in 1974, it was purchased by the thousands via mail order, proving there was a huge demand for computers outside universities and large corporations. Its influence was immense: For example, after seeing the Altair featured on the cover of the January 1975 issue of Popular Electronics , Bill Gates and Paul Allen founded Microsoft (then Micro-Soft) in order to write a Basic interpreter for the new machine.

The Altair sold for US $439 in kit form. Original machines are now collectors items that trade for thousands of dollars. Fortunately, there are some cheaper alternatives for people who want to get a direct understanding of the Altair computing experience. Modern kits that replicate the Altair hardware as faithfully as possible are available, as are purely virtual online simulators. Falling somewhere between a replica and a simulation is the $149 Altairduino kit from Chris Davis. The Altairduino duplicates the front panel of the Altair in all its LED- and switch-festooned glory while emulating the internal hardware (including some once fantastically expensive peripherals), using an Arduino Due.

The Altairduino is derived from David Hansels work on cloning the Altair with the Arduino Due and Arduino Mega 2560. If you want to build one of Hansels designs from scratch, you can do so by following his free instructions on hackster.io. The advantage of Daviss kit is that it provides all the components, including a nice bamboo case and plastic front panel, along with a custom printed circ...

20:50

Which phishing messages have a near 100% click rate? "IndyWatch Feed Tech"

Training employees to spot phishing emails, messages and phone calls cant be done just once or once a year if the organization wants to see click rates decrease. For one thing, employees come and go (and change roles) with regularity. Secondly, threats change over time. Thirdly, knowledge and practices that arent regularly reinforced will be lost. And, finally, awareness isnt the same as knowledge. Just knowing a threat exists isnt the same as knowing how More

20:37

Xen Security Advisory 254 (CVE-2017-5753,CVE-2017-5715,CVE-2017-5754) - Information leak via side effects of speculative execution "IndyWatch Feed Tech"

Posted by Xen . org security team on Feb 23

Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254

Information leak via side effects of speculative execution

UPDATES IN VERSION 12
=====================

Corrections to ARM SP2 information:

* ARM 32-bit requires new firmware on some CPUs.
* Provide link to the ARM firmware page, accordingly.
* ARM 32-bit mitigations are complete for Cortex-A CPUs.
We do not have...

20:30

Arduino Watchdog Has Bite And Doesnt Need Treats "IndyWatch Feed Tech"

My dog Jasper isnt much of a watchdog: hes too interested in sleeping and chasing my cats to keep an eye on things. Fortunately, [Vadim] has come up with a more reliable alternative with this simple Arduino watchdog. Its designed to work with crypto coin mining rigs, but it could be easily adapted for other high-uptime uses, such as file servers or doomsday weapons.

The way it works is simple: a small program on the watched computer sends a command over the serial port: a polite hello. The Arduino watchdog picks this up and responds with an equally polite HELLO. That starts the watchdog running. A simple Java program on the watched computer then sends a ping every five seconds over the serial port to let the watchdog know it is still running okay.

If the watchdog doesnt receive this ping, it uses reed relay wired into the reset pins of the computer to trigger a reset. It then waits for the watched computer to say hello, starting the process again.

[Vadim] includes a demo video where the system resets an unreliable crypto mining rig. It does have limitations, of course: if the mining program crashes without taking down the e...

20:18

Xen Security Advisory 254 (CVE-2017-5753,CVE-2017-5715,CVE-2017-5754) - Information leak via side effects of speculative execution "IndyWatch Feed Tech"

Posted by Xen . org security team on Feb 23

Xen Security Advisory CVE-2017-5753,CVE-2017-5715,CVE-2017-5754 / XSA-254

Information leak via side effects of speculative execution

UPDATES IN VERSION 11
=====================

Information provided about migitation for Spectre variant 2.

Mention whether CPU hardware virtualisation extensions are required
in the SP3 mitigations summary table.

An additional patch "x86: fix...

20:15

SDL Now Disables Mir By Default In Favor Of Wayland Compatibility "IndyWatch Feed Tech"

With Mir focusing on Wayland compatibility now, toolkits and other software making direct use of Mir's APIs can begin making use of any existing Wayland back-end instead. GTK4 drops the Mir back-end since the same can be achieved with the Wayland compatibility and now SDL is now making a similar move...

20:15

FCC chair Pai receives NRA gun award for courage "IndyWatch Feed Tech"

Federal Communications Commission (FCC) Chairman Ajit Pai received the National Rifle Association's (NRA) Charlton Heston Courage Under Fire Award at the Conservative Political Action Conference on Friday.The NRA-sponsored award was...

20:03

Torrentz2 blocked on Google Chrome and Firefox over harmful programs "IndyWatch Feed Tech"

Chrome and Firefox prevent users from accessing Torrentz2 Over harmful programs

Torrent users have suffered a setback, as leading browsers Google Chrome and Firefox have blocked direct access to the popular torrent meta-search engine, Torrentz2.eu for reported harmful programs. The past few hours, Chrome and Firefox users have been unable to access Torrentz2.eu, TorrentFreak reported on Thursday.

When the users to access Torrentz2.eu, they are greeted with the dreaded red window in Google Chrome with a warning that states, The site ahead contains harmful programs. The warning further adds, Attackers on torrentz2.eu might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).

While those using Mozilla Firefox received a similar warning. It said: Firefox blocked this page because it might try to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit).

Advisory provided by Google Safe Browsing.

These warning messages are generated by Googles Safe Browsing algorithm which highlights websites that could cause potential danger to visitors. Chrome, Firefox, and others use this service to stop users from opening an unwanted software.

These warnings are normally the result of malicious ads, which does not appear to be in this case. The Torrentz2 operator told TorrentFreak that he currently only promotes a VPN service, which is by no means malicious.

However, Torrentz2 has been flagged for installing unwanted or malicious software on visitors computers, as per Googles Safe Browsing report.

Apparently, Google also flags social engineering attempts wherein false claims fool users to take a certain action, TorrentFreak had discovered from another site admin in the past.

Torrentz2s ad warned: Your Internet Provider is tracking your torrent activity! which theoretically could fit this category, as ISPs basically dont keep a record of users torrenting habits.

Currently, the torrentz2.eu website is down due to hosting issues, which the operator plans to fix soon.

For those torrent users, who are unaffected by the warning messages by Chrome and Firefox, and wish to visit the affected sites by bypassing the blocks can do so at their risk by taking proper measures (Chrome,...

20:01

Man Sues Feds For Installing Surveillance Camera on his Property "IndyWatch Feed Tech"

By Carolina

A 74-year old rancher in Texas discovered a small portal

This is a post from HackRead.com Read the original post: Man Sues Feds For Installing Surveillance Camera on his Property

19:53

Disney Holds $1000 Bonuses Hostage As Leverage In Contract Negotiations "IndyWatch Feed Tech"

AlterNet reports

Disney Inadvertently Exposes Trump's Tax Cut for the Scam It's Been from the Start

When Donald Trump signed the Tax Cuts and Jobs Act into law, he touted the legislation as a financial boon for American labor. As recently as January, Trump pointed to $1,000 bonuses for employees that American Airlines, AT&T, and Disney have announced as proof corporations would reinvest the billions of dollars they stand to save in their respective workforces. But if the president has offered a vision of how tax cuts for multinational corporations might operate in theory, an unfair labor practice complaint filed Tuesday reveals how they work in practice.

According to the Orange County Register, Unite Here Local 11, a union representing 2,700 housekeepers and other low-wage workers, has accused the Walt Disney Co. of effectively holding its bonuses hostage to secure a more favorable bargaining agreement. Disney is refusing to release the one-time payments "notwithstanding the union's lack of objection", the statement reads. "[The company] has violated its duty to bargain in good faith, and has engaged in conduct that is inherently destructive to rights guaranteed employees under the [National Labor Relations] Act." (For Disney's part, a spokeswoman maintains the company has a "strong offer on the table".)

[...] Regulatory findings released last month indicate [CEO Bob] Iger earned $36.3 million in compensation for 2017, which is $7.6 million less than he made the year before. The average union member at Disney World is paid $10.71 an hour, while just 3,000 employees earn in excess of $15. Disneyland staffers make a fraction more, the beneficiaries of California's decision last month to raise its minimum wage from $10.50 to $11 an hour. Unite Here's latest filing follows a separate complaint by a coalition of unions representing 38,000 Disney World workers in Florida.


Original Submission

...

19:39

Stephen Geary, CEO at Sothic Bioscience, joins our Biotech/Medical Board. "IndyWatch Feed Tech"

Stephen Geary, CEO at Sothic Bioscience, joins our Biotech/Medical Board.

19:24

InfoWars one step closer to YouTube ban after Florida conspiracy theory video "IndyWatch Feed Tech"

InfoWars is reportedly one step closer to being banned from YouTube after posting a video promoting a conspiracy theory about the Florida high school shooting.The channel, run by famed conspiracy theorist Alex Jones, received one strike from YouTube...

19:23

New uTorrent Web Streams and Downloads Torrents in Your Browser "IndyWatch Feed Tech"

While dozens of millions of people use uTorrent as their default BitTorrent client, the software has seen few feature updates in recent years.

That doesnt mean that the development team has been sitting still. Instead of drastically expanding the current software, they have started a new ambitious project: uTorrent Web.

This new piece of software, which launched rather quietly, allows users to download and stream torrents directly in their default web browsers, such as Chrome or Firefox.

The way it works is pretty straightforward. After installing the client, which is Windows-only at the moment, torrent and magnet links are automatically opened by uTorrent Web in a browser window.

People can use their regular torrent sites to find torrents or use the apps search box, which redirects them to Google.

Lets start

TorrentFreak took the application for a spin and it works quite well. Videos may take a short while to load, depending on the download speed, but then they play just fine. As in most modern video players, subtitles are also supported, if theyre included.

The streaming functionality supports both audio and video, with the option to choose a specific file, if a torrent contains more than one.

Applications and other files can also be downloaded, but these are obviously not streamed.

uTorrent Web in action

The current Beta release comes with several basic preferences settings and users can change things such as the download location and upload speed. Its likely that more options will follow as development matures, however.

Were very, very sensitive. We know people have been using uTorrent for a very long time and love it. So were very, very sensitive to that and gonna be sure to make sure that people feel that its an upgrade thats happening. Not that weve just destroyed the expe...

19:04

Pengutronix Gets Open-Source 3D Working On MX8M/GC7000 Hardware "IndyWatch Feed Tech"

We've known that Pengutronix developers had been working on i.MX8M / GC7000 graphics support within their Etnaviv open-source driver stack from initial patches posted in January. Those patches back at the start of the year were for the DRM kernel driver, but it turns out they have already got basic 3D acceleration working...

19:01

Rapidly Prototyping Prosthetics, Braille, and Wheelchairs "IndyWatch Feed Tech"

We live in an amazing time where the availability of rapid prototyping tools and expertise to use them has expanded faster than at any other time in human history. We now have an amazing ability to quickly bring together creative solutions perfect examples of this are the designs for specialized arm prosthetics, Braille printing, and custom wheelchair builds that came together last week.

Earlier this month we published details about the S.T.E.A.M. Fabrikarium program taking place at Makers Asylum in Mumbai. The five-day event was designed to match up groups of makers with mentors to build assistive devices which help improve the condition of differently-abled people.

The participants were split into eight teams and they came up with some amazing results at the end of the five-day program.

Hands-On: Prosthetic Designs That Go Beyond

Three teams worked on projects based on Bionico a myoelectric prosthesis

DIY Prosthetic Socket a Human Machine Interface : [Mahendra Pitav aka Mahen] lost his left arm during the series of train bomb blasts in Mumbai in 2006, which killed 200 and injured over 700 commuters. He uses a prosthetic arm which is essentially a three-pronged claw that is cable activated using his other good arm. While it is useful, the limited functionality restricted him from doing many simple things. The DIY Prosthetic socket team worked with [Mahen] and [Nico Huchet] from MyHumanKit (who lost his right arm in an accident 16 years back), and fabricated a prosthetic forearm for [Mahen] with a modular, 3D printed accessory socket. Embedded within the arm is a rechargeable power source that provides 5V USB output at the socket end to power the devices that are plugged in. It also provides a second port to help recharge mobile phones. Also embedded in the arm was an IR reflective sensor that can be used to sense muscle movements and help trigger specific functions of add-on circuits, for example servos.

...

19:00

'Memtransistor' Forms Foundational Circuit Element to Neuromorphic Computing "IndyWatch Feed Tech"

Combining characteristics of a memristor with a transistor mimics the multiple synapses of neurons Illustration: Northwestern University

Computers that operate more like the human brain than computersa field sometimes referred to as neuromorphic computinghave promised a new era of powerful computing.

While this all seems promising, one of the big shortcomings in neuromorphic computing has been that it doesnt mimic the brain in a very important way. In the brain, for every neuron there are a thousand synapsesthe electrical signal sent between the neurons of the brain. This poses a problem because a transistor only has a single terminal, hardly an accommodating architecture for multiplying signals.

Now researchers at Northwestern University, led by Mark Hersam, have developed a new device that combines memristorstwo-terminal non-volatile memory devices based on resistance switchingwith transistors to create what Hersam and his colleagues have dubbed a memtransistor that performs both memory storage and information processing.

This most recent research builds on work that Hersam and his team conducted back in 2015 in which the researchers developed a three-terminal, gate-tunable memristor that operated like a kind of synapse.

While this work was recognized as mimicking the low-power computing of the human brain, critics didnt really believe that it was acting like a neuron since it could only transmit a signal from one artificial neuron to another. This was far short of a human brain that is capable of making tens of thousands of such connections.

Traditional memristors are two-terminal devices, whereas our memtransistors combine the non-volatility of a two-terminal memristor with the gate-tunability of a three-terminal transistor, said Hersam to IEEE Spectrum. Our device design accommodates additional terminals, which mimic the multiple synapses in neurons.

Hersam believes that these unique attributes of these multi-terminal memtransistors are likely to present a range of new opportunities for non-volatile memory and neuromorphic computing.

In research described in the journal Nature , Hersam and his colleagues developed a d...

18:48

Tech and telecom lobbying groups announce joint cybersecurity initiative "IndyWatch Feed Tech"

Lobbying groups representing major technology and telecommunications firms are teaming up to jointly tackle cybersecurity issues.The Information Technology Industry Council (ITI) and USTelecom on Friday announced the creation of the Council to...

18:41

Khaki Rodway, Cofounder of NewSpace NYC, joins our Space Settlement Board. "IndyWatch Feed Tech"

Khaki Rodway, Cofounder of NewSpace NYC, joins our Space Settlement Board.

18:23

PEEC Planetarium Show: "The Analemma Dilemma" "IndyWatch Feed Tech"

[Analemma by Giuseppe Donatiello via Wikimedia Commons] Dave and I are giving a planetarium show at PEEC tonight on the analemma.

I've been interested in the analemma for years and have written about it before, here on the blog and in the SJAA Ephemeris. But there were a lot of things I still didn't understand as well as I liked. When we signed up three months ago to give this talk, I had plenty of lead time to do more investigating, uncovering lots of interesting details regarding the analemmas of other planets, the contributions of the two factors that go into the Equation of Time, why some analemmas are figure-8s while some aren't, and the supposed "moon analemmas" that have appeared on the Astronomy Picture of the Day. I added some new features to the analemma script I'd written years ago as well as corresponding with an expert who'd written some great Equation of Time code for all the planets. It's been fun.

I'll write about some of what I learned when I get a chance, but meanwhile, people in the Los Alamos area can hear all about it tonight, at our PEEC show: The Analemma Dilemma, 7 pm tonight, Friday Feb 23, at the Nature Center, admission $6/adult, $4/child.

18:20

2,000 Colorado DOT computers infected with SamSam Ransomware "IndyWatch Feed Tech"

By Uzair Amir

Another day, another ransomware scam This time, it is

This is a post from HackRead.com Read the original post: 2,000 Colorado DOT computers infected with SamSam Ransomware

18:20

23 Attorneys General Refile Challenge to FCC Net Neutrality Repeal "IndyWatch Feed Tech"

The FCC's order to overturn net neutrality protections was officially published in the Federal Register today and soon thereafter, the attorneys general of 22 states and Washington DC filed a lawsuit challenging the FCC's order. The coalition filed a suit earlier this year, but agreed last week to withdraw it until the FCC published the order, Reuters reports. "Today, the FCC made official its illegal rollback of net neutrality -- and, as promised, our coalition of attorneys general is filing suit," New York Attorney General Eric Schneiderman said in a statement. "Consumers and businesses in New York and across the country have the right to a free and open internet, and our coalition of attorneys general won't stop fighting to protect that right."

[...] The attorneys general say in their complaint that the FCC's order was "arbitrary, capricious and an abuse of discretion within the meaning of the Administrative Procedure Act." They also say it violates federal law and conflicts with the notice-and-comment rulemaking requirements. They're asking the court to vacate the order.

Source: https://www.engadget.com/2018/02/22/23-attorneys-general-challenge-fcc-net-neutrality-repeal/


Original Submission

Read more of this story at SoylentNews.

18:03

Two-way communication is possible with a single quantum particle "IndyWatch Feed Tech"

One photon can transmit information in two directions at once.

18:03

Mini lab-created organs successfully check cancer treatments "IndyWatch Feed Tech"

Lab-grown tumor tissue matched response of the patients tumor to cancer treatment.

18:02

Laptops with 5G connectivity coming next year "IndyWatch Feed Tech"

Intel partners with Microsoft, Dell, HP, and Lenovo.

Intel has partnered with four major PC makers to bring 5G technology to laptops by the end of next year.

The chip giant is working with Microsoft, HP, Dell, and Lenovo to bring 5G connectivity to PCs with Intels XMM 8000 series modems.

18:01

The Commodore Story Documentary Premieres Today "IndyWatch Feed Tech"

What is it about a computer that was introduced 36 years ago by a company that would be defunct 12 years later that engenders such passion that people still collect it to this day? Were talking about the Commodore 64, of course, the iconic 8-bit wonder that along with the other offerings from Commodore International served as the first real computer to millions of us.

Theres more to the passion that Commodore aficionados exhibit than just plain nostalgia, though, and a new documentary film, The Commodore Story, seeks to explore both the meteoric rise and fall of Commodore International. Judging from the official trailer below, this is a film anyone with the slightest interest in Commodore is not going to want to miss.

It will of course dive into the story of how the C64 came to be the best selling computer in history. But Commodore was far from a one-trick pony. The film traces the history of all the Commodore machines, from the PET computers right through to the Amiga. There are interviews with the key players, too, including our own Bil Herd. Bil was a hardware engineer at Commodore, designing several machines while there. He has shared some of these stories here on Hackaday, including the development of the C128  (successor to the C64) and making th...

17:50

Video Friday: More Boston Dynamics, OpenCat Robot, and Uncanny Valley "IndyWatch Feed Tech"

Your weekly selection of awesome robot videos Photo: Engineered Arts U.K. company Engineered Arts has a new line of entertainment robots called Mesmer.

Video Friday is your weekly selection of awesome robotics videos, collected by your Automaton bloggers. Well also be posting a weekly calendar of upcoming robotics events for the next few months; heres what we have so far (send us your events!):

International Symposium on Medical Robotics  March 1-3, 2018  Atlanta, Ga., USA
HRI 2018  March 5-8, 2018  Chicago, Ill., USA
US National Robotics Week  April 7-17, 2018  United States
Xconomy Robo Madness  April 12, 2018  Bedford, Mass., USA
NASA Swarmathon  April 17-19, 2018  Kennedy Space Center, Fla., USA
RoboSoft 2018  April 24-28, 2018  Livorno, Italy
ICARSC 2018  April 25-27, 2018  Torres Vedras, Portugal
NASA Robotic Mining Competition  May 14-18, 2018  Kennedy Space Center, Fla., USA
ICRA 2018  May 21-25, 2018  Brisbane, Australia

Let us know if you have suggestions for next week, and enjoy todays videos.


An extra special thank-you to Boston Dynamics this week for posting another video of SpotMini that includes a nice, detailed explanation of whats actually going on:

A test of SpotMinis ability to adjust to disturbances as it opens and walks through a door. A person (not shown) drives the robot up to the door, points the hand at the door handle, then gives the GO command, both at the beginning of the video and again at 42 seconds. The robo...

17:30

DIY Cryogel Sustains Live Cells "IndyWatch Feed Tech"

We like to think our readers are on the cutting edge. With the advent of CRISPR kits at home and DIY bio blooming in workshops across the world, we wanted to share a video which may be ahead of its time. [The Thought Emporium] has just shown us a way to store eukaryotic cells at room temperature. His technique is based on a paper published in Nature which he links to from the YouTube page, but you can see his video after the break.

Eukaryotic cells, the kind we are made of, have been transported at low temperatures with techniques like active refrigeration, liquid nitrogen, and dry ice but those come with a host of problems like cost, convenience, and portability. Storing the cells with cryogel has been shown to reliably keep the cells stable for up to a week at a time and [The Thought Emporium] made some in his homemade freeze-dryer which hes shown us before. The result looks like a potato chip, but is probably less nutrious than astronaut ice cream.

If cell transport doesnt tickle your fancy, cryogel is fascinating by itself as a durable, lightweight insulator similar to Aerogel. You can make Aerogel at home too.

17:02

CNN Town Hall: Stick to the Script "IndyWatch Feed Tech"

Via: Real Clear Politics: Marjory Stoneman Douglas High School shooting survivor Colton Haab appeared on FOX News Tucker Carlson Tonight to talk about his saga with CNN and how they scripted a question for him to use at Wednesday nights town hall event hosted by the network and moderated by CNNs Jake Tapper. Haab, a []

17:00

This Week in Open Source News: Documentary Series on Women in Tech to Premiere Next Month, Fake Linux News & More "IndyWatch Feed Tech"

Title: 
This Week in Open Source News: Documentary Series on Women in Tech to Premiere Next Month, Fake Linux News & More

17:00

Ancient Sculptures Return to Mosul as Digitally Reconstructed Replicas "IndyWatch Feed Tech"

Submillimeter 3D scanning produces precise copies of Assyrian statues Photo: Factum Foundation for Digital Technology in Conservation

/image/MzAyMTE2Mg.jpeg
Photo: Factum Foundation for Digital Technology in Conservation Hold Still: Artists scan a lamassu at night in the British Museum.

The Iraqi city of Mosul is still recovering from its brutal occupation by the Islamic State. The city suffered devastating bloodshed during that time, and many archaic statues and artifacts were destroyed by militants and vandals. Raising the city from the rubble will be rough work. In at least a couple of instances, though, resurrecting a piece of the ancient past will come courtesy of a 3D scanner.

Later this month, two ultradetailed facsimiles of the massive stone statues known as lamassu, protective spirits that date back nearly 3,000 years to the Assyrian empire, will begin a journey from the Netherlands to take up permanent residence in Mosul. As products of the digital age, their journey poses questions about authenticity and where objects belong.

These new spirits are copies of two lamassu originally excavated by a British archaeological expedition in the mid-19th century. While charting Mesopotamia, the group uncovered a field of artifacts that had been buried for 2,700 years.

The lamassu they found thereimposing winged statuesonce stood guard along the walls surrounding the ancient city of Nineveh, near what is now Mosul. The excavators brought two of the statues back to London.

In 2004, the art historian Adam Lowe set out to record these statues at 300-micrometer resolution in order to produce copies of them for a traveling exhibition. Lowe heads Factum Arte, an art studio that has made a stir by casting precise facsimiles of antiquities.

For five weeks, Lowe and his team spent every evening at the British Museum scanning the lamassu and relief panels and shards. For the lamassu, they used a white-light scanner built by the c...

16:54

Stable kernels 4.4.117, 4.9.83, 4.14.21, and 4.15.5 released "IndyWatch Feed Tech"

The 4.4.117, 4.9.83, 4.14.21, and 4.15.5 stable kernels have been released. They contain a large number of updates throughout the tree; users should upgrade.

16:40

Windows licenses for under 13 USD!(promote code) "IndyWatch Feed Tech"

We offer 10% coupon code:SKtechworm10%

Microsoft Windows 10 Pro OEM CD-KEY GLOBAL origin price: $57.04 -use the code: 12.60 usd

Office2016 Professional Plus CD Key Global origin price:$244.14 use the code: 31.50 usd

Visio Professional 2016 Key Global origin price: $245.49 use the code: 25.39 usd

Windows10 PRO OEM + Office2016 Professional Plus CD Keys Pack  origin price: $301.18 -use the code: 39.14 usd

Windows licenses are usually expensive. For example, for an original license of Microsofts Windows 10 Pro in the official Microsoft store 305 USD payable. A cheaper alternative is the key marketplace SCDKey. Here you can save on licenses for software or games properly!

What makes it all interesting is that the site works really and we had the opportunity to test it with our pocket money . So, in this specific case, we use the Office2016 Professional Plus CD Key Global link.

Windows licenses for under 13 USD!(promote code)

Then we click on  Buy Now  or  Buy Now if changing the website language at the top of the screen if you need, and we are presented with the registration window in this case the values that are initially presented US Dollars Euros to spend. We can register on the site or, alternatively, we can use one of our Facebook, G + or WindowsLive accounts.

Windows licenses for under 13 USD!(promote code)

After you have logged in, you can proceed to the product confirmation page and click on Send Order and go to the payment method...

16:38

Fake News is Part of a Bigger Problem: Automated Propaganda "IndyWatch Feed Tech"

The Columbia Journalism Review has some analysis of the problem of disinformation and propaganda being actively spread over social control media. As the situation is studied more, albeit belatedly, the nature of social control's business model gets more daylight.

"That fundamental goal is to get the user to stay as long as possible," Ghosh said in an interview. "Their motivations are differentfor platforms, it is to maximize ad space, to collect more information about the individual, and to rake in more dollars; and for the disinformation operator, the motive is the political persuasion of the individual to make a certain decision. But until we change that alignment, we are not going to solve the problem of disinformation on these platforms."

After Mueller released his indictments, sociologist Zeynep Tufekci noted on Twitter that the indictment "shows [Russia] used social media just like any other advertiser/influencer. They used the platforms as they were designed to be used."

The phrase surveillance capitalism gets more traction as it becomes acknowledged that while social control media do not actively spread disinformation and propaganda it is a side effect of collecting as much personal information as legally (and somtimes illegally) allowed. That information is aggregated from multiple sources both internal and external to social control media itself. As a result it is getting increasingly difficult to distinguish between disinformation and authentic political speech.

Automated attacks make that differentiation that much harder. Faecebook gets the most attention, but the others, including YouTube work the same way and can thus be manipulated just as easily. (Ed: Speaking of YouTube, to single out one topic as an example, as seen recently with FCC comments on Net Neutrality, only 17%of the comments the FCC received were legitimate with the rest filled in by clumsy bots.)

Source : Fake news is part of a bigger problem: automated propaganda


Original Submission

Read more of this story at SoylentNews.

16:27

Security updates for Friday "IndyWatch Feed Tech"

Security updates have been issued by Debian (cups, gcc-6, irssi, kernel, and squid3), Fedora (mupdf), Mageia (irssi, mpv, qpdf, and quagga), openSUSE (libmad and postgresql95), SUSE (kernel and php5), and Ubuntu (kernel, linux-lts-trusty, linux-raspi2, and wavpack).

16:22

Hacking these IoT baby monitors is childs play, researchers reveal "IndyWatch Feed Tech"

Austrian security researchers have this week warned about the latest baby monitor affected by critical security vulnerabilities which raise very real privacy concerns.

Read more in my article on the Bitdefender Box blog.

16:10

Chaos backdoor, a malicious code that returns from the past targets Linux servers "IndyWatch Feed Tech"

Security experts from GoSecure, hackers are launching SSH brute-force attacks on poorly secured Linux servers to deploy a backdoor dubbed Chaos backdoor.

This post describes a backdoor that spawns a fully encrypted and integrity checked reverse shell that was found in our SSH honeypot, states the report published by GoSecure.

We named the backdoor Chaos, following the name the attacker gave it on the system. After more research, we found out this backdoor was originally part of the sebd rootkit that was active around 2013.

The Chaos backdoor was one of the components of the sebd Linux rootkit that appeared in the threat landscape back in 2013, researchers discovered a post on hackforums.net, where a user claims to know how the backdoor was made publicly available.

It seems that the source code of the backdoor was caught by a researcher that released it on the forum by changing the name of the backdoor in Chaos to trick members into believing that is was a new threat.

The malicious code is now being used by attackers in the wild to target Linux servers worldwide.

Researchers performed an Internet-wide scan using the handshake extracted from the client in order to determine the number of infected Linux servers and they discovered that this number is quite low, below the 150 marks.

chaos infection worldmap

The installation of the Chaos backdoor starts with the attacker downloading a file that pretended to be a jpg from http://xxx.xxx.xxx.29/cs/default2.jpg.

The file was currently a .tar archive containing the Chaos (ELF executable), the client (ELF executable), initrunlevels Shell script, the install Shell script.

Chaos, in the tar archive, is the actual backdoor that is installed on the victims system and the Client file is the client to connect to the installed backdoor.

...

16:00

Plasma Mobile Could Give Life to a Mobile Linux Experience "IndyWatch Feed Tech"

Title: 
Plasma Mobile Could Give Life to a Mobile Linux Experience

16:00

Radeon Linux OpenGL Driver Continues Giving Its Best Against Windows 10 "IndyWatch Feed Tech"

With having around a Windows 10 installation this week for the latest Windows 10 WSL vs. Linux benchmarking, I also carried out some fresh benchmarks of the Radeon gaming performance between Windows 10 and Ubuntu Linux using the very latest drivers on each platform. This time around a Radeon RX 580 and RX Vega 64 were used for this benchmarking.

15:15

Animal Study Shows How To Retrain The Immune System To Ease Food Allergies "IndyWatch Feed Tech"

Treating food allergies might be a simple matter of teaching the immune system a new trick, researchers at Duke Health have found.

In a study using mice bred to have peanut allergies, the Duke researchers were able to reprogram the animals' immune systems using a nanoparticle delivery of molecules to the lymph nodes that switched off the life-threatening reactions to peanut exposures.

[...]

They focused on the Th2-type cytokine immune response, which is increasingly understood as a driver of the overactive immune responses in allergy attacks. In an appropriate immune response, Th2 works in tandem with Th1, but during allergic reactions, Th2 is overproduced and Th1 is diminished.

The solution appears simple enough: deliver more Th1-type cytokines ahead of an allergen exposure to restore balance. But it has proven difficult. A test of this type was attempted as an asthma therapy, but it required a massive dose to the lungs and was ineffective.

In their experiment with the peanut-allergy mice, St. John and colleagues instead delivered antigen- and cytokine-loaded nanoparticles into the skin. The nanoparticles traveled to the lymph nodes, where they dissolved and dispensed their payload at the source of the immune response.

Animals that received this therapy no longer went into an acute allergic response called anaphylaxis when they were subsequently exposed to peanuts. The new-found tolerance was long-lasting, so did not need to be repeated ahead of each exposure to the allergen.

"The Th1 and Th2 sides of immunity balance each other," St. John said. "We reasoned that since we know Th2 immunity is over-produced during allergic responses, why not try to skew the immune response back the other direction? By delivering cytokines to the lymph nodes where immune responses are established, we were able to re-educate the immune system that an allergic response is not an appropriate one."

The approach could theoretically be applied to other allergens, including environmental triggers such as dust and pollen. Additional experiments are underway to move the findings into human trials.


Original Submission

Read more of this story at SoylentNews.

15:01

Next Week: Bring-A-Hack In NYC "IndyWatch Feed Tech"

Hackaday, along with Ultimaker and New Lab, are hosting an extravaganza of super hacks and more in New York next week. Grab a project youre working on and join us on Wednesday, February 28 in Brooklyn.

This is all about showcasing the coolest, newest stuff being worked on by makers, hackers, artists, and engineers. Get ready to talk hardware, stare into far too many LEDs, and enjoy drinks and camaraderie. The event is being hosted by New Lab, and were teaming up with Ultimaker to bring you a night of fun and solder fumes. We have great speakers lined up, and weve blocked out some time for lightning talks too so fill out this form if youre interested.

Support for the KiCad Project

RSVPs for this meetup are $5, with all proceeds being donated to the KiCad project via CERN.

Sending some funding to support this Open Source EDA project is a great thing. If this fee is a no-go for you, we&#8217...

15:00

2017 Was a Record Year for ID Theft in the U.S. "IndyWatch Feed Tech"

At least 16.7 million Americans had their identities compromised Photo: iStock Photo

This will not come as a big shock: an estimated 16.7 million Americans were victims of identity theft last year, according to a survey published by the research and advisory firm Javelin Strategy & Research. And the company says this tops the previous record of 15.4 million compromised identities which occurred, not surprisingly, in 2016.

Javelin notes in its report that cyber thieves have changed tactics over the past year, which has made them more efficient and effective. They are now focusing on targeting cellphones and email accounts to obtain a persons complete details, such as their name, address, and social security number, instead of trying to access individual pieces of personal information in order to piece together a profile.

This strategy is making it easier for cyber criminals to open fraudulent accounts and to exploit them for a longer period of time before they are discovered. The company estimates that fraud losses last year amounted to some US $16.8 billion.

In addition, nearly 1 in 3 Americans were notified of a data breach in 2017, a significant jump from 1 in 8 in 2016, Javelin reports. A major reason was the consumer credit bureau Equifax breach that was discovered on 29 July 2017, in which the personal information of 145.5 million people (130 million Americans, 15.2 million British citizens, and 8,000 Canadians) was compromised. It's unclear how many of those affected also became victims of identity theft as a result.

As if the loss of names, addresses, social security numbers, and/or birthdates wasnt enough, Equifax quietly informed the Senate Banking Committee earlier this month that even more information had been accessed in their data breach than it first reported.

Equifax told the committee that for an unknown number of persons, email addresses, driver license numbers (including issue...

14:35

OMG botnet, the first Mirai variant that sets up proxy servers on vulnerable devices "IndyWatch Feed Tech"

Researchers at Fortinet have discovered the OMG botnet, the first Mirai variant that sets up proxy servers on the compromised IoT devices.

A new variant of the infamous Mirai botnet appeared in the threat landscape, it was discovered by researchers at Fortinet that referred it as OMG because of strings containing OOMGA in the configuration table.

For this reason, we decided to name this variant OMG.The table, originally encrypted, was decrypted using 0xdeadbeef as the cipher key seed, using the same procedure adopted for the original Mirai. The first thing we noticed are the strings /bin/busybox OOMGA and OOMGA: applet not found. wrote Fortinet.

The name Mirai was given to the Mirai bot because of the strings /bin/busybox MIRAI and MIRAI: applet not found, which are commands to determine if it has successfully brute-forced its way into the targeted IoT device. These strings are similar with other variations such as Satori/Okiru, Masuta, etc. 

The Mirai botnet was first spotted in August 2016 by the security researcher MalwareMustDie, it was specifically designed to compromise vulnerable or poorly protected IoT. Once Mirai malware compromises an IoT device it recruits it into a botnet primarily used for launching DDoS attacks, such as the one that hit Dyn DNS service.

In October 2016, the Mirai source code was leaked and threat actors in the wild started customizing their Mirai botnet.

The OMG botnet includes most of Mirais features and modules, including the attack, killer, and scanner modules, but also adds new ones.

According to Fortinet its configuration includes two strings used to add a firewall rule to ensure traffic on two random ports is allowed.

This variant also adds and removes some configurations that can be found in the original Mirai code. Two notable additions are the two strings that are used to add a firewall rule to allow traffic on two random ports, which we will discuss in the latter part...

14:18

3,000 Databases with 200 Million Unique accounts found on Dark Web "IndyWatch Feed Tech"

By Waqas

Dark Web is a strange place where one can conduct

This is a post from HackRead.com Read the original post: 3,000 Databases with 200 Million Unique accounts found on Dark Web

14:18

The economic impact of cybercrime? Almost $600 billion "IndyWatch Feed Tech"

Cybercrime costs businesses close to $600 billion, or 0.8 percent of global GDP, which is up from a 2014 study that put global losses at about $445 billion, according to a report by McAfee, in partnership with the Center for Strategic and International Studies (CSIS). Adopting new technologies The report attributes the growth over three years to cybercriminals quickly adopting new technologies, the ease of engaging in cybercrime including an expanding number of cybercrime More

14:12

Counterfeit digital certificates for sale on underground forums "IndyWatch Feed Tech"

Signing malicious code with valid digital certificates is a helpful trick used by attackers to maximize the odds that malware wont be flagged by antivirus solutions and often even by network security appliances. Digitally signed malware can also bypass OS protection mechanisms that install or launch only programs with valid signatures. As it happens, it has recently been pointed out that the practice of signing malicious code is more widespread than previously thought. But, while More

14:05

Glxinfo Gets Updated With OpenGL 4.6 Support, More vRAM Reporting "IndyWatch Feed Tech"

The glxinfo utility is handy for Linux users in checking on their OpenGL driver in use by their system and related information. But it's not often that glxinfo itself gets updated, except that changed today with the release of mesa-demos-8.4.0 as the package providing this information utility...

14:00

New infosec products of the week: February 23, 2018 "IndyWatch Feed Tech"

Cisco offers cloud-based endpoint security solutions for MSSPs Cisco is offering MSSPs security, visibility, and control of customer endpoints. Their endpoint security portfolio includes: Cisco AMP for Endpoints, Cisco Umbrella, and Meraki Systems Manager to offer protection against advanced malware and threats. AMP for Endpoints prevents breaches and blocks malware at the point of entry, then continues to watch, analyze, and record file activity, regardless of the files disposition. Cisco Umbrella blocks requests to malicious More

14:00

3 Warning Flags of DevOps Metrics "IndyWatch Feed Tech"

"Human beings adjust behavior based on the metrics they're held against." Choose your metrics carefully.

Metrics. Measurements. Data. Monitoring. Alerting. These are all big topics for DevOps and for cloud-native infrastructure and application development more broadly. In fact, acm Queue, a magazine published by the Association of Computing Machinery, recently devoted an entire issue to the topic.

13:43

Biohacker Regrets Injecting Himself With Gene Therapy in Front of a Live Audience "IndyWatch Feed Tech"

A Biohacker Regrets Publicly Injecting Himself With CRISPR

When Josiah Zayner watched a biotech CEO drop his pants at a biohacking conference and inject himself with an untested herpes treatment, he realized things had gone off the rails.

Zayner is no stranger to stunts in biohackingloosely defined as experiments, often on the self, that take place outside of traditional lab spaces. You might say he invented their latest incarnation: He's sterilized his body to "transplant" his entire microbiome in front of a reporter. He's squabbled with the FDA about selling a kit to make glow-in-the-dark beer. He's extensively documented attempts to genetically engineer the color of his skin. And most notoriously, he injected his arm with DNA encoding for CRISPR that could theoretically enhance his musclesin between taking swigs of Scotch at a live-streamed event during an October conference. (Experts sayand even Zayner himself in the live-stream concededit's unlikely to work.)

So when Zayner saw Ascendance Biomedical's CEO injecting himself on a live-stream earlier this month, you might say there was an uneasy flicker of recognition.

Read more of this story at SoylentNews.

13:30

Email inboxes still the weakest link in security perimeters "IndyWatch Feed Tech"

Over one-third of all security incidents start with phishing emails or malicious attachments sent to company employees, according to F-Secure. Types of attacks The single most common source of breaches analyzed in the report was attackers exploiting vulnerabilities in an organizations Internet facing services, which accounted for about 21 percent of security incidents investigated by F-Secures incident responders. Phishing and emails with malicious attachments together accounted for about 34 percent of breaches, which F-Secure Principal More

13:00

A Robot For Everything: Now Even Zippers "IndyWatch Feed Tech"

Sometimes we see projects that are so clever while being remarkably simple, that we cant help thinking: Why didnt I think of that! Take [Haresh Karnan]s zipper robot, for example. Its a well-designed 3D-printed shell with two geared motors for traction, that can both undo and do up zippers. Behind that seemingly simple design probably lies a huge iterative design process to arrive at a shape perfect for the job, but the end result is so elegant that even [Haresh]s write-up and Hackaday.io page for the project are short and to the point. Download the STL file, snap in the motors, apply to a zipper, and away you go. He suggests rubber bands as a traction aid, but thats pretty much it.

The results can be seen in the video below the break. While we might be tempted to make jokes about the terminally lazy using this device to save unnecessary labour after a toilet break, we can see that it might have a real application. If you have any friends with restricted dexterity you will understand how having an automated helper with such a fiddly task as a zipper could be an extremely useful accessibility aid.

While were on the subject of zippers, if you missed it a few weeks ago heres our in-depth look at their story.

Linux 4.15 Kernel Is Now The Default In Ubuntu 18.04 LTS "IndyWatch Feed Tech"

After sitting in Bionic-Proposed the past week, Ubuntu 18.04 LTS has officially moved from the Artful Aardvark's Linux 4.13 kernel to now running on Linux 4.15...

12:42

How Cultural Evolution Can Give Us the Tools to Build Global-Scale Resilience "IndyWatch Feed Tech"

Theres an unsettling premise at the heart of Joe Brewers lifes work.

Brewer is a change strategist dedicated to ensuring a thriving global civilization exists 100 years from nowand he believes this is becoming less likely every year. Theres rising instability in our fragile and rapidly changing biosphere, he says, and society is unlikely to escape harm.

We are going through a period of planetary change, and there is a collapse dynamic thats already happening. The global scale social complexity we have today is at risk, and we may lose it, he told me in a conversation for Singularity Hub.

12:34

Re: review of LibVNCServer/vncterm proxmox/vncterm proxmox/spiceterm xenserver/vncterm qemu/ui/console.c "IndyWatch Feed Tech"

Posted by Solar Designer on Feb 23

Hi Dominik,

In these GitHub repos, which I thought were official:

https://github.com/proxmox/vncterm
https://github.com/proxmox/spiceterm

Shortly after I sent the message, I realized I should have included
these links in it. Ditto for other projects, so here they are:

XenServer vncterm:

https://github.com/xenserver/vncterm

Might be also out of date, since last commit is 2 years ago? But could
also be latest. These things don't have...

12:29

Mir's Wayland Support Will Now Let You Drag Around Windows "IndyWatch Feed Tech"

I was surprised to learn that up until this week, Mir's initial Wayland support didn't allow for windows of Wayland clients to be moved around the screen...

12:23

Re: Fwd: [SECURITY] CVE-2018-1304 Security constraints mapped to context root are ignored "IndyWatch Feed Tech"

Posted by Mark Thomas on Feb 23

The problem typically occurs with security annotations on servlets. In
this case the security annotations pick up the mappings from the servlet
they are annotating. If you changed the servlet mapping from "" to "/"
that would almost certainly significantly change the behaviour of the
web application since you are changing the mapping from "exact match to
context root" to "default servlet".

Mark

12:22

CERN scientists get antimatter ready for its first road trip "IndyWatch Feed Tech"

Antimatter is notoriously tricky to store and study, thanks to the fact that it will vanish in a burst of energy if it so much as touches regular matter. The CERN lab is one of the only places in the world that can readily produce the stuff, but getting it into the hands of the scientists who want to study it is another matter (pun not intended). After all, how can you transport something that will annihilate any physical container you place it in? Now, CERN researchers are planning to trap and truck antimatter from one facility to another.

Antimatter is basically the evil twin of normal matter. Each antimatter particle is identical to its ordinary counterpart in almost every way, except it carries the opposite charge, leading the two to destroy each other if they come into contact. Neutron stars and jets of plasma from black holes may be natural sources, and it even seems to be formed in the Earths atmosphere with every bolt of lightning.

12:22

Re: review of LibVNCServer/vncterm proxmox/vncterm proxmox/spiceterm xenserver/vncterm qemu/ui/console.c "IndyWatch Feed Tech"

Posted by Dominik Csapak on Feb 23

Hi,

Thanks for the review.

I do not know where you looked at our code, but in our official git
repositories for vncterm[1] and spiceterm[2]

those issues are already fixed (since 2017-05-05)

i changed those variables all to unsigned int, which makes those
increments defined behavior, and the range checks are ok, because
they cannot be negative anymore.
(it may behave strange, but you cannot trigger an out-of-bounds
read/write anymore)
also,...

12:11

Hachette CEO: "The eBook is a stupid product." "IndyWatch Feed Tech"

Arnaud Nourry, the CEO of Lagardre Publishing (the parent company of Hachette Book Group), gave an interview to Scroll.in in which he claims, "the eBook is a stupid product."

In the US and UK, the ebook market is about 20% of the total book market, everywhere else it is 5%-7% because in these places the prices never went down to such a level that the ebook market would get significant traction. I think the plateau, or rather slight decline, that we're seeing in the US and UK is not going to reverse. It's the limit of the ebook format. The ebook is a stupid product. It is exactly the same as print, except it's electronic. There is no creativity, no enhancement, no real digital experience. We, as publishers, have not done a great job going digital. We've tried. We've tried enhanced or enriched ebooks didn't work. We've tried apps, websites with our content we have one or two successes among a hundred failures. I'm talking about the entire industry. We've not done very well.

For an in-depth explanation of Arnaud Nourry's comments, we go to The Digital Reader:

Hachette's sales are low because Hachette keeps their ebook prices high. If you check the Author Earnings report, you will see that ebooks make up a significant part of the market. And it's not just a tiny group of readers who like ebooks; almost all of romance has gone digital, as well as around half of the SF market.

This guy understands so little about ebooks that it is almost frightening.

Read more of this story at SoylentNews.

12:05

Intel ANV Getting VK_KHR_16bit_storage Support Wrapped Up "IndyWatch Feed Tech"

Igalia's Jose Maria Casanova Crespo sent out a set of patches today for fixes that allow for the enabling of the VK_KHR_16bit_storage extension within Intel's ANV Vulkan driver...

12:00

With rules repealed, what's next for net neutrality? "IndyWatch Feed Tech"

The battle over the Federal Communications Commissions (FCC) repeal of net neutrality rules is entering a new phase, with opponents of the move launching efforts to preserve the Obama-era consumer protections.The net neutrality rules had required...

11:50

Let's Encrypt Hits 50 Million Active Certificates and Counting "IndyWatch Feed Tech"

In yet another milestone on the path to encrypting the web, Lets Encrypt has now issued over 50 million active certificates. Depending on your definition of website, this suggests that Lets Encrypt is protecting between about 23 million and 66 million websites with HTTPS (more on that below).

11:00

Mentor Embedded Linux Gains Cloud-Based IoT Platform "IndyWatch Feed Tech"

Mentor announced a Mentor Embedded IoT Framework platform that builds on top of Mentor Embedded Linux with cloud-based IoT cloud services ranging from device authentication and provisioning to monitoring and diagnostics.

10:39

Cybersecurity Tips to Protect Small Business from Cyber Attacks "IndyWatch Feed Tech"

Small Business is a privileged target of attackers, in fact, there is a high risk of having problems with hackers if you are a large company or even a media player.

Do you have a small company? If the answer is yes, and you think that no cyber attack will ever affect you, think again. Small Business is a privileged target of attackers, in fact, there is a high risk of having problems with hackers, if you are a large company or even a media player.

According to recent reports, more than 40% of cyber attacks are targeting companies with fewer than 500 employees. More disturbing studies show that hackers attack every fifth small company. In most cases, these companies shut down because their security plans do not exist or there is a huge gap in providing total protection.

Cybersecurity is the most important way to ensure that your business does not run the risk of malicious attacks, especially if the people behind them do not show up.

Therefore, it is essential to take strong security measures if you do not want to lose your job for life and trust of your valuable customers. Moreover, prominent organizations expect their confidential information to hide under any circumstances. If you find that this is not the case, your customers will turn to other companies.

To avoid this, we would like to share with you how you can protect your small business from cyber attacks or more simply, tips to protect small business from cyber attacks.

Make as Many Backups as Possible

The reserve is significant if you want to protect all confidential data from cyber attacks and hackers who create malicious software and send it to devices that are explicitly used by small employees are inexorable. If you create multiple backups, you can sleep well at night, knowing that these files, presentations, etc. are present safe and sound. It is important not to get stained forever when it comes to malware.

Application of the Most Powerful Antivirus Program

When using a reliable security solution, it is essential to keep your business altogether.

Do not forget to choose the one antivirus software that protects your computer against all types of malware; antivirus program that eventually needs to detect and eliminate spam, spyware, Trojans, phishing attacks, etc. after selecting the best option for your business, but dont forget to update it regularly.

Training of Employees

The people who work for you need to know that by clicking on the random links that you received through your professional...

10:38

US Border Patrol Hasnt Validated E-Passport Data for Years "IndyWatch Feed Tech"

Passports, like any physical ID, can be altered and forged. That's partly why for the last 11 years the United States has put RFID chips in the back panel of its passports, creating so-called e-Passports. The chip stores your passport informationlike name, date of birth, passport number, your photo, and even a biometric identifierfor quick, machine-readable border checks. And while e-Passports also store a cryptographic signature to prevent tampering or forgeries, it turns out that despite having over a decade to do so, US Customs and Border Patrol hasn't deployed the software needed to actually verify it.

https://www.wired.com/story/us-border-patrol-hasnt-validated-e-passport-data-for-years/


Original Submission

Read more of this story at SoylentNews.

10:31

Evidence the corrupt EPA colluded with Monsanto "IndyWatch Feed Tech"

Image: Evidence the corrupt EPA colluded with Monsanto to delay toxicology review of their controversial herbicide glyphosate

 

What will happen when Trump cleans house here?  The science has been suppressed for decades. 

That science will continue to be suppressed by whatever means possible..
We need to legislate a clear tiered regulatory regime.  A trial tier can be allowed limited to special applications by licensed users.  This state should continue for twenty years or so long as necessary to produce properly collected meta data by independent researchers that show no issues.
It really does take twenty years.  In the case of roundup we now have a situation in which the product has been massively dumped into the environment for the past twenty years while the rising death toll among users has not been addressed at all.
Far too many farmers are retiring to a cancer ward.


Evidence the corrupt EPA colluded with Monsanto to delay toxicology review of their controversial herbicide glyphosate

Thursday, February 08, 2018 

10:22

Meet the scientists running to transform Congress in 2018 "IndyWatch Feed Tech"

But first, science candidates must win their races. Most face long odds. For starters, voters may be impressed by a candidates scientific credentials, but such background is rarely a decisive factor when they go to the polls. In addition, most of this years STEM candidates are political novices who are starting out far behind their opponents when it comes to knowing how to run a professional campaign.


House races feature unusual upsurge in entrants with technical backgrounds.

10:00

A Two Tapes Turing Machine "IndyWatch Feed Tech"

Though as with so many independent inventors the origins of computing can be said to have been arrived at through the work of many people, Alan Turing is certainly one of the foundational figures in computer science. His Turing machine was a thought-experiment computing device in which a program performs operations upon symbols printed on an infinite strip of tape, and can in theory calculate anything that any computer can.

In practice, we do not use Turing machines as our everyday computing platforms. A machine designed as an academic abstract exercise is not designed for efficiency. But that wont stop Hackaday, and to prove that point [Olivier Bailleux] has done just that using readily available electronic components. His twin-tape Turing machine is presented on a large PCB, and is shown in the video below the break computing the first few numbers of the Fibonacci sequence.

The schematic is available as a PDF, and mostly comprises of 74-series logic chips with the tape contents being displayed as two rows of LEDs. The program is expressed as a pluggable diode matrix, but in a particularly neat manner he has used LEDs instead of traditional diodes, allowing us to see each instruction as it is accessed. The whole is a fascinating item for anyone wishing to learn about Turing machines, though we wish [Olivier] had given  us a little more information in his write-up.

That fascination with Turing machines has manifested itself in numerous builds here over the years. Just a small selection are one using 3D printing, another using Lego, and a third using ball bearings. And of course, if youd like instant gratification, take a look at the one Google put in one of their doodles for Turings 100th anniversary.

 

09:52

Meltdown patch for OpenBSD is available lets wait for feedbacks "IndyWatch Feed Tech"

OpenBSD releases Version 11 code update that addresses the Meltdown vulnerability by implementing the separation between the kernel and the user memory pages.

OpenBSD addresses the Meltdown vulnerability with the release of a Version 11 code. The update implements the separation between the kernel and the user memory pages.

OpenBSDs Phillip Guenther provided further details on the implementation.

When a syscall, trap, or interrupt takes a CPU from userspace to kernel the trampoline code switches page tables, switches stacks to the threads real kernel stack, then copies over the necessary bits from the trampoline stack. On return to userspace the opposite occurs: recreate the iretq frame on the trampoline stack, switch stack, switch page tables, and return to userspace. wrote Guenther.

Per-CPU page layout mostly inspired by DragonFlyBSD.

Guenther explained that Per-CPU page layout mostly implemented the approach used in DragonFly BSD.

According to Gunther the impact on performance would be reduced because the approach minimizes the overhead for the management of kernel code and data in the transitions to/from the kernel.

On Intel CPUs which speculate past user/supervisor page permission checks, use a separate page table for userspace with only the minimum of kernel code and data required for the transitions to/from the kernel. he added.

When a syscall, trap, or interrupt takes a CPU from userspace to kernel the trampoline code switches page tables, switches stacks to the threads real kernel stack, then copies over the necessary bits from the trampoline stack. On return to userspace the opposite occurs: recreate the iretq frame on the trampoline stack, switch stack, switch page tables, and return to userspace.Meltdown OpenBSD

A couple of weeks ago, DTrace expert Brendan Gregg developed a microbenchmark to...

09:41

Another Potential Performance Optimization For KPTI Meltdown Mitigation "IndyWatch Feed Tech"

Now that the dust is beginning to settle around the Meltdown and Spectre mitigation techniques on the major operating systems, in the weeks and months ahead we are likely to see more performance optimizations come to help offset the performance penalties incurred by mitigations like kernel page table isolation (KPTI) and Retpolines. This week a new patch series was published that may help with KPTI performance...

09:13

SpinLaunch "IndyWatch Feed Tech"

I just hope theres plenty of 4K footage of the launch centrifuge facility when it experiences catastrophic failure. Via: TechCrunch: What if instead of blasting cargo into space on a rocket, we could fling it into space using a catapult? Thats the big, possibly crazy, possibly genius idea behind SpinLaunch. It was secretly founded in []

09:07

Spanish Authorities Launch New Campaign to Block Pirate Websites "IndyWatch Feed Tech"

Following complaints from Disney, 20th Century Fox, Paramount, Sony, Universal and Warner, a court in Spain recently ordered local ISPs to block HDFull.tv and Repelis.tv, a pair of popular pirate sites.

Citing changes in local law which helped facilitate the action, the MPA welcomed the blockades as necessary to prevent further damage to the creative industries. Now, just a week later, it seems that Spain really has the bit between its teeth.

An announcement from the Guardia Civil (Civil Guard), the oldest law enforcement agency in the country, reveals that almost two dozen websites have just been blocked for infringing intellectual property rights.

The Civil Guard, within the framework of the Operation CASCADA, has initiated a campaign to block websites that allow people to download content protected by copyright and disseminate them through links in P2P networks, that is, networks of computers that work without fixed servers, the Civil Guard said in a statement.

In this first phase, a total of 23 web domains have been blocked from which direct download links of all kinds of protected audiovisual material such as movies, series, music and video games were accessed, many of them of recent creation and without being released yet in our country.

High-quality versions of films available on the cinema billboards of our country were offered, although they had not yet been sold in physical or digital format and dubbed with audio in several languages.

A full list of websites and domains hasnt yet been provided by the authorities but familiar names including divxtotal.com and gamestorrents.com are confirmed to be included in the first wave.

The Civil Guard, which is organized as a military force under the authority of the Ministry of the Interior and Ministry of Defense, said that the administrators of the sites operate their platforms from abroad, generating advertising revenue from Spanish visitors who are said to make up 80% of the sites traffic.

In common with similar sites, the authorities accuse their owners of taking evasive action to avoid being shut down, including hiding the true location of their servers while moving them from country to country and masking domain registration data.

Cases have been detected in which previously judicially blocked domains were reactivated in a matter of hours, with practically identical domain names or even changing only the extension thereof. In this way, and even if several successive bl...

09:06

Farts Away! Plane Makes Unscheduled Stop After Man Won't Stop Guffing "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

An elderly man's flatulence forced his flight to make an emergency stop after a fight broke out over his barrage of bottom burps.

Passengers flying with budget Dutch airline Transavia from Dubai to Amsterdam were reportedly put out by the man's continued farting, and asked him to stop.

But the man failed to hold it in, and when even a direct order from the pilot didn't take the wind out of his sails, two particularly incensed passengers took matters into their own hands.

Local media reported that two Dutchmen sat next to the trumper started a fight with the man, which escalated to the point where the pilot was forced to make an unscheduled stop.

On landing in Vienna, armed police boarded the plane to remove the men who caused the ruckus, along with two sisters who were seated next to them.

Also covered at The Straits Times.


Original Submission

Read more of this story at SoylentNews.

09:01

How a backwards shirt led to a lesson in kindness for P.E.I. kindergarten class "IndyWatch Feed Tech"


This is a great story about how we all have the worst impulses however driven that can then be replaced by an act of kindness through an individual's unexpected initiative to ensure emotional solidarity.


It isnoteworthy that we do rationally move toward emotional solidarity. It is not immediate either.  It is rationally arrived at.  The instinctual impulse was to join in the hazing itself.


Was right or wrong rediscovered anew here?   These are all core to the human personality and noteworthy when found absent.  What causes failure to think this way? That seriously happens as well.   But a group overcomes this by sheer weight of majority thinking and not majority instinct.


How a backwards shirt led to a lesson in kindness for P.E.I. kindergarten class 


February 9, 2018




https://ca.news.yahoo.com/backwards-shirt-led-lesson-kindness-140000549.html

How a backwards shirt led to a...

09:00

Large city just days away from running out of wate "IndyWatch Feed Tech"

Image: COLLAPSE: Large city just days away from running out of water, turning off all water taps to residential households massive PANIC and UNREST to follow







 
 
 
 
 
 
 
 
 
This piece is clearly alarmist but also a reminder.  a water system is designed to have an ample reserve.  However that can be wiped out by urban expansion and it often is.  Then it becomes necessary to engineer a solution.  However that always takes a year or five.  No magic overcomes increasing risk and a rare drought.
 
The first response is rationing and that is usually done early because it is easy. That is also more than enough in most situations.
 
We will be transitioning to a vastly distributed system of natural communities in which local water will be simply ample.  In the meantime we must struggle to support our super cities.

 
COLLAPSE: Large city just days away from running out of water, turning off all water taps to residential households massive PANIC and UNREST to follow

Thursday, February 08, 2018 by: Jayson Veley

09:00

OUTED: DuPont covered up the health risks of Teflon "IndyWatch Feed Tech"



 
This is 2018 and we are now understanding this.  Folks can now get to sue. Sixty years of exposure to C8 is the central problem but was no surprise to Du Pont. Huh!.
 
I never liked the product and whatever pans  we had i usually avoided as the surface only held up briefly anyway.  The i did have a cast iron pan that i bought the day i came to Vancouver in 1972 and have to this day.  It happens to be the perfect non stick pan.

We need to produce cast iron foam to form a working core and surface in order to eliminate the majority of the cast iron pan's weight.  No from of plastic is suitable for surfacing a hot metal.  They all disintegrate far too soon and every pan will produce hot spots.  So plastic is not a real option..
.
OUTED: DuPont covered up the health risks of Teflon

Wednesday, February 07, 2018 by: Vicki Batts


Tags: badfood, badhealth, badmedicine, badscience, chemicals, cookware, corporate greed, DuPont, food supply, lies, Nonstick Cookware, Teflon, toxic chemicals, toxins

https://www.naturalnews.com/2018-02-07-dupont-covered-up-the-health-risks-of-teflon.html

(Natural News) Few things are as ubiquitous in modern kitchens as nonstick cookware; from frying pans to baking dishes and a host of other accouterments, youd be h...

08:31

Drupal addressed several vulnerabilities in Drupal 8 and 7 "IndyWatch Feed Tech"

The Drupal development team addressed many vulnerabilities in both Drupal 8 and 7, including some flaws rated as critical.

Drupal maintainers have fixed many vulnerabilities in Drupal 7 and 8, including some flaws rated as critical.

One of the critical security vulnerabilities is related to partial cross-site scripting (XSS) prevention mechanisms that was addressed with Drupal 8.4.5 and 7.57 versions. The popular CMS uses a JavaScript function that doesnt completely sanitize the input

Drupal has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML. reads the advisory. This function does not correctly handle all methods of injecting malicious HTML, leading to a cross-site scripting vulnerability under certain circumstances. 

The second vulnerability rated as critical affects Drupal 8, it could be exploited by users who have permission to post comments to view content and comments they should not be able to access. The flaw could also allow users to add comments to the content that should not be able to access.

The Drupal team also fixed two moderately critical vulnerabilities in Drupal 7 and other two in Drupal 8. The flaws in Drupal 7:

  • A Private file access bypass Drupal fails to check if a user has access to a file before allowing the user to view or download it when the CMS is using a private file system.
  • A jQuery cross site scripting vulnerability that is present when making Ajax requests to untrusted domains.

while the vulnerabilities in Drupal 8 are:

  • A Settings Tray access bypass that could be exploited by users to update certain data that they do not have the permissions for.

 

07:33

Air Italy Expands As UAE-Backed Alitalia Goes Bankrupt "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

Italian airline Meridiana changed its name to Air Italy with the backing of Qatar Airways, its new shareholder, aiming to become Italy's flagship carrier as UAE-backed Alitalia undergoes bankruptcy proceedings. Re-branded as Air Italy, Meridian unveiled a new restructuring plan to make of Air Italy "a sustainable airline alternative for the people of Italy", as Qatar Airways' CEO Akbar al-Baker said on Monday at a press conference in Milan. "Air Italy will achieve global scale in both fleet and network expansion ... We will show that we are the star," added al-Baker. Over the next three years, 20 Boeing 737 MAX aircraft will be added to Air Italy's fleet, the first of which arrives in April 2018.


Original Submission

Read more of this story at SoylentNews.

07:00

Forth System-On-Chip Takes Us Back to the 80s "IndyWatch Feed Tech"

For anyone who has dealt with the programming language Forth, odds are good that you picked it up back in the 80s. Since the language is still in use for many applications, though, you might not have this sort of nostalgic feeling for the language that some might have. For that, though, you might want to try out [Richard]s implementation which simulates the microcomputers of the 80s using this unique language.

The system has an FPGA-based CPU written in Verilog. It runs on a Nexys-3 board and features PS/2 Keyboard input, a VGA output with a VHDL VT100 terminal emulation module, access to the Flash and onboard SRAM, and a UART. With all of that put together its virtually a Forth-based time machine. Its also extremely well documented even if youre just curious how it works and arent planning on building your own.

The project also includes a CPU simulator written in C which can model the entire computer if you dont have the hardware for building the actual computer. [Richard] also released everything that youd need to roll out your own Forth computer on the GitHub page. There are other ways of heading way back to the 1980s, though, like using the quirky Parralax Propeller.

06:57

[SECURITY] [DSA 4122-1] squid3 security update "IndyWatch Feed Tech"

Posted by Salvatore Bonaccorso on Feb 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-4122-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
February 23, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : squid3
CVE ID : CVE-2018-1000024 CVE-2018-1000027...

06:55

Re: [CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5 "IndyWatch Feed Tech"

Posted by Justin Bull on Feb 22

Apologies. This fails to account for a non-trivial scenario.

Any software using Doorkeeper that has generated its own custom
views[0] requires manual work to verify there's no explicit HTML in
the `client_name` and `native_redirect_uri` field values.

This has been updated in the bulletin's Fix section[1].

[0]: https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-views
[1]:...

06:54

[security bulletin] MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance "IndyWatch Feed Tech"

Posted by cyber-psrt on Feb 22

https://softwaresupport.hpe.com/document/-/facetsearch/document/KM03086019

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: KM03086019
Version: 1

MFSBGN03798 rev.1 - Micro Focus Universal CMDB, Apache Struts Instance

NOTICE: The information in this Security Bulletin should be acted upon as
soon as possible.

Release Date: 2018-02-22
Last Updated: 2018-02-22...

06:45

[SECURITY] [DSA 4120-1] linux security update "IndyWatch Feed Tech"

Posted by Yves-Alexis Perez on Feb 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-4120-1 security () debian org
https://www.debian.org/security/ Yves-Alexis Perez
February 22, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2017-5715 CVE-2017-5754...

06:19

AI-Powered / Machine Learning Linux Performance Tuning Is Now A Thing "IndyWatch Feed Tech"

A year and a half ago I wrote about a start-up working on dynamically-tuned, self-optimizing Linux servers. That company is now known as Concertio and they just launched their "AI powered" toolkit for IT administrators and performance engineers to optimize their server performance...

06:01

Intel Releases Spectre Firmware Patches; Intel and AMD Face Numerous Lawsuits "IndyWatch Feed Tech"

Intel Issues Updated Spectre Firmware Fixes For Newer Processors

Intel has issued updated microcode to help protect its newer processors from Spectre security exploits. The Santa Clara, Calif.-based company's new microcode updates which impact its newer chip platforms, such as Kaby Lake, Coffee Lake, and Skylake have been released to OEM customers and partners.

[...] The company initially released patches addressing the Spectre and Meltdown vulnerabilities in January, but later yanked its patches for the Variant 2 flaw both for client compute and data center chips after acknowledging that they caused "higher than expected reboots and other unpredictable system behavior." And while Intel last week announced it was re-issuing fixes for several Skylake-based platforms, the company had not given further details for its other newer processors including Kaby Lake and Coffee Lake until Tuesday.

First Intel, now AMD also faces multiple class-action suits over Spectre attacks

Intel rival AMD is also facing a number of class-action lawsuits over how it's responded to the Meltdown and Spectre CPU flaws. As The Register reports, four class-action complaints have been filed against the chip maker seeking damages on behalf of customers and investors. The suits follow a warning from AMD in late January that warned investors that it is "also subject to claims related to the recently disclosed side-channel exploits, such as Spectre and Meltdown, and may face claims or litigation for future vulnerabilities".

Intel revealed last week that it now faced 32 class-action lawsuits over its handling of the Meltdown and Spectre issues and three additional lawsuits over alleged insider trading.

Also at BetaNews.


Original Submission

...

05:31

Re: Fwd: [SECURITY] CVE-2018-1304 Security constraints mapped to context root are ignored "IndyWatch Feed Tech"

Posted by Doran Moppert on Feb 22

Will a URL pattern of "/" correctly protect the context root of
vulnerable versions? If so, this seems worth mentioning.

05:24

Nissan to Begin Easy Ride Trial in Japan "IndyWatch Feed Tech"

Via: Reuters: Facing a future in which self-driving cars may curb vehicle ownership, Nissan Motor Co is taking its first steps to becoming an operator of autonomous transportation services, hoping to break into a segment set to be dominated by Uber Technologies and other technology firms. In partnership with Japanese mobile gaming platform operator DeNA []

05:02

Do you see what I see? Researchers harness brain waves to reconstruct images of what we perceive "IndyWatch Feed Tech"

A new technique developed by neuroscientists at the University of Toronto Scarborough can, for the first time, reconstruct images of what people perceive based on their brain activity gathered by EEG.

The technique developed by Dan Nemrodov, a postdoctoral fellow in Assistant Professor Adrian Nestors lab at U of T Scarborough, is able to digitally reconstruct images seen by test subjects based on electroencephalography (EEG) data.

When we see something, our creates a mental percept, which is essentially a mental impression of that thing. We were able to capture this percept using EEG to get a direct illustration of whats happening in the brain during this process, says Nemrodov.

04:28

SpaceX Deploys Broadband Test Satellites, Fails to Catch Entire Fairing "IndyWatch Feed Tech"

SpaceX has launched the Paz satellite for a Spanish company using a Falcon 9 rocket, which also carried two secondary payloads: Microsat-2a and Microsat-2b. These are intended to test technologies needed to provide broadband Internet access from orbit:

SpaceX launched again on Thursday - this time to put a Spanish radar satellite above the Earth.

But there was a lot of interest also in the mission's secondary payloads - a couple of spacecraft the Californian rocket company will use to trial the delivery of broadband from orbit. SpaceX has big plans in this area. By sometime in the mid-2020s, it hopes to be operating more than 4,000 such satellites, linking every corner of Earth to the internet.

SpaceX projections show that the company expects its "Starlink" Internet service to have 40 million subscribers and $30 billion in revenue by 2025.

SpaceX also attempted to recover the $6 million payload fairing (nose cone) of the rocket using a specially-built "catcher's mitt" net boat called "Mr. Steven":

After launching its Falcon 9 rocket from California this morning, SpaceX used a giant net to try to recover the rocket's nose cone as it fell down in the Pacific Ocean. The first-time experiment failed, however: one of the pieces of the nose cone missed the net, which was attached to a ship, and landed intact on the sea surface instead.

[...] A typical rocket fairing doesn't have any onboard engines, however. So SpaceX has equipped its latest nose cone with a guidance system and thrusters, tiny engines that help guide the pieces through the atmosphere when they break away from the rocket. Then, as the pieces descend, they deploy thin parachute-like structures known as parafoils to slow their fall. Down at the surface, a SpaceX boat named Mr. Steven (a random name, Musk said) attempts to catch one of the fairing pieces with a giant net attached to large claw-like appendages.

SpaceX has been able to land its fairings in the ocean before, but this was the first time the company deployed Mr. Steven to catch one of the pieces. Musk noted that a fairing half missed the boat by a few hundred meters. However, the company should be able to fix the problem by making the parafoils bigger, he said....

04:10

Fwd: [SECURITY] CVE-2018-1304 Security constraints mapped to context root are ignored "IndyWatch Feed Tech"

Posted by Mark Thomas on Feb 22

-------- Forwarded Message --------
Subject: [SECURITY] CVE-2018-1304 Security constraints mapped to context
root are ignored
Date: Fri, 23 Feb 2018 00:27:30 +0000
From: Mark Thomas
Reply-To: announce () tomcat apache org, announce () tomcat apache org
To: Tomcat Users List
CC: Tomcat Developers List , announce () apache org,
announce () tomcat apache...

04:08

Fwd: [SECURITY] CVE-2018-1305 Security constraint annotations applied too late "IndyWatch Feed Tech"

Posted by Mark Thomas on Feb 22

-------- Forwarded Message --------
Subject: [SECURITY] CVE-2018-1305 Security constraint annotations
applied too late
Date: Fri, 23 Feb 2018 00:27:36 +0000
From: Mark Thomas
Reply-To: announce () tomcat apache org, announce () tomcat apache org
To: Tomcat Users List
CC: Tomcat Developers List , announce () apache org,
announce () tomcat apache org...

04:00

This Radio Gets Pour Reception "IndyWatch Feed Tech"

When was the last time you poured water onto your radio to turn it on?

Designed collaboratively by [Tore Knudsen], [Simone Okholm Hansen] and [Victor Permild], Pour Reception seeks to challenge what constitutes an interface, and how elements of play can create a new experience for a relatively everyday object.

Lacking buttons or knobs of any kind, Pour Reception appears an inert acrylic box with two glasses resting on top. A detachable instruction card cues the need for water, and pouring some into the glasses wakes the radio.

Inside, two aluminium plates   acting as capacitive touch sensors are connected to an Arduino using the Tact library from NANDSudio. Wekinator a machine learning tool enabled [Knudsen] to program various actions to control the radio. Pouring water between the glasses changes stations, rotating and tweaking the glass positions adjusts audio quality, and placing a finger in the glass mutes it temporarily.

Its a great concept for a more engaging piece of tech, if perhaps a little unnerving to be pouring water around household electronics. Best take preventative measures before applying this idea elsewhere.

04:00

Why Is There So Much Hate for the Word Moist? - Facts So Romantic "IndyWatch Feed Tech"


A lot of people dont like the word moist. Several Facebook groups are dedicated to it, one with over 3,000 likes, New Yorker readers overwhelmingly selected it as the word to eliminate from the dictionary, and Jimmy Fallon sarcastically thanked it for being the worst word in the English language. When you ask people why this might be, there is no shortage of armchair theory: that theres something about the sounds involved, that it puts your face in a position similar to the facial expression of disgust, or that it reminds people of mold or sex.

Psychologist Paul Thibodeau and his colleagues ran a study to sort it out. They gave participants a set of words and asked them to rate how, whether, and to what degree, each word made them uncomfortable.

Are you tempted to
Read More

02:55

Meta-Analysis of 522 Trials Finds that Anti-Depressants are More Effective than Placebos "IndyWatch Feed Tech"

Anti-depressants: Major study finds they work

Scientists say they have settled one of medicine's biggest debates after a huge study found that anti-depressants work. The study, which analysed data from 522 trials involving 116,477 people, found 21 common anti-depressants were all more effective at reducing symptoms of acute depression than dummy pills. But it also showed big differences in how effective each drug is.

The authors of the report, published in the Lancet [open, DOI: 10.1016/S0140-6736(17)32802-7] [DX], said it showed many more people could benefit from the drugs. There were 64.7 million prescriptions for the drugs in England in 2016 - more than double the 31 million in 2006 - but there has been a debate about how effective they are, with some trial[s] suggesting they are no better than placebos. The Royal College of Psychiatrists said the study "finally puts to bed the controversy on anti-depressants".

The so-called meta-analysis, which involved unpublished data in addition to the information from the 522 clinical trials involving the short-term treatment of acute depression in adults, found the medications were all more effective than placebos. However, the study found they ranged from being a third more effective than a placebo to more than twice as effective.


Original Submission

Read more of this story at SoylentNews.

02:06

Nix 2.0 Package Manager Released With A Ton Of Changes "IndyWatch Feed Tech"

Nix 2.0 is now available as the latest major update to this functional package manager most commonly associated with the NixOS Linux distribution...

01:41

FOSTA Would Be a Disaster for Online Communities "IndyWatch Feed Tech"

Frankenstein Bill Combines the Worst of SESTA and FOSTA. Tell Your Representative to Reject New Version of H.R. 1865.

The House of Representatives is about to vote on a bill that would force online platforms to censor their users. The Allow States and Victims to Fight Online Sex Trafficking Act (FOSTA, H.R. 1865) might sound noble, but it would do nothing to stop sex traffickers. What it would do is force online platforms to police their users speech more forcefully than ever before, silencing legitimate voices in the process.

Back in December, we said that while FOSTA was a very dangerous bill, its impact on online spaces would not be as broad as the Senate bill, the Stop Enabling Sex Traffickers Act (SESTA, S. 1693). Thats about to change.

If you dont want Congress to undermine the online communities we all rely on, please take a moment to call your representative and urge them to oppose FOSTA.

Take Action

Stop FOSTA

Gutting Section 230 Is Not a Solution

The problem with FOSTA and SESTA isnt a single provision or two; its the whole approach.

FOSTA would undermine Section 230, the law protecting online platforms from some types of liability for their users speech. As weve explained before, the modern Internet is only possible thanks to a strong Section 230. Without Section 230, most of the online platforms we use would never have b...

01:35

Chase Glitch Exposed Customer Accounts "IndyWatch Feed Tech"

Multiple Chase.com customers have reported logging in to their bank accounts, only to be presented with another customers bank account details. Chase has acknowledged the incident, saying it was caused by an internal glitch Wednesday evening that did not involve any kind of hacking attempt or cyber attack.

Trish Wexler, director of communications for the retail side of JP Morgan Chase, said the incident happened Wednesday evening, for a pretty limited number of customers between 6:30 pm  and 9 pm ET who sporadically during that time while logged in to chase.com could see someone elses account details.

We know for sure the glitch was on our end, not from a malicious actor, Wexler said, noting that Chase is still trying to determine how many customers may have been affected. Were going through Tweets from customers and making sure that if anyone is calling us with issues were working one on one with customers. If you see suspicious activity you should give us a call.

Wexler urged customers to practice good security hygiene by regularly reviewing their account statements, and promptly reporting any discrepancies. She said Chase is still working to determine the precise cause of the mix-up, and that there have been no reports of JPMC commercial customers seeing the account information of other customers.

This was all on our side, Wexler said. I dont know what did happen yet but I know what didnt happen. What happened last night was 100 percent not the result of anything malicious.

The account mix-up was documented on Wednesday by Fly & Dine, an online publication that chronicles the airline food industry. Fly & Dine included screenshots of one of their writers spouses logged into the account of a fellow Chase customer with an Amazon and Chase card and a balance of more than $16,000.

Kenneth White, a security researcher and director of the...

01:21

FCC Officially Publishes Net Neutrality Repeal "IndyWatch Feed Tech"

The Federal Communications Commission's net neutrality rules will be no more in two months: The agency has taken the final step in removing the regulations from its rule book.

But that may not be the end of the story. Dozens of groups are expected to file lawsuits challenging the repeal, and Democrats in Congress will push to reverse the FCC's action.

On Thursday, the FCC published the final notice of the repeal in the Federal Register, which starts a 60-day clock until the rules are removed. The effective date for the repeal is April 23. The FCC voted to repeal the rules on Dec. 14.

https://www.cnet.com/news/fcc-officially-publish-net-neutrality-repeal/#ftag=CADf328eec

Final Notice of Repeal: https://www.federalregister.gov/documents/2018/02/22/2018-03464/restoring-internet-freedom


Original Submission

Read more of this story at SoylentNews.

01:00

Software Defined Television on an ESP32 "IndyWatch Feed Tech"

Composite video from a single-board computer? Big deal every generation of Raspberry Pi has had some way of getting composite signals out and onto the retro monitor of your choice. But composite video from an ESP32? Thats a thing now too.

There are some limitations, of course, not least of which is finding a monitor that can accept a composite input, but since [bitluni]s hack uses zero additional components, we can overlook those. It really is as simple as hooking the monitor up to pin 25 and ground because, like his recent ESP32 AM radio station, the magic is entirely in software. For video, [bitluni] again uses his IS tweaks to push a lot of data into the DAC really fast, reproducing the sync and image signals in the 0-1 volt range of the PAL composite standard. His code also supports the NTSC standard, but alas because of frequency limitations in the hardware its monochrome only for both standards, at least for now. Hes also got a neat trick to improve performance by running the video signal generation and the 3D-rendering on separate cores in the ESP32. Check out the results in the video below.

It looks like the ESP32 is getting to be one of those Is there anything it cant do? systems. Aside from radio and video, weve seen audio playback, vector graphics, and even a Basic interpreter easter egg.

01:00

HPR2495: 10 Years of Xoke "IndyWatch Feed Tech"

HPR 40, on the 24th Feb 2008, was when a (slightly) younger Xoke debuted

00:25

Overnight Tech: FCC publishes net neutrality repeal | Dem state AGs sue to save rules | Comcast employees allege culture of harassment "IndyWatch Feed Tech"

FCC'S NET NEUTRALITY REPEAL PUBLISHED: The Federal Communications Commission's (FCC) order repealing net neutrality was published in the Federal Register Thursday morning, opening the door for supporters of the Obama-era rules to launch...

00:02

Purism Releases Updated Coreboot Images For Their Laptops "IndyWatch Feed Tech"

Purism has released updated Coreboot images for their Librem 13 v2 and Librem 15 v3 laptops...

00:01

NY Fed finds fintech mortgages quicker, less risky than bank loans "IndyWatch Feed Tech"

Mortgage lenders that exclusively use online applications approve loans quicker, experience fewer defaults, encourage more refinancing and respond to demand shifts better than brick-and-mortar rivals, according to a New York Federal Reserve report...

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Thursday, 22 February

23:49

Qt Or HTML5? A Million Dollar Question "IndyWatch Feed Tech"

Both Facebook and Netflix implemented their eponymous apps with Web. Despite spending millions of dollars, neither of them could achieve an iPhone-like user experience (60 frames per second and less than 100ms response to user inputs) on anything less powerful than a system-on-chip (SoC) with four ARM Cortex-A9 cores.

In contrast, numerous products like infotainment systems, in-flight entertainment systems, harvester terminals and home appliances prove that you can achieve an iPhone-like user experience (UX) on single-core Cortex-A8 SoCs. Our above-mentioned manufacturer HAM Inc. (renamed for the sake of confidentiality) verified these results by building both a Web and Qt prototype.

In this white paper, Burkhard Stubert explains how he could save one of the world's largest home appliance manufacturers millions of Euros by choosing Qt over HTML. The secret? Qt scales down to lower-end hardware a lot better, without sacrificing user experience.

With a five times smaller footprint, four to eight times lower RAM requirements and a more efficient rendering flow than HTML, Qt provides faster start-up times and maintains the cherished 60fps and 100ms response time, where HTML would struggle. The calculations show that being able to just downgrade your SoC by just one tier like this, Qt can reduce your hardware costs by over 53%.


Original Submission

Read more of this story at SoylentNews.

23:34

Democratic state attorneys general sue to preserve net neutrality rules "IndyWatch Feed Tech"

Twenty-two Democratic state attorneys general on Tuesday launched a lawsuit aimed at preserving net neutrality on Tuesday, the same day the Federal Communications Commission (FCC) published its rule striking the regulations in the...

23:30

Getting Ahead with Lightning Strike Simulation "IndyWatch Feed Tech"

In this eSeminar, we will show how EM field simulation can be used to provide insightful information with respect to lightning attachment/zoning analysis as well as transient current and magnetic field immunity of relatively large platforms such as aircraft.

Simulation plays an increasingly important role in evaluating system performance when subjected to Electromagnetic Environmental Effects (E3) and for investigating strategies for protection. Lightning strike simulation is one of the key applications in this area, which can seem daunting given the multi-scale and multi-physics nature of this fascinating phenomenon. Modeling of complex composite materials and susceptible features such as seams and cables are crucial details to consider.

PRESENTER:

...

23:22

Hackers spread Android spyware through Facebook using Fake profiles "IndyWatch Feed Tech"

By Waqas

The Android spyware was used to steal personal data of

This is a post from HackRead.com Read the original post: Hackers spread Android spyware through Facebook using Fake profiles

23:21

[SECURITY] CVE-2017-15696 Apache Geode configuration request authorization vulnerability "IndyWatch Feed Tech"

Posted by Anthony Baker on Feb 22

CVE-2017-15696 Apache Geode configuration request authorization vulnerability

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected: Apache Geode 1.0.0 through 1.3.0

Description:
The Geode configuration service does not properly authorize
configuration requests. This allows an unprivileged user who gains
access to the Geode locator to extract configuration data and
previously deployed application code.

Mitigation:...

22:55

New WALK-MAN Robot Is Slimmer, Quicker, Better at Quenching Your Flames "IndyWatch Feed Tech"

A lighter and more efficient redesign of IIT's disaster robot can fight industrial fires Photo: IIT/WALK-MAN Project

Since the DARPA Robotics Challenge Finals in June of 2015, roboticists at the Italian Institute of Technology (IIT) have been working to improve the capabilities of their custom made humanoid disaster robot, WALK-MAN. WALK-MAN is part of a much larger European Commission-funded project, which involves a variety of research institutes and universities all contributing to the development of different aspects of the robot, from simulation to perception to locomotion to manipulation.

After a solid five years of work, the WALK-MAN project is now at its final validation phase, and its gotten one last major upgrade to help it prepare to be helpful in the disasters were certain to have in the future.

With less mass to haul around, especially upper body mass, the robot is now faster, more dynamic, and better able to balance itself, all very important things for moving around the sorts of disaster areas its intended for. The upper body actuators are new as well, and even with a smaller battery, improved efficiency means that WALK-MAN can operate for about 2 hours on a 1 kWh battery.

WALK-MAN humanoid robot from IIT Photo: IIT

To demonstrate the robots new capabilities, WALK-MAN took part in a validation scenario representing an industrial plant damaged by an earthquake, where gas leaks and fire are present. Not somewhere youd want to send a human into, which is the whole point of robots like these.

...

22:50

Chrome and Firefox Block Torrentz2 Over Harmful Programs "IndyWatch Feed Tech"

For the past few hours, Chrome and Firefox users have been unable to access Torrentz2.eu without running into a significant roadblock.

Instead of the usual torrent search box, visitors to the meta-search engine now see an ominous red warning banner when they try to find a torrent.

The site ahead contains harmful programs, Google Chrome informs its users.

Attackers on torrentz2.eu might attempt to trick you into installing programs that harm your browsing experience (for example, by changing your homepage or showing extra ads on sites you visit), the warning adds.

Mozillas Firefox browser displays an equally worrying message.

Firefoxs Torrentz2 warning

These warning messages are triggered by Googles Safebrowsing algorithm which flags websites that pose a potential danger to visitors. Chrome, Firefox, and others use this service to prevent users from running into unwanted software.

Usually, these warnings are the result of malicious ads, but here thats less apparent. The operator of Torrentz2 informs us that he only advertises a VPN at the moment, which is by no means malicious.

According to Googles Safebrowsing report, however, Torrentz2 is flagged for installing unwanted or malicious software on visitors computers.

TorrentFreak previously learned from another site admin that Google also flags social engineering attempts. That is, for example, when users are tricked by false claims to take a certain action.

Torrentz2s ad warned: Your Internet Provider is tracking your torrent activity! which in theory could fit this category, as ISPs generally dont keep track of users torrenting habits.

In any case, Chrome and Firefox users should be familiar with these intermittent warning notices by now. If users believe that an affected site is harmless they can always take steps (Chrome, FF) to bypass the blocks, but thats completely at their own risk.

For Torrentz2 a bypass is not going to help much at the moment. The torrent site is currently down due to hosting issues, whic...

22:26

The FCCs Net Neutrality Order Was Just Published, Now the Fight Really Begins "IndyWatch Feed Tech"

Today, the FCCs so-called Restoring Internet Freedom Order, which repealed the net neutrality protections the FCC had previously created with the 2015 Open Internet Order, has been officially published. That means the clock has started ticking on all the ways we can fight back.

First, under the Congressional Review Act (CRA), Congress can reverse a change in regulation with a simple majority vote. That would bring the 2015 Open Internet Order back into effect. Congress has 60 working daysstarting from when the rule is published in the official recordto do this. So those 60 days start now.

The Senate bill has 50 supporters, only one away from the majority it needs to pass. The House of Representatives is a bit further away. By our count, 114 representatives have made public commitments in support of voting for a CRA action. Now that time is ticking down for the vote, tell Congress to save the existing net neutrality rules.

Second, it is now unambiguous that the lawsuits of 22 states, public interest groups, Mozilla, and the Internet Association can begin. While the FCC decision said lawsuits ha...

22:19

Links 22/2/2018: Qt Roadmap for 2018, Calculate Linux 17.12.2 "IndyWatch Feed Tech"

GNOME bluefish

Contents

GNU/Linux

  • Server

    • State of Linux Containers

      In this video from the Stanford HPC Conference, Christian Kniep from Docker Inc. presents: State of Containers.

      This talk will recap the history of and what constitutes Linux Containers, before laying out how the technology is employed by various engines and what problems these engines have to solve. Afterward, Christian will elaborate on why the advent of standards for images and runtimes moved the discussion from building and distributing containers to orchestrating containerized applications at scale. In conclusion, attendees will get an update on what problems still hinder the adoption of containers for distributed high performance workloads and how Docker is addressing these issues.

  • Kernel Space

    • Linux Adds CH341 GPIO

      There was a time when USB to serial hardware meant one company: FTDI. But today there are quite a few to choose from and one of the most common ones is the WCH CH341. Theres been support for these chips in Linux for a while, but only for use as a communication port. The device actually has RS232, I2C, SPI, and 8 general purpose I/O (GPIO) pins. [ZooBaB] took an out-of-tree driver th...

22:05

Would an ethical government surrender control of monetary policy? "IndyWatch Feed Tech"

Godfrey Bloom is a member of the British Parliament. His in-your-face style of educating and shocking his peers has made him a controversial politician. He has occasionally been escorted out of the assembled parliament because of his rowdy rhetoric.

Consider the video below. Bloom offers a critical, but simple and clear explanation of the Fractional Reserve banking system used in the US and Europe. This gets to the heart of the matter! [continue below video]

Conclusion (mine, and not Mr. Blooms): It is in the interest of governments to use a form of money that they cannot manipulate, print, spend, hide or lend without first earning, taxing or legitimately borrowing and then balancing the books, openly.

Bitcoin is such a currency. Any country that adopts an open source, permissionless, and completely transparent monetary instrument will demonstrate to citizens and taxpayers that they respect their constituents and that they commit to balance their books like any state, corporation, NGO or household.

Would an ethical government surrender control of its own monetary policy? H*ll, yes! This is how a government avoids rampant inflation and the burden of non-consensual debt to future generations. It is also how a government makes taxation, redistribution and spending transparent and accountable. It is how a government restores trust.

We have been raised with centuries of dogma that teach us to accept inflation, and a constantly escalating public debt. Sometimes, the path forward is not immediately obvious. But history doesnt lie. When trusted nations with large economies manipulate interest rates, borrow without a lender, or inflate a nation out of a crisis (what the US calls quantitative easing), the long term effect is certain to be no different than Argentina, Zimbabwe, Venezuela or Germany between the wars. It is a recipe for disaster. It places every citizen and their future children into debt-bondage.

Moving away from the Gold Standard in the 1970s was a risky maneuver. The risk was not abandoning a precious metal with intrinsic valuebut rather it placed the full faith and credit of our economy in the hands of transient politicians, rather than in a capped commodity with certain and immutable properties.

Bitcoin is the new gold. It is capped, transparent, open-source, vetted and without a mechanism for quick or covert manipulation (the US calls this raising the debt ceiling and they do it every few months!). We may not move to an economy based on Bitcoin today or tomor...

22:04

The Case Against Google "IndyWatch Feed Tech"

The Case Against Google: Critics say the search giant is squelching competition before it begins. Should the government step in?

[...] might have been surprised when headlines began appearing last year suggesting that Google and its fellow tech giants were threatening everything from our economy to democracy itself. Lawmakers have accused Google of creating an automated advertising system so vast and subtle that hardly anyone noticed when Russian saboteurs co-opted it in the last election. Critics say Facebook exploits our addictive impulses and silos us in ideological echo chambers. Amazon's reach is blamed for spurring a retail meltdown; Apple's economic impact is so profound it can cause market-wide gyrations. These controversies point to the growing anxiety that a small number of technology companies are now such powerful entities that they can destroy entire industries or social norms with just a few lines of computer code. Those four companies, plus Microsoft, make up America's largest sources of aggregated news, advertising, online shopping, digital entertainment and the tools of business and communication. They're also among the world's most valuable firms, with combined annual revenues of more than half a trillion dollars.

In a rare display of bipartisanship, lawmakers from both political parties have started questioning how these tech giants grew so powerful so fast. Regulators in Missouri, Utah, Washington, D.C., and elsewhere have called for greater scrutiny of Google and others, citing antitrust concerns; some critics have suggested that our courts and legislatures need to go after tech firms in the same way the trustbusters broke up oil and railroad monopolies a century ago. But others say that Google and its cohort are guilty only of delighting customers. If these tech leviathans ever fail to satisfy us, their defenders argue, capitalism will punish them the same way it once brought down Yahoo, AOL and MySpace.

[...] There's a loose coalition of economists and legal theorists who call themselves the New Brandeis Movement (critics call them "antitrust hipsters"), who believe that today's tech giants pose threats as significant as Standard Oil a century ago. "All of the money spent online is going to just a few companies now," says [Gary Reback] (who disdains the New Brandeis label)....

22:02

Made In Space Takes New Guinness World Record for Longest 3D Printed Part "IndyWatch Feed Tech"

In 2016, a new Guinness World Record was set for the largest object to be 3D printed in one piece. The ABS/carbon fiber composite tool was 3D printed in 30 hours, and measured 17.5 feet long, 5.5 feet wide, and 1.5 feet tall. It was about as long as an average sport utility vehicle. The part was inarguably an impressive accomplishment but that long length cannot compare to what Made In Space just 3D printed.

Made In Space is known for some pretty impressive accomplishments already. The company was responsible for the first 3D printer to be launched into space, and has since created a full Additive Manufacturing Facility (AMF) on the International Space station. Plenty of firsts have been set by the AMF as 3D printed tools, medical supplies, art and more have been 3D printed in space, the first of their kind. Now Made In Space has claimed the Guinness World Record for longest non-assembled 3D printed object, and its a lot longer than an SUV its 37.7 meters, or 123 feet, 8.5 inches long.

...

22:01

[$] Some advanced BCC topics "IndyWatch Feed Tech"

The BPF virtual machine is working its way into an increasing number of kernel subsystems. The previous article in this series introduced the BPF Compiler Collection (BCC), which provides a set of tools for working with BPF. But there is more to BCC than a set of administrative tools; it also provides a development environment for those wanting to create their own BPF-based utilities. Read on for an exploration of that environment and how it can be used to create programs and attach them to tracepoints.

22:00

3D-Printed Parts Torture-Tested in Nitro Engine Briefly "IndyWatch Feed Tech"

Additive manufacturing has come a long way in a short time, and the parts you can turn out with some high-end 3D-printers rival machined metal in terms of durability. But consumer-grade technology generally lags the good stuff, so theres no way you can 3D-print internal combustion engine parts on a run of the mill printer yet, right?

As it turns out, you can at least 3D-print connecting rods, if both the engine and your expectations are scaled appropriately. [JohnnyQ90] loves his miniature nitro engines, which weve seen him use to power both a rotary tool and a hand drill before. So taking apart a perfectly good engine and replacing the aluminum connecting rod with a PETG print was a little surprising. The design process was dead easy with such a simple part, and the print seemed like a reasonable facsimile of the original when laid side-by-side. But there were obvious differences, like the press-fit bronze bearings and oil ports in the crank and wrist ends of the original part, not to mention the even thickness along the plastic part instead of the relief along the shaft in the prototype.

Nonetheless, the rod was fitted into an engine with a clear plastic cover that lets us observe the spinning bits right up to the inevitable moment of failure, which you can see in the video below. To us it looks like failing to neck down the shaft of the rod was probably not a great idea, but the main failure mode was the bearings, or lack thereof. Still, we were surprised how long the part lasted, and we cant help but wonder how a composite connecting rod would perform.

Still in the mood to see how plastic performs in two-stroke engines? Break out the JB Weld.

21:58

Mesmerizing Metasurface Manipulates Light "IndyWatch Feed Tech"

Theorized metasurface becomes real and so do the hopes of chip-scale optical processors Gif: P. Li/CIC nanoGUNE Illustration of waves propagating away from a point-like source. Left: Regular wave propagation. Right: Wave propagation on a hyperbolic metasurface. 

In these strange materials, light propagates with completely reshaped wavefronts than in typical surfaces, even other metasurfaces. The researchers believe that this new metasurface will enable greater control over light so that it can be used for creating increasingly smaller devices.

Metasurfaces enable the shortening of wavelengths of light below the diffraction limit, making it possible to design chip-sized devices that can manipulate light for information processing as well as shrink the sizes of devices based on traditional optics.

Traditionally, in these metasurfaces optical waves propagate away from the light source in circular and convex wavefrontslike the waves in a lake when a stone is thrown into it. The reason for this circular propagation of the wavefronts has to do with the medium they are traveling through. This uniformity in all directions means that the material is homogenous and isotropic.

Theories have predicted that one could structure the surface of a material so it would alter the propagation of these wavefronts. These surfacesdubbed hyperbolic metasurfaceswould only allow the waves to travel in certain directions (not uniformly in all directions) and travel in concave (as opposed to convex) wavefronts.

These strange wavefronts are called hyperbolic surface polaritons. Polaritons are quasiparticles that are part light (a photon) and part matter (an electron-hole pair, also known as an exciton) and are generated when light strikes particular types of material. Because the hyperbolic surface polaritons can be directed to propagate in specific directionsrather than in all directionsmany have speculated that their development should help to further miniaturize optical devices for sensing and signal processing.

21:42

You Dont Need a Personal Genetics Test to Take Charge of Your Health "IndyWatch Feed Tech"

That in-home DNA test wont tell you much about how to eat or exercise. Fortunately, you dont need it to.

21:22

Stealth space catapult startup SpinLaunch is raising $30M "IndyWatch Feed Tech"

What if instead of blasting cargo into space on a rocket, we could fling it into space using a catapult? Thats the big, possibly crazy, possibly genius idea behind SpinLaunch. It was secretly founded in 2014 by Jonathan Yaney, who built solar-powered drone startup Titan Aerospace and sold it to Google. Now TechCrunch has learned from three sources that SpinLaunch is raising a massive $30 million Series A to develop its catapult technology. And weve scored an interview with the founder after four years in stealth.

Sources whove spoken to the SpinLaunch team tell me the idea is to create a much cheaper and sustainable way to get things like satellites from earth into space without chemical propellant. Using a catapult would sidestep the heavy fuel and expensive booster rockets used by companies like SpaceX and Blue Origin.

SpinLaunch plans to use a centrifuge spinning at an incredible rate inside a vacuum that reduces friction. All that momentum is then harnessed to catapult a payload into space at speeds one source said could be around 3,000 miles per hour. With enough momentum, objects could be flung into space on their own. Alternatively, the catapult could provide some of the power needed with cargo being equipped with supplemental rockets necessary to leave earths atmosphere.

21:22

Wilbur Ross: Moon Should Be a Gas Station for Outer Space "IndyWatch Feed Tech"

How else will astronauts get a Big Gulp on their way to Mars?

21:15

OneMoreVote is needed to save net neutrality "IndyWatch Feed Tech"

We at the Free Software Foundation (FSF) value net neutrality for many reasons, and we know it's necessary for a free Web and the future of free software.

Protecting net neutrality in the United States is one of the most important issues facing digital rights activists and advocates here. After the Federal Communication Commission (FCC) shamefully revoked the common carrier classification of Internet Service Providers (ISPs) -- the closest thing to pro-net neutrality laws that we had at a national level -- members of Congress finally took notice and started working on a Congressional Review Act (CRA). A CRA allows Congress to vote to overturn a policy decision, like the FCC's reclassification of ISPs.

In order for a CRA to work, a simple majority of Senators and Representatives need to support it -- which means 51 Senators. We currently have 50 Senators pledging to support net neutrality. We need one more.

This February 27th, the Internet is coming together to support the CRA, and we need you to join.

We urge you to call your Senator. Information about contacting your Senator is available on the Senate Web site.

Not sure what to say? Try the following:

I'm a voter/resident in your district, and I am concerned about the future of the internet. Net neutrality is necessary for a free Web. I hope you will support the CRA to overturn the FCC's decision on ISPs as common carriers.

After you call, share on social media. We prefer GNU social and Mastodon -- if your social media supports hashtags, use #NetNeutrality and #OneMoreVote. Don't forget to tag @fsf and let us know!

Want some bonus points? There are more than 100 members from the House of Representatives supporting the CRA. We need 218 to step up for a free Web. Call your Representative and ask them to save net neutrality and vote for the CRA.

You can find your Representative online.

Thank you for everything you do for free software, the FSF, and net neutrality. We're looking forward to hearing from you on the 27th!

21:04

Proposed Exomoon Defies Formation Theories "IndyWatch Feed Tech"

The mysterious object could be the first moon found beyond our solar systemor something else entirely.

21:03

Hackers exploit Teslas cloud systems to mine cryptocurrency "IndyWatch Feed Tech"

Hackers Hijack Teslas AWS servers, Use It To Mine Cryptocurrency

Tesla, the electric car manufacturer based in Palo Alto, California, is the latest victim of crypto-mining malware that allowed the hackers to covertly mine cryptocurrency an attack known as crypto-jacking.

Researchers from the RedLock Cloud Security Intelligence (CSI) team discovered the breach on Tesla-owned Amazon cloud account last month and alerted the car manufacturer. The CGI security researchers came across the breach while trying to find out which organization left credentials for an Amazon Web Services (AWS) account open to the public Internet. The owner of the account happened to be Tesla, they said.

We werent the first to get to it, Varun Badhwar, CEO and co-founder of RedLock, told Fortune in a phone conversation. Clearly, someone else had launched instances that were already mining cryptocurrency in this particular Tesla environment.

The CGI researchers in their February 2018 Cloud Security Trends report said that the anonymous hackers infiltrated Teslas Kubernetes console (an open source system originally designed by Google to manage applications) that was not password protected and exposed access credentials to Teslas Amazon Web Services (AWS) environment.

The exposed Tesla AWS contained an Amazon Simple Storage Service (S3) bucket, which stored sensitive data such as telemetry, mapping, and vehicle servicing data, RedLock researchers stated. Once the hackers gained access to Teslas cloud servers, they installed cryptocurrency mining software called Stratum to mine cryptocurrencies and configured the malicious script to connect to an unlisted or semi-public endpoint. They then began cryptomining by obscuring the true IP address of the mining pool server behind Cloudflare and kept the CPU usage low to evade detection.

In Teslas case, the cyber thieves gained access to Teslas Kubernetes administrative console, which exposed access credentials to Teslas AWS environment, RedLock says. Those credentials provided unfettered access to non-public Tesla information stored in Amazon Simple Storage Service (S3) buckets.

Last year, RedLock had published a report that said that 53% of organizations using cloud storage services such as Amazon had accidentally exposed these to the public, with hundreds leaking credentials through services such as Kubernetes.

The CGI researchers said they are not certain of the type and the value of currency mined using the stolen power. They were also uncertain as to how long the intruders had access.

...

21:03

Programming a DNA Clock "IndyWatch Feed Tech"

Engineers have created a DNA-based chemical oscillator, opening the door to molecular computing.

21:03

Bigelow Aerospaces new company will find customers for its space habitats "IndyWatch Feed Tech"

Bigelow Aerospace the Las Vegas-based company manufacturing space habitats is starting a spinoff venture aimed at managing any modules that the company deploys into space. Called Bigelow Space Operations (BSO), the new company will be responsible for selling Bigelows habitats to customers, such as NASA, foreign countries, and other private companies. But first, BSO will try to figure out what kind of business exists exactly in lower Earth orbit, the area of space where the ISS currently resides.

Bigelow makes habitats designed to expand. The densely packed modules launch on a rocket and then inflate once in space, providing more overall volume for astronauts to roam around. The company already has one of its prototype habitats in orbit right now: the Bigelow Expandable Activity Module, or BEAM, which has been attached to the International Space Station since 2016. The BEAM has proven that Bigelows expandable habitat technology not only works, but also holds up well against the space environment.

21:03

How to build a human brain "IndyWatch Feed Tech"

Organoids, made from human stem cells, are growing into brains and other miniorgans to help researchers study development.

21:00

Photovoltaics in Satellites "IndyWatch Feed Tech"

The first satellite powered by the sun was sent into orbit 50 years ago this month. Photovoltaics have progressed much since then, but the progress has been slower than many people realize Photo-illustration: Stuart Bradford

illustration Photo-illustration: Stuart Bradford

Sixty years ago this month, a rocket lifted off from Cape Canaveral bearing the Vanguard 1 satellite, a small, 1.46-kilogram aluminum sphere that was the first to use photovoltaic cells in orbit.

As a safeguard, one of the satellites two transmitters drew power from mercury batteries, but they failed after just three months. The six monocrystalline silicon cells, each roughly 5 centimeters on a side and delivering a total of just 1 watt, kept on powering a beacon transmitter for 14 months, until May 1964.

It happened in space because cost was no object. In the mid-1950s, PV cells ran about US $300 per watt. The cost fell to about $80/W in the mid-1970s, to $10/W by the late 1980s, to $1/W by 2011, and to about 40 cents per watt in 2017. Thats enough to bring the total system costfor installations with single-axis trackingclose to $1/W. Forecasts indicate that the cost will fall by as much as 60 percent further by 2025.

But the anniversary of the launch reminds us that it has taken quite a while to get to this point. Edmond Becquerel first described the photovoltaic effect in 1839 in a solution, and William Adams and Richard Day discovered it in 1876 in selenium. Commercial opportunities opened up only when the silicon cell was invented at Bell Telephone Laboratories, in 1954. Even then, the cost per watt remained around $300, and except for use in a few toys, PVs were just not practical.

It was Hans Zie...

20:41

Trend Micro fixes serious vulnerabilities in Email Encryption Gateway "IndyWatch Feed Tech"

Trend Micro has plugged a bucketload of vulnerabilities in its Email Encryption Gateway, some of which can be combined to execute root commands from the perspective of a remote unauthenticated attacker. The Trend Micro Encryption for Email Gateway (TMEEG) is a Linux-based software solution/virtual appliance that provides the ability to perform the encryption and decryption of email at the corporate gateway, regardless of the email client and the platform from which it originated. The encryption More

20:33

Twitter Bot Purge Causes Outcry as Follower Counts Fall "IndyWatch Feed Tech"

According to Ars Technica

A number of "alt-right," pro-Trump, and self-described conservative social media personalities awoke this morning to find that they had a lot fewer followers on Twitter than they had the night before. The apparent cause was the latest culling by Twitter of accounts that in some way violated the company's terms of service, a Twitter spokesperson told Ars, including "behaviors that indicate automated activity or violations of our policies around having multiple accounts, or abuse." The sweep has some on the right accusing Twitter of politically motivated censorship.

"Twitter's tools are apolitical, and we enforce our rules without political bias," a Twitter spokesperson said in a statement emailed to Ars. The accounts were targeted as part of "our ongoing work in safety," the spokesperson said. "We also take action on any accounts we find that violate our terms of service, including asking account owners to confirm a phone number so we can confirm a human is behind it. That's why some people may be experiencing suspensions or locks. This is part of our ongoing, comprehensive efforts to make Twitter safer and healthier for everyone."

And at Vanity Fair:

Renewed fears of censorship have once again led some users to talk about leaving to join Gab, the so-called free-speech social network that cropped up in 2016 as an alternative to Twitter. And Gab couldn't be more pleased. Utsav Sanduja, the company's chief operating officer, told me on Wednesday that the company had seen "a surge of donations, Gab memberships, [and] user sign-ups" since Tuesday night.


Original Submission

Read more of this story at SoylentNews.

20:31

Google discloses high-severity exploit in Windows 10 before its patched "IndyWatch Feed Tech"

Google reveals unpatched security vulnerability in Microsofts Edge browser

Googles Project Zero team of security researchers disclosed a high-severity vulnerability it found in Microsofts Edge browser after the company failed to patch it within the allotted time of 90 days. The vulnerability can allow an attacker to gain administrator privileges if exploited.

For those unfamiliar, Project Zero is a team of security analysts employed by Google to find zero-day vulnerabilities before they are found and exploited by malicious people. On finding and disclosing the vulnerability to the relevant company, Google gives them 90 days to fix the issue. However, if the company fails to issue a patch within the specified time period, the Project Zero team discloses the vulnerability to the public so that users can protect themselves by taking necessary steps.

This most recent vulnerability was identified by James Forshaw, a Google Project Zero researcher, who disclosed it to Microsoft on November 10 as part of a separate security issue with Windows 10. Apparently, there are actually two bugs in this vulnerability, named 1427 and 1428. While Microsoft addressed the bug 1427 with its Februarys Patch Tuesday release earlier this month, as it found it to be more critical. However, it chose to leave the other bug 1428 untouched, as it says its not a critical vulnerability.

Currently, the issue has been listed as high-severity by Google because of its ease of exploitation. However, since the latest elevation of privilege flaw in Windows 10 cannot be exploited remotely or in browsers that run in a sandbox, Microsoft has categorized it as important rather than critical. Forshaw points outs that the flaw only affects Windows 10 and he hasnt verified whether it works on earlier versions, like Windows 7 or 8.1.

When Neowin contacted Microsoft for clarification regarding the security flaw, they responded by saying, Windows has a customer commitment to investigate reported security issues, and proactively update impacted devices as soon as possible.

Only last week, Googles Project Zero had revealed a...

20:30

Skull Cane Proves Bondo Isnt Just for Dents "IndyWatch Feed Tech"

[Eric Strebel] is quickly becoming a favorite here at Hackaday. Hes got a fantastic knack for turning everyday objects into something awesome, and hes kind of enough to document his builds for the viewing pleasure of hackers and makers everywhere. It also doesnt hurt that his voice and narration style gives us a real Bob Ross vibe.

The latest Happy Accident out of his workshop is a neat light-up cane made from a ceramic skull found at a local store. But while the finished cane itself might not be terribly exciting, the construction methods demonstrated by [Eric] are well worth the price of admission. Rather than using Bondo like the filler were all accustomed to, he shows how it can be used to rapidly build free-form structures and components.

After building up layers of Bondo, he uses a cheese grater to smooth out the rough surface and a hobby knife to clean up the edges. According to [Eric], one of the benefits of working with Bondo like this is that its very easy to shape and manipulate before it fully hardens; allowing you to really make things up as you go.

[Eric] also shares a little secret about how he makes his gray Bondo: he mixes some of the toner from a laser printer cartridge into it. This allows you to very cheaply augment the color of the filler, and is definitely something to...

20:06

Hackers compromised a Tesla Internal Servers with a Cryptocurrency miner "IndyWatch Feed Tech"

Cloud security firm RedLock discovered that hackers have compromised the Tesla cloud computing platform to mine cryptocurrency.

Tesla has confirmed that hackers have compromised its cloud computing platform to mine cryptocurrency, after the incident was discovered by cloud security firm RedLock.

The hackers have breached the Tesla cloud servers and have installed a crypto currency miner, the company fixed the issue exploited by the hackers within hours.

The attackers gained access to the Teslas Amazon Web Services environment on a Kubernetes console that was reportedly not password-protected. The console is used by companies to manage the infrastructure deployed on the cloud hosting providers.

According to RedLock, the hackers discovered log-in details to Teslas Amazon Web Services environment on a Kubernetes console a system originally designed by Google to manage applications. The console was reportedly not password-protected. states the BBC.

RedLock experts discovered a pod inside the Kubernetes console that stored login credentials for one of Teslas AWS cloud infrastructure.

The security breach happened in 2017, according to the company no customer data had been stolen.

Our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way, said a Tesla spokesman.

According to RedLock, the exposed AWS buckets contained sensitive information, including telemetry data.

The hackers had infiltrated Teslas Kubernetes console which was not password protected. Within one Kubernetes pod, access credentials were exposed to Teslas AWS environment which contained an Amazon S3 (Amazon Simple Storage Service) bucket that had sensitive data such as telemetry. reads a blog post published by RedLock.

...

19:32

review of LibVNCServer/vncterm proxmox/vncterm proxmox/spiceterm xenserver/vncterm qemu/ui/console.c "IndyWatch Feed Tech"

Posted by Solar Designer on Feb 22

Hi,

Well, this is not a proper review. Rather, I just took a quick look at
more of these today.

Turns out there are at least 3 (sub-)projects named vncterm, and
apparently they aren't even forks of each other: there's a vncterm that
used to be part of LibVNCServer and is now maintained in a nearby repo,
another vncterm in xenserver derived from QEMU's ui/console.c, and yet
another one in proxmox. There's also spiceterm in...

19:30

Windows 10 WSL vs. Linux Performance For Early 2018 "IndyWatch Feed Tech"

Back in December was our most recent round of Windows Subsystem for Linux benchmarking with Windows 10 while since then both Linux and Windows have received new stable updates, most notably for mitigating the Spectre and Meltdown CPU vulnerabilities. For your viewing pleasure today are some fresh benchmarks looking at the Windows 10 WSL performance against Linux using the latest updates as of this week while also running some comparison tests too against Docker on Windows and Oracle VM VirtualBox.

19:11

How to protect your browser from Unicode domain phishing attacks "IndyWatch Feed Tech"

How to protect your browser from Unicode domain phishing attacks

Phishers and other online crooks are taking advantage of Unicode domain names in their pursuit of your passwords and other sensitive information. Here's a simple way to protect yourself.

19:07

Former Comcast call center employees allege culture of sexual harassment: report "IndyWatch Feed Tech"

Women working at several Comcast offices have described experiencing sexual harassment from their co-workers that often was ignored or mishandled by the company, reports Jezebel.One former employee at a Comcast center in Washington, D.C.,...

19:03

Cisco Projects Major Shift to the Cloud by 2021 "IndyWatch Feed Tech"

An Anonymous Coward provides the following news from this Cisco white paper:

Hyperscale data centers will grow from 338 in number at the end of 2016 to 628 by 2021. They will represent 53 percent of all installed data center servers by 2021.

Traffic within hyperscale data centers will quadruple by 2021. Hyperscale data centers already account for 39 percent of total traffic within all data centers and will account for 55 percent by 2021.

Annual global data center IP traffic will reach 20.6 Zettabytes (ZB) (1.7 ZB per month) by the end of 2021, up from 6.8 ZB per year (568 exabytes [EB] per month) in 2016.

Global data center IP traffic will grow 3-fold over the next 5 years. Overall, data center IP traffic will grow at a Compound Annual Growth Rate (CAGR) of 25 percent from 2016 to 2021.

By 2021, 94 percent of workloads and compute instances will be processed by cloud data centers; 6 percent will be processed by traditional data centers.


Original Submission

Read more of this story at SoylentNews.

19:01

QuickBASIC Lives On with QB64 "IndyWatch Feed Tech"

When I got my first computer, a second hand 386 running MS-DOS 6.22, I didnt have an Internet connection. But I did have QuickBASIC installed and a stack of programming magazines the local library was throwing out, so I had plenty to keep myself busy. At the time, I thought QuickBASIC was more or less indistinguishable from magic. I could write simple code and compile it into an .exe, put it on a floppy, and give it to somebody else to run on their own machine. It seemed too good to be true, how could this technology possibly be improved upon?

Of course, that was many years ago, and things are very different now. The programming languages du jour are worlds more capable than the plodding BASIC variants of the 80s and 90s. But still, when I found a floppy full of programs I wrote decades ago, I couldnt help but wonder about getting them running again. With something like DOSBox I reasoned I should be able to install the QuickBASIC IDE and run them like I was back on my trusty 386.

Unfortunately, that was not to be. Maybe Im just not well versed enough in DOSBox, but I couldnt get the IDE to actually run any of the source code I pulled off the floppy. This was disappointing, but then it occured to me that modern BASIC interpreters are probably being developed in some corner of the Internet, and perhaps I could find a way to run my nearly 30 year old code without having to rely on 30 year old software to do it.

The...

18:53

Your Guide to Televisions Quantum-Dot Future "IndyWatch Feed Tech"

Move over, OLEDs. Quantum dots will be the next darling of display manufacturers Illustration: James Provost

img Illustration: Brandon Palacio

The future of the television set was supposed to be simple. At some point in the near future, LCDs were supposed to become obsolete and give way to bright, sharp, and incredibly thin OLED displays. It turns out that the near future of TVs isnt going to be so simplebut it sure is going to be bright.

The reason? Quantum dots. If youve shopped for a TV lately, youve probably been dazzled, or more likely perplexed, by the array of new acronyms being splashed around by the best-known TV makers. Perhaps youve wondered what they mean by QD, QUHD, SUHD, and ULED. Were here to help. Each of these trade names refers to a quantum-dot technology available today. Well explain the different approaches as well as other ways quantum dots will be used in future television displays. Even if youve had your heart set on an OLED TV, we think youll find the coming world of very-high-performance quantum-dot displays appealing. For one thing, this emerging technology is going to finally make possible the printable, rollable, and wallpaper-ready televisions that weve all been promised for the past 20 years.

But to understand how televisions are going to make this, er, quantum leap, first consider why people are using quantum dots for TVs in the first place.

At just a few nanometers in diameter, a...

18:24

Re: LibVNCServer rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length "IndyWatch Feed Tech"

Posted by Solar Designer on Feb 22

As I just wrote in a comment to the GitHub issue above:

There's another issue I had missed: the first rfbReadExact() reading the
msg header is only checked for <= 0, but that doesn't catch a partial
read e.g. on a prematurely closed connection. The same issue is present
all over the codebase. I guess "Exact" in the name was understood
literally, but the function doesn't guarantee that when a lower-level
read() or...

18:00

Transforming Robotic Steering Wheel Is a Reminder That Your Car Needs You "IndyWatch Feed Tech"

A steering wheel that pretends to bite you could make more advanced autonomous cars safer to drive Photo: Brian Mok

Most of the autonomous vehicles that youre likely to encounter in the near future are either Level 2 or Level 4 autonomous. Level 2, which youll find in a Tesla on the highway, means that the car drives itself in specific situations but expects you to be paying attention the entire time. Level 4 you might see in some experimental fully autonomous vehicles: They can drive themselves in specific areas when the conditions are good, and, like taxis, you sit in the back while they do all the driving no matter what happens.

Theres a reason that automotive companies have mostly skipped Level 3 autonomy: It puts a human in the loop sometimes, which is way worse than having a human in the loop either all of the time or not at all. To help us help our cars make safe, prompt transitions in and out of intermediate autonomous modes, researchers from Stanford University are experimenting with a robotic steering wheel that can physically transform, giving you a cute little nudge to help you pay attention when necessary.

At Level 3, an automated driving system is expected to be able to handle all aspects of a driving task in a specific driving mode such as on the highway, except when it cant, at which point it will rely on the human driver to respond appropriately to a request to intervene.

The problem here is that the system tells the human, okay, you can chill out and not pay attention at all because I got this, except you need to be able to focus on the road with very little warning whenever I think I might be getting into trouble. Humans are bad at these types of situations. Studies have shown that we dont reliably shift our attention (or, lets be honest, wake up) quickly enough to make a safe transition back to driving. Research has shown that most drivers need between 5 and 8 seconds to make the switch from doing whatever to competently controlling a car. That is a very long timeand distanceat 70 miles per hour (115 km/h).

Part of the problem is that conventional cues such as sounds or flashing lights arent always effective at communicating whether the car is driving itself or it expects you to be in command, and any ambiguity during these transitions can be dangerous. Other tricks like vibrating seats help somewhat. But the Stanford researchers are testing whether an actuated, transforming steering wheel can help even more....

17:55

Re: [CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5 "IndyWatch Feed Tech"

Posted by Justin Bull on Feb 22

Apologies. This fails to account for a non-trivial scenario.

Any software using Doorkeeper that has generated its own custom views[0]
requires manual work to verify there's no explicit HTML in the
`client_name` and `native_redirect_uri` field values.

This has been updated in the bulletin's Fix section[1].

[0]: https://github.com/doorkeeper-gem/doorkeeper/wiki/Customizing-views
[1]:...

17:54

Bell Asks Employees to Back Pirate Site Blocking Plan "IndyWatch Feed Tech"

Last month, a coalition of Canadian companies called on the local telecom regulator CRTC to establish a local pirate site blocking program, which would be the first of its kind in North America.

The Canadian deal is supported by Fairplay Canada, a coalition of both copyright holders and major players in the Telco industry, such as Bell and Rogers, which also have media companies of their own.

Thus far, theres been a fair amount of opposition to the proposal. While CTRC is reviewing FairPlay Canadas plans, OpenMedia has launched a petition to stop the effort in its tracks, which has already been signed by tens of thousands of Canadians.

However, there are also people who are backing the blocking efforts. In some cases, with a gentle push from their employer.

Canadian law Professor Micheal Geist, whos one of the most vocal opponents of the blocking plans, recently tweeted a note Bell sent to its employees. Through an internal message, the ISP asks its workers to help stop online piracy and protect content creators.

Bells internal message

The company clearly hopes that its employees will back the site-blocking agenda, but according to Geist, this may not be the best way to do it.

Geist points out that the internal message doesnt encourage employees to disclose their affiliation with Bell. This raises eyebrows, in particular, because Bell agreed to a $1.25 million settlement in 2015 after it encouraged some employees to write positive reviews and ratings on Bell apps.

In this case, the message has nothing to with app ratings, but its clear that the company is encouraging its employees to support a regulatory effort that serves Bells interests.

All Canadians can provide their views on the website blocking proposal, but corporate encouragement to employees to participate in regulatory processes on the companys behalf may raise the kinds of concerns regarding misleading impressions that sparked the Commissioner of Competition to intervene in 2015, Geists writes in a blog post....

17:52

SPIR-V Support For Gallium3D's Clover Is Closer To Reality "IndyWatch Feed Tech"

It's been a busy past week for open-source GPU compute with Intel opening up their new NEO OpenCL stack, Karol Herbst at Red Hat posting the latest on Nouveau NIR support for SPIR-V compute, and now longtime Nouveau contributor Pierre Moreau has presented his latest for SPIR-V Clover support...

17:52

Over 50,000 baby monitors can be hacked but its vendor is AWOL "IndyWatch Feed Tech"

By Waqas

Hacking baby monitors is nothing new but the fact that

This is a post from HackRead.com Read the original post: Over 50,000 baby monitors can be hacked but its vendor is AWOL

17:50

Blockchain Consultant Joshua Massey joins our New Money Systems Board. "IndyWatch Feed Tech"

Blockchain Consultant Joshua Massey joins our New Money Systems Board.

17:30

France Proposes Software Security Liability For Manufacturers, Open Source As Support Ends "IndyWatch Feed Tech"

It sometimes seems as though barely a week can go by without yet another major software-related hardware vulnerability story. As manufacturers grapple with the demands of no longer building simple appliances but instead supplying them containing software that may expose itself to the world over the Internet, we see devices shipped with insecure firmware and little care for its support or updating after the sale.

The French government have a proposal to address this problem that may be of interest to our community, to make manufacturers liable for the security of a product while it is on the market, and with the possibility of requiring its software to be made open-source at end-of-life. In the first instance it can only be a good thing for device security to be put at the top of a manufacturers agenda, and in the second the ready availability of source code would present reverse engineers with a bonanza.

Its worth making the point that this is a strategy document, what it contains are only proposals and not laws. As a 166 page French-language PDF its a long read for any Francophones among you and contains many other aspects of the French take on cybersecurity. But its important, because it shows the likely direction that France intends to take on this issue within the EU. At an EU level this could then represent a globally significant move that would affect products sold far and wide.

What do we expect to happen in reality though? It would be nice to think that security holes in consumer devices would be neutralised overnight and then wed have source code for a load of devices, but wed reluctantly have to say well believe it when we see it. It is more likely that manufacturers will fight it tooth and nail, and given some recent stories about devices being bricked by software updates at the end of support we could even see many of them willingly consigning their products to the e-waste bins rather than complying. Wed love to be proven wrong, but perhaps were too used to such stories. Either way this will be an interesting story to watch, and well keep you posted.

Merci beaucoup [Sebastien] for the invaluable French-language help.

French flag: Wox-globe-trotter [Public domain].

17:27

EU Parliaments Copyright Rapporteur Has Learned Nothing from Year-long Copyright Debate "IndyWatch Feed Tech"

Member of the European Parliament Julia Reda writes an update to what has been going on with with proposed changes to copyright law as they make their way from the European Commission and over to the European Parliament:

Ever since the European Commission presented its hugely controversial proposal to force internet platforms to employ censorship machines, the copyright world has been eagerly awaiting the position of the European Parliament. Today, the person tasked with steering the copyright reform through Parliament, rapporteur Axel Voss, has finally issued the text he wants the Parliament to go forward with.

It's a green light for censorship machines: Mr. Voss has kept the proposal originally penned by his German party colleague, former Digital Commissioner Gnther Oettinger, almost completely intact.

She walks through the following points to notice in the so-called compromise:

  • Obligation to license
  • The censorship machine is here to stay
  • A tiny problem with fundamental rights
  • Very specific general monitoring
  • A few exceptions
  • Critical parts remain unchanged

She closes with encouragement that it's not too late to stop the Censorship Machines:

Now it's time to call upon your MEPs to reject Mr. Voss' proposal! You can use tools such as SaveTheMeme.net by Digital Rights NGO Bits of Freedom or ChangeCopyright.org by Mozilla to call the Members of the Legal Affairs Committee free of charge. Or look for MEPs from your country and send them an email. But most importantly, spread the words! Ask you local media to report on this law. The Internet as we know it is at stake.

Source : Green light for upload filters: EU Parliament's copyright rapporteur has learned nothing from year-long debate
See also : Proposal for a Directive on Copyright in the Digital Single Market : Draft compromise [sic] amendments on Article 13 and corresponding recitals (warning for PDF)


Original Submission

...

16:47

FCC's net neutrality repeal published, opening door to opposition efforts "IndyWatch Feed Tech"

The Federal Communications Commission's (FCC) order repealing net neutrality was published in the Federal Register Thursday morning, opening the door for supporters of the Obama-era rules to launch legislative and legal challenges.The...

16:42

3D bioprinting center of excellence launched by AMBER and Johnson & Johnson "IndyWatch Feed Tech"

Trinity College Dublin (TCD), in Ireland, is to be the recipient of a new specialist 3D bioprinting facility supported by a collaboration between multinational medical device and pharmaceutical company Johnson & Johnson, and the AMBER research center.

With preparations beginning in the first quarter of this year, the new 3D bioprinting laboratory is due to be opened by the close of 2018.

Professor Michael Morris, AMBER director, comments.

16:21

The Community Has Brought The Unity 8 Desktop To Ubuntu 18.04 "IndyWatch Feed Tech"

Besides bringing Ubuntu Touch to new mobile devices, the UBports team has also managed to continue their community-driven work on advancing the Unity 8 convergence desktop after Canonical abandoned work on it last year. They now have Unity 8 working on top of Ubuntu 18.04 LTS...

16:20

Intel releases Spectre 2 microcode updates for Kaby Lake, Coffee Lake, Skylake "IndyWatch Feed Tech"

Intel has released to OEMs a new set of Spectre firmware updates. They include microcode for Kaby Lake, Coffee Lake, and Skylake processors. This represents our 6th, 7th, and 8th Generation Intel Core product lines as well as our latest Intel Core X-series processor family. It also includes our recently announced Intel Xeon Scalable and Intel Xeon D processors for data center systems, Navin Shenoy, general manager of the Data Center Group at Intel Corporation, More

16:19

Linux LAN Routing for Beginners: Part 1 "IndyWatch Feed Tech"

Title: 
Linux LAN Routing for Beginners: Part 1

16:08

[SECURITY] [DSA 4121-1] gcc-6 security update "IndyWatch Feed Tech"

Posted by Moritz Muehlenhoff on Feb 22

-------------------------------------------------------------------------
Debian Security Advisory DSA-4121-1 security () debian org
https://www.debian.org/security/ Moritz Muehlenhoff
February 22, 2018 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : gcc-6
CVE ID : not applicable

This update...

16:00

Mechanisms: Mechanical Seals "IndyWatch Feed Tech"

On the face of it, keeping fluids contained seems like a simple job. Your fridge alone probably has a dozen or more trivial examples of liquids being successfully kept where they belong, whether its the plastic lid on last nights leftovers or the top on the jug of milk. But deeper down in the bowels of the fridge, like inside the compressor or where the water line for the icemaker is attached, are more complex and interesting mechanisms for keeping fluids contained. Thats the job of seals, the next topic in our series on mechanisms.

Packing it In

One of the simplest seals is packing, or compressing some sort of flexible material into a space to control the flow of a fluid. Packing probably dates to at least the time when humans began making boats more complicated than a simple dugout canoe, in response to the fact that its really difficult to keep water from leaking between two pieces of wood. Ship seams have been caulked with fibers like hemp and cotton soaked in pitch or tar for millennia.

Marine propeller shaft stuffing box. The gland compresses the seals against the shaft, controlling water flow into the bilge. Source: Engineman 1 & C

A more complex seal, in the form of a s...

15:57

President Erdogan Says Turkey Will Produce Unmanned Tanks "IndyWatch Feed Tech"

Turkey aims to produce unmanned tanks: Erdoan

Turkey is targeting the production of unmanned tanks for its armed forces, President Recep Tayyip Erdoan has stated. "We will carry it a step further [after domestically produced unmanned aerial vehicles] ... We should reach the ability to produce unmanned tanks as well. We will do it," Erdoan said at a meeting held at the presidential complex in Ankara on Feb. 21.

Five Turkish soldiers were recently killed in a tank near the Sheikh Haruz area of Syria's Afrin district, where Turkey has been carrying on a military operation against the People's Protection Units (YPG) since Jan. 20.

[...] The Turkish president has repeatedly criticized certain foreign countries for allegedly being reluctant to sell unmanned aerial vehicles, armed or unarmed, stressing that unmanned systems could decrease casualties.

Also at ABC.

Related: U.N. Starts Discussion on Lethal Autonomous Robots
UK Opposes "Killer Robot" Ban


Original Submission

Read more of this story at SoylentNews.

15:54

The Global cost of cybercrime jumped up to $600 Billion "IndyWatch Feed Tech"

The tech giants McAfee and Cisco published to reports that providers further info about the global impact of cybercrime.

Which is the cost of cybercrime? It is hard to provide an effective a good estimation of the overall impact of the numerous phenomena that happen every day, including cyber attacks, data breaches, scams and so on.

The tech giants McAfee and Cisco published to reports that providers further info about the global impact of cybercrime.

According to the report was written by McAfee in collaboration with the Center for Strategic and International Studies (CSIS), the global cost is estimated at $600 billion annually, a disconcerting figure that corresponds to 0.8% of the global GDP. The value is jumped from  $500 billion in 2014 to $600 billion (+20%).

In 2014, taking into account the full range of costs, CSIS estimated that cybercrime cost the world between $345 billion and $445 billion. As a percentage of global GDP, cybercrime cost the global economy 0.62% of GDP in 2014. Using the same methods, CSIS now believe the range is now between $445 billion and $600 billion. states the report.

The jump is mainly caused by the significant increase of theft of intellectual property and business confidential information, intellectual property theft accounts for at least 25% of overall cybercrime costs.

The cost of cybercrime is distributed among all the countries of the world, no one is immune. The report shows variations by region, that are linked to income levels and level of cybersecurity maturity, the countries with greater losses are the richest ones.

cost of cybercrime 2017

According to the report, Russia leads cybercrime activities worldwide, the reports also highlighted the thin line between crime rings and nation-state actors.

CSIS believes that Russia leads overall in cybercrime, reflecting the skill of its hacker communit...

15:38

Electric ride share scooters spy on your face and much more "IndyWatch Feed Tech"


A recent article in CNN reveals that Santa Monica, California became the first city in America to have an electric scooter-share system.

A start-up company created by former Uber and Lyft executive Travis VanderZanden, called Bird allows residents to rent electric scooters.

But a closer look at Bird's User Agreement and Privacy Policy reveals Bird does much more than allow residents to rent a scooter.

Bird's Privacy Policy reveals how they may disclose your personal information to data mining companies.

"Bird may disclose aggregate and other data about Riders in accordance with applicable law, including, without limitation, general latitude and longitude data for Rider addresses (provided this would not allow any individuals address to be separately identified). In addition, Bird may disclose individual data to a third party upon Riders express permission and consent (e.g. enrollment in a study)."

And just like smart meter parking apps, Bird will turn over all of your personal information to law enforcement "based on their good-faith belief that such action is necessary".

Bird's rental app also reveals that they use Google Analytics which sells your information to third-party advertising companies.

If you think that it could not get any worse, guess again.

Riders of electric scooters have no rights to their image or likeness

Every Bird rider gives up their right to their image or likeness!

"You do hereby knowingly, voluntarily, and irrevocably: (1) give Your full and unconditional consent to Bird and its affiliates, successors, and assigns to use at any time and from time to time, without any restriction, Your appearance and voice in photographs, videos, and other recordings related to Your use of the Services, on all websites and for all press, promotional, advertising, publicity, and other commercial purposes, including all formats and media, whether now known or hereafter devise...

15:37

What if defenders could see the future? Many clues are out there "IndyWatch Feed Tech"

Malware sophistication is increasing as adversaries begin to weaponize cloud services and evade detection through encryption, used as a tool to conceal command-and-control activity. To reduce adversaries time to operate, security professionals said they will increasingly leverage and spend more on tools that use AI and machine learning, reported in the 11th Cisco 2018 Annual Cybersecurity Report (ACR). While encryption is meant to enhance security, the expanded volume of encrypted web traffic (50 percent as More

15:32

Security updates for Thursday "IndyWatch Feed Tech"

Security updates have been issued by Arch Linux (strongswan), Fedora (torbrowser-launcher), openSUSE (libdb-4_5, libdb-4_8, postgresql96, python3-openpyxl, and xv), Red Hat (rh-maven35-jackson-databind), and Ubuntu (kernel, libreoffice, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-azure, linux-gcp, linux-oem, and linux-lts-xenial, linux-aws).

15:30

UV Gadgets and Virtual Docs Take On a Very Bad Flu Season "IndyWatch Feed Tech"

Flu fighting gets an injection of high tech Photo: iStock Photo

Hand sanitizer just isnt cutting it this winter. Much of the US remains in the throws of its worst flu season this decade, according to federal officials. One out of every 13 doctor visits during the second week of February was for fever, cough and other flu-like symptoms, matching the peak levels during the 2009 swine flu pandemic, the US Centers for Disease Control and Prevention (CDC) reported this month .

We wondered if there was any new technology out there that might help. It turns out some engineers are on it, with new software and sanitizing gadgets. In the hope that it might inspire further ingenuity or provide a resource for consumers, heres our short list of the latest trends in flu fighting tech.

1. Far-UVC light kills airborne viruses without harming human tissue

For those of you sitting at your desks, listening to your office mates sneeze their way down the corridors, take heart: Researchers at Columbia University are developing overhead lights that can kill airborne viruses and bacteria, harmlessly decontaminating the space around you. 

The lights emit a narrow spectrum of ultraviolet C (UVC) light, called far-UVC, at a wavelength of about 222 nanometers. This month, a team out of Columbia University Medical Center reported for the first time  that a very low dose of far-UVC light kills more than 95% of airborne H1N1 influenza in its path. 

Yet the light doesnt harm mammalian cells, according to previous research by the Columbia team, led by David Brenner and David Welch. It can penetrate bacteria and viruses because they are much smaller, says Welch. 

Far-UVC differs from conventional UVC light, which, at a wavelength of 254 nanometers, can penetrate human skin can lead to skin cancer and cataracts. Conventional UVC germicidal light has been used for decades in enclosed spaces in hospitals to kill bacteria and viruses on surgical equipment.  

The Columbia researchers next move is to test the effects of long-term exposure to far-UVC light in mice, and eventually in humans, Welch says. If the tech proves safe, the researchers envision installing the invisible lights in high traffic areas of doctors offices, hospitals, schools, airports and other public spaces. 

2. UV Gadgets Sanitize Personal It...

15:18

How General Electric Gambled on Fossil Fuel Power, and Lost "IndyWatch Feed Tech"

Disclosure: I sell solar power systems in New Zealand. Via: Reuters: Rather than rising, GE Powers profit fell 45 percent last year, forcing GE to slash its overall profit outlook and cut its dividend for only the second time since the Great Depression. Its shares have plunged more than 50 percent since the March []

15:17

Distribution Release: Calculate Linux 17.12.2 "IndyWatch Feed Tech"

Calculate Linux is a Gentoo-based rolling release distribution which is available in several desktop and server editions. The project's latest version, Calculate Linux 17.12.2, features fixes for the Spectre and Meltdown CPU bugs, restores functionality for LXC containers, permits renaming of network interfaces and makes it possible to....

15:00

How organizations are confronting escalating third-party cyber risk "IndyWatch Feed Tech"

Based on in-depth interviews with security executives from 30 participating organizations across multiple industries, RiskRecon revealed how companies are managing the security risks of their complex digital supply chains and sensitive business partnerships. Researchers identified vendor-neutral capability sets comprising common, emerging, and pioneering practices that firms have implemented to manage third-party security risk. Enterprise risk officers are waking up to the reality that their information risk increasingly resides in the systems of their third-parties, beyond More

15:00

ONS 2018: Networking Reimagined "IndyWatch Feed Tech"

For the past seven years, Open Networking Summit (ONS) has brought together the networking industrys ecosystem of network operators, vendors, open source projects, leading researchers, and investors to discuss the latest SDN and NFV developments that will shape the future of the networking industry. With this years event, taking place March 26-29, 2018 in Los Angeles, ONS will evolve its approach as the premier open source networking event.

14:40

NVIDIA Developer Posts Open-Source Tegra Support For Mesa - Tegra K1 & Newer "IndyWatch Feed Tech"

NVIDIA developer Thierry Reding on Wednesday posted a series of patches for providing NVIDIA Tegra support in Mesa in conjunction with the Nouveau DRM driver...

14:19

LA Times homicide website throttles cryptojacking attack "IndyWatch Feed Tech"

LA Times homicide website throttles cryptojacking attack

Whoever hacked the LA Times interactive county murder map probably hoped to make a killing mining cryptocurrency but swift action from a security researcher has put paid to their plans.

Read more in my article on the Tripwire State of Security blog.

14:12

Friendly warnings left in unsecured Amazon S3 buckets which expose private data "IndyWatch Feed Tech"

Ethical hackers are warning businesses who use Amazon S3 cloud storage if they have left data exposed for anyone to access by leaving friendly warnings on the servers.

Read more in my article on the We Live Security blog.

14:00

Why UX Practitioners Should Learn About SRE "IndyWatch Feed Tech"

Understanding reliability is an equally complex problem to understanding user needs and we still need to consider the usereven more important than poor reliability is the perception of poor reliability. That why its essential that balanced teams start involving UX researchers in the reliability research of their product as ultimately this is a tool for product design.

14:00

BEC scammers actively targeting Fortune 500 companies "IndyWatch Feed Tech"

Nigerian scammers are targeting Fortune 500 companies, and have already stolen millions of dollars from some of them, IBM Security researchers have found. Their strategy is well known: they take over or impersonate a trusted users email account to target companies that conduct international wire transfers, and trick accounts payable personnel into wiring money into bank accounts under their control. These so-called business email compromise (BEC) scams dont require much technical knowledge, malware or special More

13:46

Dutch Continue to Curb Illegal Downloading But What About Streaming? "IndyWatch Feed Tech"

After many years of downloading content with impunity, 2014 brought a culture shock to the Dutch.

Citizens were previously allowed to obtain content for their own use due to a levy on blank media that compensated rightsholders. However, the European Court of Justice found that system to be illegal and the government quickly moved to ban downloading from unauthorized sources.

In the four years that have passed since the ban, the downloading landscape has undergone change. Thats according to a study published by the Consumer Insights panel at Telecompaper which found that while 41% of respondents downloaded movies, TV shows, music and games from unauthorized sources in 2013, the figure had plunged to 27% at the end of 2016. There was a further drop to 24% by the end of 2017.

Of the people who continue to download illegally, men are overrepresented, the study found. While 27% of men obtained media for free during the last year to October 2017, only 21% of women did likewise.

While as many as 150 million people still use P2P technologies such as BitTorrent worldwide, there is a general decline in usage and this is reflected in the report.

In 2013, 18% of Dutch respondents used torrent-like systems to download, a figure that had fallen to 8% in 2016 and 6% last year. Again, male participants were overrepresented, outnumbering women by two to one. However, people appear to be visiting P2P networks less.

The study showed that people who reported using P2P to download content, have done so on average 37 times a year [to October 2017]. In January of 2017 it was significantly higher, 61 times, the study notes. P2P usage in November 2015 was rated at 98 instances per year.

Perhaps surprisingly, one of the oldest methods of downloading content has maintained its userbase in more recent years. Usenet, otherwise known as the newsgroups, accounted for 9% of downloaders in 2013 but after falling to around 6% of downloaders in 2016, that figure remained unchanged in 2017. Almost five times more men used newsgroups than women.

At the same time as showing a steady trend in terms of users, instances of newsgroup downloading are reportedly up in the latest count. In November 2015, people used the system an average of 98 times per year but in January 2017 that had fallen to 66 times. The latest figures find an average use of 68 times per year.

Drilling down into more obscure systems, 2% of respondents told Telecompa......

13:25

ARM Introduces "iSIM", Integrated Directly Onto Chips "IndyWatch Feed Tech"

ARM wants mobile or IoT devices to include a tiny integrated SIM card:

Every millimeter of space matters when you're trying to build increasingly complex electronics into increasingly tiny packages, and the relatively spacious SIM card has long been an area of frustration for hardware manufacturers. Now, the chip design company ARM may have an answer: an integrated component called an iSIM that's built into the same chip as the processor.

ARM says the iSIM will take up a "fraction of a millimeter squared," whereas the current SIM standard Nano SIMs are about 12.3 x 8.8mm in size, not including the hardware usually needed to house them. Not only will that save space, but ARM says it'll more importantly save on costs, too: instead of paying "tens of cents" per card, manufacturers will be paying single-digital cents.

Also at CNET, Tom's Hardware, and Wccftech.

Related: Infineon Demos a 1.65 mm^2 eSIM Chip


Original Submission

Read more of this story at SoylentNews.

13:00

OBD-Sniffing A Caddy PHEV "IndyWatch Feed Tech"

The Cadillac ELR is a plug-in hybrid car with a bit of class, it has the beating heart of a Chevy Volt in a nice coup body with some up-market styling and a nice interior. Since it wasnt on the market for long and some consumers are still wary of cars with electric motors, it also represents something of a sweet spot: according to [Andrew Rossignol] you can pick them up for less outlay than you might imagine. He bought one, and being an inquisitive soul decided to probe its secrets through its OBD-II ports.

OBD-II sniffing is nothing especially new, but his write-up provides an interesting run-down of the methodology used to identify the different proprietary pieces of data that it makes available. His Python script attempted to parse the stream as though it were multi-byte words of different lengths, plotting its results as graphs, It was then a straightforward process of identifying the graphs by eye that contained useful data and rejecting those that were obviously garbage. He was able to pick out the figures in which he was interested, and write an interface for his little Sony VAIO UX to display them on the move.

Weve covered OBD hacks too numerous to mention over the years, but perhaps youd like to read our history of the standard.

12:53

Qt Has A Super Busy Year Ahead With A Lot Of Features Planned For 2018 "IndyWatch Feed Tech"

Tuukka Turunen of The Qt Company has shared some of the company's plans for the Qt toolkit in 2018. There is a lot ahead for this open-source, cross-platform toolkit in 2018 with another long-term support release later this year, new Qt Python bindings, a safety-critical renderer and more...

12:49

As Expected, Bristows and Others Already Lying About UPC Status in Germany, But Doing This Anonymously (to Dodge Accountability for Lies) "IndyWatch Feed Tech"

Expect more of that in weeks/months to come

Bristows EPO

Summary: In their characteristic fashion, firms that created the UPC for their self-enrichment purposes, along with publishers/writers who deem it their role to promote the UPC and set up lobbying events for the UPC, look for ways to downplay if not intentionally distort what happened in Germany yesterday

THIS was predictable. Judging by how much lying we have seen so far coming from Team UPC and EPO management it would be shocking if they didnt lie about it. So okay, bring it on. Lets compare fiction to reality before the next wave of spin gets crafted.

As we noted yesterday morning, this whole gamble on UPC may be costing a lot of jobs. UPC would not only threaten many productive jobs (e.g. cost of fighting trolls in courts or paying them protection money, draining SME budgets); it actually threatens the jobs of examiners. This too was predictable and even though the UPC will never materialise (its very unlikely), it does a lot of damage to examiners. Regardless. What a blunder. Another casualty is patent quality, as we shall explain in a moment (judges are wrongly assumed to be substitutes for examiners).

Be ready for lots of spin from Bristows and other Team UPC members, I wrote last night. They hate reality and they hate facts.

It didnt take long for the spin to come. Minutes maybe!

Kluwer Patent blogger (i.e. Bristows) is already spinning this latest news from Germany; its possible that this account gets shuffled among UPC proponents, but based on the style, context and wording one can make a pretty safe guess. Its almost certainly Bristows. The firm does not want to be held accountable for lying, having written very briefly about this development in its private blog shortly after the news came out (we mentioned their short blog post on Wednesday night).

Here they are...

12:42

IBM Research Photo "IndyWatch Feed Tech"

How do IBM scientists keep qubits colder than outer space?

IBM quantum physicists Dr. Stefan Filipp and Dr. Andreas Fuhrer (pictured) will be discussing quantum computing live from the IBM Zurich Research Lab, and will demonstrate how they keep qubits so cold, explain why, and take your questions.

Join us on Friday, Feb. 23 at 16:00 Paris time / 10:00 am EST.

12:00

How Kubernetes Became the Solution for Migrating Legacy Applications "IndyWatch Feed Tech"

You don't have to tear down your monolith to modernize it. You can evolve it into a beautiful microservice using cloud-native technologies.

11:55

Intel Cannonlake Graphics Should Be In Good Shape With Linux 4.17 "IndyWatch Feed Tech"

Intel's next-generation Cannonlake processors with "Gen 10" graphics will be considered good to go with the next kernel cycle, Linux 4.17. The alpha/preliminary hardware support flag is being removed for these CPUs expected later this year...

11:53

Are Bots a Danger for Political Election Campaigns? "IndyWatch Feed Tech"

Normally, autonomous computer programmes known as bots trawl the internet, for example, to help search engines. However, there are also programmes known as social bots which interfere in social media, automatically generating replies or sharing content. They are currently suspected of spreading political propaganda. Scientists at Friedrich-Alexander-Universitt Erlangen-Nrnberg (FAU) have investigated the extent to which such autonomous programmes were used on the platform Twitter during the general elections in Japan in 2014. By using methods taken from corpus linguistics, they were able to draw up a case study on the activity patterns of social bots. At the same time, the FAU researchers gained an insight into how computer programmes like these were used, and recognised that nationalistic tendencies had an important role to play in the election, especially in social media. The results of the investigation have been published in the journal Big Data.

Read more of this story at SoylentNews.

11:41

Further Attacks on EPO Staff and the Appeal Boards; Former EPO Boards of Appeal Member Speaks About EPO Scandals "IndyWatch Feed Tech"

Its easy for her to speak out about these scandals now that shes retired (just like Siegfried Bro)

EPO circus
Image credit: Sheikh it Sheikh it

Summary: In the process of devaluing EPO workers and perhaps preparing them for a large round of layoffs information is also revealed about further repressions against the independence of the Boards of Appeal

THE EPO is rumoured to be heading towards layoffs (700-1000 in number, i.e. 10-15% of staff), as we noted yesterday morning and CA/3/18 seems to be stripped apart by Battistelli, as we noted last night. New Art. 53(1)(f) must be suppressed in the proposal CA/3/18, another source told us overnight. That was decided in the Board 28 meeting on Wednesday. So, the status of permanent staff is maintained. But the other foreseen changes probably stay in CA/3/18 (still to be confirmed).

We certainly hope that the German Constitutional Court is paying attention to this.We are hearing these things (about layoffs and permanent staff status) from multiple independent sources, so its likely to be true. As time goes by rumours become concrete and eventually the press too reports these as facts (albeit belatedly, sometimes as much as a month late).

Heres another new comment related to this (not many people will have noticed it):

Another curious detail is that in order to designate his deputy the President of the Boards of Appeal needs to have the approval of the President of the Office (CA/D 4/17).

https://www.epo.org/modules/epoweb/acdocument/epoweb2/257/en/CA-D_4-17_en.pdf

The background to this arrangement can be found in CA/53/17.

https://www.epo.org/modules/epoweb/acdocument/epoweb2/258/en/CA-53-17_en.pdf

We certainly hope that the German Constitutional Court is paying attention to this. Our next post will be about the German Constitutional Court.

...

11:35

A vinyl record you play backwards "IndyWatch Feed Tech"

A quick look at an unusual record that was recorded inside-out because it sounds better that way.
   

Purchased from here

(This is not an affiliated link and I paid for my record).

11:14

UBPorts' Ubuntu Touch Ported To The Moto G 2014 "IndyWatch Feed Tech"

If you happen to have laying around a Moto G Gen 2 (Moto G 2014) device, it can have a second-life now running UBPorts' Ubuntu Touch software stack...

11:02

These People Believe Death Is Only Temporary "IndyWatch Feed Tech"

Waiting on research advances is the rationale behind cryopreservation, and more broadly, a worldview known as transhumanism. A person killed by cancer or heart disease could reasonably be revived in a future when such ailments no longer exist. They believe in the advance of technology, says Giuseppe Nucci, an Italian photographer who visited with transhumanists and toured the facilities of Russia-based cryonics company KrioRus. They hope that someone will wake them up.

This hope, that the future will vanquish the ills of the present, is as old as the first civilisations that realized that with each passing year life got a little better. The Russian philosopher Nikolai Fedorovich Fedorov helped create an early 20th-century movement known as cosmism that was rooted in the idea that, given enough time, humans could defeat evil and death. If the human life span was too short, then the simple solution was to extend it, even after death, and suspend its decomposition until the world caught up.


Employees of a liquid nitrogen and dry ice factory on the outskirts of Moscow are shrouded in fog while refilling their liquid nitrogen tanks. Founded by former KrioRus employees, the company now supplies them. PHOTOGRAPH BY GIUSEPPE NUCCI

11:00

The Next Generation of TinyFPGAs "IndyWatch Feed Tech"

Field-programmable gate arrays (FPGAs) have come of age. Once viewed as exotic and scary there are a number of FPGA boards targeting the maker market and among them is a new range of open source TinyFPGA boards.

10:26

Scientists Just Made Sheep-Human Hybrids. Heres What You Need to Know "IndyWatch Feed Tech"

Researchers have achieved a new kind of chimeric first, producing sheep-human hybrid embryos that could one day represent the future of organ donation by using body parts grown inside unnatural, engineered animals.

With that end goal in mind, scientists have created the first interspecies sheep-human chimera, introducing human stem cells into sheep embryos, resulting in a hybrid creature thats more than 99 percent sheep but also a tiny, little bit like you and me.

Admittedly, the human portion of the embryos created in the experiment before they were destroyed after 28 days is exceedingly small, but the fact it exists at all is what generates considerable controversy in this field of research.

10:26

We Just Measured The Worlds Heaviest Atom, And Its Even Weirder Than Expected "IndyWatch Feed Tech"

Oganesson (Og) is the heaviest chemical element in the periodic table, but its properties have proved difficult to measure since it was first synthesised in 2002.

Now an advanced computer simulation has filled in some of the gaps, and it turns out the element is even weirder than many expected.

At the atomic level, oganesson behaves remarkably differently to lighter elements in several key ways and that could provide some fundamental insights into the basics of how these superheavy elements work.

10:26

In the future we wont edit genomeswell just print out new ones "IndyWatch Feed Tech"

Why redesigning the humble yeast could kick off the next industrial revolution.

10:25

NASAs List Of The 18 Best Air-Filtering Houseplants "IndyWatch Feed Tech"

These house plants would make a lovely addition to your home and would filter the toxins out of your air.

10:25

Upcoming telescopes should be able to detect mountains and other landscapes on exoplanets! "IndyWatch Feed Tech"

The study of exoplanets has advanced by leaps and bounds in the past few decades. Between ground-based observatories and spacecraft like the Kepler mission, a total of 3,726 exoplanets have been confirmed in 2,792 systems, with 622 systems having more than one planet (as of Jan. 1st, 2018). And in the coming years, scientists expect that many more discoveries will be possible thanks to the deployment of next-generation missions.

These include NASAs James Webb Space Telescope (JWST) and several next-generation ground based observatories. With their advanced instruments, these and other observatories are not only expected to find many more exoplanets, but to reveal new and fascinating things about them. For instance, a recent study from Columbia University indicated that it will be possible, using the Transit Method, to study surface elevations on exoplanets.

10:25

Masters of Our DNA: Designer Bodies Are Not Science Fiction "IndyWatch Feed Tech"

Entrepreneur Juan Enriquez describes a future in which we will be able to hack evolution and even alter our memories thanks to DNA manipulation.

10:23

Science this week "IndyWatch Feed Tech"

Catch up on the top stories in #science this week. References to all studies are here: surg.ws/2oeEoCj

Video by The Surg.

10:21

U.S. Docs Show Daimler May Have Done A "Dieselgate" "IndyWatch Feed Tech"

Arthur T Knackerbracket has found the following story:

American investigators are looking into Mercedes maker Daimler's use of engine management software that is alleged to help its vehicles pass emissions tests, according to reports.

German tabloid Bild am Sonntag splashed yesterday (behind paywall) that US investigators had found "several software functions that helped Daimler cars pass emissions tests".

The report included several references to documents from US investigators, though none of the English-language translations state which agency these investigators or documents are from.

Another feature outlined in the documents allegedly detected whether the car was on a stationary test rig based on a comparison of speed and acceleration data.

A Daimler spokesman told Reuters the company was cooperating under a confidentiality agreement with the US Department of Justice: "The authorities know the documents and no complaint has been filed."


Original Submission

Read more of this story at SoylentNews.

10:09

Let's Teach Communism "IndyWatch Feed Tech"





This is actually hilarious.  Underlying all this is a profound failure of a foundational theory of economics and the general management of State Sponsored monopolies.  The State in fact does a terrible job of managing such monopolies even when they do not directly own them.  It inevitably throws up a fence of regulation managed by lifers with zero stake in success or failure along with a revolving door of overseers from the regulated industry.  How might this ever work out?


The first step to a resolution needs to be the outright elimination of poverty implimenting the rule of twelve in order to produce local fiat banking and a natural demand for general government debt.  This also deepens demand in all sectors as well.


I would then apply a scaled insurance charge against all enterprises against failure.  The charge would increase as the size climbs.  The idea that large is safe is utter nonsense and particularly in banking.  Real risk can still be funded through investment banking as has been done forever.  The debt product is sold on to smaller banks who need the product.  The fact is that many failures are financial failures, rather than operational failure and a fund can easily step in to resolve the problem by buying out the capital at an insured amount.

This has been done on an ad hoc basis with governments but rarely satisfactorily.


Let's Teach Communism


01/15/2018 

Frank Chodorov

[A selection from One Is a Crowd by Frank Chodorov]:

https://mises.org/wire/lets-teach-communism

This is a defense of our universities. As they open their doors f...

10:00

At 71,572 KM, You Wont Beat This LoRa Record "IndyWatch Feed Tech"

A distance record for LoRa transmission has been set that you probably wont be able to beat. Pack up your gear and go home, nothing more to achieve here. At a superficial reading having a figure of 71,572 km (44,473 miles) seems an impossible figure for one of the little LoRa radio modules many of us have hooked up to our microcontrollers, but the story isnt quite what youd expect and contains within it some extremely interesting use of technology.

So the folks at Outernet have sent data over LoRa for that incredible distance, but they did so not through the little ISM band modules were used to but over a suitably powerful Ku-band uplink to a geostationary satellite. They are also not using the LoRaWAN protocols of the earthbound systems, but simply the LoRa modulation scheme. So its not directly comparable to terrestrial records such as the 702 km we reported on last year, and they are the first to admit that.

Where their achievement becomes especially interesting though is in their choice of receiver. We are all used to Ku-band receivers, you may even have one on your house somewhere for satellite TV. It will probably involve a parabolic dish with a narrow beam width and an LNB whose horn antenna is placed at its focus. It would have required some skill and effort to set up, because it has to be pointed very carefully at the satellites position in the sky. Outernets mission of delivering an information service with the lowest possible barrier to entry precludes the extra expense of shipping a dish and providing trained staff to align it, so they take a very different approach. Their receiver uses either an LNB horn or a small patch antenna pointing at the satellite, with none of the dishes or phased arrays you might be used to in a Ku-band installation.

You might wonder how such a receiver could possibly work with such a meagre antenna, but the secret lies in LoRas relatively tiny bandwidth as well as the resistance to co-channel interference that is a built-in feature of the LoRa modulation scheme. Even though the receiver will be illuminated by multiple satellites at once it is able to retrieve the signal and achieve a 30 kb/s data rate that they hope with technical refinements to increase to 100 kb/s. This rate will be enough over which to push an SD video stream to name just one of the several examples of the type of content they hope to deliver.

Its likely that the average Hackaday reader will not be hiring satellite uplink time upon which to place their LoRa traffic. But this story does provide a demonstration of LoRas impressive capabilities, and will make us look upon our humble LNBs with new eyes.

....

09:42

The Next Generation of Radio Astronomy "IndyWatch Feed Tech"

Last year, Irish astronomy took a leap forward with the construction of the LOFAR radio telescope in Birr, Co. Offaly. Sean Mooney, who was involved in the telescopes construction, reports on its significance for the future of astronomy.

Last year, Birr was thrust to the forefront of astronomy. What may seem a quaint and unassuming town, Birr, Co. Offaly, is steeped in astronomical history and it has regained its scientific prominence with the construction of a new telescope.

In 1842, William Parsons, 3rd Earl of Rosse, began construction of a telescope on his estate, Birr Castle demesne, which would colloquially come to be known as The Leviathan. Not only was it the largest telescope in the world, it held this title for a staggering 72 years. This fact can be appreciated most in the current era of rapid technological improvements where the best of anything in the world holds the title for weeks rather than years before a better model comes along.

09:00

Oldest Temple "IndyWatch Feed Tech"





It is remarkable that Gobekli Tepi turns out to be a temple and that all those cave drawings are also representations of Shamanic visions.  This is good though.
 
We understand that the altered state experience was important then and is now becoming useful and better understood as well today.
 
My own investigations has revealed to me that a sensitive who is an informant of mine was led to an encounter with the Green Man in broad daylight and in addition during a meditative state also encountered the King of the Dandelions.
 
In a more natural world it makes sense that we would also encounter the equivalent spirit of the Lion, the Deer, etc for each identifiable species.  Thus we suddenly have the validity of the Lion King uniquely separate from been a specific representation of Jesus as per CS Lewis.  The whole topuic of symbolic values slides out the window.
 
Our shamans did encounter lion kings, deer princes and their like during their meditations. These were easily superior to their living aspects and instructive of our own relationship with the divine.

What i am sharing with you is a new Spiritual Cosmology nicely linked physically to my Cloud cosmology. The primary spiritual form or the supreme representation is what we identify as the human form.  All life evolves toward that form.  

So we have the king of the Dandelions empowering millions of dandelions with aspects of its own GREAT SPIRIT.  Thus the LION KING is the GREAT SPIRIT of the lions and may well have a large number of aspects or perhaps all of the lions though i expect a finite number instead.  In our human case i am informed that we start out with 32 aspects during each incarnation.  Thus an eight lifetime cycle will normall...

09:00

Coldest and Most Snow Ever "IndyWatch Feed Tech"





Let us make this incredibly simple for everyone.  The sun has become cooler.  As in significantly cooler.  That means that we are really cooling off to a lower base temperature and this could be sustained for a couple of decades.  When it warms again it will also take time to rebuild all that lost heat as well.

We had a warming cycle that ran from 1960 through 2000. We then had a peak heat retention that slowly declined while the sun shifted gears.  now we have lost all that heat and the sun is nowe cooler.  Thus we have cold winters ahead for some time.  My best guess based on past patterns is that we will catch a decade or so before it shifts back up.

The good news is that we have not frozen the Rhine yet.  Next year?

.


Coldest and Most Snow Ever

Published on February 6, 2018


http://drsircus.com/spiritual-psychology/coldest-and-most-snow-ever/?u


Heavy snowfall and widespread ice have led to another day of travel disruption, amid warnings that Britain is set to be gripped by freezing weather all month. Boston tied a 100-year-old record when it marked seven consecutive days of temperatures that did not top 20 degrees Fahrenheit (-6.7 degrees Celsius). Up and down the coast, people working outdoors struggled with the frigid conditions swearing under their breaths about the idea of manmade global warming.


In Russian it is snow Armageddon. Over the weekend Moscow was drowned in snow, setting records, experiencing its heaviest snowfall in a day since records began. Moscows meteorological service said Moscow had seen more than half its average monthly snowfall in the space of 24 hours, beating the previous record set in 1957.


Dramatic global cooling this winter has created 4X more ice than average in the Great Lakes. Almost 4X the a...

09:00

Thought Loops "IndyWatch Feed Tech"


Image: BRAINWASHED: The goal of the media is to poison the minds of the masses with toxic hatred and engineered thought loops

08:49

Bill Gates to Guest Star on 'the Big Bang Theory' "IndyWatch Feed Tech"

The tech-loving characters on "The Big Bang Theory" are about to find themselves severely star-struck. The comedy series has booked Microsoft founder Bill Gates to guest star as himself in an upcoming episode, CBS and Warner Bros. tell CNN.

In the episode, Penny (Kaley Cuoco) will find herself hosting Gates at work, and her friends go to great lengths in their effort to meet the billionaire innovator. The episode is set to air in late March.

https://edition.cnn.com/2018/02/20/entertainment/bill-gates-big-bang-theory/index.html

https://www.theverge.com/2018/2/21/17035236/bill-gates-the-big-bang-theory-appearance


Original Submission

Read more of this story at SoylentNews.

08:45

Google white hackers disclosed critical vulnerabilities in uTorrent clients "IndyWatch Feed Tech"

White hackers at Google Project Zero have discovered two critical remote code execution vulnerabilities in versions of BitTorrents web-based uTorrent Web client and uTorrent Classic desktop client.

With dozens of millions of active users a day, uTorrent is one of the most popular torrent client, the vulnerabilities could be easily exploited by the researchers to deliver a malware on the target computer or view the past downloads.

Project Zero hacker Tavis Ormandy published a detailed analysis of the issues because the vulnerabilities were not fixed in a 90-day period according to the disclosure policy.

utorrent security

The flaws are tied to various JSON-RPC issues, or issues related to the way the web-based apps handle JavaScript Object Notations (JSON) as they relate to the companys remote procedure call (RPC) servers.

By default, utorrent create an HTTP RPC server on port 10000 (uTorrent classic) or 19575 (uTorrent web). There are numerous problems with these RPC servers that can be exploited by any website using XMLHTTPRequest(). To be clear, visiting *any* website is enough to compromise these applications.0 reads the technical analysis.

Both desktop and web-based uTorrent clients use a web interface to display website content, the presence of JSON-RPC issues make possible the attack decribed by Ormandy,

The expert discovered that the issue can allow an attacker to trigger a flaw in the clients by hiding commands inside web pages that interact with uTorrents RPC servers.

An attacker can exploit the vulnerability to change the torrent download folder and download a file to any writable location, including the Windows Startup folder and download an executable file, that will be executed on every startup. The  attacker could exploit the same flaw to gain access to users download activity information.

The researchers explained that a remote exploitation of the flaw requires a DNS rebinding attack that allows a JavaScript code hosted on a website to create a bridge to the local network bypassing the same-origin policy (SOP).

This requires some simple DNS rebinding to attack remotely, but once you have the (authentication) secret you can ju...

08:42

Know the Signs Programs "IndyWatch Feed Tech"

Research-based programs and practices to help protect children from gun violence in your homes, schools and communities.

People who are at-risk of hurting themselves or others often show signs and signals before an act of violence takes place. When you dont know what to look for, it can be easy to miss signs, or dismiss them as unimportant, sometimes with tragic consequences.

Its important to know that one warning sign on its own does not mean a person is planning an act of violence. But when many connected or cumulative signs are observed over a period of time, it could mean that the person is heading down a pathway towards violence or self-harm. By knowing the signs, you have the power to intervene and get help for that person. Your actions can save lives.


Sandy Hook Promise trains students and adults to know the signs of gun violence so that no other parent experiences the senseless, horrific loss of their child. Join us.

08:14

[CORE-2017-0006] Trend Micro Email Encryption Gateway Multiple Vulnerabilities "IndyWatch Feed Tech"

Posted by Core Security Advisories Team on Feb 21

Core Security - Corelabs Advisory
http://corelabs.coresecurity.com/

Trend Micro Email Encryption Gateway Multiple Vulnerabilities

1. *Advisory Information*

Title: Trend Micro Email Encryption Gateway Multiple Vulnerabilities
Advisory ID: CORE-2017-0006
Advisory URL:
http://www.coresecurity.com/advisories/trend-micro-email-encryption-gateway-multiple-vulnerabilities
Date published: 2018-02-21
Date of last update: 2018-02-21
Vendors contacted:...

08:11

DefenseCode Security Advisory: PureVPN Windows Privilege Escalation Vulnerability "IndyWatch Feed Tech"

Posted by Defense Code on Feb 21

DefenseCode Security Advisory
PureVPN Windows Privilege Escalation Vulnerability

Advisory ID: DC-2018-02-001
Advisory Title: PureVPN Windows Privilege Escalation Vulnerability
Advisory URL: http://www.defensecode.com/advisories.php
Software: PureVPN
Version: 5.19.4.0 and below (Windows Build Version: 6)
Vendor Status: Vendor contacted, vulnerability fixed
Release Date: 21/02/2018
Risk: MEDIUM

1. General Overview...

07:17

Booze News "IndyWatch Feed Tech"

On the one hand, drinking alcohol may make you live longer.

Drinking could help you live longerthat's the good news for happy-hour enthusiasts from a study presented last week at the annual meeting of the American Association for the Advancement of Science. According to the study, people who live to 90 or older often drink moderately.

On the other, you might not remember who you are any more.

Heavy drinkers are putting themselves at risk of dementia, according to the largest study of its kind ever conducted.


Original Submission

Read more of this story at SoylentNews.

07:00

Relive Radio Shacks Glory Days by Getting Goofy "IndyWatch Feed Tech"

The Golden Age of Radio Shack was probably sometime in the mid-1970s, a time when you could just pop into the local store and pay 49 cents for the resistors you needed to complete a project. Radio Shack was the place to go for everything from hi-fi systems to CB radios, and for many of us, being inside one was very much a kid in a candy store scenario.

Thats not to say that Radio Shack was perfect, but one thing it did very well was the education and grooming of the next generation of electronics hobbyists, primarily through their Science Fair brand. Some of us will recall the P-Box kits from that line, complete projects with all the parts and instructions in a plastic box with a perfboard top. These kits were endlessly entertaining and educational, and now [NetZener] has recreated the classic neon Goofy Light P-Box project.

As it was back in the day, the Goofy Light is almost entirely useless except for learning about DC-DC converters, multivibrators, RC timing circuits, and the weird world of negative resistance. But by using the original Science Fair instructions, compiling a BOM that can be filled from Mouser or Digikey, and making up a reasonable facsimile of the original P-Box chassis, [NetZener] has done a service to anyone looking for a little dose of nostalgia.

It would be interesting if someone brought back the P-Box experience as a commercial venture, offering a range of kits with circuits like the originals. If that happens, maybe some of the offerings will be based on that other classic from Radio Shacks heyday.

06:25

NEW 'Off The Hook' ONLINE "IndyWatch Feed Tech"

NEW 'Off The Hook' ONLINE

Posted 22 Feb, 2018 5:25:27 UTC

The new edition of Off The Hook from 21/02/2018 has been archived and is now available online.

06:09

Mesa 17.3 Remains Quite Buggy, Developer Calls For Better Handling In The Future "IndyWatch Feed Tech"

If you are making use of the Mesa 17.3 releases, have you found them to be buggier than normal for this open-source 3D graphics driver stack? There remains a higher than average amount of bugs still outstanding that have plagued Mesa 17.3, even with being up to 17.3.5...

05:45

Apple in Talks to Buy Cobalt Directly From Mining Companies "IndyWatch Feed Tech"

Apple is looking to ensure that it has the steady supply of cobalt it needs to produce iPhones and other electronics:

Apple Inc. is in talks to buy long-term supplies of cobalt directly from miners for the first time, according to people familiar with the matter, seeking to ensure it will have enough of the key battery ingredient amid industry fears of a shortage driven by the electric vehicle boom.

The iPhone maker is one of the world's largest end users of cobalt for the batteries in its gadgets, but until now it has left the business of buying the metal to the companies that make its batteries.

The talks show that the tech giant is keen to ensure that cobalt supplies for its iPhone and iPad batteries are sufficient, with the rapid growth in battery demand for electric vehicles threatening to create a shortage of the raw material. About a quarter of global cobalt production is used in smartphones.

Also at Ars Technica and TechCrunch.


Original Submission

Read more of this story at SoylentNews.

05:26

Australian Pirate Site Blocks Actually Block Pirate Sites "IndyWatch Feed Tech"

Australian copyright holders and lawmakers have been struggling to find an adequate response to online piracy for several years.

Progress has been slow, but with pirate site blockades now in effect, there appears to be some movement.

New research published by INCOPRO this week shows that traffic to blocked pirate sites has decreased 53.4% since the first measures were implemented a year ago. In total, usage of the top 250 pirate sites dropped a significant 25.4% in Australia.

In summary, the research confirms that direct traffic to blocked sites has decreased dramatically. Or put differently, the site blocking efforts actually block pirate sites, which by itself should hardly come as a surprise.

In fact, one might wonder how effective the blockades really are when nearly half of all direct traffic to the blocked sites in Australia remains intact and dozens of the countrys ISPs are involved.

On top, its also worth mentioning that the research doesnt take VPN usage into account. Australian interest in VPNs surged after the blockades were announced, so many people are likely to be circumvented the blockades using foreign VPNs.

While VPNs were not factored in, the current research did look at proxy site traffic and concludes that this only substitutes a small portion of the traffic that went to pirate sites before the blockades.

While its undoubtedly true that direct traffic to blocked sites has dropped, the research also includes some odd results. For example, it attributes a recent drop in Isohunt.to traffic to the blocking measures, when in reality the site actually shut down.

ISOHunt usage has been on a downward trend since December 2016, and is now at its lowest on record having reduced by 96.4% since blocking began, the report reads, drawing on data from Alexa.

But perhaps were nitpicking.

Creative Content Australia (CCA) is happy with these results and states that the fight against piracy has claimed a significant victory. However, the anti-piracy group also stressed that more can be done.

The reduction in piracy is exciting news but that 53% could be 90%, CCA Chairman Graham Burke says, using the opportunity to take another stab at Google.

...

05:02

Scientists Will Transport Antimatter in a Truck "IndyWatch Feed Tech"

The antimatter of science fiction vastly differs from the real-life antimatter of particle physics. The former powers spaceships or bombs, while the latter is just another particle that physicists study, one that happens to be the mirror image with the opposite charge of the more familiar particles.

Normally, scientists produce antimatter in the lab, where it stays put in an experimental apparatus for further study. But now, researchers are planning on transporting it for the first time from one lab to another in a truck for research. Elizabeth Gibney reports for Nature:

In a project that began last month, researchers will transport antimatter by truck and then use it to study the strange behaviour of rare radioactive nuclei. The work aims to provide a better understanding of fundamental processes inside atomic nuclei and to help astrophysicists to learn about the interiors of neutron stars, which contain the densest form of matter in the Universe.

04:43

For this robot, the secret to crawling is artificial snakeskin "IndyWatch Feed Tech"

The world is getting flooded with tiny (creepy) robots that can crawl all over the place, including your clothes. The latest one, created by scientists at Harvard University, uses artificial scaly skins to move forward kind of like a snake.

The soft robot is just a silicone rubber tube. But whats special about it is its skin a thin, stretchable plastic sheet thats been cut with a laser. The cuts, in the shape of triangles or circles, resemble the scales on the skin of snakes. When air is pumped into the tube, the robot expands and contracts, allowing the scales to pop up, anchor against the surface, and pull the robot forward. In a study published today in Science Robotics, scientists showed that the artificial snakeskins work against rough surfaces like asphalt and concrete. In the future, these robots could be scaled down and used to deliver drugs inside arteries, or in disaster situations where bots need to crawl inside narrow spaces.

04:13

ShmooCon 2018 Videos Online "IndyWatch Feed Tech"

ShmooCon, an American hacker convention, has its 2018 presentations online over at the Internet Archive, or on Youtube maybe. Each year original material on subjects related to computer security and cyberculture is presented. ShmooCon 2018 ran from January 19th through the 21st in Washington, D.C. with about 2,200 attendees.

ShmooCon website.


Original Submission

Read more of this story at SoylentNews.

04:12

[$] LWN.net Weekly Edition for February 22, 2018 "IndyWatch Feed Tech"

The LWN.net Weekly Edition for February 22, 2018 is available.

04:02

Doctors In China Lead Race To Treat Cancer "IndyWatch Feed Tech"

CRISPR In China: Cancer Treatment With Gene Editing Underway : Shots Health News More than a third of patients with cancer of the esophagus responded to experimental treatment in China with the gene-editing technique CRISPR. Several CRISPR studies are underway there.

04:00

Retrocomputing for the Forgotten "IndyWatch Feed Tech"

The world runs on marketing hype. Remember the public relations swirl around the Segway? Before it rolled out we were led to believe it was going to be remembered as fire, the wheel, and Segway. Didnt really happen. Microsoft and IBM had done something similar with OS/2, which you may not even remember as the once heir-apparent to MS-DOS. OS/2 was to be the operating system that would cure all the problems with MS-DOS just as IBMs new Microchannel Architecture would cure all the problems surrounding the ISA bus (primarily that they couldnt stop people from cloning it). What happened? OS/2 died a slow agonizing death after the Microsoft/IBM divorce. But for whatever reason [Ryan C. Gordon] decided to write a Linux emulation layer for OS/2 call 2ine (twine).

We like retrocomputing projects even if they arent very practical, and this one qualifies. The best analog for 2ine is it is Wine for OS/2, which probably has something to do with the choice of name. You might be ready to click away since you probably dont have any OS/2 programs you want to run, but wait! The good news is that the post has a lot of technical detail about how Linux and OS/2 programs load and execute. For that reason alone, the post is well worth a read.

[Ryan] had been working on Unreal Tournament 2004 and saw a product called [Pixomatic]. Under Linux, Pixomatic actually loads a Windows DLL to do some work. This led him to dig into how the loaders worked and of course this is not unlike how Wine can load Windows binaries and provide them Windows API services that really do things in the Linux way. This led to a lot of interesting projects he mentions in passing, including one to load a shared library from memory instead of a file.

So recently in a fit of boredom, hes started loading OS/2 programs and has had some success. This took some research on the OS/2 executable format and a lot of exploration of OS/2 strange memory model, exacerbated by the shift from 16-bit OS/2 to 32-bit OS/2. The big pay off is how he found how Wine and dosemu can cobble up the 32-bit Linux environment to run 16-bit code.

Theres more, but just go read the post. The detail is impressive and although it isnt running anything practical yet, it does work and the technical detective work behind it makes for a great read.

As for period reproductions, wed much rather do hardware and simulate a Z80 or just about anything else. Still, OS/2 is part of the PCs history, and the lessons you can glean from this transcend the actually usefulness  or lack thereof of running...

04:00

When You Listen to Music, Youre Never Alone - Issue 57: Communities "IndyWatch Feed Tech"


On a late spring evening in 2015, at South Street Seaport, a square on the southern tip of Manhattan, hundreds of people slipped on headphones and slipped into their own worlds. It was a clear night, perfect for a stroll, but attendees werent interested in local shops and restaurants. They were too busy dancing silently to the music, tuning inor tuning outto a silent disco.

The silent disco is a concert that passersby can barely hear, and that attendees can customize with a flip of the switch. At this event, a wireless signal allowed dancers to choose their favorite of three playlists. Each pair of headphones covered the ears and gave off a robotic glow. This is what weve been reduced to: dancing with ourselves, one dancer told a reporter from The New York Times.

To some observers, the silent disco represents a peculiar form of shared isolationa way to turn up the volume of modern alienation, to look social but remain solitary. Headphones have been creeping into musical activities that once were social, the writer and jazz musician Eric Felten lamented in the Wall Street Journal.

DANCING BY YOURSELF: Critics who lament that silent discos symbolize individualism and the
Read More

Why New York City Needs Its Own Cryptocurrency - Issue 57: Communities "IndyWatch Feed Tech"


Money used to be local. The first non-precious metal coins emerged as a natural consequence of trade, and were seldom accepted as currency outside the city-state on the Grecian coast that minted them. Then nation-states emerged and central banking was invented as an institution. Fiat currencies were deigned into circulation and the connection between money and place was mostly lost. Today, a dollar printed in West Point is the same dollar wherever it is found, whether its Dubuque or Dubai. It derives its value from the law of the United States and that law has no physical home. The United States of America, like all other countries, is a polygon on a map, a theoretical construct, a policy document.

As the dust settles on the haboob that cryptocurrencies have become over the last year or so and we try to find things of lasting value from the wreckage, we should keep in mind this missing piece of the puzzle: All resilient things start local. To find inherent value and stability digital currencies need to ground themselves somewhere. They need to go local. A theoretical construct is no longer enough. Digital currencies need something more tangible than just value by decree.
Read More

The City at the Center of the Cosmos - Issue 57: Communities "IndyWatch Feed Tech"


Some 48 kilometers north of Mexico City, in the Basin of Mexico, towers the Pyramid of the Sun at Teotihuacn. This massive 71-meter high structure makes you feel like a speck of dust in the presence of the gods. And that is exactly what the builders intended. Those who dwelt at Teotihuacn lived at the heart of a vast sacred landscape. The city itself covered more than 21 square kilometers, and it dominated the basin and the surrounding highlands. By 100 A.D., at least 80,000 people lived there. And between 200 and 750 A.D., Teotihuacns population swelled to more than 150,000. At the time, it was as big as all but the largest cities of China and the Middle East.

Archaeologists have worked there for nearly a century. Theyve learned that Teotihuacn was a vast symbolic landscape of artificial mountains, foothills, caves, and open spaces that replicated the spiritual world. Over a period of more than eight centuries, the Teotihuacnos built 600 pyramids, 500 workshop areas, a huge marketplace, 2,000 apartment complexes, and several squares or plazas.

Cosmology as geography: A view from the Pyramid of the Moon toward the Pyramid of the Sun.DEA / ARCHIVIO J. LANGE / Contributor /
Read More

03:48

Former Google employee suing over alleged wrongful firing "IndyWatch Feed Tech"

A former Google employee is now suing the company, claiming he was wrongfully terminated for his criticism of an anti-diversity memo sent to staff members last year, Wired Magazine reports. Tim Chevalier, a transgender former...

03:42

Is It Time for a Transhumanist Olympics? "IndyWatch Feed Tech"

While the Winter Olympics are going on, heres.

A story of mine on the dream of a future Transhumanist Olympics: https://www.huffingtonpost.com/zoltan-istvan/is-it-time-for-77194.html #transhumanism


Oracle Team USA made a historic comeback to beat Emirates Team New Zealand in the Americans Cup in San Francisco last month. I have closely followed the sport of sail racing for over 30 years, and what astonishes me is how much faster and better the boats are today than they were three decades ago. Sailing speeds and performances have doubled in some cases.

The same cannot be said about most other major sports. Even Michael Phelps, considered by many the greatest living athlete, is only a few seconds faster than swimming world records set 30 years ago. Most sports have not allowed scientific improvements or technology upgrades to their athletes and the equipment they use. I find that disappointing.

What is on the rise in athletics, however, are multi-million dollar campaigns and testing measures designed to ensure athletes dont cheat by using performance enhancing drugs and technologies. Some athletes even complain about undergoing TSA-like testing procedures right before their events. Does anyone else see a problem with that? Does anyone else see something anti-progressive about the state of our competitive sporting industry today?

As an advanced society full of technological wonders, perhaps its time we consider upgrading our idea of sports and rethinking what constitutes an exemplary athlete. Perhaps its time for something more modern and exciting, such as the transhuman athlete.

02:57

Ex-CIA Director: U.S. Meddles in Foreign Elections for a Very Good Cause "IndyWatch Feed Tech"

Via: The Hill: Following a federal indictment of Russians accused of meddling in the U.S election, a former CIA director on Friday said the U.S. probably meddles in other countries elections, as well. The Russian embassy flagged his comments. When asked whether the U.S. interferes in other countries elections, James Woolsey said, Well, only for []

02:47

[CVE-2018-1000088] Stored XSS vulnerability in Doorkeeper gem v2.1.0 - v4.2.5 "IndyWatch Feed Tech"

Posted by Justin Bull on Feb 21

Hey everyone,

A security bulletin for you.

Software:
---------
Doorkeeper (https://github.com/doorkeeper-gem/doorkeeper)

Description:
------------
Doorkeeper is an OAuth 2 provider for Rails written in Ruby.

Affected Versions:
------------------
2.1.0 - 4.2.5

Fixed Versions:
---------------
4.2.6 or later

Problem:
--------
Stored XSS on the OAuth Client's name will cause users being prompted
for consent via the "implicit"...

02:41

Amateur Astronomer Tests New Camera, Catches Birth of a Supernova "IndyWatch Feed Tech"

Submitted via IRC for FatPhil

An amateur astronomer has captured the birth of a supernova while trying out his new camera. Scientists believe this could be the first time anyone has photographed the initial flashing of a supernovaa phase which can last just minutes.

Researchers think the serendipitous snaps offer unique insights into the evolution of supernova, which are usually only pictured after this brief "shock breakout" phase. A new analysis of the surge of light is published in Nature this week.

[...] The discovery was monumental not just for Buso but astronomy as a whole. Researchers Melina Bersten and Gastn Folatelli, part of the team investigating the supernova in the Nature paper, told Newsweek these chance photos could be the first of their kind.

"We actually think this is the first time an observer recorded the appearance of a supernova literally on camera. Some supernova have been discovered hours after explosion. But, Victor Buso caught the exact minutes when the supernova was being born," Bersten said. Not only that, she added, but he had captured the evolution of this elusive phase.

Source: http://www.newsweek.com/supernova-birth-photograph-amateur-815041


Original Submission

Read more of this story at SoylentNews.

02:30

Wine-Staging Has Been Revived, Working Towards New Release "IndyWatch Feed Tech"

Wine-Staging has been a flavor of Wine popular with Linux gamers for often carrying bleeding-edge patches and other experimental work prior to being mainlined. But over two months ago, Wine-Staging went silent without any further updates. A few days ago the original maintainers announced they parted ways with the work due to lack of time and would not be issuing any new releases. Now there are new developers taking over...

01:44

OpenBSD Gets Mitigated For Meltdown CPU Vulnerability "IndyWatch Feed Tech"

A few days back FreeBSD 11 stable was mitigated for Meltdown (and Spectre vulnerabilities), which came more than one month after these nasty CPU vulnerabilities were disclosed while DragonFlyBSD was quickly mitigated and the first of the BSDs to do so. While OpenBSD is known for its security features and focus, only today did it land its initial Meltdown mitigation...

01:38

Smashing Security #066: Passwords, pirates, and postcards "IndyWatch Feed Tech"

Smashing Security #066: Passwords, pirates, and postcards

Flight simulators packed with password-grabbing malware, Facebook fighting Russian trolls, and how vulnerability researchers fear being sued.

All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Dave Bittner from The CyberWire podcast.

01:31

End of the UPC Lobby and Withdrawal of UPCA May Seem Imminent "IndyWatch Feed Tech"

Retired Judge Siegfried Bro has long spoken out against the Unified Patent Court (UPC); and for good reasons

Siegfried Bro
Image courtesy: campact.de

Summary: The Unitary Patent fantasy (of mass litigation firms) is coming to an end; in fact, the German government and courts (Bundesverfassungsgericht to be specific) now deem the complaint to be admissible and thus likely legitimate in spite of many attempts to shoot it down

The European Patent Office (EPO) barely says anything about the UPC. It used to. A lot. But it rarely mentions it anymore. The closest thing to a mention was todays tweet that said: Read more about the impact of #patent protection on trade & FDI in innovative industries in this study

Its like a template tweet that they cyclically shuffle/revolve in order for the propaganda to broaden its reach. Propaganda? Yes, propaganda. What they dont say is that they funded it. In the process, the EPO entered controversial territories; it really corrupted academia (we explained this before). This is a serious matter. The EPO not only corrupts the media but also academia; and guess whos paying for all this

The EPO not only corrupts the media but also academia; and guess whos paying for all thisEPO staff is said to be prepared for chopping while the management corrupts the press and universities. Its not cheap. It also pays something like 5 million euros for events that last just one afternoon (that alone is a years salary of about 50 examiners). As the EPO implicitly acknowledges (by mention of two Twitter accounts), it paid money to LSE (UK) and the University of Colorado Boulder (US) for UPC propaganda. Sadly for them, however, the Unitary Patent is dead regardless. How dead? Check out what...

01:08

Japanese Man Granted Paternity Rights to 13 Children Born to Surrogate Mothers "IndyWatch Feed Tech"

Mitsutoki Shigeta: 'Baby factory' dad wins paternity rights

A Bangkok court has awarded paternity rights to a Japanese man over 13 babies he fathered through Thai surrogate mothers. The ruling allows Mitsutoki Shigeta, 28, to pursue custody of the children.

The son of a wealthy entrepreneur, he caused controversy in 2014 when he was revealed to have fathered at least 16 babies via surrogates in Thailand. His so-called "baby factory" case and others led to Thailand banning commercial surrogacy for foreigners.

Mr Shigeta, who was not present at the trial, was awarded "sole parent" rights after the Thai surrogates forfeited their rights, according to the court, which did not name him.

"For the happiness and opportunities which the 13 children will receive from their biological father, who does not have a history of bad behaviour, the court rules that all 13 born from surrogacy to be legal children of the plaintiff," Bangkok's Central Juvenile Court said in a statement.

Also at Newsweek and ABC.

Related: Medical Ethics of Multiples, Surrogacy, and Abortion


Original Submission

Read more of this story at SoylentNews.

01:00

Linux Adds CH341 GPIO "IndyWatch Feed Tech"

There was a time when USB to serial hardware meant one company: FTDI. But today there are quite a few to choose from and one of the most common ones is the WCH CH341. Theres been support for these chips in Linux for a while, but only for use as a communication port. The device actually has RS232, I2C, SPI, and 8 general purpose I/O (GPIO) pins. [ZooBaB] took an out-of-tree driver that exposes the GPIO, and got it working with some frightening-looking CH341 boards.

He had to make a slight mod to the driver to get six GPIOs in /sys/class/gpio. Once there though, it is easy to manipulate the pins using a shell script or anything that can write to the virtual files corresponding to the GPIO pins.

For example, he did a speed test that was this simple:

#!/bin/bash
x=100000
while ((x--)); do
 i=$((i+1))
 echo 0 > /sys/class/gpio/gpio1/value
 echo 1 > /sys/class/gpio/gpio1/value
done

He got about 2.2 kHz out of the output pin, and although he didnt say the exact hardware configuration it gives you some idea about the possible speed.

There are some other examples, and a look at several inexpensive boards that expose the I/O pins. Theres also some discussion of some mods of those boards.

The ability to share and hack drivers is one of the things that makes Linux so great for hackers. Your Linux system probably has all the tools you need and, if not, they are a package manager command away. Even if you arent comfortable building a whole driver, patching one like [ZooBab] did is very doable.

Of course, there are faster ways to drive I/O. We looked at the details of the CH340 and CH341 way back in 2014.

01:00

Embracing the Chaos of Chaos Engineering "IndyWatch Feed Tech"

Modern applications are increasingly growing in complexity. Adding a dizzying amount of moving parts, layers of abstraction, reliance on external systems and distribution that all result in a stack that few truly fully understand.

HPR2494: linux.conf.au 2018: Nicolas Steenhout "IndyWatch Feed Tech"

Clinton interviews Nicolas Steenhout about his accessibility workshop, covering the different areas that automated and manual testing can cover. We also talk about the conference in general, and on the different ways that conference get feedback about their speakers.

00:52

Overnight Tech: SEC updates guidance on data breaches | Twitter cracks down on automated tweets | Feds hit former bitcoin exchange with fraud charges "IndyWatch Feed Tech"

SEC UPDATES GUIDANCE ON DISCLOSING DATA BREACHES: Wall Street's top regulator on Wednesday released updated guidance on how public companies should go about disclosing cybersecurity breaches and "risks" to the public.The Securities and Exchange...

00:48

[$] New tricks for XFS "IndyWatch Feed Tech"

The XFS filesystem has been in the kernel for fifteen years and was used in production on IRIX systems for five years before that. But it might just be time to teach that "old dog" of a filesystem some new tricks, Dave Chinner said, at the beginning of his linux.conf.au 2018 presentation. There are a number of features that XFS lacks when compared to more modern filesystems, such as snapshots and subvolumes; but he has been thinkingand writing codeon a path to get them into XFS.

00:26

EPOs Board 28 Spikes Article 53 in CA/3/18, Apparently After Battistelli Withdrew It "IndyWatch Feed Tech"

The draft reform proposal CA/3/18 will, if it is allowed to enter into force, put an end to permanent employment at the EPO. EPO insiders

Most of the world's workers have insecure jobs, ILO report reveals
Reference: Most of the worlds workers have insecure jobs, ILO report reveals

Summary: The latest plot twist, as odd as that may seem, is that the attack on the rights of thousands of workers (many of whom are rumoured to be on their way out) is curtailed somewhat, at least for the time being

The European Patent Offices (EPO) demise is worrying. Its inevitable, but its still worrying (layoffs are probably coming very soon, based on insiders). CA/3/18 was covered here yesterday, based on the words of insiders.

World Intellectual Property Review has just written about this: [via SUEPO]

The European Patent Offices (EPO) supervisory body, the Administrative Council (AC), will deliberate an employment proposal put forward by EPO president Benot Battistelli to recruit staff on renewable contracts of five years in March.

Battistelli and Elodie Bergot, principal director of human resources, added the motion to discuss permanent employment at the EPO during a budget and finance committee meeting in October last year.

At the time, a spokesperson for the EPO said that the office is in a unique situation with 97% of its staff hired on a permanent basis.

A first discussion of the proposal, which is called the Modernisation of the employment framework of the EPO, took place during the ACs meeting in December.

The proposal has since been amend...

00:24

Snap responds to petition calling for it to scrap its redesign "IndyWatch Feed Tech"

Snap, the parent company of Snapchat, responded on Tuesday to a petition calling for it to reverse its app redesign.The messaging app did not say it would revert to its prior design, but did say that it will roll out a new update in the coming...

00:08

House to consider bill next week to combat online sex trafficking "IndyWatch Feed Tech"

The House is expected to consider legislation when it returns from holiday recess next week that would ensure classified advertising websites such as Backpage.com can no longer enable sex trafficking.The bipartisan bill would allow the...

Wednesday, 21 February

23:40

Trisha Navidzadeh, Principal of Space Marketing Group, joins our Space Settlement Board. "IndyWatch Feed Tech"

Trisha Navidzadeh, Principal of Space Marketing Group, joins our Space Settlement Board.

23:38

[$] An overview of Project Atomic "IndyWatch Feed Tech"

Terms like "cloud-native" and "web scale" are often used and understood as pointless buzzwords. Under the layers of marketing, though, cloud systems do work best with a new and different way of thinking about system administration. Much of the tool set used for cloud operations is free software, and Linux is the platform of choice for almost all cloud applications. While just about any distribution can be made to work, there are several projects working to create a ground-up system specifically for cloud hosts. One of the best known of these is Project Atomic from Red Hat and the Fedora Project.

23:35

Intel Coffee Lake OpenGL Performance On Windows 10 vs. Linux "IndyWatch Feed Tech"

For those curious about the state of Intel's open-source Mesa OpenGL driver relative to the company's closed-source Windows OpenGL driver, here are some fresh benchmark results when making use of an Intel Core i7 8700K "Coffee Lake" processor with UHD Graphics 630 and testing from Windows 10 Pro x64 against Ubuntu 16.04.3 LTS, Ubuntu with the Linux 4.16 Git kernel and Mesa 18.1-dev, and then Intel's own Clear Linux distribution.

23:35

The U.S. Intelligence Community's Demonization of Huawei Remains Highly Hypocritical "IndyWatch Feed Tech"

Submitted via IRC for Runaway1956

The U.S. Intel Community's Demonization of Huawei Remains Highly Hypocritical

We've noted for some time how Chinese hardware vendor Huawei has been consistently accused of spying on American citizens without any substantive, public evidence. You might recall that these accusations flared up several years ago, resulting in numerous investigations that culminated in no hard evidence whatsoever to support the allegations. We're not talking about superficial inquiries, we're talking about eighteen months, in-depth reviews by people with every interest in exposing them. One anonymous insider put it this way in the wake of the last bout of hysteria surrounding the company:

We knew certain parts of government really wanted" evidence of active spying, said one of the people, who requested anonymity. "We would have found it if it were there.

[...] This week, hysteria concerning Huawei again reached a fevered pitch, as U.S. intelligence chiefs, testifying before Congress over Russian hacking and disinformation concerns, again proclaimed that Huawei was spying on American citizens and their products most assuredly should not be used:

At the hearing, FBI Director Chris Wray testified, "We're deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don't share our values to gain positions of power inside our telecommunications networks." Purchasing Huawei or ZTE products, Wray added, "provides the capacity to maliciously modify or steal information. And it provides the capacity to conduct undetected espionage.

Which values would those be, exactly? Would it be the values, as leaked Edward Snowden docs revealed, that resulted in the NSA hacking into Huawei, stealing source code, then attempting to plant its own backdoors into Huawei products? Or perhaps it's the values inh...

23:30

Links 21/2/2018: Apper 1.0, New Fedora ISOs "IndyWatch Feed Tech"

GNOME bluefish

Contents

GNU/Linux

23:26

White nationalist sues Twitter over suspended account "IndyWatch Feed Tech"

A white nationalist group and its founder said Wednesday that they were suing Twitter for banning their accounts, arguing the company did so because it disagreed with their viewpoints.Jared Taylor, who leads the American Renaissance...

23:10

WhatsApp co-founder donates $50M to new Signal nonprofit wing "IndyWatch Feed Tech"

Brian Acton, a co-founder of the Facebook-owned messaging service WhatsApp, is donating $50 million to a new nonprofit supporting the encrypted messaging app Signal.Acton will also serve as the executive chairman of the newly formed Signal...

22:46

Intel releases Spectre patches for Skylake, Kaby Lake, Coffee Lake "IndyWatch Feed Tech"

Intel released a stable microcode update to address the Spectre vulnerability for its Skylake, Kaby Lake, and Coffee Lake processors in all their various variants.

Intel has released microcode to address the CVE-2017-5715 Spectre vulnerability for many of its chips, lets this time the security updates will not cause further problems.

The Spectre attack allows user-mode applications to extract information from other processes running on the same system. It can also be exploited to extract information from its own process via code, for example, a malicious JavaScript can be used to extract login cookies for other sites from the browsers memory.

The Spectre attack breaks the isolation between different applications, allowing to leak information from the kernel to user programs, as well as from virtualization hypervisors to guest systems.

Problems such as frequent reboots were related to the fix for the CVE-2017-5715 Spectre flaw (Spectre Variant 2) and affected almost any platform, including systems running on Broadwell Haswell CPUs, as well as Ivy Bridge-, Sandy Bridge-, Skylake-, and Kaby Lake-based platforms.

Spectre patches

A couple of weeks ago Intel released new microcode for its Skylake processors, now it has announced security updates for Kaby Lake, Coffee Lake and other CPUs.

The microcode is now available for all 6th, 7th, and 8th generation Core processors and also X-series Intel Core products, as well as Xeon Scalable and Xeon D chips.

Intel released the Spectre firmware security updates for the following products:

Anniedale/Moorefield, Apollo Lake, Avoton/Rangeley, Broxton, Ch...

22:30

Feds charge former bitcoin exchange with fraud "IndyWatch Feed Tech"

Federal authorities on Wednesday brought fraud charges against BitFunder, a defunct cryptocurrency stock exchange, and arrested the company's founder for obstruction of justice.The Securities and Exchange Commission (SEC) charged the company with...

21:33

SEC updates guidance on disclosing cyber breaches "IndyWatch Feed Tech"

Wall Streets top regulator on Wednesday released updated guidance on how public companies should go about disclosing cybersecurity breaches and "risks" to the public. The Securities and Exchange Commissions (SEC) new guidance&...

21:10

Twitter cracks down on automated tweets "IndyWatch Feed Tech"

Twitter is cracking down on its users ability to coordinate posting across multiple social media platforms, a move that the company hopes will tamp down on the spread of spam and misinformation.These changes are an important step in ensuring we...

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog