IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Friday, 26 January


Reddit rolls out 2-factor authentication for users Help Net Security

The 234 million or so unique Reddit users are finally getting the option of setting up 2-factor authentication for their account(s). Why is that important? With over 540 million monthly visitors, social news aggregator Reddit is one of the top ten most popular websites in the world. You dont need to open an account to peruse its content, but if you want to participate in discussions on one of its countless subreddits, youll have to More


Alphabet enters enterprise cybersecurity market, launches Chronicle Help Net Security

Googles parent company Alphabet has announced its entry into the lucrative enterprise cybersecurity market through Chronicle, a company started in early 2016 as a project at X, Alphabets moonshot factory. Chronicle has now graduated to the status of an independent company within Alphabet, and is lead by Stephen Gillett, formerly an executive-in-residence at Google Ventures and Chief Operating Officer of Symantec. VirusTotal, a malware intelligence service acquired by Google in 2012, will be become a More


PCI Council sets security requirements for mobile point of sale solutions Help Net Security

The PCI Security Standards Council has announced a new PCI Security Standard for software-based PIN entry on commercial off-the-shelf (COTS) devices such as smartphones and tablets. What are we talking about here? Stores that offer customers the possibility to purchase things with their payment card usually have a hardware terminal and PIN entry device. But this can be too pricey an option for small merchants in markets that require EMV chip-and-PIN acceptance. A cheaper option More


New Purism Developer To Begin Work On Tackling Responsive GTK+ Apps Phoronix

GNOME developer Adrien Plazas has joined Purism as part of their effort of getting GTK+ applications on the Librem 5 smart-phone...


The Fastest Linux Distribution For Ryzen: A 10-Way Linux OS Comparison On Ryzen 7 & Threadripper Phoronix

While we frequently do Linux OS/distribution performance comparisons on the latest Intel desktop and server hardware, some requests came in recently about looking closer at the fastest Linux distribution(s) when running on AMD's Ryzen desktop processors. Here are benchmarks of ten popular Linux distributions tested out-of-the-box on Ryzen 7 1800X and Threadripper 1950X systems.


DIY Graphene Putty Makes Super Sensitive Sensor SoylentNews

Submitted via IRC for TheMightyBuzzard

It is sort of an electronics rule 34 that if something occurs, someone needs to sense it. [Bblorgggg], for reasons that aren't immediately obvious, needs to sense ants moving over trees. No kidding. How are you going to do that? His answer was to use graphene.

Silly Putty, which is just silicone putty, gives the graphene an unusually large dynamic range. That is, it can detect large pressures (say, a finger pressing) and still detect a very faint pressure (like your heart beating through the finger). Apparently, the graphene lines up to become pretty conductive in the putty and then any deformation causes the resistance to go up. However, when the pressure subsides, the graphene lines back up.


Original Submission

Read more of this story at SoylentNews.


Indexing Chuck Not Required Hackaday

Becoming accomplished with a lathe is a powerful skillset, but its only half of the journey. Being clever comes later, and its the second part of the course. Patience is in there somewhere too, but lets focus on being clever. [TimNummy] wants a knobbed bolt with critical parameters, so he makes his own. After the break, there is a sixty-second summary of the linked video.

Making stock hardware is a beginners tasks, so custom hardware requires ingenuity or expensive machinery. Adding finger notches to a bolthead is arbitrary with an indexing chuck, but one isnt available. Instead, hex stock becomes a jig, and the flat sides are utilized to hold the workpiece at six intermittent angles. We cant argue with the results which look like a part that would cost a pretty penny.

Using material found in the workshop is what being clever is all about. Hex brass stock comes with tight tolerances on the sides and angles so why not take advantage of that?

[TimNummy] can be seen on HaD for his Jeep dome light hack and an over-engineered mailbox flag. Did you miss [Quinn Dunki]s piece on bootstrapping precision machine tools? Go check that out!


TIGIT as a Biomarker for T Cell Senescence and Exhaustion Lifeboat News: The Blog

In a new study, researchers propose that TIGIT is a marker of T cell senescence and exhaustion in the immune system. However, not only is TIGIT just a biomarker, it is also a potential therapeutic target; as the researcher team discovered, lowering levels of TIGIT resulted in the restoration of some lost function in T cell populations that were experiencing high levels of senescence and exhaustion.

In a new study, researchers propose that TIGIT is a marker of T cell senescence and exhaustion in the immune system[1]. However, not only is TIGIT just a biomarker, it is also a potential therapeutic target; as the researcher team discovered, lowering levels of TIGIT resulted in the restoration of some lost function in T cell populations that were experiencing high levels of senescence and exhaustion.

Aging is associated with immune dysfunction, especially T-cell defects, which result in increased susceptibility to various diseases. Previous studies showed that T cells from aged mice express multiple inhibitory receptors, providing evidence of the relationship between T-cell exhaustion and T-cell senescence. In this study, we showed that T-cell immunoglobulin and immunoreceptor tyrosine-based inhibitory motif (ITIM) domain (TIGIT), a novel co-inhibitory receptor, was upregulated in CD8 + T cells of elderly adults. Aged TIGIT + CD8 + T cells expressed high levels of other inhibitory receptors including PD-1 and exhibited features of exhaustion such as downregulation of the key costimulatory receptor CD28, representative intrinsic transcriptional regulation, low production of cytokines, and high susceptibility to apoptosis. Importantly, their functional defects associated with aging were reversed by TIGIT knockdown.


How To Deploy Django App on Heroku TechWorm

Hey geeks and really interesting people out there, today we are doing a little resume on how you can deploy django app on heroku.

Yeah, even if you dont know anything about it, here you can learn how to do it, so keep reading to become a deployer master.

Is kinda obvious, but first, you need to have a Heroku account, is you already have it skip this step, however if you dont, you can create a Heroku account in like one minute or even less, you can choose the plan that is more suitable for the functionalities you need to have, this platform counts with 4 plans: Free that will cost you $0, and then the ones you need to pay to have, that are hobby, standard, and performance. This time we are working on the free plan.

I need to highlight something really important here, at the moment you create your account,  you choose the primary development language, please be sure you select Python. After you finish all the steps you will receive a confirmation email.

Having your account next is installing the CLI for Heroku, this is the main tool you need to interact properly with Heroku, to do this you need first open the console, enter your user-name and password, of the account you already have or just create.

Then start creating a Heroku app, and next you need to connect to PostgreSQL, is kind of easy for those who already have experience on the field.

After you start creating your app, you can start configuring the Django apps for your Heroku system, you can try at first writing a really easy Django application, however, if you are a lot more experienced you can try to do one a little bit more complicated.

You need to have the requirements.txt file, this file contains a list of all you need for app packages, you need to create this file in the root folder. After you have this configured, you need to have the profile, this describes all the commands you will need to execute the app. And last in this step but not least; you need to have the runtime.txt, which is the file that specifies the Python version.

Then we need to separate the Django settings, this is necessary for the app you are creating is this start to grow. After you have it, you need to set up static files. First, you need to modify ?; that will assure you a correct display of files. After this step, it came the data configuration and the local launch.

If you complete all these steps correctly, you will just need to go and deploy Django to Heroku, run migrations and thats it! For those who want to take a look at the code here, you have all the...


Systemd 237 Is Being Prepared For Release Phoronix

The first systemd update of 2018 should soon be here...


New Antennas Will Take CubeSats to Mars and Beyond IEEE Spectrum Recent Content full text

By packing big antennas into tiny satellites, JPL engineers are making space science cheap Illustration: John MacNeill

Illustration: John MacNeill

One morning in November 2014, Kamal Oudrhiri, a colleague of mine at the Jet Propulsion Laboratory (JPL), in Pasadena, Calif., burst into my office with an intriguing proposition. A first-of-its-kind satellite was headed for Mars. The satellite would fly alongside NASAs InSight Mars Lander, relaying data in real time back to Earth during the landers critical entry, descent, and landing. We have to achieve 8 kilobits per second, and were limited in terms of power. Our only hope is a large antenna, Oudrhiri explained. Oh, and the satellite itself will be only about the size of a briefcase.

Nothing as diminutive as the Mars satellitewhich belongs to a class called CubeSatshad ever gone farther than low Earth orbit. The antenna would be stowed during launch, occupying only about 830 cubic centimeters. Shortly thereafter, it would unfurl to a size three times as large as the satellite itself. It would have to survive the 160-million-kilometer flight to the Red Planet, including the intense vibration of launch and the radiation and extreme temperatures of deep space. How hard could that be?

Fortunately, my colleagues and I love a challenge, and we welcomed the chance to push CubeSat technology to its limits. These tiny spacecraft have become the go-to vessel for researchers and startups doing Earth imaging and monitoring. Compared with traditional satellites, they are relatively inexpensive and small, weighing just a few kilograms, and they can be ready to launch in a matter of months, rather than the years it typically takes to prepare a standard spacecraft. Over time, the onboard sensors and processing that CubeSats can carry have been the beneficiaries of Moores Law advancements in electronics, growing more powerful and sophisticated, lighter in weight, and energy efficient.

Photo: JPL/NASA RainCube's Umbre...

Test Tube Hard Drives Compute with Chemicals IEEE Spectrum Recent Content full text

Storing data as small molecules and getting them to compute by reacting could speed some computations Photo: Barry Rosenthal/Getty Images

A group of scientists and engineers at Brown University is planning to use chemicals in a droplet of fluid to store huge amounts of data and, eventually, get them to do complex calculations instantly. Theyve just received US $4.1 million from the Defense Advanced Research Projects Agency to get started, and plan to borrow robots and automation from the pharmaceutical industry to speed their progress.

Were hoping that at the end of this well have a hard drive in a test tube, says Jacob Rosenstein, assistant professor of electrical engineering, who is co-leading the project with theoretical chemist Brenda Rubenstein.

Theres been a big push recently to store data as molecules of DNA, but the Brown chemical computing project will do things differently, potentially ending up with greater data density and quicker readouts.

If it seems like theyll need a lot of different chemicals to make this scheme do anything important, youre right. But that may not be a big problem at all. The Brown team will rely on a class of chemistry called Ugi reactions. These are combinations of four chemicals reacted together all at once to produce a small organic molecule. The pharmaceutical industry uses automated systems that react different combinations to produce millions of chemicals for testing as drugs.

So how do they tell which of those millions is actually in a drop of liquid? Rubenstein, Rosenstein, and their colleagues will use a technology called mass spectrometry. Its essentially the same technology used to find evidence of doping drugs in athletes urine. Basically, it charges the molecules in a sam...


What happens when AI tries too hard to improve reality, in one photo Lifeboat News: The Blog

Technically speaking, Google Photos Assistant did a pretty good job.


Scientists building worlds most-powerful SUPER LASERS that can RIP holes in space Lifeboat News: The Blog

A NEW laser is being built that is powerful enough to rip apart empty space.


Will Americans ever know the truth about FBI and DOJ abuses? MassPrivateI

FISA memo worse than Watergate

Multiple Felonies by Top Government Officials Exposed

DEEP STATE, In PANIC, Tries To Drop Fusion GPS Dossier


Kristen Fortney, CEO at BioAge Labs, joins our Life Extension Board. Lifeboat News

Kristen Fortney, CEO at BioAge Labs, joins our Life Extension Board.


Simon Shelton, Teletubbies' Tinky Winky, Has Passed Away at Age 52 SoylentNews

Tributes have been paid to actor Simon Shelton, best known for playing purple Teletubby Tinky Winky, following his death at the age of 52.

[...] The original Teletubbies ran on the BBC from 1997 to 2001 and spawned a number one single, called Teletubbies say 'Eh-oh!', in December 1997.

Speaking in 2008, Shelton said he had little inkling Teletubbies would be the success it was when he was cast as Tinky Winky.

"I didn't know it would be as big as it was, but I did know as soon as I started working on it that it had something special," he said.

The original Teletubbies series was watched by around one billion children in more than 120 countries in 45 languages.

Shelton, a father of three, lived in Ampthill in Bedfordshire.

Original Submission

Read more of this story at SoylentNews.


Keep Accurate Time on Linux with NTP

Keep Accurate Time on Linux with NTP


The Current State of the Black Market: You Cant Buy Vantablack Hackaday

Sometimes you need something to be utterly, totally, irredeemably black. Not just a little bit black, not just really really really dark blue, but as black as it is possible to get. It might be to trap light in a camera or a telescope, for artistic purposes, or even to make your warplane a more difficult target for enemy missiles. Either way, were here to help, not to judge. So what are your options?

Well, first of all, theres the much-lauded Vantablack. The name itself is a clue as to its origin  Vertically Aligned Nano Tube Arrays. It works by coating an object with a forest of carbon nanotubes in a complicated vacuum deposition process. When light hits the surface, some of it is absorbed by the nanotubes, and any that is reflected tends to be absorbed by neighbouring nanotubes rather than escaping the surface coating of the object.

Like a Void in the Universe

Two masks, one in bronze, the other coated in Vantablack. So much incoming light is absorbed that it becomes impossible to see the surface contours of the coated object.

Vantablack has the current crown for being the blackest black currently available, absorbing 99.965% of visible light. However, before you get too excited, it does have some drawbacks. In its original form, it has to...


Spritecoin ransomware masquerades as cryptocurrency wallet and also harvests victims data Security Affairs

Fortinet discovered a strain of ransomware dubbed Spritecoin ransomware that only allows victims Monero payments and pretends to be a cryptocurrency-related password store.

Researchers from Fortinet FortiGuard Labs has discovered a strain of ransomware that only allows victims Monero payments and pretends to be a cryptocurrency-related password store.

The ransomware poses itself as a spritecoin wallet, it asks users to create their desired password, but instead of downloading the block-chain it encrypts the victims data files.

The malware asks for a 0.3 Monero ransom ($105 USD at the time of writing) and drops on the target system a ransom note of Your files are encrypted.

SpriteCoin ransomware

The malware includes an embedded SQLite engine, a circumstance that leads experts to believe it also implements a credentials harvesting feature for Chrome and Firefox credential store. The malicious code appends the .encrypted file extension to encrypted files (i.e. resume.doc.encrypted).

While decrypting the files, the Spritecoin ransomware also deploys another piece of malware that is able to harvest certificates, parse images, and control the web camera.

In a cruel twist, if the victim decides to pay and obtain a decryption key they are then delivered a new malicious executable [80685e4eb850f8c5387d1682b618927105673fe3a2692b5c1ca9c66fb62b386b], detected as W32/Generic!tr. reads the report.

While have not yet fully analyzed this malicious payload, we can verify that it does have the capability to activate web cameras and parse certificates and keys that will likely leave the victim more compromised than before.

The experts speculate the ransomware is being spread via forum spam that targets users interested in cryptocurrency.

Ransomware is usually delivered via social engineering techniques, but can also be delivered without user interaction via exploits. These often arrive (but are not limited to) via email, exploit kits, malicious crafted Excel/Word/PDF macros, or JavaScript downloaders. states the...


Security flaw in Moto G5 Plus allows anyone to bypass lockscreen HackRead

By Waqas

A critical security flaw or bug in Motorola Moto G5 Plus

This is a post from Read the original post: Security flaw in Moto G5 Plus allows anyone to bypass lockscreen


How cybercriminals abuse the travel and hospitality industry Help Net Security

The travel and hospitality industry suffers billions of losses each year due to fraud. With the right combination of other underground services (compromised accounts, credit cards, etc.) it is possible to cover almost every aspect of the holidays, including food and restaurants, shopping, entertainment, guided tours and more way beyond flights and hotels, Vladimir Kropotov, Researcher at Trend Micro, told Help Net Security. Whats on offer? Kropotov and his colleagues have been rifling through More


Verdict in Copyright/Trademark Infringement Case: $710,001 Awarded to Grumpy Cat Limited SoylentNews

Grumpy Cat wins $710,000 payout in copyright lawsuit

A cat made famous online because of its permanent scowl has been awarded $710,000 (500,000) in a copyright case by a California federal court.

Grumpy Cat Limited sued the owners of US coffee company Grenade for exceeding an agreement over the cat's image. The company only had rights to use the cat to sell its "Grumppuccino" iced drink, but sold other Grumpy products.

The cat, real name Tardar Sauce, went viral in 2012 after photographs of her sour expression emerged online. Originally posted on the social website Reddit by the brother of the cat's owner, Tabatha Bundesen, the image of the cat quickly spread as a meme with funny text captions.

In 2013 Grenade Beverage, owned by father and son Nick and Paul Sandford, struck a $150,000 deal to market iced coffee beverages with the cat's scowl on its packaging.

[...] Grumpy Cat is thought to have earned millions in endorsement and advertising deals.

Also at Courthouse News.

Original Submission

Read more of this story at SoylentNews.


Great Gesture by Mohammed Siraj after 14 year kid hacked his account and got arrested Hacker News Bulletin | Find the Latest Hackers News

With the increase in cybercrimes nowadays, social media accounts are the ones which are the most vulnerable. The rate of them getting hacked is increasing day by day. One of the things we see now is not only professional hackers are into hacking social media accounts, but young students and teenagers are also now doing

The post Great Gesture by Mohammed Siraj after 14 year kid hacked his account and got arrested appeared first on Hacker News Bulletin | Find the Latest Hackers News.


Meeting du 3 fvrier 2018 HZV / Hackerzvoice / The Hackademy

Comme tous les premiers samedis du mois, c'est meeting HZV !

RDV  samedi 3 fvrier 2018 l'Electrolab 52, Rue Paul Lescop Nanterre  16H !

Nous vous rappelons que les meets sont ouverts tous !

Pas de talk programm pour le moment, si vous voulez en proposer un, crivez-nous sur meet [at] hackerzvoice [dot] net !


Piqre de rappel : le CFP de la #ndh16 est ouvert, vous avez jusqu'au 5 avril prochain pour faire vos propositions :


Sam Gyimah Replaced Jo Johnson More Than a Fortnight Ago, But Team UPC Has Ignored It Until Now Techrights

Sam Gyimah

Summary: Another great example of Team UPC intentionally ignoring facts that dont suit the UPC agenda and more misinformation from Team UPC (which now suppresses comments expressing the wrong views)

IT IS not news. It was reported on early in the month. Team UPC could report it more than two weeks ago, but it did not. How convenient, as usual. It also reported absolutely nothing about the British government/Parliament totally removing the UPC from the agenda (after it had been put there).

Team UPC could report it more than two weeks ago, but it did not.Sam Gyimah, who is relatively young for a politician, replaces another young politician, whom we criticised for being inexperienced in his domain (still, Donald Trump even appoints officials who have only just graduated from college). This morning we wrote about Bristows mentioning it weeks late (while also distorting the facts or making stuff up) and this afternoon it was Michael Loney who belatedly covered it:

Sam Gyimah, member of UK parliament for East Surrey, has been confirmed as the UK IP minister

The above publisher is close to EPO management and has helped promote the UPC for years. Perhaps they realise that they cant go on ignoring the fact that Jo Johnson is history. His words, his infamous photo op with crooked Battistelli, all that lobbying et cetera? Perhaps all in vain. Is Gyimah already being showered with brown-nosing advice from Team UPC? Its not unthinkable. Bristows...


Beware! Undetectable CrossRAT malware targets Windows, MacOS, and Linux systems The Hacker News

Are you using Linux or Mac OS? If you think your system is not prone to viruses, then you should read this. Wide-range of cybercriminals are now using a new piece of 'undetectable' spying malware that targets Windows, macOS, Solaris and Linux systems. Just last week we published a detailed article on the report from EFF/Lookout that revealed a new advanced persistent threat (APT) group,


The EPO is Already in Violation of ILO Rulings on Judge Corcoran Techrights

Under normal circumstances, executives or presidents can be arrested for refusing to obey court orders

Benot Battistelli

Summary: The incredible situation at the EPO, where court orders from several countries (and international tribunals) are simply being disregarded, staff is being bullied, and corrupt officials get away with punishing people who speak about the corruption (while they themselves enjoy immunity)

THIS MORNING we mentioned ILOATs latest decisions (dozens of EPO ones). We dont wish to comment on any of them without prior consultation, primarily because without context theres room for misinterpretation. We did look at a few decisions.

The ILO actually arranged an exceptional delivery of several Corcoran decisions, perhaps realising it would be essential to guard Corcorans job (his contract/term would have expired before the normal delivery). Last month we read that Patrick Corcoran would likely be mentioned (again) in some of this latest batch, possibly along with staff representatives. The ILO actually arranged an exceptional delivery of several Corcoran decisions, perhaps realising it would be essential to guard Corcorans job (his contract/term would have expired before the normal delivery).

Over the past month Corcorans life (and career) was chaotic in spite of ILOs intervention. He may have worked in 3 places and offices (Haar, Munich, and The Hague) in just about a month. We dont know if he is already at The Hague or not. Harassing him (even outside the courtroom) and making it impossible for him to adapt makes dismissal for incompetence easier, or simply gives him the incentive to walk away and give up. It is absolutely despicable and we keep trying to bring this to the attention of ILO (and Guy Ryder personally).

Its Mr. Battistelli who ought to be sent to The Hague, preferably in handcuffs (they have the ICC there).We have already heard from multiple sources [1,...


Data breaches at an all time high: How are businesses protecting themselves? Help Net Security

Digitally transformative technologies are shaping the way organisations do business and moving them to a data-driven world, with 94% of organisations using sensitive data in cloud, big data, IoT, container, blockchain and/or mobile environments, according to the 2018 Thales Data Threat Report. Digital transformation is driving efficiency and scale as well as making possible new business models that drive growth and profitability. Enterprises are embracing this opportunity by leveraging all that digital technology offers, with More


libcurl has had authentication leak bug dated back to before September 1999 Security Affairs

According to a security advisory, libcurl is affected by a couple of issues, one of them might cause the leakage of authentication data to third parties.

libcurl is a free and easy-to-use client-side URL transfer library, it builds and works identically on numerous platforms.

According to a security advisory, libcurl is affected by a couple of issues, one of them might cause the leakage of authentication data to third parties.

The problem is related to the way it handles custom headers in HTTP requests.

When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. states the advisory.

Sending the same set of headers to subsequest hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using clients request. We are not aware of any exploit of this flaw.

Applications that pass on custom authorization headers could leak credentials or information that could be abused by attackers to impersonate the libcurl-using clients request.

This vulnerability tracked as CVE-2018-1000007 has been present since before curl 6.0, back to before September 1999. Affected versions are libcurl 7.1 to and including 7.57.0, later versions (7.58.0) are not affected, the patch was published on GitHub.

this solution creates a slight change in behavior. Users who actually want to pass on the header to other hosts now need to give curl that specific permission. You do this with [location-trusted]( with the curl command line tool.

libcurl is also affected by an HTTP/2 trailer out-of-bounds read vulnerability tracked as CVE-2018-1000005.

The issue is related to the code that creates HTTP/1-like headers from the HTTP/2 trailer data that appends a string like `:` to the target buffer (it was recently changed to `: `...


Camels Disqualified from Saudi Beauty Pageant Due to Botox Injections SoylentNews

A Dozen Camels Disqualified From Saudi Beauty Pageant Over Botox Injections

Some pageant contestants hit a hump in the road this week. That is, a camel beauty contest in Saudi Arabia disqualified a dozen camels for receiving Botox injections to make them more attractive.

Saudi media reported that a veterinarian was caught performing plastic surgery on the camels a few days before the pageant, according to UAE's The National. In addition to the injections, the clinic was surgically reducing the size of the animals' ears to make them appear more delicate.

"They use Botox for the lips, the nose, the upper lips, the lower lips and even the jaw," Ali Al Mazrouei, a regular at such festivals and the son of a prominent Emirati breeder, told the newspaper. "It makes the head more inflated so when the camel comes it's like, 'Oh look at how big that head is. It has big lips, a big nose.' "

Real money is at stake: About $57 million is awarded to winners of the contests and camel races, The National reports, with more than $31.8 million in prizes for just the pageants.

Also at The New York Times, Reuters, and Newsweek.

Check out the world's tallest camel

Original Submission

Read more of this story at SoylentNews.


Firefox 59 Might Ship With Working Wayland Support Phoronix

Besides Firefox 59 being the release doing away with GTK2 support, this next Mozilla web-browser release might be the one to achieve working native Wayland support...


Grumpy Cat Wins $710,000 From Copyright Infringing Coffee Maker TorrentFreak

grumpcatThere are dozens of celebrity cats on the Internet, but Grumpy Cat probably tops them all.

The cats owners have made millions thanks to their pets unique facial expression, which turned her into an overnight Internet star.

Part of this revenue comes from successful merchandise lines, including the Grumpy Cat Grumppuccino iced coffee beverage, sold by the California company Grenade Beverage.

The company licensed the copyright and trademarks to sell the iced coffee but is otherwise not affiliated with the cat and its owners. Initially, this partnership went well, but after the coffee maker started to sell other Grumpy Cat products, things turned bad.

The cats owners, incorporated as Grumpy Cat LLC, took the matter to court with demands for the coffee maker to stop infringing associated copyrights and trademarks.

Without authorization, Defendants [] have extensively and repeatedly exploited the Grumpy Cat Copyrights and the Grumpy Cat Trademarks, the complaint read.

Pirate coffee..

After two years the case went before a jury this week where, Courthouse News reports, the cat itself also made an appearance.

The eight-person jury in Santa Ana, California sided with the cats owner and awarded the company $710,000 in copyright and trademark infringement damages, as well as a symbolic $1 for contract breach.

According to court documents, the majority of the damages have to be paid by Grumpy Beverage, but the companys owner Paul Sandford is also held personally liable for $60,000.

The verdict is good news for Grumpy Cat and its owner, and according to their attorney, they are happy with the outcome.

Grumpy Cat feels vindicated and feels the jury reached a just verdict, Grumpy Cats lawyer David Jonelis said, describing it as a complete victory.

A copy of the verdict form is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offe...


ICO protection: Key threats, attack tools and safeguards Help Net Security

Group-IB has analyzed the basic information security risks for the cryptoindustry and compiled a rating of key threats to an ICO (initial coin offering). On average, over 100 attacks are conducted on one ICO, and criminals are increasingly using modified Trojans that were previously used for thefts from banks, as well as targeted attacks with a view to compromise secret keys and secure control over accounts. Ranking threats While summing up a year of protecting More

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

Thursday, 25 January


Download: 2018 Cybersecurity Checklist Help Net Security

Todays attacks are spreading faster, evolving quicker, and evading even the most widely used security solutions. But that doesnt mean you cant fight back. Get practical recommendations for preventing and mitigating the latest attacks with this free checklist. Get actionable suggestions on how to: Prevent compromise in the first place by defending against the most popular attack vectors Mitigate post-exploitation activities like privilege escalation and lateral movement attempts Know when attackers attempt to launch malicious More


Triumph for Twitch over the viewbots Graham Cluley

Triumph for Twitch over the viewbots

A US court has ruled in the favour of videogame-streaming service Twitch against two bot-makers who sold a service to artificially inflate Twitch channels' number of viewers and fans.


8 Unusual IT Interview Questions and Approaches: CIOs Share

We asked IT and business leaders to share their tips for bringing out these and other key  qualities during interviews. Read on for their unique and interesting interview questions and strategies and what the responses help them discern about candidates. And if youre a job seeker: Learn and get ready for these strategies.

Jonathan Feldman, CIO, City of Asheville, N.C. 

"I am a hater of the weird question. I regret using weird questions in the past, because I want people to be comfortable. 


Twitter RNG is Powered By Memes Hackaday

Twitter is kind of a crazy place. World leaders doing verbal battle, hashtags that rise and fall along with the social climate, and a never ending barrage of cat pictures all make for a tumultuous stream of consciousness that runs 24/7. What exactly were supposed to do with this information is still up to debate, as Twitter has yet to turn it into a profitable service after over a decade of operation. Still, its a grand experiment that offers a rare glimpse into the human hive-mind for anyone brave enough to dive in.

One such explorer is a security researcher who goes by the handle [x0rz]. Hes recently unveiled an experimental new piece of software that grabs Tweets and uses them as a noise to mix in with the Linux urandom entropy pool. The end result is a relatively unpredictable and difficult to influence source of random data. While he cautions his software is merely a proof of concept and not meant for high security applications, its certainly an interesting approach to introducing humanity-derived chaos into the normally orderly world of your computers operating system.

Noise sampling before and after being merged with urandom

This hack is made possible by the fact that Twitter offers a sample f...


Storage-NG Now Active In openSUSE Tumbleweed Phoronix

SUSE's libstorage-ng back-end for YaST's new low-level storage library is now active within the rolling-release openSUSE Tumbleweed distribution...


Reddit rolls out 2FA to all its users Graham Cluley

Reddit rolls out 2FA to all its users

Reddit users can now secure their accounts with two-factor authentication (2FA).

Read more in my article on the Tripwire State of Security blog.


MoneroPay Malware Pretends to Be a Cryptocurrency Wallet HackRead

By David Balaban

A brand new ransomware malware that is called MoneroPay has been

This is a post from Read the original post: MoneroPay Malware Pretends to Be a Cryptocurrency Wallet


Decoding 5G New Radio IEEE Spectrum Recent Content full text

The Latest on 3GPP and ITU Standards

By: Sarah Yost, mmWave Product Manager, National Instruments

Everywhere you look today, 5G is at the center of conversations about exciting new technology. Recent announcements from Mobile World Congress 2017 in late February indicate that 5G is already here. The truth is that 5G isnt here yet, but we are getting closer. The past year has been busy in all aspects of the communications community, from the work on the standardization process to updates from regulatory bodies to our understanding of the channel for new proposed millimeter wave (mmWave) frequencies to the new technology under development that will turn 5G into a commercial reality. Last year, I wrote a paper called mmWave: The Battle of the Bands to provide an overview of the technologies being proposed for mmWave frequencies. This year, Im building on that information by examining mmWave for communications and presenting an update to the question on everyones mind: What is 5G and when will it be here?

5G Frequencies: A Combination of mmWave and Sub-6 GHz

Though some things at this point on the 5G journey may not be clearly defined, one thing is certain: sub-6 GHz spectrum is still very important, and mmWave frequencies will be used to supplement sub-6 GHz technology. Figure 1 shows the wide range of requirements expected of 5G, from ultra-reliable, high-bandwidth communication for enhanced mobile broadband (eMBB) applications to the low-bandwidth, machine-to-machine (M2M) type communications we expect to see in Internet of Things applications. It is difficult, if not impossible, for one band of spectrum to meet all these needs, but combining two bands provides complementary coverage. Sub-6 GHz spectrum offers better propagation and backward compatibility for narrowband applications, while the contiguous bandwidth at mmWave frequencies enables the key eMBB applications that 5G promises.

Figure 1. Targeted 5G applications include enhanced mobile broadband and machine-to-machine communication.

Figure 1: Targeted 5G applications include enhanced mobile broadband and machine-to-machine communication.

The ITU has defined two phases of research: Phase 1 for sub-40 GHz and Phase 2 for sub-100 GHz. Phase 1 is scheduled to end in June 2018 to correspond with the 3GPPs LTE release 15. Phase 2 is slated to end in December 2019 to correspond with LTE release 16. Figure 2 shows both the ITU and 3GPP timelines as of fall 2016.


Proposal for an Upper Bound on Planetary Mass SoylentNews

A new definition of a planet could help to distinguish gas giants from brown dwarfs:

[Kevin] Schlaufman's definition is based on mass. In a paper published [DOI: 10.3847/1538-4357/aa961c] [DX] January 22, 2018, in the peer-reviewed Astrophysical Journal, Schlaufman has set the upper boundary of planet mass between four and 10 times the mass of the planet Jupiter.

Schlaufman found that objects of at least 10 Jupiter masses tend not to form around metal-rich solar-type dwarf stars:

Planets like Jupiter are formed from the bottom-up by first building-up a rocky core that is subsequently enshrouded in a massive gaseous envelope. It stands to reason that they would be found near stars heavy with elements that make rocks, as those elements provide the seed material for planet formation. Not so with brown dwarfs. Brown dwarfs and stars form from the top-down as clouds of gas collapse under their own weight.

Schlaufman's idea was to find the mass at which point objects stop caring about the composition of the star they orbit. He found that objects more massive than about 10 times the mass of Jupiter do not prefer stars with lots of elements that make rocks and therefore are unlikely to form like planets. For that reason, and while it's possible that new data could change things, he has proposed that objects in excess of 10 Jupiter mass should be considered brown dwarfs, not planets.


Celestial bodies with a mass of M 10 MJup have been found orbiting nearby stars. It is unknown whether these objects formed like gas-giant planets through core accretion or like stars through gravitational instability. I show that objects with M 4 MJup orbit metal-rich solar-type dwarf stars, a property associated with core accretion. Objects with M 10 MJup do not share this property. This transition is coincident with a minimum in the occurrence rate of such objects, suggesting that the maximum mass of a celestial body formed through core accretion like a planet is less than 10 MJup. Consequently, objects with M 10 MJup orbiting solar-type dwarf stars likely formed through gravitational instability and should not be thought of as planets. Theoretical models of giant planet formation in scaled minimum-mass solar nebula ShakuraSunyaev disks with standard parameters tuned to produce giant planets predict a maximum mass nearly an order of m...


What Does Every Engineer Need to Know about 5G? IEEE Spectrum Recent Content full text

Over the last several years, researchers have been hard at work exploring new concepts and technologies to answer the question What is 5G?.

By Sarah Yost, SDR Solution Marketing, National Instruments

The 3GPP, 3rd Generation Partnership Project, is the standards body that publishes agreed upon specifications that define our wireless communications standards.  They have outlined a timeline for 5G, and the first phase of definition for 5G, called New Radio or NR, just passed in early December 2017 (timeline shown below).

Figure 1 The first specification of the New Radio technology for 5G was ratified in late 2017, with further updates through 2018.

Figure 1 The first specification of the New Radio technology for 5G was ratified in late 2017, with further updates through 2018.

Although NR Phase 1 will be different from the LTE protocol commonly used in todays mobile communications, there will be similarities as well.  The most stark differences between LTE and NR is the carrier bandwidth and operating frequency.  In addtition, NR adds new beamforming capabilities both in the analog and digital domains.  The table below illustrates a side by side comparison of key specifications for LTE and NR.

Table 1 Proposed millimeter-wave frequency bands for 5G. *For future study, not part of LTE Release 15

Table 1 Proposed millimeter-wave frequency bands for 5G. *For future study, not part of LTE Release 15

National Instruments Figure 2:


The Qt 5.11 Feature Freeze Is Imminent Phoronix

While it feels like Qt 5.10 was just released a short time ago, the scheduled feature freeze and branching for Qt 5.11 is imminent...


Hands-on Test of Windows Subsystem for Linux

If you don't want to do without the main advantages of Linux on the Windows platform, the Windows Subsystem for Linux offers another option. We delve the depths of the Linux underworld and explain how you can optimize the subsystem.


Ex-Montana House Majority Leader Gets 18 Years for Drug Trafficking

Via: Great Falls Tribune: A former leader of the Montana House of Representatives who once supported funding for an anti-drug campaign was sentenced to 18 years in prison Thursday for his central role in a methamphetamine trafficking ring. Michael Lange, the Republican House majority leader during the 2007 Legislature, arranged deliveries of at least 20 []


New Coreboot Frame-Buffer Driver For The Linux Kernel Phoronix

A new Coreboot frame-buffer driver has been published for the Linux kernel that allows reusing of the frame-buffer setup by Coreboot during the hardware initialization process...


Biggest Washington DC Lobbyist Is Now Google

Via: Register: For the first time, an internet company has become the largest lobbyist in Washington DC. With the release of fourth quarter lobbying figures a legal requirement it has been revealed that Google (well, Alphabet) spent no less than $18m in 2017 to lobby lawmakers in the US capital: a 17 per []


CVE-2017-15132: dovecot: auth client leaks memory if SASL authentication is aborted. Open Source Security

Posted by Aki Tuomi on Jan 25

Score: 5.3, AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected versions: 2.0 up to 2.2.33 and 2.3.0
Fixed versions: 2.2.34 (not released yet), 2.3.1 (not released yet)

We have identified a memory leak in Dovecot auth client used by login
processes. The leak has impact in high performance configuration where
same login processes are reused and can cause the process to crash due to memory exhaustion.

Patch to apply this issue can be found from...


Monkeys Cloned in World First

Via: Independent: Two monkeys are the first ever primates to be cloned using the technique that created Dolly the sheep. The technique brings the prospect of cloned human beings even more closer. But scientists caution that there may be no good reason to create such clones, and that ethical and legal questions need to be []


Movit 1.6 Released For GPU-Based Video Filter Library Phoronix

Movit, the "Modern Video Toolkit", that aims to provide high-quality, high-performance GPU-based video filters is out with a new release...


Noumenas Robotic Habitats Questions The Evolution of Artificial Intelligence Lifeboat News: The Blog

for the 2017 tallinn architecture biennale, noumena has presented its installation based on the future of robots and its adaptability with the environment. deep learning has paved the way for machines to expand beyond narrow capabilities to soon achieving human-level performance on intellectual tasks. however, as artificial intelligence A.I. establishes its place within humans, society will need to develop a framework for both to thrive. a new form of artificial life will emerge, finding space at the peripheries of humanity in order to not compete for human-dominated resources. A.I. will attempt to improve its operating surroundings to not just survive but be self-sustaining, forming the basis of a civilization constrained at the intersection of nature and technology.

image tnu tunnel.

barcelonian based practice noumena has developed a framework to build this narrative based on the cross disciplinary intersection of computational design, mechanical and electronic design, rapid prototyping interaction and mapping. nowadays, computing tools as well as rapid prototyping machines allow to have a quick practical feedback on design solutions and to iterate experimenting different possibility at the same time giving the chance to choose and custom a functional part.


GCC 7.3 Released With Spectre V2 Mitigation Support Phoronix

GNU Compiler Collection 7.3 is now available as the latest GCC7 point release and the prominent changes being support for helping mitigate Spectre variant two using some new compiler switches...


First Monkey Clones Created SoylentNews

First monkey clones created in Chinese laboratory

Two monkeys have been cloned using the technique that produced Dolly the sheep. Identical long-tailed macaques Zhong Zhong and Hua Hua were born several weeks ago at a laboratory in China.

Scientists say populations of monkeys that are genetically identical will be useful for research into human diseases. But critics say the work raises ethical concerns by bringing the world closer to human cloning.

Qiang Sun of the Chinese Academy of Sciences Institute of Neuroscience said the cloned monkeys will be useful as a model for studying diseases with a genetic basis, including some cancers, metabolic and immune disorders. "There are a lot of questions about primate biology that can be studied by having this additional model," he said.

[...] Prof Robin Lovell-Badge of The Francis Crick Institute, London, said the [somatic cell nuclear transfer] technique used to clone Zhong Zhong and Hua Hua remains "a very inefficient and hazardous procedure". "The work in this paper is not a stepping-stone to establishing methods for obtaining live born human clones," he said.

China will get the job done while twiddle their thumbs in their ivory towers.

Cloning of Macaque Monkeys by Somatic Cell Nuclear Transfer (open, DOI: 10.1016/j.cell.2018.01.020) (DX)

Original Submission

Read more of this story at SoylentNews.


Behind the simulations imagining the nuclear apocalypse Lifeboat News: The Blog

Security experts say more of these hands-on demonstrations are needed to get an industry traditionally focused on physical protection to think more creatively about growing cyber threats. The extent to which their advice is heeded will determine how prepared nuclear facilities are for the next attack.

Unless we start to think more creatively, more inclusively, and have cross-functional thinking going into this, were going to stay with a very old-fashioned [security] model which I think is potentially vulnerable, said Roger Howsley, executive director of the World Institute for Nuclear Security (WINS).

The stakes are high for this multibillion-dollar sector: a cyberattack combined with a physical one could, in theory, lead to the release of radiation or the theft of fissile material. However remote the possibility, the nuclear industry doesnt have the luxury of banking on probabilities. And even a minor attack on a plants IT systems could further erode public confidence in nuclear power. It is this cruelly small room for error that motivates some in the industry to imagine what, until fairly recently, was unimaginable.


[slackware-security] curl (SSA:2018-024-01) Bugtraq

Posted by Slackware Security Team on Jan 25

[slackware-security] curl (SSA:2018-024-01)

New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
patches/packages/curl-7.58.0-i586-1_slack14.2.txz: Upgraded.
This update fixes security issues:
HTTP authentication leak in redirects
HTTP/2 trailer out-of-bounds read
For more information, see:...


Oculus Creates a New, Open Source Unit of Time to Measure Frame Rates

Of all the things we expected to come out of the rise of Oculus and the still-burgeoning era of consumer virtual reality, a new fundamental unit of time was not one of them. But that's just what Oculus and Facebook have rolled out this week in the form of the flick, a new definition that subdivides a single second into precisely 705,600,000 parts.


Re: Multiple vulnerabilities in Jenkins plugins Open Source Security

Posted by Daniel Beck on Jan 25










Re: Multiple vulnerabilities in Jenkins Open Source Security

Posted by Daniel Beck on Jan 25




Yikes! Three armed men tried to rob a Bitcoin Exchange in Canada The Hacker News

As many non-tech savvy people think that Bitcoin looks like a Gold coin as illustrated in many stock images, perhaps these robbers also planned to rob a cryptocurrency exchange thinking that way. All jokes apart, we saw one such attempt on Tuesday morning, when three men armed with handguns entered the offices of a Canadian Bitcoin exchange in Ottawa, and restrained four of its employees.


Smashing Security #062: Tinder spying, Amazon shoplifting, and petrol pump malware Graham Cluley

Your Tinder swipes can be spied upon, Amazon is opening high street stores that don't require any staff, and Russian fuel pumps are being infected with malware in an elaborate scheme to make large amounts of money.

With Carole on a top secret special assignment, it's left to security veteran Graham Cluley to discuss all this and much much more on the "Smashing Security" podcast with special guests David McClelland and Vanja vajcer.


Linux and Intel Slowly Hack Their Way to a Spectre Patch

Spectre and Meltdown are major design flaws in modern CPUs. While they're present in almost all recent processors, because Intel chips are so widely used, Intel is taking most of the heat for these bugs. Nowhere has the criticism been hotter than on the Linux Kernel Mailing List (LKML). That's because unlike Apple and Microsoft operating system developers and OEMS like Dell and HP, Linux programmers do their work in the open.


Panic Engulfs Elites As Feared Trump-Trap Prepares To Spring And CDC Warns Of Nuclear War Terra Forming Terra

As i have posted early in the Trump story it is unwise to assume this man is not smart. What is more, i am smart and have most of the pertinent data. When that occurs, the real test is to successfully second guess him. No such luck. We are really looking at a Machiavellian Genius at work.

Other folks who i do respect have reached that same conclusion as this article makes terribly plain.

Trump's intention is to win. Best though is when he can arrange to show up for the victory parade to gratefully thank all concerned without disclosing a thing. After all you do not want to frighten allies and little children.

We all know that Marijuana legalization is inevitable, but Trump will use it to claw back the authority of the Federal Government from his political enemies.

Panic Engulfs Elites As Feared Trump-Trap Prepares To Spring And CDC Warns Of Nuclear War

By: Sorcha Faal, and as reported to her Western Subscribers

January 6, 2018

An astonishing new Security Council (SC) report circulating in the Kremlin today claims with grudging admiration that ...


Asgard: The Open Source Air Data Computer Hackaday

We get a lot of awesome projects sent our way via the tip line. Well, mainly it seems like we get spam, but the emails that arent trying to sell us something are invariably awesome. Even so, its not often we get a tip that contains the magic phrase determine Mach number in its list of features. So to say we were interested in the Asgard Air Data Computer (ADC) is something of an understatement.

Now well admit right up front: we arent 100% sure who the target audience for the Asgard is, but it certainly looks impressive. Team member [Erik] wrote into tip line with information about this very impressive project, which is able to perform a number of measurements on incoming air, such as true speed, viscosity, and temperature. The team says it has applications ranging from HVAC to measuring the performance of bicycles. We dont know whos going so fast on their bike that they need to measure air speed, but of course the hacker community never ceases to amaze us.

Even if you dont have a jet fighter that could benefit from a high performance ADC such as Asgard, you have to be impressed by the incredible work the team has done not only designing and building it, but documenting it. From the impeccab...


EU Antitrust Regulators Fine Qualcomm $1.2 Billion Over Apple Deal The Hacker News

The antitrust fine has hit Qualcomm badly. The European Commission has levied a fine of 997 Million, approximately $1.2 Billion, against U.S. chipmaker Qualcomm Inc. for violating antitrust laws in a series of deals with Apple by "abusing its market dominance in LTE baseband chipsets." According to the European Union (EU), Qualcomm paid Apple billions of dollars to make the iPhone-maker


Rocket Lab's Electron Rocket Launched "Humanity Star", a Temporary Source of Light Pollution SoylentNews

Rocket Lab has put a highly reflective object into orbit around Earth:

US spaceflight startup Rocket Lab put three commercial satellites into orbit during its rocket launch this past weekend but it turns out there was another satellite that hitched a ride on the vehicle too. The company's Electron rocket also put into orbit a previously undisclosed satellite made by Rocket Lab's CEO Peter Beck, called the Humanity Star. And the probe will supposedly become the "brightest thing in the night sky," the company announced today.

Shaped a bit like a disco ball, the Humanity Star is a 3-foot-wide carbon fiber sphere, made up of 65 panels that reflect the Sun's light. The satellite is supposed to spin in space, too, so it's constantly bouncing sunlight. In fact, the probe is so bright that people can see it with the naked eye. The Humanity Star's orbit also takes it all over Earth, so the satellite will be visible from every location on the planet at different times. Rocket Lab has set up a website that gives real-time updates about the Humanity Star's location. People can find out when the satellite will be closest to them, and then go outside to look for it.

The goal of the project is to create "a shared experience for all of humanity," according to Rocket Lab. "No matter where you are in the world, or what is happening in your life, everyone will be able to see the Humanity Star in the night sky," Beck said in a statement. "Our hope is that everyone looking at the Humanity Star will look past it to the vast expanse of the Universe and think a little differently about their lives, actions, and what is important for humanity." That includes coming together to solve major problems like climate change and resource shortages, Beck says.

Some astronomers are not happy about the geodesic sphere:

The only good thing about the "Humanity Star" (aka the NZ pollutes the night sky project) is that it burns up in 9 months. 9 months is way too far away IMHO.

Ian Griffin (@iangriffin) January 24, 2018

Also at BBC.

Previously: Rocket Lab's Second "Electron" Rocket Launch Succeeds, Reaches Orbit



Google Chrome to get AR with downloadable 3D objects TechWorm

Google is working on bringing ARs magic to Chrome with downloadable 3D objects

Google recently unveiled its experimental efforts to integrate Augmented Reality (AR) features into the mobile and desktop web using its Chrome browser.

In the next few months, there will be hundreds of millions of Android and iOS devices that are able to provide augmented reality experiences meaning youll be able to look at the world through your phone, and place digital objects wherever you look, Googles Reza Ali and Josh Carpenter wrote in a blog post. To help bring this to as many users as possible, weve been exploring how to bring augmented reality to the web platform, so someday anyone with a browser can access this new technology.

In order to convey that the model is 3D and interactive and not just a static image, the model rotates to some extent in response to the user scrolling. The new prototype allows developers to create 3D models that can be downloaded on mobile devices. Using the devices cameras and built-in sensors, users will then be able to place those 3D models in real-life environments.

When Article is loaded on an AR-capable device and browser, an AR button appears in the bottom right. Tapping on it activates the device camera, and renders a reticle on the ground in front of the user, Ali and Carpenter said. When the user taps the screen, the model sprouts from the reticle, fixed to the ground and rendered at its physical size. The user can walk around the object and get a sense of scale and immediacy that images and video alone cannot convey.

If Article is loaded into a desktop browser with a 3D model, it triggers AR content that would allow the user to view a specific element from all angles. For instance, users will be able to view a 3D model and manipulate it by dragging to rotate and scrolling to zoom in or out. When placed on a web page, the model could be animated in a way similar to a GIF. On the other hand, on mobile devices, users will be able to touch and drag to rotate, or drag with two fingers to zoom in.

With augmented reality, the model comes alive. The unique power of AR is to blend digital content with the real world, said the developer duo, who added: So we can, for example, surf the web, find a model, place it in our room to see just how large it truly is, and physically walk around it.

Basically, Google through Article wants web developers and content managers to start experimenting by bringing AR elements to web browsers. Developers who are interested in trying it out now for themselves, can do so by visiting...


Movie Industry Hides Anti-Piracy Messages in Pirate Subtitles TorrentFreak

Anti-piracy campaigns come in all shapes and sizes, from oppressive and scary to the optimistically educational. It is rare for any to be labeled brilliant but a campaign just revealed in Belgium hits really close to the mark.

According to an announcement by the Belgian Entertainment Association (BEA), Belgian Federation of Cinemas, together with film producers and distributors, cinemas and directors, a brand new campaign has been targeting those who download content from illegal sources. It is particularly innovative and manages to hit pirates in a way they cant easily avoid.

Working on the premise that many locals download English language movies and then augment them with local language subtitles, a fiendish plot was hatched. Instead of a generic preaching video on YouTube or elsewhere, the movie companies decided to infect pirate subtitles with messages of their own.

Suddenly the story gets a surprising turn. With a playful wink it suddenly seems as if Samuel L. Jackson in The Hitmans Bodyguard directly appeals to the illegal viewer and says that you should not download, the group explains.

Samuel is watching..

I do not need any research to see that these are bad subtitles, Jackson informs the viewer.

In another scene with Ryan Reynolds, Jackson notes that illegal downloading can have a negative effect on a person.

Dont download..
Dont download..

And you wanted to become a policeman, until you started downloading, he says.

The movie groups say that they also planted edited subtitles in The Bridge, with police officers in the show noting theyre on the trail of illegal downloaders. The movies Logan Lucky and The Foreigner got similar treatment.

Its not clear on which sites these modified subtitles were distributed but according to the companies involved, theyve been downloaded 10,000 times already.

The viewer not only feels caught but immediately realizes that you do not necessarily get a real quality product through ill...


Ancient Alchemical Esoteric Art That Leaves Humanity Clues About The Nature of Consciousness Terra Forming Terra

All helpful, except i now have a way more rigorous understanding of the nature of consciousness based on the physical reality of what is called Dark Matter.

Without knowing anything about Dark Matter, the past was blind and tried to understand glimpses.  This has continued to the present day when millions of observers can also compare notes.

Once you understand what you are seeing the rest is much easier as it is all simple enough..

Ancient Alchemical Esoteric Art That Leaves Humanity Clues About The Nature of Consciousness

Ive long been fascinated by Egypt as a possible connection to ancient wisdom and have written about how I see its art as a portal to a connection to consciousness.

by Tom Bunzel, guest author

Researchers like Graham Hancock have influenced by sense of these connections and point to the possibility of a source super civilization that may have had some of its knowledge recorded metaphorically or artistically in places li...


one year on: Is Finlands free money experiment Terra Forming Terra

This experiment is certainly tentative and may well fail to produce valid results.

My own approach is to supply a four hour shift sufficient to support a bed and basics. That delivers an army of available labor for things like tree grooming.  I bring that up because there is no end of supply and the benefit is very real in a couple of decades or longer.  However, there is plenty of additional community tasks that can also be manned such as simple timely food recycling.

The key though is that four hours opens he option of actually getting a full time job and slowly breaking away. It certainly eliminates homelessness and all that.

one year on: Is Finlands free money experiment working?
Is universal basic income working? We went to Finland to find out 5:04 AM ET Mon, 1 Jan 2018 | 

Elizabeth Schulze | @eschulze9

 Published 5:04 AM ET Mon, 1 Jan 2018

A routine trip to check the mail took an unexpected turn for Mika Ruusunen in November 2016.

"I opened it and I didn't understand it at all, so I gave it to my wife and asked her what the heck is this," Ruusunen said.

It was the Finnish government informing Ruusunen that he would start receiving free money each month as part of a first-of-its-kind experiment.

Ruusunen was among 2,000 unemployed Finns randomly selected from across the country for a trial testing universal basic income. Each month for two years he would receive 560 euros (roughly $670) from the government, tax-free. He was free to spend the money however he liked.

"I'm not accustomed to that kind of bureaucratic freedom," Ruusunen said.



Who Attacked a Russian Military Base with a 'Swarm' Strike? Terra Forming Terra

It probably does not matter who did it as much as demonstrating a real vulnerability.  The future of air warfare will all be about drones and realistically, our aerospace research of manned fighters could even be a sham to cover up a crash program on drone warfare.  I understood this a long time ago, but we are now seeing it applied.

No need any longer to talk of theoretical possibilities.  All the pilots of tomorrow will spend their time in an office 9 to 5 and go home to sleep in their own beds.  With AI support it will become possible for one trained pilot to ride herd on a dozen airliners.  It will even make huge airships practical as well as the onboard crew can be eliminated or reduced to one technician.

The day of the hot fighter jock is going.


Who Attacked a Russian Military Base with a 'Swarm' Strike?

Dave Majumdar,

The National InterestJanuary 12, 2018

Dave Majumdar

Security, Middle East

The next revolution in military affairs?

Who Attacked a Russian Military Base with a 'Swarm' Strike?

Russia is pointing fingers in all directions as it attempts to decipher who, exactly, attacked the Khmeimim air base and Tartus naval base in Syria by deploying a massed flight of what appear to have been home-made GPS-guided drones. The coordinated attack marks the first time that drones have been used en masseand may well mark a dangerous new moment in the history of technology and warfare.


A European Unitary Patent-Like System (e.g. UPC) is Not Compatible With Law; Expect it to Rot Away at the German Federal Constitutional Court Techrights

If the Rule of Law means anything, the UPC will never resurface again (in any form whatsoever)

5 marble columns

Summary: The community a.k.a. EU a.k.a. unitary patent system is collapsing and theres no sign that the matter will be settled any time soon

THE EPO wont see the UPC coming to fruition. Battistelli certainly wont. What we believe most likely to happen is, theyll rename it (yet again), change the vision somewhat, then reattempt. Time will tell

Its quite interesting to see just to what degree Techrights impacts UPC coverage. A few hours after we complained that Bristows had been deliberately ignoring this departure of Jo Johnson (weeks ago!) it finally decided to write a blog post about it and say: The UK IPO has confirmed that Sam Gyimah is now the Minister responsible for IP.

What we believe most likely to happen is, theyll rename it (yet again), change the vision somewhat, then reattempt.This has been confirmed for quite a while now. Bristows just chose to overlook all that because its very detrimental to and negative if not fatal for UPC progress/prospects. As one can expect, the blog post is amazing spin. Bristows can apparently read minds (never mind if it always got it wrong on UPC, for several consecutive years); it pretends to know everything about Gyimahs intentions; as if Gyimah will just do something Johnson spoke about back in 2016 (when everything was very different). Dont fall for it

So what is the real news? Well, lets research and see what Team UPC and domain experts are saying. Its about Germany the focal point at the moment.

I have read the entire complaint which circulates in the Internet, one person said. They brag about being able to read the constitutional complaint.

Bristows just chose to overlook all that because its very detrimental to and negative if not fatal for UPC progress/prospects.There is also a non-update update from JUVEs editor. This may be of any interest as well,...


New HNS botnet has already compromised more than 20,000 IoT devices Security Affairs

A new botnet called Hide N Seek (HNS botnet) appeared in the threat landscape, the malware is rapidly spreading infecting unsecured IoT devices, mainly IP cameras.

The HNS botnet was first spotted on January 10th by malware researchers from Bitdefender, then it disappeared for a few days, and it has risen over the weekend.

The number of infected systems grew up from 12 at the time of the discovery up to over 20,000 bots, at the time of writing.

HNS botnet

Bitdefender researchers have uncovered an emerging botnet that uses advanced communication techniques to exploit victims and build its infrastructure. The bot, dubbed HNS, was intercepted by our IoT honeypot system following a credentials dictionary attack on the Telnet service. states the analysis from Bitdefender.

The samples identified in our honeypots on Jan. 10 revolved around IP cameras manufactured by a Korean company. These devices seemed to play a major role in the botnet as, out of the 12 IP addresses hardcoded in the sample, 10 used to belong to Focus H&S devices. The new version, observed on Jan. 20, dropped the hardcoded IPs.

Recently security experts spotted other IoT botnets, most of them linked to the Mirai botnet, such as Satori, Okiru, and Masuta, but the HNS botnet has a different genesis and doesnt share the source code.

Researchers at Bitdefender found similarities between the HNS and the Hajime botnets, unlike Mirai, Hajime doesnt use C&C servers, instead, it implements a peer-to-peer network.

Hajime is more sophisticated than Mirai, it implements more mechanisms to hide its activity and running processes and its modular structure allows operators to add new capabilities o...


Ira Munn joins our Sustainability Board. Ira is developing 3D-printed electric vehicle kits using recycled PET plastic, Lifeboat News

Ira Munn joins our Sustainability Board. Ira is developing 3D-printed electric vehicle kits using recycled PET plastic,


5 Tips to DIY headlight restoration for your vintage car TechWorm

So you are having problems with the headlights of your vintage car as they may be very fogged, hazy or discolored. Well, before you decide on taking your vintage car to the shop and having the headlights replaced, check to see if you can do it yourself first.

Headlights, obviously are very important to any car as they are the eyes that illuminate the road during the night and assist the driver to stay in the right lane. Without a fully-functional headlight, one would definitely find it impossible to drive, especially during the night. That being said, the maintenance of headlights should definitely be a top priority for drivers.

Now going back to your problem, buying a new set isnt the only solution to a fogged, discolored and hazy headlight. With just a little bit of physical labor and patience, you can definitely restore your headlight to a new-looking and fully-functional one all by yourself. As for the equipment and other necessary items, you can easily find best headlight restoration kit at auto shops and big stores.

Here are 5 tips that will guide you through the process.

  1. Wash your Car

Before you start restoring your headlights, it would be a better idea to wash the whole car first as it will remove the dust and other dirt that has accumulated on the exterior of your car. You dont need to do it extensively though; a simple quick wash with soap and water will be enough to remove the dirt and dust.

  1. Pre-Restoration

Before you start dealing with the headlights, it would be ideal to move your car in to a shaded and cool area. Proper lighting is needed though in order for you to spot the tiny scratches and other minor details. Make sure that the car is dry before you start the restoration. Also, it is also recommended by experts to keep the headlights at room temperature.


The next step is to tape the area surrounding the headlights. Use a painters tape as it can be easily peeled off and they are also specially made to protect the paint. It is important that you avoid touching the outside part of the headlight while restoring it to avoid causing potential damage, especially on the paint.

  1. Restoration

To restore the headlight of your vintage car, make sure that the headlight is completely dry and drained of moisture.

To start, yo...


Justice Still Elusive at the EPO and ILOAT, But a Glimmer of Hope Remains Techrights

Published hours ago:

125th Session ILOAT

Summary: The EPO can offer justice neither to staff nor users; whether the International Labour Organization (ILO) and its Administrative Tribunal (ILOAT) can make up for this remains to be seen

PRESIDENT Battistelli will leave the EPO in 5 months, but the damage he has done is truly incredible. His actions not only damaged patents but also staff; its no wonder the EPO now suffers brain drain and is unable to recruit the type of people it used to. The EPO may never recover from this. Some insiders even wonder aloud if theres a future for the EPO at all.

You must improve the image of the EPO, I told the EPO in response to this tweet yesterday. Otherwise you turn off potential users

Over the past few months we have been attempting to show to ILO material about the EPO refusing to obey ILOAT rulings. Guy Ryder too was copied in.It is hardly surprising that, based on a JUVE survey, Battistelli has a 0% approval rate not only among EPO staff but also among EPO users (thats what they call stakeholders such as applicants). A lot of money is being invested in this (for small businesses it can be the lions share of their budget).

Over the past few months we have been attempting to show to ILO material about the EPO refusing to obey ILOAT rulings. Guy Ryder too was copied in.

Does ILO realise that its reputation too is on the line? For failing to properly remediate?

Our understanding is that some of these rulings were about EPO staff representatives.Yesterday was the 125th session of ILOAT and the decisions were not uploaded/published until late in the day. There is no video of this latest session, either (at least not yet, it would be listed here if/once its ready).

Our understanding is that some of these rulings were about EPO staff representatives. The appellants typically request anonymity and are thus reduced to initials. We kindly ask if anyone with contacts at the EPO can help explain to us what happened at ILO yesterday afternoon. We need to properly know the cases in order to comment on them (few decisions we took a glimpse at were dismissals of appeal) because sometimes a negative decision or deferral is actually a positive thing, as we saw 2 years...


Ursula K. Le Guin Dead at Age 88 SoylentNews

The New York Times reports that Renowned fantasy writer Ursula K. Le Guin has died at age 88. From the article:

Ursula K. Le Guin, the immensely popular author who brought literary depth and a tough-minded feminist sensibility to science fiction and fantasy with books like "The Left Hand of Darkness" and the Earthsea series, died on Monday at her home in Portland, Ore. She was 88.

Her son, Theo Downes-Le Guin, confirmed the death. He did not specify a cause but said she had been in poor health for several months.

I'm not a fantasy fan (except for Prachett and Tolkien), but she will be missed none the less. I'm sure quite a few Soylents are fans of hers. Any author's loss is a loss to us all.

Original Submission

Read more of this story at SoylentNews.


The Pirate Bay Is Down, But Tor Domain Is Working TechWorm

Worlds most popular torrent site, The Pirate Bay suffers downtime again

The worlds most popular torrent website, The Pirate Bay (TPB) has been hard to reach for users, as its main .org domain has been offline for almost a day now, reported TorrentFreak. It appears that TPB outage is likely caused due to technical issues and therefore, in all probability it may be restored soon. However, on the other hand, TPBs proxy sites and its Tor domain are working perfectly fine.

Users trying to access the torrent portal are currently greeted with a Cloudflare 522 error message, with the CDN provider referring to a bad gateway. While TPB has been facing similar server issues since the past few months, it usually returns to normalcy after several hours.

The Pirate Bay Is Down, But Tor Domain Is Working

TPB fans took to Twitter to report issues with the torrent site after it was affected by server issues.

One user tweeted: The Pirate Bay is down.

While another posted: The Pirate Bay is down so is my mood.

And one added: The Pirate Bay is down. Im stressed.

For those torrent fans looking to desperately access the notorious torrent site, can do so via its .onion address on the Tor network, which for instance, can be accessed using the popular Tor Browser. The sites Tor traffic is routed through a separate server and is working just fine.

Currently, TPB is not the only popular torrent site that is experiencing problems due to server issues. The popular ExtraTorrent copy has also been suffering downtime for more than a week, with no official word from its operators and when it would be online.

The post The Pirate Bay Is Down, But Tor Domain Is Working appeared first on TechWorm.


Raspberry Pi Zero Drives Tiny RC Truck Hackaday

Were not sure which is more fun putting together a little RC truck with parts laying around on your workbench, or driving it around through a Linux terminal. Well take the easy road and say theyre both equally fun. [technodict] had some spare time on his hands and decided to build such a truck.

He started off with a great little chassis that can act as the base for many projects. Powering the four motors is a cheap little dual H bridge motor driver and a couple rechargeable batteries. But the neatest part of this build is that its controlled using a little bit of python and driven directly from a terminal, made possible by the Raspberry Pi Zero of course.

With Raspberry Pi Zero now having built in WiFi and Bluetooth we should see a lot more projects popping up with one at its heart. Be sure to visit [technodicts] blog for full source and details. And let us know how you could use that little chassis for your next mobile project!


SpaceX Conducts Successful Static Fire Test of Falcon Heavy SoylentNews

Today, SpaceX simultaneously fired up all 27 engines on its new massive Falcon Heavy rocket a crucial final test for the vehicle before its first flight in the coming weeks. An hour after the test, SpaceX CEO Elon Musk confirmed that the test was good, and that the Falcon Heavy will launch in "a week or so." When SpaceX gives an official target day and time, it'll be the first time a definitive launch date has been given for the rocket's inaugural voyage, a flight that was initially promised to happen as early as 2013.

SpaceX has posted a 31-second video of the Falcon Heavy test firing to the SpaceX YouTube channel.

Original Submission

Read more of this story at SoylentNews.


Grid Up. Grid Down.

The grid has been having intermittent issues since last nights thunderstorm, and the power was off for most of the afternoon today. Back to posting early AM NZ time tomorrow, assuming the power stays on.


[SECURITY] [DSA 4096-1] firefox-esr security update Bugtraq

Posted by Moritz Muehlenhoff on Jan 24

Debian Security Advisory DSA-4096-1 security () debian org Moritz Muehlenhoff
January 25, 2018

Package : firefox-esr
CVE ID : CVE-2018-5089 CVE-2018-5091...


[SECURITY] [DSA 4095-1] gcab security update Bugtraq

Posted by Salvatore Bonaccorso on Jan 24

Debian Security Advisory DSA-4095-1 security () debian org Salvatore Bonaccorso
January 24, 2018

Package : gcab
CVE ID : CVE-2018-5345
Debian Bug : 887776...


WebKitGTK+ Security Advisory WSA-2018-0002 Bugtraq

Posted by Carlos Alberto Lopez Perez on Jan 24

WebKitGTK+ Security Advisory WSA-2018-0002

Date reported : January 24, 2018
Advisory ID : WSA-2018-0002
Advisory URL :
CVE identifiers : CVE-2018-4088, CVE-2018-4089, CVE-2018-4096,...


Firing Up 750 Raspberry Pis SoylentNews

Submitted via IRC for TheMightyBuzzard

Creating Raspberry Pi clusters is a popular hacker activity. Bitscope has been commercializing these clusters for a bit now and last year they created a cluster of 750 Pis for Los Alamos National Labs. You might wonder what an institution know for supercomputers wants with a cluster of Raspberry Pis. Turns out it is tough to justify taking a real high-speed cluster down just to test software. Now developers can run small test programs with a large number of CPU cores without requiring time on the big iron.

[...] The system is modular with each module holding 144 active nodes, 6 spares, and a single cluster manager. This all fits in a 6U rack enclosure. Bitscope points out that you could field 1,000 nodes in 42U and the power draw including network fabric and cooling would be about 6 kilowatts. That sounds like a lot, but for a 1,000 node device, that's pretty economical. The cost isn't bad, either, running about $150,000 for 1,000 nodes. Sure, that's a lot too but not compared to the alternatives.

Huh. That's actually not a bad idea for sounding so silly at face value.


Original Submission

Read more of this story at SoylentNews.


An Indoor Garden? Thats Arduino-licious Hackaday

Gardening is a rewarding endeavour, and easily automated for the maker with a green thumb. With simplicity at its focus, user [MEGA DAS] has whipped up a automated planter to provide the things plants crave: water, air, and light.

[MEGA DAS] is using a TE215 moisture sensor to keep an eye on how thirsty the plant may be, a DHT11 temperature and humidity sensor to check the airflow around the plant, and a BH1750FVI light sensor for its obvious purpose. To deliver on these needs, a 12V DC water pump and a small reservoir will keep things right as rain, a pair of 12V DC fans mimic a gentle breeze, and a row of white LEDs supplement natural light when required.

The custom board is an Arduino Nano platform, with an ESP01 to enable WiFi capacity and a Bluetooth module to monitor the plants status while at home or away. Voltage regulators, MOSFETs, resistors, capacitors, fuses cant be too careful screw header connectors, and a few other assorted parts round out the circuit. The planter is made of laser cut pieces with plenty of space to mount the various components and hide away the rest. You can check out [MEGA DAS] tutorial video after the break!

[MEGA DAS] has made his Arduino code and phone app available to download for anyone else wanting to build their own. Once assembled, he can ensure his plant is well taken care of wherever he is with a few taps on his phone. Not too shabby for a seven day build.

For those preferring gardening outdoors, heres a hack to jump-start the germinating process of your seeds. Even if you call the concrete jungle your home, that doesnt mean you cant have your own robot farm and automated compost bin on hand too!


The Radical Humanism of the Soviet Planetarium - Issue 56: Perspective Nautilus

In the skies over Moscow, in the decades before the collapse of the socialist state, stood three symbols of the space program: the rocket, the cosmonaut, and the red star. The rocket is still atop the 1964 Monument to the Conquerors of Space, a 110-meter-high titanium sculpture beside Prospekt Mira with the Alley of Cosmonauts leading to its base. The cosmonaut Yuri Gagarin stands on a 30-meter-high column on Leninsky Prospekt, his arms pulled back in the style of a classic Marvel superhero, as though about to leap upward toward the stratosphere. These two monuments look at once back to the period of Soviet space exploration and forward to the time of planetary probes and space stations. The red star, symbol both of astronomy and of communism, preceded the epic period of space flights and once crowned the dome of the Moscow planetarium located on Sadovaya-Kudrinskaya street.

Moscow PlanetariumZeiss Archiv

This planetarium stands at the intersection of influences created by politics, engineering, style, theater, astronomy, space exploration, and religion, each of which affects the others. It was one of the last buildings to be put up in the style known as Constructivism, and thus looks both back to the original fervor
Read More

The Antelope Killing Fields - Issue 56: Perspective Nautilus

Dead animals were scattered across the steppe in front of us. Up to the horizon. Thousands of them. That was the moment we understood that we were observing a mass mortality of catastrophic dimensions.

We were in Kazakhstan that day in May of 2015 to study the saiga antelope, a remarkable herd animal that grazes in semideserts, steppe, and grasslands, and has evolved to run long distances at high speeds. Our team was a part of the Altyn Dala Conservation Initiative, which conducts annual observations of the endangered animals calving season. We had noticed a few animal carcasses, but the situation didnt seem exceptional. The areas saiga, after all, were known to have experienced mass die-offs in the past.

But every day, more and more animals died. And then, suddenly, in just two days, about 80 percent of the gathered herd fell dead, leaving everybody both puzzled and worried. Within another two days, the entire herd had perished.

View Video

We soon learned that other saiga herds elsewhere in the region were suffering the same fate. Some 200,000 animals would die in about one months time, representing about 88 percent of the Betpak-Dala saiga population
Read More

How Nostalgia Made America Great Again - Issue 56: Perspective Nautilus

Make America great again. Clearly the message resonated. In 2016, prior to the presidential election, the Public Religion Research Institute, a nonpartisan group, published its annual American Values Survey. It revealed 51 percent of the population felt the American way of life had changed for the worse since the 1950s. Further, 7 in 10 likely Donald Trump voters said American society has gotten worse since that romanticized decade.

Of course America today has its problems, but many indices of standards of living show the general population is better off now than it was 60 years ago. We live on average 10 years longer, the education rate is higher, as is homeownership. When it comes to crime, The Atlantic reported last year, By virtually any metric, Americans now live in one of the least violent times in the nations history.

So why do so many people see the past as better than today? For many of them, it may well have been. Middle- and working-class Americans seduced by appeals to earlier eras may have had higher-paying jobs with better benefits, greater financial security, and a more defined place in the community. Perhaps they were happier. For some, cultural changes
Read More


Eighth site in online tools network: good coders code, great reuse

At Browserling we're building a network of online tools websites. Each site in the network focuses on one and only one tool category. Each tool does one and only one thing. The first seven websites in the network are Online CSV Tools, which is all about working with Comma Separated Values files, Online TSV Tools, which is all about working with Tab Separated Values files, Online JSON Tools, which is all about working with JSON data, Online XML Tools, which is all about working with XML documents, Online YAML Tools, which is all about working with YAML configs, Online STRING Tools, which is all about working with strings, Online RANDOM Tools, which is all about doing random things.

Today we're releasing the eighth site.

The eighth site in our network is Online Binary Tools. Online Binary Tools is a collection of simple, free and easy to use utilities for working with binary numbers, zeroes and ones. There are no ads, popups or other garbage. Just binary utilities that work in your browser. Load a binary number and instantly get result.

Here's a list of all binary tools:


NEW 'Off The Hook' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Hook' ONLINE

Posted 25 Jan, 2018 2:32:51 UTC

The new edition of Off The Hook from 24/01/2018 has been archived and is now available online.


Scientists Just Cloned Monkeys. Humans Could Be Next Lifeboat News: The Blog

Since the birth of Dolly the sheep in 1996, scientists across the globe have used the same technique to clone nearly two dozen other animal species, including cats, dogs, rats, and cattle. Primates, however, had proven resistant to the process until now.

In a new study published in Cell, a team of Chinese researchers led by Qiang Sun at the Chinese Academy of Sciences Institute of Neuroscience in Shanghai reveal that theyve found a way to tweak the Dolly cloning technique to make it work in primates. Their efforts have resulted in the birth of two cloned female macaques: Zhong Zhong and Hua Hua.


Driver Jams 65mph Tesla Model S Under Fire Truck; Walks Away From Crash SoylentNews

El Reg reports

[January 23] a Tesla Model S slammed into a stationary firetruck at around 65mph on Interstate 405 in Culver City, California. The car was driven under the fire engine, although the driver was able to walk away from the crash uninjured and refused an offer of medical treatment.

The motorist claimed the Model S was driving with Autopilot enabled when it crammed itself under the truck. Autopilot is Tesla's super-cruise-control system. It's not a fully autonomous driving system.

[...] The fire truck was parked in the carshare lane of the road with its lights flashing. None of the fire crew were hurt, although Powell noted that if his team had been in their usual position at the back of the truck then there "probably would not have been a very good outcome."

Tesla will no doubt be going over the car's computer logs to determine exactly what happened, something the California Highway Patrol will also be interested in. If this was a case of the driver sticking on Autopilot, and forgetting their responsibility to watch the road ahead it wouldn't be the first time.

In 2016, a driver was killed after both he and the Tesla systems missed a lorry pulling across the highway. A subsequent investigation by the US National Transportation Safety Board found the driver was speeding and had been warned by the car six times to keep his hands on the wheel.

Tesla has since beefed up the alerts the car will give a driver if it feels they aren't paying full attention to the road. The safety board did note in its report that the introduction of Tesla's Autosteer software had cut collisions by 40 per cent.

Previous: Tesla's Semiautonomous System Contributed to Fatal Crash

Original Submission

Read more of this story at SoylentNews.


Radeon R600 Gallium3D Driver Nearly At OpenGL 4.5, Remaining Bits Being Finished Phoronix

It didn't happen in time for the upcoming Mesa 18.0, but the R600 Gallium3D driver for supporting pre-GCN AMD Radeon graphics processors is now nearly at OpenGL 4.5 compliance! A needed OpenGL 4.4 extension is now scratched off the list completing the necessary extensions to effectively have GL 4.5, assuming it can pass the conformance test suite...


[$] Weekly Edition for January 25, 2018

The Weekly Edition for January 25, 2018 is available.


[$] Changes in Prometheus 2.0

2017 was a big year for the Prometheus project, as it published its 2.0 release in November. The new release ships numerous bug fixes, new features, and, notably, a new storage engine that brings major performance improvements. This comes at the cost of incompatible changes to the storage and configuration-file formats. An overview of Prometheus and its new release was presented to the Kubernetes community in a talk held during KubeCon + CloudNativeCon. This article covers what changed in this new release and what is brewing next in the Prometheus community; it is a companion to this article, which provided a general introduction to monitoring with Prometheus.


Self-driving delivery robot carries packages Lifeboat News: The Blog

Now you can have items delivered to you wherever you are.




Smart Windows Use Iron Nanoparticles to Harvest Heat Lifeboat News: The Blog

Many of the previously dumb devices in our homes are getting smarter with the advent of internet-connected lights, thermostats, and more. Surely the windows cant be smart, can they? A team of engineers from the German Friedrich-Schiller University Jena have created just that a smart window that can alter its opacity and harvest energy from the suns rays.

There have been a number of smart electrochromatic window designs over the years, but these are mostly aimed at changing tint or opacity only. The windows designed by Friedrich-Schiller University researchers are vastly more functional. The so-called Large-Area Fluidic Windows (LaWin) design uses a fluid suspension of iron particles. This fluid is contained within the window in a series of long vertical channels. These functional fluids allow the window to change opacity, but also absorb and distribute heat.

The iron-infused fluid remains diffused until you switch the window on the nanoparticles cloud up the channels and block light. When you flip the switch, magnets drag the nanoparticles out of the liquid to make the window fully transparent. When the magnet is switched off, the nanoparticles are resuspended to darken the panel. In general, the more nanoparticles you add, the darker the window becomes. You can even completely black it out with enough iron.


Stripe is Dropping Bitcoin Support SoylentNews

The payment service, Stripe, has ended its support for Bitcoin due to rising transaction fees and long confirmation times. Particularly the latter contribute to failed transfers. So Bitcoin is over as an experiment, and more are realizing that. However, the expectation is that some other cryptocurrency will become widely used, eventually.

Therefore, starting today, we are winding down support for Bitcoin payments. Over the next three months we will work with affected Stripe users to ensure a smooth transition before we stop processing Bitcoin transactions on April 23, 2018.

Despite this, we remain very optimistic about cryptocurrencies overall. There are a lot of efforts that we view as promising and that we can certainly imagine enabling support for in the future.

[ TMB Note: Yes, this will absolutely break our ability to accept BitCoin. Again. Which is fine this time as BitCoin transaction fees are now as high as the minimum price for a year's subscription. If you have a preferred alternative that we can accept without actually touching cryptocurrency, drop the info in a comment. ]

Original Submission

Read more of this story at SoylentNews.


Epiphany Tech Preview Delivers Flatpak'ed WebKitGTK+ Browser Daily Phoronix

Thanks to several efforts coming together, there's now an Epiphany Technology Preview project delivering you a bleeding-edge GNOME web-browser in a sane and easily deployable manner...


Overnight Tech: Watchdog to investigate fake net neutrality comments | AT&T calls for 'internet bill of rights' | Lawmakers want answers on computer chip cyber flaws The Hill: Technology Policy

AT&T CALLS FOR 'INTERNET BILL OF RIGHTS': AT&T is calling on Congress to pass a net neutrality law that would cover not only internet service providers but also platforms like Facebook and Google.The telecom giant took out full-page ads...


Giving Stranger Things For Christmas Hackaday

[rudolph] was at a loss on what to get his niece for Christmas. It turns out shes a huge fan of Stranger Things, so the answer was obvious: make her an alphabet wall she can control!

Downsizing the scale to fit inside a document frame, [rudolph] calls their gift rudLights, and a key parameter of this build was to make it able to display any phrases sent from their nieces Amazon Fire tablet instead of constantly displaying hard-coded phrases. To do so, it has a HC-05 Bluetooth module to forward the commands to the NeoPixel LEDs running on a 5V DC power supply.

[rudolph] enlisted the help of their son to draw up the alphabet display printed straight onto thematically decorative wallpaper and cut out holes in the light bulbs for the LEDs.  Next up was cut some fibre board as a firm backing to mount the electronics inside the frame and drill holes for the NeoPixels. It was a small odyssey to cut and solder all the wires to the LEDs, but once done, [rudolph] divided their rudLight alphabet into three rows and added capacitors to receive power directly.

[rudolph] has provided the code they used for this project just be sure to change the output pin or any other modifications as relevant to your build. Theyve even created an app to make controlling the rudLights easier. If Bluetooth isnt your thing then [rudolph] is working on building an Arduino Pro Mini version, but no word on when that will be done.

We love a good prop or inspired replica here at Hackaday, so this framed Alphabet Wall is in good company.


HPR2474: Open Source Gaming #3 The Atari Jaguar Hacker Public Radio Hasbro Releases Jaguar Publishing Rights FOR IMMEDIATE RELEASE: CONTACTS: Dana Henry Hasbro Interactive 978-921-3759 Beverly, MA (May 14, 1999) - Leading entertainment software publisher, Hasbro Interactive announced today it has released all rights that it may have to the vintage Atari hardware platform, the Jaguar. Hasbro Interactive acquired rights to many Atari properties, including the legendary Centipede, Missile Command, and Pong games, in a March 1998 acquisition from JTS Corporation. This announcement will allow software developers to create and publish software for the Jaguar system without having to obtain a licensing agreement with Hasbro Interactive for such platform development. Hasbro Interactive cautioned, however, that the developers should not use the Atari trademark or logo in connection with their games or present the games as authorized or approved by Hasbro Interactive. "Hasbro Interactive is strictly focused on developing and publishing entertainment software for the PC and the next generation game consoles," said Richard Cleveland, Head of Marketing for Hasbro Interactive's Atari Business Unit. "We realize there is a passionate audience of diehard Atari fans who want to keep the Jaguar system alive, and we don't want to prevent them from doing that. We will not interfere with the efforts of software developers to create software for the Jaguar system." Hasbro Interactive, Inc. is a leading all-family interactive games publisher, formed in 1995 to bring to life on the computer the deep library of toy and board games of parent company, Hasbro, Inc. (ASE:HAS). Hasbro Interactive has expanded its charter to include original and licensed games for the PC, the Playstation(R) and Nintendo(R) 64 game consoles and for multi-player gaming over the internet. Headquartered in Beverly, Massachusetts, Hasbro Interactive has offices in the U.K., France, Germany, Japan and Canada. For more information, visit the Hasbro Interactive Web site at


Can Staying Awake Beat Depression? SoylentNews

Submitted via IRC for Bytram

For two decades, Francesco Benedetti, who heads the psychiatry and clinical psychobiology unit at San Raffaele Hospital in Milan, has been investigating so-called wake therapy, in combination with bright light exposure and lithium, as a means of treating depression where drugs have often failed. As a result, psychiatrists in the USA, the UK and other European countries are starting to take notice, launching variations of it in their own clinics. These 'chronotherapies' seem to work by kick-starting a sluggish biological clock; in doing so, they're also shedding new light on the underlying pathology of depression, and on the function of sleep more generally.

"Sleep deprivation really has opposite effects in healthy people and those with depression," says Benedetti. If you're healthy and you don't sleep, you'll feel in a bad mood. But if you're depressed, it can prompt an immediate improvement in mood, and in cognitive abilities. But, Benedetti adds, there's a catch: once you go to sleep and catch up on those missed hours of sleep, you'll have a 95% chance of relapse.

So pulling more all-nighters makes me feel better?


Original Submission

Read more of this story at SoylentNews.


UK to form unit to fight 'fake news,' misinformation campaigns The Hill: Technology Policy

The United Kingdom is establishing a new unit to curb the presence of hoax news stories online and stop social media influence campaigns from foreign adversaries, British Prime Minister Theresa Mays spokesperson said.We are living in an era...


The Best Countries Random Thoughts

A while back, I watched a film and drank a cocktail from each country on Earth, but it occurred to me just now that I had never done any visualisation of where on Earth the good movies and drinks are.

Since I had the data semi-readible available, I whipped up some charts.

Heres the film map (brighter red is better):

Heres the cocktail map (brighter blue is better):



Chronicle: A Meteor Aimed At Planet Threat Intel? Krebs on Security

Alphabet Inc., the parent company of Google, said today it is in the process of rolling out a new service designed to help companies more quickly make sense of and act on the mountains of threat data produced each day by cybersecurity tools.

Countless organizations rely on a hodgepodge of security software, hardware and services to find and detect cybersecurity intrusions before an incursion by malicious software or hackers has the chance to metastasize into a full-blown data breach.

The problem is that the sheer volume of data produced by these tools is staggering and increasing each day, meaning already-stretched IT staff often miss key signs of an intrusion until its too late.

Enter Chronicle, a nascent platform that graduated from the tech giants X division, which is a separate entity tasked with tackling hard-to-solve problems with an eye toward leveraging the companys core strengths: Massive data analytics and storage capabilities, machine learning and custom search capabilities.

We want to 10x the speed and impact of security teams work by making it much easier, faster and more cost-effective for them to capture and analyze security signals that have previously been too difficult and expensive to find, wrote Stephen Gillett, CEO of the new venture.

Few details have been released yet about how exactly Chronicle will work, although the company did say it would draw in part on data from VirusTotal, a free service acquired by Google in 2012 that allows users to scan suspicious files against dozens of commercial antivirus tools simultaneously.

Gillett said his division is already trialing the service with several Fortune 500 firms to test the preview release of Chronicle, but the company declined to name any of those participating.


Its not terribly clear from Gilletts post or another blog post from Alphabets X division by Astro Teller how exactly Chronicle will differentiate itself in such a crowded market for cybersecurity offerings. But its worth considering the impact that VirusTotal has had over the years.

Currently, VirusTotal handles approximately one million submissions each day. The results of each submission get shared back with the entire community of antivirus vendors who lend their tools to the service which allows each v...


Physicists are planning to build lasers so powerful they could rip apart empty space Lifeboat News: The Blog

Chinas Station of Extreme Light could be first laser to reach 100 petawatts.


Floating 3D printing brings sci-fi-style projections closer Lifeboat News: The Blog

Optical trap display projects graphics into the air, where they are visible from all angles.


Links 24/1/2018: New Tails and Firefox Releases Techrights

GNOME bluefish



  • Top Linux And Open Source Stories Of Year 2017

    The year 2017 has been an eventful year for open source community with highs and lows throughout the year. Open source and Linux continue to dominate with their presence from the mobile phones to supercomputers. Lets quickly go through some of the major events in the year 2017.

  • Desktop

    • Do desktop operating systems need desktop icons?

      Desktop icons arent just a Windows phenomenon. Im sure if I used Ubuntu or another Linux distribution more often, Id have a messy desktop in that operating system as well. But a recent move by developers of the GNOME desktop environment to remove desktop icons altogether has me wondering if Id really miss them if they were gone.

  • Kernel Space


Containers, the GPL, and copyleft: No reason for concern (

Richard Fontana explores the intersection of containers and copyleft licensing on "One imperfect way of framing the question is whether GPL-licensed code, when combined in some sense with proprietary code, forms a single modified work such that the proprietary code could be interpreted as being subject to the terms of the GPL. While we havent yet seen much of that concern directed to Linux containers, we expect more questions to be raised as adoption of containers continues to grow. But its fairly straightforward to show that containers do not raise new or concerning GPL scope issues."


Chrome 64 Ships With Spectre/Meltdown Mitigation, CSS Additions Phoronix

If the release of Firefox 58 yesterday didn't excite you, Google has today rolled out to stable channel the Chrome 64.0 web-browser...


Cryptocurrency Backed by Gold in Development by Perth Mint SoylentNews

Australian Broadcast Corporation reports

Australia's biggest gold refiner, the Perth Mint, is developing its own cryptocurrency backed by physical precious metals.

The ambitious plan, which is subject to a confidentiality agreement, will make it easier for consumers to buy gold.

[...] For the Perth Mint, the need to bring investors back to precious metals after a boom in alternative investments such as cryptocurrencies posed an opportunity, according to chief executive Richard Hayes.

"I think as the world moves through times of increasing uncertainty, you're seeing people look for alternate offerings," he said.
But Mr Hayes said the volatility of some of the current cryptocurrencies meant they did not suit all investors.

And that is where a gold-backed offering may fit.

"With a crypto-gold or a crypto-precious metals offering, what you will see is that gold is actually backing it," Mr Hayes said.

"So it will have all the benefits of something that is on a distributed ledger that settles very, very quickly, that is easy to trade, but is actually backed by precious metals, so there is actually something behind it, something backing it."

What do you see here: some golden cryptocurrency dust sprinkled around or a decentralized ledger of precious metal transactions?

Original Submission

Read more of this story at SoylentNews.


Critical code execution flaw in Electron framework impacts popular Desktop apps such as Skype and Signal Security Affairs

A critical RCE vulnerability in the Electron framework impacts popular desktop applications, including Skype, Signal, Slack, GitHub Desktop, Twitch, and

A remote code execution vulnerability tracked as CVE-2018-1000006 was fixed in the Electron framework, which is used by popular desktop applications, including Skype, Signal, Slack, GitHub Desktop, Twitch, and

Electron is a node.js, V8, and Chromium open-source framework that allows developers to use web technologies such as JavaScript, HTML, and CSS to build desktop apps.

The framework is currently being developed by GitHub, the Electron dev team released the versions v1.8.2-beta.4, electron v1.7.11, and electron v1.6.16 to address the issue.

A remote code execution vulnerability has been discovered affecting Electron apps that use custom protocol handlers. This vulnerability has been assigned the CVE identifier CVE-2018-1000006. states the Electron team in a post.

Electron apps designed to run on Windows that register themselves as the default handler for a protocol, like myapp://, are vulnerable.

Such apps can be affected regardless of how the protocol is registered, e.g. using native code, the Windows registry, or Electrons app.setAsDefaultProtocolClient API.

Electron framework

Currently, more than 460 cross-platform desktop applications leverage the Electron framework, but the code execution flaw affects only that use custom protocol handlers, macOS and Linux are not vulnerable to the issue.

All three releases are available for download on GitHub.

The experts also provided a workaround to avoid the exploitation of the vulnerability.

If for some reason you are unable to upgrade your Electron version, you can append as the last argument when calling app.setAsDefaultProtocolClient, which prevents Chromium from parsing further options. The double dash signifies the end of command options, after which only positional parameters are accepted, Electron explains.

Electron developers are advised to update the...


This Tiny Motor is Built into a PCB Hackaday

Mounting a motor on a PCB is nothing new, right? But how about making the PCB itself part of the motor? Thats what [Carl Bugeja] has done with his brushless DC motor in a PCB project, and we think its pretty cool.

Details on [Carl]s page are a bit sparse at this point, but weve been in contact with him and he filled us in a little. The PCB contains the stator of the BLDC and acts as a mechanical support for the rotors bearing. There are six spiral coils etched into the PCB, each with about 40 turns. The coils are distributed around the axis; connected in a wye configuration, they drive a 3D-printed rotor that has four magnets pressed into it. You can see a brief test in the video below; it seems to suffer from a little axial wobble due to the single bearing, but that could be handled with a hat board supporting an upper bearing.

We see a lot of potential in this design. [Carl] mentions that the lack of cores in the coil limit it to low-torque applications, but it seems feasible to bore out the center of the coils and press-fit a ferrite slug. Adding SMD Hall sensors to the board for feedback would be feasible, too in fact, an entire ESC and motor on one PCB could be possible as well. [Carl] has promised to keep the project page updated, and were looking forward to more on this one.

For a more traditional approach to printed motors, check out this giant 3D-printed BLDC.


Identical monkeys born through true cloning Lifeboat News: The Blog

The first monkeys have been cloned in a historic breakthrough could humans be next?


SpaceX fires up powerful new Falcon Heavy rocket Lifeboat News: The Blog

SpaceX test-fires 27 engines in its powerful new Falcon Heavy rocket in key milestone.


Better than holograms: A new 3D projection into thin air Lifeboat News: The Blog

One of the enduring sci-fi moments of the big screenR2-D2 beaming a 3D image of Princess Leia into thin air in Star Warsis closer to reality thanks to the smallest of screens: dust-like particles.

Scientists have figured out how to manipulate nearly unseen specks in the air and use them to create 3D images that are more realistic and clearer than holograms, according to a study in Wednesdays journal Nature. The studys lead author, Daniel Smalley, said the new technology is printing something in space, just erasing it very quickly.

In this case, scientists created a small butterfly appearing to dance above a finger and an image of a graduate student imitating Leia in the Star Wars scene.


Security updates for Wednesday

Security updates have been issued by openSUSE (clamav-database and virtualbox), Oracle (firefox and kernel), Red Hat (firefox), Scientific Linux (firefox), and Ubuntu (gcab).


Tiny implant opens way to deliver drugs deep into the brain Lifeboat News: The Blog

WASHINGTON Scientists have created a hair-thin implant that can drip medications deep into the brain by remote control and with pinpoint precision.

Tested only in animals so far, if the device pans out it could mark a new approach to treating brain diseases potentially reducing side effects by targeting only the hard-to-reach circuits that need care.

You could deliver things right to where you want, no matter the disease, said Robert Langer, a professor at the Massachusetts Institute of Technology whose biomedical engineering team reported the research Wednesday.


AI Startup Using Robots and Lidar to Boost Productivity on Construction Sites IEEE Spectrum Recent Content full text

Doxel's lidar-equipped robots help track construction projects and catch mistakes as they happen Photo: Doxel Doxel's lidar-equipped robots help track construction projects and catch mistakes as they happen.

Doxel is a startup that came out of stealth this week with a US $4.5 million funding round. Their business is making construction cheaper, and their secret (as with so many startups now) is combining massive amounts of data with deep learning techniques.

Using lidar-equipped robots, Doxel scans construction sites every day to monitor how things are progressing, tracking what gets installed and whether its the right thing at the right time in the right place. Youd think that construction sites would be doing this by themselves anyway, but it turns out that they really dont, and in a recent pilot study on a medical office building, Doxel says it managed to increase labor productivity on the project by a staggering 38 percent.

Using autonomous robots equipped with lidar, Doxel scans construction sites every day to track progress and check that things have been installed correctly

The concept behind Doxel is straightforward enough: Construction projects have plans and budgets and timelines. If you stick to the plan, the budget and timeline (the things you really care about) should be what you expect. But construction projects with plans and budgets and timelines all depend on a big pile of humans doing exactly what theyre supposed to do, and we all know how often that happens. With that in mind, it may or may not surprise you to learn that 98 percent of large construction projects are delivered (on average) 80 percent over budget and 20 months behind schedule. According to people who know more about these sorts of things than I do, productivity in the construction industry hasnt improved significantly in 80 years.

A big part of the problem is simply keeping track of what gets done. Currently, the industry does this by sending people around with clipboards and tape measures, because throwing more humans at a problem caused by humans is definitely the best idea, right? Doxels idea is to get rid of the humans entirely, and instead rely on data. And robots.

Doxel mostly focuses on whats going on inside a construction site, since thats where the majority of the complicated stuff happens. Once the construction site shuts down for the day (usually in the late afternoon), Doxel sends in a cute little autonomous robot with an excellent lidar on it to methodically s...


Motion and Context SoylentNews

I regularly read the Knowing and Doing blog of Eugene Wallingford who is Associate Professor and Head, Department of Computer Science at the University of Northern Iowa. In a sequence of blog posts, he artfully raises some concepts of film editing to a much wider application than just films.

We start with a blog post 95:1 that introduces a book he is currently reading:

This morning, I read the first few pages of In the Blink of an Eye, an essay on film editing by Walter Murch. He starts by talking about his work on Apocalypse Now, which took well over a year in large part because of the massive amount of film Coppola shot: 1,250,000 linear feet, enough for 230 hours of running time. The movie ended up being about two hours and twenty-five minutes, so Murch and his colleagues culled 95 minutes of footage for every minute that made it into the final product. A more typical project, Murch says, has a ratio of 20:1.

He continues this thread with a later entry The Cut:

Read more of this story at SoylentNews.


Logan Paul pledges $1 million to suicide prevention groups The Hill: Technology Policy

YouTube megastar Logan Paul has pledged $1 million for suicide prevention organizations in his first video since the backlash he received for posting a video online that included footage of a dead body.Paul came across the body while in...


XWayland Gets XDG-Output Support For Potential Fractional Scaling Phoronix

The long-in-development X.Org Server 1.20 has yet another XWayland addition: XDG-Output protocol support...


The male Y chromosome is slowly fading, and could disappear completely Lifeboat News: The Blog

The end of men? Experts reveal how the male sex chromosome could one day disappear completely.

Since the dawn of humanity, men have played a vital role in determining the sex of their offspring.

The Y chromosome, carried by roughly half of a mans sperm, dictates whether a child will be male or female.

If the Y chromosome is present, a child will develop into a boy, whereas a lack of this strand of DNA will result in a girl.


How to Fix FacebookBefore It Fixes Us Lifeboat News: The Blog

An early investor explains why the social media platforms business model is such a threatand what to do about it.

By Roger McNamee


The Dawn of Solar Windows IEEE Spectrum Recent Content full text

Future skyscrapers will harvest energy from the sun with photovoltaic windows Illustration: Eddie Guy

illustration Illustration: Eddie Guy

The view from the office of Ioannis Papakonstantinou at University College London affords a great perspective on a wasted opportunity. He points to the university hospital, a tall oblong block adorned with decorative green glass strips. They look modern but serve no purpose. They dont even let in light.

What are they doing with these green surfaces? he asks. Nothing. Would you ever put a conventional solar panel there? Never.

Papakonstantinou is one of many who have dreamed of turning glass panels into photovoltaic modules that can be integrated directly into buildings, both for decoration and to look through. His lab is among many groups and companies developing widely differing approaches to solar windows; some are already installing them in buildings.

The appeal is, well, clear. Such windows would unobtrusively generate power for the building while allowing its occupants to peer out onto the street, enjoy natural light, or watch clouds pass overhead.

By 2020, 8.3 billion square meters of flat glass will be installed annually in new buildings worldwide, according to the Freedonia Group. That area, covered in standard solar panels in the ideal orientation, could produce more than a terawatt at peak output, and over one year it could generate some 2,190 terawatt-hours. Thats 9 percent of what the worlds annual electricity consumption was in 2016. Substituting this source of energy for coal in 2017 would have saved about 1.6 percent of carbon emissions from fossil fuels, industry, and changes in forestry and land use.

photo of UbiQDs glass prototype Photo: UbiQD Catch Some Rays: UbiQDs glass prototype uses quantum dots, the light from which is shunted sideways toward solar cells in the frame.

And powerful regulatory forces are now dragging solar windows and their environmental benefits into reality. A European Union directive requires all new build...


Thune accepts award at Washington Auto Show, pushes driverless car bill The Hill: Technology Policy

Sen. John Thune (R-S.D.) on Wednesday accepted an award at the Washington Auto Show for his work on a bill to pave the way for autonomous vehicles.The CEO of the Alliance of Automobile Manufacturers, which advocates for the major auto companies,...


House Energy and Commerce demands answers on Spectre and Meltdown cyber flaws The Hill: Technology Policy

House Energy and Commerce Committee leaders are demanding answers from major technology companies affected by the Spectre and Meltdown cybersecurity flaws that leave computer chips vulnerable to hackers. In a letter, lawmakers pressed the CEOs...


Road Apology/Gratitude Emitter Car LED Sign Hackaday

Sometimes, when youre driving, a simple wave when someone lets you in can go unnoticed and sometimes you make a mistake and a simple wave just isnt enough. [Noapparentfunction] came up with a nice project to say Thanks and My Bad to his fellow drivers.

The display uses four Max 7219 LED matrix displays, so the total resolution is 32 by 8. [Noapparentfunction] came up with an inspired idea: using a glasses case to hold the LED matrices and Raspberry Pi. Its easy to get into if necessary, stays closed, and provides a nice finished look. Having little knowledge of electronics and no programming skills, [Noapparentfunction] had to rely on cutting and pasting Python code as well as connecting a mess of wires together, but the end result works, and thats what matters.

A network cable runs from the glasses case suction cupped to the rear window to another project box under the dashboard. There, the network cable is connected to two buttons and the power. No network information is passed, the cable is just a convenient collection of wires with which to send signals. Each of the buttons shows a different message on the display.

Depending on where you live, this might not be legal, and were sure many of our readers (as well as your author) could come up with some different messages to display. However, this is a cool idea and despite [Noapparentfunction]s admitted limitations, is a nice looking finished product. Also, its name is Road Apology Gratitude Emitter. Here are some other car mod articles: This one adds some lighting to the foot well and glove compa...


New Kodi Addon Tool Might Carry Interesting Copyright Liability Implications TorrentFreak

Kodi is the now ubiquitous media player taking the world by storm. In itself its a great piece of software but augmented with third-party software it can become a piracy powerhouse.

This software, known collectively as add-ons, enables Kodi to do things it was never designed for such as watching pirated movies, TV shows, and live sports. As a result, its the go-to media platform for millions around the globe, but for those distributing the add-ons, there can be risks attached.

As one of the most prominent Kodi-related sites around, TVAddons helped to distribute huge numbers of add-ons. The platform insists that if any add-on infringed copyright, it was only too willing to remove them under a DMCA-like regime. Last year, however, it became clear that copyright holders would prefer to sue TVAddons (1,2) than ask for takedowns.

With those lawsuits still ongoing, the site was left with a dilemma. Despite add-ons being developed and uploaded by third-parties, rightsholders are still trying to hold TVAddons responsible for what those add-ons can do. Its a precarious situation that has led to TVAddons not having its own repository/repo (a place where the addons are stored for users to download) since the site ran into trouble last summer.

Now, however, the site has just launched a new tool which not only provides some benefits for users looking for addons, but also attempts to shift some liability for potential infringement away from the service and onto a company with much broader shoulders.

TVAddons Github Browser was released yesterday and is available via the platforms Indigo tool. Its premise is simple.

Since many third-party Kodi add-ons are developed and first made available on Github, the worlds leading software development platform, why dont users install them directly from there instead?

The idea is that this might reduce liability for distributors like TVAddons but could also present benefits for users, as they can be assured that theyre getting add-ons directly from the source.

Github Browser welcome screen...


Smart Contact Lens Doubles as Blood Sugar Monitor IEEE Spectrum Recent Content full text

A new contact lens tests tears to tell wearers when glucose levels drop, so there'll be no more need for painful finger pricks Illustration: Jang-Ung Park/UNIST/Science Advances

Smart contact lenses with embedded electronics just got a lot more practical. Korean researchers have designed a stretchable contact lens that can monitor glucose without distorting the wearers vision, according to a report published today in Science Advances.

The device contains all the electronic components needed to wirelessly receive power, monitor glucose levels, and generate an LED display, while maintaining the soft, stretchable, and transparent qualities of a contact lens that people might actually be willing to wear. 

This gets close to a solution that you can imagine a patient using, says Gregory Herman, a chemical engineer at Oregon State University who is developing transparent sensors for contact lenses and was not involved in todays report. 

Many people with type 1 diabetes must monitor their glucose throughout the day with finger stick blood tests. A contact lens equipped with tear-collecting sensors would provide a noninvasive alternativea way to passively track a health condition without having to constantly think about it.  

Previous smart contact lens designs for glucose monitoring, such as the one patented by Verily, Alphabets life science arm, have fallen short. They tend to have electronic components fabricated on hard substrates that are inserted into a contact lens, says Jang-Ung Park, an associate professor at the school of materials science and engineering at Ulsan National Institute of Science and Technology (UNIST) in South Korea  who co-authored the report. The result is a contact lens that is brittle and can break down over time, and can also impede the users field of vision, Park says. 

In UNISTs prototype, segments of rigid electronic components, including circuits, antennas, LEDs, and sensors, are isolated into islands interconnected by stretchable conductors. Between the islands is a soft, elastic material. The pattern, which looks a bit like the spots on a giraffe, distributes mechanical strain. That protects the electronics from being deformed when the contact lens is handled by the user. 



EU Fines Qualcomm 997 Million Euros for Anti-Competitive Payments to Apple SoylentNews

Qualcomm Gets $1.2 Billion EU Fine for Apple Chip Payments

Qualcomm Inc. was fined 997 million euros ($1.2 billion) by the European Union for paying Apple Inc. to shun rival chips in its iPhones.

The largest maker of chips that help run smartphones "paid billions of U.S. dollars to a key customer, Apple, so that it would not buy from rivals," EU Competition Commissioner Margrethe Vestager said in an emailed statement on Wednesday. "This meant that no rival could effectively challenge Qualcomm in this market, no matter how good their products were."

Qualcomm struck a deal with Apple in 2011 that pledged significant payments if Apple only used Qualcomm chipsets for the iPhone and iPad devices. That agreement was renewed in 2013 until 2016. Qualcomm warned it would stop these payments if Apple sold another product with a rival chip. This effectively shut out competitors such as Intel Corp. from the market for LTE baseband chipsets used in the 4G mobile phone standard for five years, the EU said.

European Commission press release. Also at Reuters.

Previously: EU Investigates Qualcomm For Antitrust Activities
U.S. Federal Trade Commission Sues Qualcomm for Anti-Competitive Practices
Apple Could Switch From Qualcomm to Intel and MediaTek for Modems

Related: Apple vs. Qualcomm Escalates, Manufacturers Join in, Lawsuits Filed in California and Germany
Qualcomm Files New Lawsuit Against Apple, Alleging it Shared Confidential Information with Intel
Broadcom Offers $105 Billion for Qualcomm; Moves HQ Back to the USA

Original Submission

Read more of this story at SoylentNews.


Government watchdog agrees to probe fake net neutrality comments The Hill: Technology Policy

The Government Accountability Office (GAO) has agreed to take up an investigation into fake comments being filed to the Federal Communications Commission (FCC) regarding its plan to roll back net neutrality rules. The GAOs decision to probe the...


Rocket Lab unveils Humanity Star a shiny satellite you can see in space Lifeboat News: The Blog

In addition to launching three Earth-watching satellites, Rocket Lab has sent up a satellite you can watch from Earth: a bright and shiny object christened Humanity Star.

Rocket Lab says Humanity Star, a geodesic sphere made of carbon fiber with 65 reflective panels, could well rank as the brightest satellite in the night sky.


Quantum Weirdness in Your Browser Hackaday

Ill be brutally honest. When I set out to write this post, I was going to talk about IBMs Q Experience the website where you can run real code on some older IBM quantum computing hardware. I am going to get to that I promise but thats going to have to wait for another time. It turns out that quantum computing is mindbending and to make matters worse there are a lot of oversimplifications floating around that make it even harder to understand than it ought to be. Because the IBM system matches up with real hardware, it is has a lot more limitations than a simulator think of programming a microcontroller with on debugging versus using a software emulator. You can zoom into any level of detail with the emulator but with the bare micro you can toggle a line, use a scope, and hope things dont go too far wrong.

So before we get to the real quantum hardware, I am going to show you a simulator written by [Craig Gidney]. He wrote it and promptly got a job with Google, who took over the project. Sort of. Even if you dont like working in a browser, [Craigs] simulator is easy enough, you dont need an account, and a bookmark will save your work.

It isnt the only available simulator, but as [Craig] immodestly (but correctly) points out, his simulator is much better than IBMs. Starting with the simulator avoids tripping on the hardware limitations. For example, IBMs devices are not fully connected, like a CPU where only some registers can get to other registers. In addition, real devices have to deal with noise and the quantum states not lasting very long. If your algorithm is too slow, your program will collapse and invalidate your results. These arent issues on a simulator. You can find a list of other simulators, but Im focusing on Quirk.

What Quantum Computing Is

As I mentioned, there is a lot of misinformation about quantum computing (QC) floating around. I think part of it revolves around the word computing. If you are old enough to remember analog computers, QC is much more like that. You build circuits to create results. Theres also a lot of difficult math mostly linear algebra that Im going to try to avoid as much as possible. However, if you can dig into the math, it is worth your time to do so. However, just like you can design a resonant circuit without solving differential equations about inductors, I think you can do QC without some of the bigger math by just using results. Well see how well that holds up in practice.



Uber CEO calls for new benefits system for gig economy workers The Hill: Technology Policy

Ubers chief executive is calling for Washington state to develop a portable benefits system to give contract workers in the so-called gig economy access to health care and retirement planning accounts.Uber CEO Dara Khosrowshahi signed onto a...


Cuomo signs executive order protecting net neutrality in New York The Hill: Technology Policy

New York Gov. Andrew Cuomo (D) signed an executive order protecting net neutrality in New York on Wednesday, making it the second state to issue such a rule after the Federal Communications Commissions (FCC) decision to repeal the open...


WebKitGTK+ Security Advisory WSA-2018-0002 Open Source Security

Posted by Carlos Alberto Lopez Perez on Jan 24

WebKitGTK+ Security Advisory WSA-2018-0002

Date reported : January 24, 2018
Advisory ID : WSA-2018-0002
Advisory URL :
CVE identifiers : CVE-2018-4088, CVE-2018-4089, CVE-2018-4096,...


Security in the enterprise: Things are looking up! Help Net Security

Cybersecurity is quickly becoming the number one business priority, says identity and access management company Okta. Based on the results of an analysis of authentication and verification events made through the companys enterprise offerings between November 1, 2016 to October 31, 2017, security tools by Jamf, KnowBe4, DigiCert, Cisco, Mimecast, Sophos, and CloudFlare all ranked in the top 15 fastest growing apps for the first time. Jamf, which provides software for managing and securing Apple More


Purism Begins Work On Unified Themes For Convergent PureOS Devices Phoronix

Last week Purism shared a progress update on the Librem 5 smartphone project where they outlined their plans to continue pursuing the i.MX8M SoC and other plans. They've kept up their word of delivering weekly status updates and out today is their latest summary of work...


US Government Puts Tariffs on Imported Solar Cells, Solar Modules, and Washing Machines SoylentNews

Trump administration imposes tariffs on imported solar cells and modules at 30% and certain washing machines up to 50%:

This new determination sets tariffs on imported solar cells and modules at 30 percent with a gradual decrease of that tariff over the subsequent four years. In years two, three, and four, the tariff will be imposed at 25 percent, 20 percent, and 15 percent, respectively, of the value of the import. The first 2.5 gigawatts of imported solar cells imported are exempt from the tariff (but it seems that a similar provision was not made for solar modules). Though the executive branch has broad authority to impose whatever tariff it wants after the ITC finds that an industry has been harmed by imports, this tariff decision closely matches the middle-ground recommendation made by two of the four-person ITC's commissioners. Those commissioners recommended a 30-percent tariff on modules and a 30-percent tariff on imported solar cells in excess of 1GW, with declining rates after the first year.

Whirlpool shares rise after Trump tariff on washing machine imports

The new tax is expected to hit Trump's desk on Tuesday. The administration is imposing 20% tariffs on the first 1.2 million machines imported each year, and 50% on those after that. There will also be a 50% tariff on washing machine parts.

Naturally South Korea and China are upset and plan to argue their case at the WTO. From the articles I read this morning there should be a boost to US manufacturing but the gains may all be offset by the losses with people not wanting to pay more for solar. I think regardless of price people will do solar for solar's sake, but there is sure to be some impact on sales and installation jobs.

Guess I should have bought that 30% off washing machine at the Sears going out of business sale.

Original Submission

Read more of this story at SoylentNews.


Hacker Used Malware To Hike Prices for Gas Station Customers HackRead

By Waqas

Russian authorities have identified an extensively distributed malware campaign targeting

This is a post from Read the original post: Hacker Used Malware To Hike Prices for Gas Station Customers


VMium 1GB KVM VPS starting @ $1.99/mo and other plans! Low End Box


Igor from VMium has submitted their first offer ever with us! They are offering KVM based virtual services out of Italy and have hopes to expand globally as their business takes off. They seem to have some pretty nice pricing so we really hope you enjoy what they have to offer for you and we look forward to seeing your feedback!

Heres what they had to say:

VMium hosting project had been established in 2014. We have been operating mostly on the Eastern European market before 2017. In 2018, our goal is to expand offerings to the rest of the global hosting market. Our virtual servers run on enterprise grade hardware, protected by raid setups, powered by super fast SSD drives and blazing fast network with premium bandwidth, located in the heart of Europe.

***VMium has stated all plans below are 50% off for LIFE and come with FREE incoming bandwidth***

(KVM-1) Plan

  • 1GB RAM
  • 1 x CPU
  • 10 GB SSD
  • 1TB Outbound BW
  • 1Gbps Uplink
  • 1 x IPv4
  • IPv6 Available (upon request)
  • KVM / VMmanager
  • Coupon: LowEnd2018-ZgPAn
  • $1.99/mo [ORDER]

(KVM-2) Plan

  • 2GB RAM
  • 1 x CPU
  • 20 GB SSD
  • 2TB Outbound BW
  • 1Gbps Uplink
  • 1 x IPv4
  • IPv6 Available (upon request)
  • KVM / VMmanager
  • Coupon: LowEnd2018-ZgPAn
  • $3.99/mo [ORDER]

(KVM-3) Plan

  • 4GB RAM
  • 1 x CPU
  • 30 GB SSD
  • 4TB Outbound BW
  • 1Gbps Uplink
  • 1 x IPv4
  • IPv6 Available (upon request)
  • KVM / VMmanager
  • Coupon: LowEnd2018-ZgPAn
  • $6.99/mo [ORDER]

VMius is a registered company in the state of Delaware, USA (#4921432). For those interested, their WHOIS information is public. VMium supports payment through PayPal ($5 minimum), Webmoney (Z and R), Yandex.Money, Coin Payments, Mobile Payments, Bank Payment...


Michigans MiDAS Unemployment System: Algorithm Alchemy Created Lead, Not Gold IEEE Spectrum Recent Content full text

A case study into how to automate false accusations of fraud for more than 34,000 unemployed people Illustration: iStockphoto/IEEE Spectrum

Perhaps next month, those 34,000 plus individuals wrongfully accused of unemployment fraud in Michigan from October 2013 to September 2015 will finally hear that they will receive some well-deserved remuneration for the harsh treatment meted out by Michigan Integrated Data Automated System (MiDAS). Michigan legislators have promised to seek at least $20 million in compensation for those falsely accused.

This is miserly, given how many people experienced punishing personal trauma, hired lawyers to defend themselves, saw their credit and reputations ruined, filed for bankruptcy, had their houses foreclosed or were made homelessness. A sum closer to $100 million, as some are advocating, is probably warranted.

The fiasco is all too familiar: a government agency wants to replace a legacy IT system to gain cost and operational efficiencies, but alas, the effort goes horribly wrong because of gross risk mismanagement.

This time, it was the Michigan Unemployment Insurance Agency (UIA) which wanted to replace a 25-year-old mainframe system. The objectives of the new system were three-fold and reasonable. First, ensure that unemployment checks were only going to people who deserved them. Second, increase UIAs efficiency and responsiveness to unemployment claims. And third, through those efficiency gains, reduce UIAs operational costs by eliminating more than 400 workers, or about one-third of the agencys staff. After spending $47 million and two years on the effort, the UIA launched MiDAS, and soon proclaimed it a huge success [pdf], coming in under budget and on-time, and discovering previously missed fraudulent unemployment filings.

Finding Fake Fraud

Soon after MiDAS was put into operation, the number of persons suspected of unemployment fraud...

Friday Hack Chat: Becoming Cyborg Hackaday

What is it like to be a cyborg? What does it mean to have augmented hearing, improved vision, and coprocessors for your brain that enhance your memory? We could ask people with hearing aids, glasses, and a smartphone strapped to their wrist, but thats boring. Were looking to the future and the cool type of cyborgation, and thats what this weeks Hack Chat is all about.

Our guest for this weeks Hack Chat will be Lindy Wilkins, and theyre here to discuss what it takes to be a cyborg. Right now, theyre sporting a magnetic implant, an NFC implant and will soon have a North Sense, an exo-sensory device that tells your brain where North is.

Lindy is currently based in Toronto as a PhD student at the University of Toronto, and director at the Site 3 coLaboratory. They spend free time making robots, playing with lasers, and thinking about how body modification and where the intersection of bio-hacking and wearable technology will meet in the near future.

During this Hack Chat, were going to be talking about what it means to be a cyborg. Is it simply a matter of wearing contacts, gett...


Friday Free Software Directory IRC meetup: January 26th starting at 12:00 p.m. EST/17:00 UTC FSF blogs

Help improve the Free Software Directory by adding new entries and updating existing ones. Every Friday we meet on IRC in the #fsf channel on

When a user comes to the Directory, they know that everything in it is free software, has only free dependencies, and runs on a free OS. With almost 16,000 entries, it is a massive repository of information about free software.

While the Directory has been and continues to be a great resource to the world for many years now, it has the potential to be a resource of even greater value. But it needs your help! And since it's a MediaWiki instance, it's easy for anyone to edit and contribute to the Directory.

You've heard that Austin, TX is weird, but have you heard that it's "in the know"? On January 25th, 1932, the local radio station was KUT-AM, but the next day, following a purchase by Hearst publications, it became KNOW, noted for their dedication to award-winning news coverage. This week, we will look at radio entries, as well as working on unapproved pages.

If you are eager to help, and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today! There are also weekly Directory Meeting pages that everyone is welcome to contribute to before, during, and after each meeting.


Development Release: Red Hat Enterprise Linux 7.5 Beta News

Red Hat has announced a new beta release of the company's Red Hat Enterprise Linux 7.x series. The new development release, Red Hat Enterprise Linux 7.5 Beta, includes bug fixes and security enhancements across a wide range of hardware platforms. "Red Hat Enterprise Linux delivers controls for enhanced....


Google CEO Sundar Pichai compares AI to fire and electricity TechWorm

Google CEO Sundar Pichai thinks impact of AI on humanity is more profound than electricity or fire

While fire is regarded as one of the greatest invention of the Early Stone Age, followed by the discovery of electricity in the 1800s, Googles CEO Sundar Pichai considers AI (artificial intelligence) impact on humanity to be more profound than fire or electricity.

Speaking as part of a new show hosted by MSNBCs Ari Melber and Recodes Kara Swisher, Pichai, 45, said that AI is one of the most important things that humanity is working on. Its more profound that, I dont know, electricity or fire.

Fires pretty good, Swisher said.

However, Pichai drew equals to electricity and fire, and said that AI is basically both useful and dangerous at the same time.

But it kills people, too. They learn to harness fire for the benefits of humanity, but we have to overcome its downsides, too, Pichai said.

While admitting some concerns about AI taking over the world one day, Pichai also mentioned that he feels that AI technology will inevitably play a significant role in the advancement of humanity, such as curing cancer and providing climate change solutions.

My point is AI is really important, but we have to be concerned about it, Pichai said. Its fair to be worried about itI wouldnt say were just being optimistic about it we want to be thoughtful about it. AI holds the potential for some of the biggest advances were going to see.

Whenever I see the news of a young person dying of cancer, you realize AI is going to play a role in solving that in the future. So I think we owe it to make progress too.

However, Pichai did acknowledge the need for balance to be struck between AI technologys downsides and upsides.

The extracts are part of a new series on MSNBC called Revolution: Google and YouTube Changing the World where Pichai along with YouTube CEO Susan Wojcicki were interviewed. The show featuring the full interview with Pichai is scheduled to air on US news channel MSNBC on January 26.

The post Google CEO Sundar Pichai compares AI to fire and electricity appeared first on TechWorm.


EU fines Qualcomm $1.2 billion over Apple payments The Hill: Technology Policy

The European Union on Wednesday fined chipmaker Qualcomm $1.2 billion for paying Apple not to purchase components from its competitors.Margrethe Vestager, the EU's competition commissioner, said the arrangement gave Qualcomm dominance in...


Burger King makes pro-net neutrality video The Hill: Technology Policy

Burger King is blasting the Federal Communications Commission's (FCC) decision to scrap net neutrality rules in a new ad released Wednesday, using its signature sandwich to do it.The fast food chain posted a video illustrating what it...


Red Hat Enterprise Linux 7.5 Offers Wayland In Tech Preview Form Phoronix

With today's debut of the Red Hat Enterprise Linux 7.5 Beta they have made Wayland support available in tech preview form...


Embrace performance-enhancing drugs and technology in sport Lifeboat News: The Blog

As we hear more and more about the upcoming Winter #Olympics in a few weeks, lets remember the idea for a future Transhumanist Olympics: #transhumanism

The 2016 Paralympics, which began this week in Rio de Janeiro, is bringing together 4,500 athletes to compete in 23 sports from wheelchair fencing to swimming to hand biking.


Robots Ready to Ski, Paint, and Clean at South Koreas 2018 Winter Olympics IEEE Spectrum Recent Content full text

South Koreas best roboticists have spent two years preparing robots for a wide range of roles at the 2018 Winter Olympics Photo: Ang Young-suk/Yonhap/AP

Photo: Ang Young-suk/Yonhap/AP The Handoff: The robot DRC-Hubo+ receives the Olympic flame from UCLA professor Dennis Hong.

Spectators who getlost in Olympic Plaza in Pyeongchang next month can ask for directions from a nearby guide that speaks four languages. Thirsty patrons who visit Gangneung Media Village can order drinks for delivery. And they can do all of this without talking to another human.

South Korea is going big on robotics for the 2018 Winter Olympics, which begin on 9 February. Organizers will deploy about 80 robots at the games to showcase the nations leadership in advanced robotics research.

Eight companieswith US $1.5 million in sponsorship from the South Korean governmenthave been working on projects for the games since 2016. The roboticists who built all of these new robots are now preparing to unveil their technology on a world stage.

Its a stressful time for everyone involved. I have more anxiety than excitement, says Jun-ho Oh, the director of the Institute for Robotics at the Korea Advanced Institute of Science and Technology (KAIST), who led government officials in managing robotics for the games.

Most of these automated helpers will take on highly visible roles and interact with the public. Which means they must be able to, among other things, maneuver through crowded spaces and know when to hit the brakes. Any mistakes they make will be in the public eye.

This is an opportunity for them to showcase what theyre working on, says Raffaello DAndrea, a professor of dynamic systems and control at ETH Zurich. This technology is far enough along that you can actually deploy [robots] and have them do something interesting.

Oh has three rules for designing eye-catching, crowd-pleasing robots that are also safe and reliable. Call them Ohs Three Laws of Olympic Robotics. First, he says, the robot must not make trouble. His second rule is that it must do something new, even if that just means teaching an existing robot new tricks. Third, the robot must be useful.

One brand new robot that will appear at the games is a robotic ve...

This Home-Made PDA Is A Work Of Art Hackaday

There was a time, back in the 1990s, when a PDA, or Personal Digital Assistant, was the height of mobile computing sophistication. These little hand-held touch-screen devices had no Internet connection, but had preloaded software to manage such things as your calendar and your contacts. [Brtnst] was introduced to PDAs through a Palm IIIc and fell in love with the idea, but became disillusioned with the Palm for its closed nature and lack of available software a couple of decades later.

His solution might have been to follow the herd and use a smartphone, but he went instead for the unconventional and produced his own PDA. And after a few prototypes, hes come up with rather a well-executed take on the 90s object of desire. Taking an ARM microcontroller board and a commodity resistive touchscreen, hes clad them in a 3D-printed PDA case and produced his own software stack. Hes not prepared to release it just yet as hes ashamed of some of its internal messiness, but lets hope that changes with time.

What this project shows is how it is now so much easier to make near commercial quality one-off projects from scratch. Accessible 3D printing has become so commonplace as to be mundane in our community, but its worth remembering just how much of a game-changer it has been.

To see the device in action, take a look at the video below the break.


AT&T urges Congress to pass 'internet bill of rights' The Hill: Technology Policy

AT&T is calling on Congress to pass a net neutrality law that would cover not only internet service providers but also platforms like Facebook and Google.The telecom giant took out full-page ads in major newspapers like The New York Times and...


Are you a Tinder user? Watch out, someone could spy on you Security Affairs

Experts at security firm Checkmarx discovered two security vulnerabilities in the Tinder mobile apps that could be exploited to spy on users.

Security experts at Checkmarx discovered two security vulnerabilities in the Tinder Android and iOS dating applications that could be exploited by an attacker on the same wi-fi network as a target to spy on users and modify their content.

Attackers can view a target users Tinder profile, see the profile images they view and determine the actions they take.

The vulnerabilities, found in both the apps Android and iOS versions, allow an attacker using the same network as the user to monitor the users every move on the app. It is also possible for an attacker to take control over the profile pictures the user sees, swapping them for inappropriate content, rogue advertising or other type of malicious content (as demonstrated in the research). reads the analysis published by Checkmarx.

While no credential theft and no immediate financial impact are involved in this process, an attacker targeting a vulnerable user can blackmail the victim, threatening to expose highly private information from the users Tinder profile and actions in the app.

An attacker can conduct many other malicious activities, including intercepting traffic and launching DNS poisoning attacks.

The first issue is related to the fact that both the iOS and Android Tinder apps download profile pictures via insecure HTTP connections, this means that an attacker can access the traffic to determine which profiles are viewed by a Tinder user.

Tinder data leak


An attacker could also modify traffic for example to swap images.

Attackers can easily discover what device is viewing which profiles, continues the analysis. Furthermore, if the user stays online long enough, or if the app initializes while on the vulnerable network, the attacker can identify and explore the users profile. Profile images that the victim sees can be swapped, rogue advertising can be placed and malicious content can be injected,

Obviously, such kind of issue could...


Finland is the Mobile Data Capital of the World SoylentNews

The IEEE Spectrum has an article about why Finland is the mobile data capital of the world. Many factors converge. Perhaps the most relvant one is that mobile data plans cover unlimited use and the different operators compete on speed rather than data caps. Also, despite sparse population distribution, very close to 100% of the population has good access to high-speed mobile networks. If plans are followed through, 5G coverage should become commercially available in Finland by 2020.

Original Submission

Read more of this story at SoylentNews.


Cyberdynes Medical Exoskeleton Strides to FDA Approval Lifeboat News: The Blog

Cyberdyne, the Japanese robotics company with the slightly suspicious name, has just gotten approval from the U.S. Food and Drug Administration (FDA) to begin offering its HAL (Hybrid Assistive Limb) lower-body exoskeleton to users in the United States through licensed medical facilities. HAL is essentially a walking robot that you strap to your own legs; sensors attached to your leg muscles detect bioelectric signals sent from your brain to your muscles telling them to move, and then the exoskeleton powers up and assists, enhancing your strength and stability.

Users in the United States can now take advantage of this friendly exoskeleton to help them with physical rehabilitation.


iPhone Battery Explodes After Man Bites It To Test Its Authenticity TechWorm

Chinese man bites into replacement iPhone battery causing it to explode

You may want to think twice before biting things that can explode, as a Chinese man who happened to bite a smartphone battery to test its authenticity got a nasty shock when it exploded.

The ten-second video footage of the incident that happened on January 19 has been circulating online that shows a man looking to purchase a replacement battery for his iPhone in an electronics, reports Taiwan News. The video clip shows the store employee handing the man a battery, which he brings up to his face and then bites on it to check its authenticity. The moment he removes the battery from his mouth, it bursts into flames just inches away from his face.

Fortunately, no one was injured in this incident, reported several Taiwanese news outlets. The video was posted to Chinese video sharing site on January 20 and has been viewed more than 4.5 million time since then.

We request our readers not to try this at home and treat your phones battery with extreme caution. If you are unsure about the authenticity of your phone battery and wish to check it, you could visit an Apple Authorized Retailer or an Apple Store for the same.

The post iPhone Battery Explodes After Man Bites It To Test Its Authenticity appeared first on TechWorm.


Expert: IoT Botnets the Work of a Vast Minority Krebs on Security

In December 2017, the U.S. Department of Justice announced indictments and guilty pleas by three men in the United States responsible for creating and using Mirai, a malware strain that enslaves poorly-secured Internet of Things or IoT devices like security cameras and digital video recorders for use in large-scale cyberattacks.

The FBI and the DOJ had help in their investigation from many security experts, but this post focuses on one expert whose research into the Dark Web and its various malefactors was especially useful in that case. Allison Nixon is director of security research at Flashpoint, a cyber intelligence firm based in New York City. Nixon spoke with KrebsOnSecurity at length about her perspectives on IoT security and the vital role of law enforcement in this fight.

Brian Krebs (BK): Where are we today with respect to IoT security? Are we better off than were a year ago, or is the problem only worse?

Allison Nixon (AN): In some aspects were better off. The arrests that happened over the last year in the DDoS space, I would call that a good start, but were not out of the woods yet and were nowhere near the end of anything.

BK: Why not?

AN: Ultimately, whats going with these IoT botnets is crime. People are talking about these cybersecurity problems problems with the devices, etc. but at the end of the day its crime and private citizens dont have the power to make these bad actors stop.

BK: Certainly security professionals like yourself and others can be diligent about tracking the worst actors and the crime machines theyre using, and in reporting those systems when its advantageous to do so?

AN: Thats a fair argument. I can send abuse complaints to servers being used maliciously. And people can write articles that name individuals. However, its still a limited kind of impact. Ive seen people get named in public and instead of stopping, what they do is improve their opsec [operational security measures] and keep doing the same thing but just sneakier. In the private sector, we can frustrate things, but we cant actually stop them in the permanent, sanctioned way that law enforcement can. We dont really have that kind of control.

BK: How are we not better off?

AN: I would say that as time progresses, the community that practices DDoS and malicious hacking and these pointless destructive attacks get more technically proficient when theyre executing attac...


Printed It: Rubber Band PCB Vise Hackaday

If youve ever worked on a small PCB, you know how much of a hassle it can be to hold on to the thing. Its almost as if they werent designed to be held in the grubby mitts of a human. As designs have become miniaturized over time, PCBs are often so fragile and festooned with components that tossing them into the alligator clips of the classic soldering third hand can damage them. The proper tool for this job is a dedicated PCB vise, which is like a normal bench vise except it doesnt crank down very hard and usually has plastic pads on the jaws to protect the board.

Only problem with a PCB vise is, like many cool tools and gadgets out there, not everybody owns one. Unless youre doing regular PCB fabrication, you might not take the plunge and buy one either. So whats a hacker on a budget to do when theyve got fiddly little PCBs that need attention?

Luckily for us, we live in a world where you can press a button and have a magical robot on your desktop build things for you. Online model repositories like Thingiverse and YouMagine are full of designs for printable PCB vises, all you have to do is pick one. After looking through a number of them I eventually decided on a model designed by [Delph27] on Thingiverse, which I think has a couple of compelling features and more than deserves the few meters of filament it will take to add to your bench.

Of course the best part of all of this is that you can customize and improve the designs you download, which is what Im about to do with this PCB vise!

Desirable Traits



Linux 4.0 To Linux 4.15 Kernel Benchmarks Phoronix

Our latest in benchmarking the Linux 4.15 kernel is seeing how the performance has changed since Linux 4.0 and all subsequent releases on the same system. Here are those tests driven by curiosity, especially in light of the performance changes as a result of KPTI page table isolation and Retpoline additions.


Red Hat Enterprise Linux 7.5 Reaches Public Beta Phoronix

Red Hat has made public today their first beta release of Red Hat Enterprise Linux 7.5 as the next installment to RHEL7...


Less than 10% of Gmail users enabled two-factor authentication Security Affairs

According to Google software engineer Grzegorz Milka, less than 10 percent of its users have enabled two-factor authentication (2FA) for their accounts.

The availability of billions of credentials in the criminal underground due to the numerous massive data breaches occurred in the last years makes it easy for crooks to take over users accounts.

We always suggest enabling two-factor authentication to improve the security of our accounts, unfortunately, the suggestion is often ignored.

Even if someone else gets your password, it wont be enough to sign in to your account, states Googles page on 2FA.

According to Google software engineer Grzegorz Milka, less than 10 percent of its users have enabled two-factor authentication (2FA) for their accounts.

Considering that Google has more than 2 billion monthly active devices, the number of exposed accounts is very huge.

Milka made the disconcerting revelation at the Usenixs Enigma 2018, two-factor authentication (2FA) implemented by Google allows its users to access the account by providing login credentials along with an authentication code sent to the user via SMS or voice call or generated through the Google mobile app.

Two-factor authentication

Source: The Register

This data demonstrates the lack of awareness of cyber threats and the way to mitigate them.

Many users believe that configure and use 2FA for their accounts can make their experience worse.

The Register asked Milka why Google didnt just make two-factor mandatory across all accounts and received...


Drones Take Off in Agriculture Industry SoylentNews

Could the newest farmhand be a drone?

Research in the College of Agriculture and Life Sciences is bringing drone technology to agriculture, one of the major industries with excellent potential for growth. Specifically, drone technology is being tested with sheep at Virginia Tech.

"We are looking at ways drones can be used on small farms," said Dan Swafford, project associate for Virginia Cooperative Extension. "Farms could use drones as a 'check-on' tool to ensure that sheep are where they are supposed to be."

Drones can help farmers gain quick access to see if an animal is in need or injured, to examine if a ewe has delivered a new lamb, or more generally to check the status of the farm.

Agriculture is one of the industries where drones will make a big impact in the coming years. A report from PricewaterhouseCoopers found that the potential market for agricultural drones is $32.4 billion because high-tech systems with the ability to monitor crops or livestock can reduce human errors and save time and money.

Do drones make more sense than static cameras with CCTV?

Original Submission

Read more of this story at SoylentNews.


Tinder flaw exposes user swipe, match and photos to strangers HackRead

By Waqas

Tinder is an online dating app that was launched in

This is a post from Read the original post: Tinder flaw exposes user swipe, match and photos to strangers


CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability Bugtraq

Posted by Akira Ajisaka on Jan 24

CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Hadoop 2.7.3, 2.7.4

In Apache Hadoop 2.7.3 and 2.7.4, the security fix for CVE-2016-3086 is incomplete.
The YARN NodeManager can leak the password for credential store provider
used by the NodeManager to YARN Applications.

If you use the CredentialProvider feature to encrypt passwords used in...


Industries most at risk of phishing attacks revealed Help Net Security

A new KnowBe4 study of phishing statistics for top industries, shows small insurance companies have the highest percentage of phish-prone employees in the small to midsize organization category. Not-for-profit organizations take the lead in large organizations. Benchmark phish-prone percentage by industry Radical drop of careless clicking The study, drawn from a data set of more than six million users across nearly 11,000 organizations, benchmarks real-world phishing results. Results show a radical drop of careless clicking More


KDE Plasma Remains Committed To Supporting Icons On The Desktop Phoronix

While GNOME upstream is removing support for desktop icons with that code having fallen into an unmaintained state over the years, KDE Plasma developers are reaffirming their commitment to supporting desktop icons...


Will explosive data exfiltration continue in 2018? Help Net Security

Last year was a banner year for cybercrime. More data was stolen in the first six months of 2017 than in the entirety of 2016. Gemaltos Breach Level Index found that over 900 data breaches occurred during the first half of 2017, compromising 1.9 billion records. According to Jing Xie, senior threat intelligence analyst for Venafi, this explosive development in data exfiltration will continue in 2018. In an even more ominous trend, the number of More

Wednesday, 24 January


Netflix Beats Wall Street Expectations on Subscriber Growth, Reaches $100 Billion Market Cap SoylentNews

Netflix has continued to add millions of new subscribers, even after it raised prices:

Netflix Inc snagged 2 million more subscribers than Wall Street expected in the final three months of 2017, tripling profits at the online video service that is burning money on new programming to dominate internet television around the world.

The results drove Netflix to a market capitalization of more than $100 billion for the first time. Shares jumped 9 percent to over $248 in after-hours trading on Monday after rallying throughout the month and rising 53 percent last year.

The company has signed up more than half of all U.S. broadband households and is building its customer base in 190 countries by spending billions on programming.

Netflix picked up 6.36 million subscribers in international markets from October through December, when it released new seasons of critically acclaimed shows "Stranger Things" and "The Crown" as well as Will Smith action movie "Bright." That topped Wall Street expectations of 5.1 million, according to FactSet.

Along with 1.98 million customer additions in the United States, the company ended the year with 117.58 million streaming subscribers around the globe, despite a price hike in October.

From a Bloomberg op-ed: "The rapid pace of subscriber additions is impressive, but so is the amount of cash going up in flames."

Also at USA Today and The Street.

Previously: Netflix Has More Subscribers Than Major Cable Providers in the U.S.
Disney to Break Away From Netflix With its Own Streaming Service
Netflix Adds 5 Million Subscribers, Doubles Profit

Original Submission

Read more of this story at SoylentNews.


Government CIOs will increase spending on cloud, cybersecurity and analytics Help Net Security

Cloud solutions, cybersecurity and analytics are the top technologies targeted for new and additional spending by public sector CIOs in 2018, while data center infrastructure is the most commonly targeted for cost savings, according to a survey from Gartner. Sixteen percent of government CIOs said they plan to increase spending on business intelligence (BI) and analytics (16 percent) and data management (six percent) in 2018. Gartners 2018 CIO Agenda Survey gathered data from 3,160 CIO More


Critical Flaw Hits Popular Windows Apps Built With Electron JS Framework The Hacker News

A critical remote code execution vulnerability has been reported in Electrona popular web application framework that powers thousands of widely-used desktop applications including Skype, Signal, Wordpress and Slackthat allows for remote code execution. Electron is an open-source framework that is based on Node.js and Chromium Engine and allows app developers to build cross-platform native


Imagination Announces The PowerVR Series8XT GT8540 GPU Phoronix

The PowerVR Series8XT GT8540 is the latest graphics processor from Imagination Technologies and is designed to drive up to six 4K screens at 60 FPS...


Firing up 750 Raspberry Pis Hackaday

Creating Raspberry Pi clusters is a popular hacker activity. Bitscope has been commercializing these clusters for a bit now and last year they created a cluster of 750 Pis for Los Alamos National Labs. You might wonder what an institution know for supercomputers wants with a cluster of Raspberry Pis. Turns out it is tough to justify taking a real high-speed cluster down just to test software. Now developers can run small test programs with a large number of CPU cores without requiring time on the big iron.

On the face of it, this doesnt sound too hard, but hooking up 750 of anything is going to have its challenges. You have to provide power and carry away heat. They all have to communicate, and you arent going to want to house the thing in a few hundred square feet which makes heat and power even more difficult.

The system is modular with each module holding 144 active nodes, 6 spares, and a single cluster manager. This all fits in a 6U rack enclosure. Bitscope points out that you could field 1,000 nodes in 42U and the power draw including network fabric and cooling would be about 6 kilowatts. That sounds like a lot, but for a 1,000 node device, thats pretty economical. The cost isnt bad, either, running about $150,000 for 1,000 nodes. Sure, thats a lot too but not compared to the alternatives.

Weve seen fairly big Pi clusters before. If you really wanted to go small and low power, you could always try clustering the Pi Zero.


Disrupting Travel Disruption loose wire blog

easyJet seem to be taking an interesting, if not pioneering, approach to disruptive tech. While fintech has mostly absorbed the wave of startups that went after the financial industry from about 2011, travel startups initially went after the middlemen, creating a host of algorithm-based disintermediators, and put a lot of travel agents out of business. 

But airlines? Well there was this kind of thing, which I reported on a year or so ago. But what about the airlines themselves? EasyJet are taking the approach of incubating companies that complement its business, adding layers and businesses on the edge of what it does which is ferry people around in the air. 

Today, for example, it announced that it had adopted a new raft of startups into its accelerator programme: 

 WeTrip an online, group travel booking platform which sells holiday packages to small groups. Their algorithm is connected to distinctive activity suppliers comparing endless combinations of components to build real-time offers, according to the preferences of the group. Payment is also made simple as group members can pay separately.

 Car and Away a peer-to-peer car sharing community where car owners make money out of their parked vehicle whilst they are away on their travels. 

FlightSayer  uses sophisticated simulation algorithms and machine learning to better predict flight delays hours, days, and weeks before departure. With a $1.75m grant from NASA, the companys technology is being used in the US by corporations, airlines and travel management companies to improve travel experience and increase efficiencies with plans to adapt to the European airspace.

TrustedHousesitters, a global community of pet sitters.

So none of these detract from easyJets business, but enhance it. None are disrupters, per se, although Car and Away does eat into car rentals. Instead easyJet uses these startups to add value to its own service: 

 easyJet and TrustedHousesitters have partnered up to allow passengers  to choose a free house sitter for their pet or find free accommodation as a house or pet sitter when booking flights at

Previous graduates of the program have already partnered up  FLIO, an airport app, is working on integrating its content with the easyJet Travel App. LuckyTrip are also working on something similar. 

Behind all this: Founders Factory, a sort of innovation factory backed by corporates from six sectors:  easyJet (Travel), LOral (Beauty), Aviva (Fintech), Holtzbrinck (Education), Guardian Media Group (Media) and CSC Group (Artificial Intelligence).



CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability Open Source Security

Posted by Akira Ajisaka on Jan 24

CVE-2017-15718: Apache Hadoop YARN NodeManager vulnerability

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
Hadoop 2.7.3, 2.7.4

In Apache Hadoop 2.7.3 and 2.7.4, the security fix for CVE-2016-3086 is incomplete.
The YARN NodeManager can leak the password for credential store provider
used by the NodeManager to YARN Applications.

If you use the CredentialProvider feature to encrypt passwords used in...


Screen-Addicted Teens are Unhappy SoylentNews

Screen-addicted Teens are unhappy?

Happiness is not a warm phone, according to a new study exploring the link between adolescent life satisfaction and screen time. Teens whose eyes are habitually glued to their smartphones are markedly unhappier, said study lead author and San Diego State University and professor of psychology Jean M. Twenge.

To investigate this link, Twenge, along with colleagues Gabrielle Martin at SDSU and W. Keith Campbell at the University of Georgia, crunched data from the Monitoring the Future (MtF) longitudinal study, a nationally representative survey of more than a million U.S. 8th-, 10th-, and 12th-graders. The survey asked students questions about how often they spent time on their phones, tablets and computers, as well as questions about their in-the-flesh social interactions and their overall happiness.

On average, they found that teens who spent more time in front of screen devices -- playing computer games, using social media, texting and video chatting -- were less happy than those who invested more time in non-screen activities like sports, reading newspapers and magazines, and face-to-face social interaction.

Twenge believes this screen time is driving unhappiness rather than the other way around.

"Although this study can't show causation, several other studies have shown that more social media use leads to unhappiness, but unhappiness does not lead to more social media use," said Twenge, author of "iGen: Why Today's Super-Connected Kids Are Growing Up Less Rebellious, More Tolerant, Less Happy -- And Completely Unprepared for Adulthood."

Journal Reference:

Jean M. Twenge, Gabrielle N. Martin, W. Keith Campbell. Decreases in Psychological Well-Being Among American Adolescents After 2012 and Links to Screen Time During the Rise of Smartphone Technology.. Emotion, 2018; DOI: 10.1037/emo0000403

"Reading newspapers and magazines" makes teens happier? Perhaps paper produces happiness radiation...

Original Submission

Read more of this story at SoylentNews.


Bell Canada suffers a data breach for the second time in less than a year Security Affairs

Bell Canada is notifying customers about a data breach that exposed personal data of roughly 100,000 individuals, this is the second security breach in a few months.

Bell Canada is notifying customers about a data breach that exposed personal data of roughly 100,000 individuals, including names, phone numbers, email addresses, usernames and account numbers.

The protection of consumer and corporate information is of primary importance to Bell, John Watson, Executive Vice-President of Customer Experience at Bell Canada, told customers. We work closely with the RCMP and other law enforcement agencies, government bodies and the broader technology industry to combat the growth of cyber crimes.

The Royal Canadian Mounted Police has launched an investigation into the security breach at Bell Canada.

We are following up with Bell to obtain information regarding what took place and what they are doing to mitigate the situation, and to determine follow up actions, said the federal privacy watchdogs spokeswoman Tobi Cohen.  

Bell company added that there is no evidence that financial data (i.e. credit card data) has been compromised.

Bell Canada

This the second time that Bell Canada has been a victim of a data breach, in May 2017 an anonymous hacker obtained access to about 1.9 million active email addresses and about 1,700 customer names and active phone numbers.

As part of the incident response procedure, Bell confirmed to have implemented additional security measures, for accounts authentication.

Bell Canada advised users to monitor their financial and online accounts for unauthorized activity and recommends customers to use strong passwords and frequently change them.

The Canadian Government plans to review the Personal Information Protection and Electronic Documents Act that would require companies to notify data breaches.

Unfortunately, until now only the province Alberta has mandatory reporting requirements for private-sector companies that suff...


GNOME's Mutter Now Supports GBM With Modifiers - Allowing Tiling & Compression Phoronix

Landing today in GNOME's Mutter Git tree are some longstanding patches by Collabora's Daniel Stone for supporting the Generic Buffer Manager (GBM) with buffer modifiers for DRM...


The EU is Working On Its Own Piracy Watch-List TorrentFreak

The annual list overview helps to guide the U.S. Governments position towards foreign countries when it comes to copyright enforcement.

Since the list only identifies foreign sites, American services are never included. However, this restriction doesnt apply in Europe, where the European Commission announced this week that its working on its own piracy watch list.

The European Commission on the basis of input from the stakeholders after thorough verification of the received information intends to publish a so called Counterfeit and Piracy Watch-List in 2018, which will be updated regularly, the EUs call for submissions reads.

The EU watch list will operate in a similar fashion to the US equivalent and will be used to encourage site operators and foreign governments to take action.

The list will identify and describe the most problematic marketplaces with special focus on online marketplaces in order to encourage their operators and owners as well as the responsible local authorities and governments to take the necessary actions and measures to reduce the availability of IPR infringing goods or services.

In recent years various copyright holder groups have repeatedly complained about a lack of anti-piracy initiatives from companies such as Google and Cloudflare, so it will be interesting to see if these will be mentioned.

The same is true for online marketplaces. Responding to the US list last week, Alibaba also highlighted that several American companies suffer the same piracy and counterfeiting problems as they do, without being reprimanded.

What about Amazon, eBay and others? USTR has no basis for comparison, because it does not ask for similar data from U.S. companies, Alibaba noted in a rebuttal.

The EU writes, for example, that their list will not mean to reflect findings of legal violations, nor will it reflect the...


Does living forever sound ideal? These 5 new books will change your mind Lifeboat News: The Blog

That wisdom from Ecclesiastes is the theme of five new novels, which, if they did not give me a taste of immortality, at least made me feel like the week would never end. The coincidence of their arrival is a little creepy, but it suggests the growing relevance of this subject for a generation reviewing itineraries to the undiscovered country with deep ambivalence. In shades of comedy and tragedy, realism and fantasy, these contemporary authors dig up a lot of old conceits and, like Dr. Frankenstein, zap them to life with mixed results.

The dark side of immortality: How to Stop Time, Eternal, The Immortalists, Immortal Life and The Afterlives.


Internet Use at Home Soars to Over 17 Hours Per Week SoylentNews

Why don't anyone go outside and play?

Since the internet became mainstream less than 20 years ago, faith in traditional institutions and consumption of traditional media has also been displaced by faith in newer, digital institutions and consumption of newer, digital media, according to the 15th annual Digital Future Report recently produced by the USC Annenberg Center for the Digital Future.

In the years since the USC Annenberg Center for the Digital Future published its first Digital Future Report in 2000, the internet has evolved from a secondary medium to an essential component of daily life.

Over the course of that time:

  • Overall internet penetration has increased from 67 to 92 percent.
  • Total hours per week online has steadily increased from 9.4 to 23.6.
  • Internet usage at home has risen from 3.3 to 17.6 hours per week.

[...] Perhaps the largest change affecting our online behavior over the life of the report was the introduction of the iPhone and other smartphone technologies in 2007, which increased the internet's always onand always with ustechnology capabilities.

Since 2010 alone:

  • People who use their phone to access the internet has skyrocketed from 23 to 84 percent.
  • Use of smartphone email has nearly quadrupled from 21 to 79 percent.
  • The use of mobile apps increased from 49 to 74 percent.
  • GPS location service use has gone from 12 to 71 percent.
  • The percentage of people who stream music on their phone has increased from 13 to 67 percent.

Original Submission

Read more of this story at SoylentNews.


Microsoft Financially Backs Patent Trolls That Attack Its Competitors Techrights

[Microsoft's] Mr. Emerson and I discussed a variety of investment structures wherein Microsoft would backstop, or guarantee in some way, BayStars investment. Microsoft assured me that it would in some way guarantee BayStars investment in SCO.

Larry Goldfarb, BayStar, key investor in SCO

Summary: Corporate media continues to ignore the elephant in the room, which is Microsofts deep involvement in arming patent trolls and using them against rivals, including GNU/Linux

THE 12-year Microsoft push for 'patent tax' on GNU/Linux persists in a new form. Its occasionally mentioned in the media, e.g. that Microsoft would sic patent trolls on AWS customers, but we cant help wondering if editors are shooting down attempts to mention that this is also an anti-Linux plot. How many millions (not even billions) has Microsoft spent (invested) for the media to spread the lie that it loves Linux? We are occasionally being asked (having researched this) regarding Microsofts patent strategy against Linux, yet nothing gets published at the end. In this example from yesterday it comes across almost like Microsoft marketing with lots of Microsoft talking points, as if everything Microsoft says must be true. I had been contacted by the author, but nothing I said was included in this article. I did explain, for example, that Microsoft instructs Nokia to pass its patents to trolls. This is well documented. The article actually states that if Microsoft sells a patent, it still cant be used against Azure customers. But only against them. Got it?

Were very disappointed to see the media persisting with the Microsoft loves Linux lie, but seeing also the publicity stunt (court case) which has Microsoft portrayed as fighting for privacy we are dismayed and bound to accept that money buys the media and thus buys narrative.Paid-for trolling (paid by Microsoft) is not new; heres a reminder from this week. Its about...


DIY Dungeon Crawler Game Plays on Single LED Strip Hackaday

How can a dungeon crawler game be represented in 1D, and how is this unusual game played? The goal is for the player (a green dot) to reach the goal (a blue dot) to advance to the next level. Making this more difficult are enemies (red dots) which move in different ways. The joystick is moved left or right to advance the players blue dot left or right, and the player can attack with a twang motion of the joystick, which eliminates nearby enemies. By playing with brightness and color, a surprising amount of gameplay can be jammed into a one-dimensional display!

Code for TWANG! is on github and models for 3D printing the physical pieces are on Thingiverse. The video (embedded below) focuses mainly on the development process, but does have the gameplay elements explained as well and demonstrates some slick animations and sharp feedback.



Nuraphone - Best of Innovation award at CES 2018 Gregarious Mammal

Fresh from their Best of Innovation at CES Innovation Awards, we finally publish an interview with Nuraphone when Chris visited their office in Melbourne in December to discuss their unique headphones, and running a startup in Australia.


PTAB Engages in Patent Justice, But Lobbyists of Patent Trolls Try to Blame PTAB for All the Problems of the US and Then Promote Iancu Techrights

Related: Further Scrutiny of Andrei Iancu Shows That Hes on Both Sides of Troll Battles and PTAB Battles

Photo credit: The American Lawyer

Andrei IancuSummary: In an effort to curtail quality control at the US patent office, voices of the litigation industry promote the irrational theory that the demise of the US is all just the fault of patent reform

THE appeals (or petitions) at the USPTO are working. Many patents are being invalidated when they lack merit. Thanks to PTAB

Michael Loney, the managing editor of Managing IP, took note of (and apparently graphed) the effects of PTAB fees going up after all the PTAB shaming. Its no secret that patent extremists have bullied USPTO officials into making PTAB less accessible (less affordable) and as Loney explained: The increase in PTAB fees on Jan 16 had an impact on petition filing. Spike of 37 petitions on Jan 15 per Docket Navigator. As well as smaller but significant numbers of 18 petitions on Jan 12 and 10 on Jan 11

Last year was another record year for PTAB; will that trend carry on in spite of these price hikes? We shall see.

Meanwhile, Loney takes note of Allergans troubles amid its patent scam (attempting to dodge PTAB by misuse of tribal immunity). There are now about a dozen class-action antitrust lawsuits pending against Allergan, he wrote, that allege a multi-pronged effort to block generic versions of Restasis from coming to market.

So Allergan not only resorted to patent scams but also let poor people die in the process. We hope that PTAB will soon invalidate all those patents that Allergan is trying to shelter behind tribes. Allergan knows darn well why its trying to avoid PTAB.

Dennis Crouch also wrote about Allergan. The firm is collapsing, it already faces multiple probes, it is laying off staff and it engages...


The Pirate Bay Suffers Downtime, Tor Domain Is Up (Update) TorrentFreak

pirate bayThe main Pirate Bay domain has been offline for nearly a day now.

For most people, the site currently displays a Cloudflare error message across the entire site, with the CDN provider referring to a bad gateway.

No further details are available to us and there is no known ETA for the sites full return. Judging from past experience, however, its likely a small technical hiccup that needs fixing. There are no issues with the domain name itself.

Pirate Bay downtime, bad gateway

TorrentFreak reached out to the TPB team but we have yet to hear more about the issue. The Pirate Bay has had quite a few stints of downtime in recent months. The popular torrent site usually returns after several hours.

Amid the downtime, theres still some good news for those who desperately need to access the notorious torrent site. TPB is still available via its .onion address on the Tor network, accessible using the popular Tor Browser, for example. The sites Tor traffic goes through a separate server and works just fine.

The same is true for some of The Pirate Bays proxy sites, which are still working fine and showing new torrents.

The main .org domain will probably be back in action soon enough, but seasoned TPB users will probably know the drill by now

The Pirate Bay is not the only torrent site facing problems at the moment. The popular ExtraTorrent copy has been suffering downtime for more than a week, without a word from its operators.

Update January 26: After nearly two days of downtime the site is back online.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons


Mazda to Build Electric SUV with Chinese Partner SoylentNews

Mazda and China's Changan Automobile Group are poised to build electric SUVs together.

According to Japan's Nikkei Asian Review, the automakers plan to collaborate to develop and build a battery-powered crossover SUV by 2019. The two manufacturers have been in a 50:50 joint-venture partnership since 2012, and their relationship stretches back even longer, into the mid-2000s.

The Nikkei's report indicates that Changan will supply much of the SUV's electric drivetrain -- including batteries and motors, while Mazda will produce the bodies.

The move comes amidst a backdrop where Chinese authorities are pushing to adopt more stringent clean-air regulations. The country is already the world's largest market for electric vehicles, and it's become a global leader in the move to electrification through public policy.

China ranks fifth highest in the world for deaths from air pollution.

Original Submission

Read more of this story at SoylentNews.


Satoris threat actors are behind the new Masuta botnet that is targeting routers in the wild Security Affairs

Masuta botnet targets routers using default credentials, one of the versions analyzed dubbed PureMasuta relies on the old network administration EDB 38722 D-Link exploit.

Security experts at NewSkys believe the operators of the recently discovered Satori botnet are launching a new massive hacking campaign against routers to recruit infect them and recruit in the botnet dubbed Masuta.

We analyzed two variants of an IoT botnet named Masuta where we observed the involvement of a well-known IoT threat actor and discovered a router exploit being weaponized for the first time in a botnet campaign. reads the analysis published by NewSky.

We were able to get hands on the source code of Masuta (Japanese for master) botnet in an invite only dark forum. After analyzing the configuration file., we saw that Masuta uses 0xdedeffba instead of Mirais 0xdeadbeef as the seed of the cipher key, hence the strings in the configuration files were effectively xored by ((DE^DE)^FF) ^BA or 0x45.

The Satori botnet is a variant of the Mirai botnet first discovered by the group of experts MalwareMustDie, it made the headlines at the end of 2016 when it was involved in hundreds of thousands of attempts to exploit a recently discovered vulnerability in Huawei HG532 home routers.

Masuta also targets routers using default credentials, one of the versions analyzed by the experts dubbed PureMasuta relies on the old network administration EDB 38722 D-Link exploit.

Researchers noticed a rise in the Masuta attacks since September, their honeypots observed 2400 IPs involved in the botnet in last three months and experts believe that other routers will be recruited in the next months.


The flaw tr...


Goldman Explains How "Bitcoin Could Succeed As A Form Of Money" Terra Forming Terra

Crypto currencies have plenty of issues to overcome, but none are deal breakers and they can be accommodated as it continues to evolve.  The current issue remains security of peripherals and the apparent gold rush among promoters, most of which cannot end well.  Yet the pie is now expending through the steady advent of clones.

The current cap is running around 300 billion.  Expanding by adding clones will allow the dollar total to continue increasing while prices actually drop. This will also allow many new entrants into mining operations as well.

What is rather clear is that this store of value is readily accessed by computer completely outside the banking universe and that banking security is provided by Blockchain.  It is more convenient than banking for the right scale of transactions. It certainly will allow low fee international transactions and that alone is a huge market.

Gold has always been inconvenient.  Fiat money has always been subject to government printing presses, and never more so that our era of quantitative easing.  Now Bitcoin is convenient and now subject to taxation through inflation..

Goldman Explains How "Bitcoin Could Succeed As A Form Of Money"

Wed, 01/10/2018 - 12:01.

Yes, we all know the...


North and South Korea uniting under one flag for Olympics Terra Forming Terra

No one has been paying much attention with the hidden USA Civil War now in full swing.  What has happened here is that North Korea has used the Olympic Games as a face saving gambit to open full unification talks with South Korea.

The games were the easy part and got things underway while keeping the media out of the picture.

I do think that they need to settle this ASAP and South Korean Generosity will go a long way to make it very palatable as occurred with East Germany.  At the same time the North Koreans will see their athletes  marching under the united Korean Flag.   The only issue is how to dress up complete capitulation as something else.

Obviously both the Russians and the Chinese have told them enough is enough.  They also know they do not want to clean up the horrid mess that the USA will visit upon North Korea. This way the South does all the spending.

BREAKING: North and South Korea uniting under one flag for Olympics 

South Korea announced Wednesday the two rivals will appear side-by-side at the February 9th opening ceremony. 

January 17, 2018, 16:43



Secret Political History of the Bat Creek Terra Forming Terra

This stone has been hopelessly compromised.  At best it was a marker as well.  The script is potentially ancient, but we can not rule out recent fakery as well, unlike the Kensington  stone written in Norse runes a thousand years old.  There is also far too little of it..

Thus we simply have an interesting item demanding additional discoveries.

However do read the long expose on the behavior of so called archeologists back in the day.  Worse this has continued deep into the twentieth century and even emerged in front of the author.  What disturbs me is the lack of respect for knowledge shown by what are obviously faux scholars.. 


Posted by Richard Thornton | Dec 29, 2017 | Appalachian Mountains, Archaeology, Art, Little Tennessee River, Mounds,

Bat Creek Mounds is a Middle and...


Camping...With Bigfoot Terra Forming Terra

They actually did it right and almost started trading with a Big Foot.  That gift is important.  Bigfoot is in fact keen to receive gifts from us but knows not how.  Laying out gifts every day should do it and deer meat is an excellent choice as are good apples.  Accept gifts in return gracefully as it is information.

Big Foot is our natural partner in the woods and can obviously be groomed. Imagine Big Foot with a simple chain saw doing forest grooming.  This could work.

The potential is there and should be followed up on..

Camping...With Bigfoot

Thursday, January 11, 2018

An un-named caller from Columbia, Missouri wanted to share his Bigfoot story:



Team UPC Has Been Reduced to Rubble and Misinformation Techrights

Countries with a dozen new patents (more than a thousand times less than Germany) touted as progress

Alexander Ramsay, Bristows, and the UPC gold rush

Summary: A roundup of the latest falsehoods about the Unified Patent Court (UPC) and those who are peddling such falsehoods for personal gain

THIS wont be the first time that we point out misinformation about the UPC. We have been doing that for nearly a decade (even before UPC was known as UPC). Todays post packs in it several new examples. Well keep it as short and concise as possible. We can soon just forget about the UPC (altogether). It will be left in the ashtray of history.


We can soon just forget about the UPC (altogether).The PR firm of the EPO had paid IAM to promote the UPC. This wasnt even a secret. IAM disclosed that in its Web site. We got that. Its a marriage of convenience and the lobbying is paid for. That IAM spread false rumours about the UPC in Spain last year (repeatedly in fact) is not OK. Why not? Because it constitutes what many people refer to as fake news nowadays. Never mind the ethical issues associated with lobbying

Yesterday IAM wrote: The Spanish government has reiterated that it will not support Spains membership of the UPC. Linguistically and economically it says the system would disadvantage Spanish SMEs. But how many Spanish SMEs have any interest in patents?

The government is correct. IAM is wrong. SMEs would be the targets of litigation. Thats why the UPC is a threat to them. And it doesnt offer them any benefits as very few even operate outside Spain anyway

The PR firm of the EPO had paid IAM to promote the UPC. This wasnt even a secret.I responded to IAM by saying that patent extremists, who make a living out of patent system growth (more monopolies irrespective of economic theories/evidence), will always choose to not understand this. IAM carried on: Spain a country of 46 million peopl...


[SECURITY ADVISORY] curl: HTTP authentication leak in redirects Open Source Security

Posted by Daniel Stenberg on Jan 23

HTTP authentication leak in redirects

Project curl Security Advisory, January 24th 2018 -


libcurl might leak authentication data to third parties.

When asked to send custom headers in its HTTP requests, libcurl will send that
set of headers first to the host in the initial URL but also, if asked to
follow redirects and a...


[SECURITY ADVISORY] curl: HTTP/2 trailer out-of-bounds read Open Source Security

Posted by Daniel Stenberg on Jan 23

HTTP/2 trailer out-of-bounds read

Project curl Security Advisory, January 24th 2018 -


libcurl contains an out bounds read in code handling HTTP/2 trailers.

It was [reported]( that reading an
HTTP/2 trailer could mess up future trailers since the stored size was one
byte less than...


According to TrendMicro Business Email Compromise (BEC) attacks could reach $ 9 billion in 2018 Security Affairs

According to a report published by the security firm TrendMicro, Business Email Compromise (BEC) attacks could reach $ 9 billion in 2018.

The report highlights the growth of damage caused by hackers who adopts new attack vectors techniques like the ones used recently by Lebanese intelligence agency Dark Caracal

According to a report published by TrendMicro, Business Email Compromise (BEC) attacks had surpassed the value of damage to enterprises in the past years and it is estimated that it could reach $ 9 billion dollars in 2018. This rising value of loss for business takes into account new attack vectors like the one from Lebanese Intelligence Agency Dark Caracal malware who utilizes malware in android application.

The report states that the FBI released a public announcement revealing that BEC attacks had become a $ 5.3 billion industry in the past years. In that regard, the report emphasizes that hackers are employing Social Engineering to lure and deceive employees in a myriad of scams to bypass security measures. By using a deep understanding of Human Psychology hackers are circumventing the defenses, as the report states it requires little in the way of special tools or technical knowledge to pull off, instead of requiring an understanding of human psychology and knowledge of how specific organizations work.

The report lists how BEC attacks are usually conducted. The techniques are: Bogus invoice scheme, CEO fraud, Account compromise, Attorney impersonation and Data Theft. The report highlight that these attacks can be classified into two major groups: Credential grabbing and email only.

Business Email Compromise

The credential grabbing technique as detailed by the report has shown an increase in phishing HTML pages that are sent as spam attachments. Also, by employing malware campaign hackers target organizations. One recent example of malware is...


Age and Longevity in the 21st Century: Science, Policy, and Ethics will be held in New York City April 1315. Lifeboat News

Age and Longevity in the 21st Century: Science, Policy, and Ethics will be held in New York City April 13-15. Our Didier Coeurnelle, Aubrey de Grey, and Ana Lita will be speaking/participating. The deadline for abstract submission and registration has been extended to March 1. Learn more!


CRISPR Patent Debacle Demonstrated That Opposition Divisions Do Their Job, But Also Highlighted Serious Deficiency in Patent-Granting Process Techrights

Why was such a patent allowed in the first place? Could it be inane work pressure?

Intellectual Property and Genomics
Reference: (US)

Summary: While it is reassuring that EPO staff managed to squash a very controversial patent, it remains to be explained why such patent applications/applicants were even notified of intention to grant (in spite of the EPC, common sense and so on)

THE US patent system, in spite of its flaws, has managed to improve patent quality. IPRs/PTAB/AIA might deserve the credit. At the EPO, the appeal boards and the Opposition Divisions were entrusted to ensure patent quality as well.

Maybe thats because the number of oppositions is soaring.One week ago today (also Wednesday) an Opposition Division showed signs of life and demonstrated that in spite of Battistellis behaviour it was still able to do its work. This latest comment in IP Kat says: The discussion seems to shift away from the facts of the case decided by the Opposition Division. Even the proprietor does not allege that there was a consent by all the co-applicants of the provisional to file the internatial application claiming priority from the provisional. As to the form of transfer it seems to be meanwhile uncontested EP practice that it is governed by national law, i.e. in the case of a US provisional US civil law.

6 days later there was still new press coverage about this opposition. Broad suffered a stunning blow at the European Patent Office (EPO) last week, said this latest article.

So much for patent certainty

The [European] office also plans to create new specialised directorates to deal with opposition procedures, said this recent article (translated into...


Half a Terabyte in Your Smartphone? Yup. That's Possible Now SoylentNews

Here's a challenge: do you reckon you can fill half-a-terabyte of memory using only a smartphone?

For some people, we're sure, the answer will be along the lines of hold my beer while I set my camera to HDR mode and snap some selfies. So the good news is that from February, you'll be able to lay out the readies on a 512 GB microSDXC card from Integral Memory.

At a transfer rate of 80 megabytes per second, you'd need more than an hour and a half to transfer a full card's worth of data; last year's 400 GB monster from SanDisk (no longer the world's biggest little memory card) still has the edge there, claiming a 100 MB/second transfer rate.

Integral's 512GB microSDXC V10, UHS-I U1 card is fast enough to meet V10 (Video speed class 10) for capturing full HD video.

Integral has put up a web page and a Spec sheet (pdf) for it.

Now we can set them up as media hubs for all.

Original Submission

Read more of this story at SoylentNews.


CVE-2018-1000018: ovirt-engine-setup: root password disclosed in provisioning logs Open Source Security

Posted by Doran Moppert on Jan 23

Distributions of ovirt using hosted-engine-setup should check if their
configuration is affected by this issue, as the default log file
permissions were 0755 and the root password was not correctly filtered.


An ADS-B Antenna Built From Actual Garbage Hackaday

With the advent of low-cost software defined radio (SDR), anyone whos interested can surf the airwaves from the FM band all the way up to the gigahertz frequencies used by geosynchronous satellites for about $20 USD. Its difficult to overstate the impact this has had on the world of radio hacking. It used to be only the Wizened Ham Graybeards could command the airwaves from the front panels of their $1K+ radios, but now even those who identify as software hackers can get their foot in the door for a little more than the cost of a pizza.

But as many new SDR explorers find out, having a receiver is only half the battle: you need an antenna as well. A length of wire stuck in the antenna jack of your SDR will let you pick up some low hanging fruit, but if youre looking to extend your range or get into the higher frequencies, your antenna needs to be carefully designed and constructed. But as [Akos Czermann] shows on his blog, that doesnt mean it has to be expensive. He shows how you can construct a very capable ADS-B antenna out of little more than an empty soda can and a bit of wire.

He makes it clear that the idea of using an old soda can as an antenna is not new, another radio hacker who goes by t...


MIT Engineers Have Designed a Chip That Behaves Just Like Brain Cell Connections Lifeboat News: The Blog

For those working in the field of advanced artificial intelligence, getting a computer to simulate brain activity is a gargantuan task, but it may be easier to manage if the hardware is designed more like brain hardware to start with.

This emerging field is called neuromorphic computing. And now engineers at MIT may have overcome a significant hurdle the design of a chip with artificial synapses.

For now, human brains are much more powerful than any computer they contain around 80 billion neurons, and over 100 trillion synapses connecting them and controlling the passage of signals.


Firefox 58 is out

Firefox 58 has been released. "With this release, were building on the great foundation provided by our all-new Firefox Quantum browser. We're optimizing the performance gains we released in 57 by improving the way we render graphics and cache JavaScript. We also made functional and privacy improvements to Firefox Screenshots. On Firefox for Android, weve added support for Progressive Web Apps (PWAs) so you can add websites to your home screen and use them like native apps."


APPLE-SA-2018-1-23-6 iTunes 12.7.3 for Windows Bugtraq

Posted by Apple Product Security on Jan 23

APPLE-SA-2018-1-23-6 iTunes 12.7.3 for Windows

iTunes 12.7.3 for Windows is now available and addresses the

Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4088: Jeonghoon Shin of Theori
CVE-2018-4096: found by OSS-Fuzz

Installation note:



APPLE-SA-2018-1-23-7 iCloud for Windows 7.3 Bugtraq

Posted by Apple Product Security on Jan 23

APPLE-SA-2018-1-23-7 iCloud for Windows 7.3

iCloud for Windows 7.3 is now available and addresses the following:

Available for: Windows 7 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4088: Jeonghoon Shin of Theori
CVE-2018-4096: found by OSS-Fuzz

Installation note:

iCloud for Windows...


APPLE-SA-2018-1-23-5 Safari 11.0.3 Bugtraq

Posted by Apple Product Security on Jan 23

APPLE-SA-2018-1-23-5 Safari 11.0.3

Safari 11.0.3 is now available and addresses the following:

Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and
macOS High Sierra 10.13.3
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4088: Jeonghoon Shin of Theori
CVE-2018-4089: Ivan Fratric of...


Trump Commerce pick told lawmakers he would look at reversing Obama move on internet oversight: report The Hill: Technology Policy

David Redl, the assistant Commerce secretary for communications and information, reportedly told GOP lawmakers before he was confirmed that he would convene a panel to look at unwinding the Obama administration's move to international control...


APPLE-SA-2018-1-23-4 tvOS 11.2.5 Bugtraq

Posted by Apple Product Security on Jan 23

APPLE-SA-2018-1-23-4 tvOS 11.2.5

tvOS 11.2.5 is now available and addresses the following:

Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2018-4094: Mingi Cho, MinSik Shin, Seoyoung Kim, Yeongho Lee and
Taekyoung Kwon of the Information Security Lab,...


APPLE-SA-2018-1-23-2 macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan Bugtraq

Posted by Apple Product Security on Jan 23

APPLE-SA-2018-1-23-2 macOS High Sierra 10.13.3,
Security Update 2018-001 Sierra,
and Security Update 2018-001 El Capitan

macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and
Security Update 2018-001 El Capitan are now available and address
the following:

Available for: macOS High Sierra 10.13.2, macOS Sierra 10.12.6
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory...


APPLE-SA-2018-1-23-3 watchOS 4.2.2 Bugtraq

Posted by Apple Product Security on Jan 23

APPLE-SA-2018-1-23-3 watchOS 4.2.2

watchOS 4.2.2 is now available and addresses the following:

Available for: All Apple Watch models
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2018-4094: Mingi Cho, MinSik Shin, Seoyoung Kim, Yeongho Lee and
Taekyoung Kwon of the Information Security Lab, Yonsei...


APPLE-SA-2018-1-23-1 iOS 11.2.5 Bugtraq

Posted by Apple Product Security on Jan 23

APPLE-SA-2018-1-23-1 iOS 11.2.5

iOS 11.2.5 is now available and addresses the following:

Available for: iPhone 5s and later, iPad Air and later, and iPod
touch 6th generation
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2018-4094: Mingi Cho, MinSik Shin, Seoyoung Kim, Yeongho Lee and
Taekyoung Kwon of the...


DefenseCode ThunderScan SAST Advisory: SugarCRM Community Edition Multiple SQL Injection Vulnerabilities Bugtraq

Posted by DefenseCode on Jan 23

           DefenseCode ThunderScan SAST Advisory
SugarCRM Community Edition Multiple SQL Injection Vulnerabilities

Advisory ID:    DC-2018-01-011
Advisory Title: SugarCRM Community Edition Multiple SQL Injection
Advisory URL:
Software:       SugarCRM Community Edition
Language:       PHP
Version:        6.5.26 and below
Vendor Status:  Vendor...


Re: How to deal with reporters who don't want their bugs fixed? Open Source Security

Posted by Mike O'Connor on Jan 23

:Subject says it all: What do you do if you receive a vulnerability report,
:and the reporter requests an embargo at some time in the future because
:that's when their paper/conference presentation/patent submission is
:The obvious approach is to find a prior public report of essentially the same
:bug and fix that (which will work surprisingly often), but let's assume that
:this isn't the case.

Well, does the embargo...


Facebook Comes Up With a Unit of Time: The "Flick" SoylentNews

Facebook invented a new time unit called the 'flick' and it's truly amazing

So what is a flick? A flick is one seven hundred and five million six hundred thousandth of a second 1/705,600,000 if you prefer the digits, or 1.417233560090703e-9 if you prefer decimals. And why is that useful?

As a hint, here's a list of numbers into which 1/706,600,000 divides evenly: 8, 16, 22.05, 24, 25, 30, 32, 44.1, 48, 50, 60, 90, 100, 120. Notice a pattern? Even if you don't work in media production, some of those numbers probably look familiar. That's because they're all framerates or frequencies used in encoding or showing things like films and music. 24 frames per second, 120 hertz TVs, 44.1 KHz sample rate audio.

[...] Even the weird NTSC numbers in use due to certain technical constraints divide nicely. 23.976 (technically 24*(1,000/1,001)=23.976023976230 with the last 6 digits repeating) becomes exactly 29,429,400 flicks. It's the same for 29.97, 59.94, and any others like them. No more fractions or decimals needed whatsoever! How great is that?!

There is more detail and background information on GitHub.

Do you give a flick? How many flicks do you feel you have wasted on this article?

Original Submission

Read more of this story at SoylentNews.


Making Prints More Resilient With Fibre-Filled Filament Hackaday

For all that we love 3D printers, sometimes the final print doesnt turn out as durable as we might want it to be.

Aiming to mimic the properties of natural structures such as wood, bone, and shells, a research team lead by [Jennifer A. Lewis] at Harvard John A. Paulson School of Engineering and Applied Sciences Lewis Lab have developed a new combined filament and printing technique which they call rotational 3D printing.

Minuscule fibres are mixed in with the epoxy filament and their controlled orientation within the print can reinforce the overall structure or specific points that will undergo constant stresses. To do so the print head is fitted with a stepper motor, and its precisely programmed spin controls the weaving of the fibres into the print. The team suggests that they would be able to adapt this tech to many different 3D printing methods and materials, as well as use different materials and printed patterns to focus on thermal, electrical, or optical properties.

Be it adding carbon nano-tubes or enlisting the expertise of spiders to refine our printed materials, were looking forward to the future of ever stronger prints. However, that doesnt mean that existing methods are entirely lacking in endurance.

[Thanks for the tip, Qes!]


How to Understand Extreme Numbers - Facts So Romantic Nautilus

We live among vast orders of magnitude, but they dont have to be off-putting.Photo Illustration by NASA Goddard Space Flight Center / Flickr

The late statistics wizard Hans Rosling, who died this month at age 68,  brought at least 10 toilet paper rolls to some of his beloved presentations.  He would stack them into a tower on a table, each roll representing one billion people. In a 2012 talk at the Skoll World Forum, he used the rolls to show how, as the number of children in the world2 billionholds steady, the global population will rise from 7 billion to the (also indefinitely stable) figure of about 10 billion. We are debating peak oil, he remarked, but we know that we have reached peak child.

With his whimsical props and other colorful visualizations, Rosling was renowned as a translator between large, almost unfathomable numbers and the language of everyday experience. He understood that most of us need visualizations or analogies to mentally work with millions, billions, and other big powers of 10 that help define our world. Theyre important for decisions that affect daily life, such as how money gets invested and which government policies you support. But just
Read More


[$] The XArray data structure

Sometimes, a data structure proves to be inadequate for its intended task. Other times, though, the problem may be somewhere else in the API used to access it, for example. Matthew Wilcox's presentation during the 2018 Kernel miniconf made the case that, for the kernel's venerable radix tree data structure, the latter situation holds. His response is a new approach to an old data structure that he is calling the "XArray".


ActivityPub is now a W3C recommended standard

The Free Software Foundation blog has a guest post from GNU MediaGoblin founder Christopher Lemmer Webber announcing that ActivityPub has been made an official W3C recommended standard. "ActivityPub is a protocol for building decentralized social networking applications. It provides both a server-to-server protocol (i.e. federation) and a client-to-server protocol (for desktop and mobile applications to connect to your server). You can use the server-to-server protocol or the client-to-server protocol on their own, but one nice feature is that the designs for both are very similar. Chances are, if you've implemented support for one, you can get support for the other with very little extra effort! We've worked hard to make ActivityPub easy to understand."


Even Grado, the Most Traditionalist of Headphone Companies, is Developing a Wireless Model SoylentNews

Anyone who's ever heard the Grado name is probably also familiar with the old-school way this headphones manufacturer does business. The majority of Grado models are still made by hand at the company's original home in Brooklyn, New York, and very little has changed about the materials, design, or sound of its products over the decades. That's why it's quite a momentous thing to learn that Grado is developing a wireless model, which is set to be released this year.

[...] The specs, release date, and even name of this new wireless Grado model are yet to be finalized, but it's something definitely on the schedule for 2018. One final note of import is that these wireless headphones will remain open-back, as has been the Grado tradition. When I asked Jonathan Grado whether the company would build a closed-back pair which would be more suitable for using outdoors because of its sound isolation between your music and the outside world he (half-)jokingly replied, "Let's see where we are in another 65 years."

Source: TheVerge

Original Submission

Read more of this story at SoylentNews.


NEW 'Off The Wall' ONLINE 2600 - 2600: The Hacker Quarterly

NEW 'Off The Wall' ONLINE

Posted 24 Jan, 2018 1:31:40 UTC

The new edition of Off The Wall from 23/01/2018 has been archived and is now available online.


Intel Pentium vs. AMD Ryzen 3 Performance For Linux Gaming Phoronix

For those that may be looking to assemble a new low-end Linux gaming system in early 2018, here is a look at the Linux gaming performance of an Intel Pentium (Kabylake) processor to an AMD Ryzen 3 while testing with the GeForce GTX 1050 and Radeon RX 560 graphics cards.


Overnight Tech: Dems push Facebook, Twitter to investigate Russian bots | Record lobbying year for tech | Uber hires chief diversity officer | Feds probe Tesla autopilot crash The Hill: Technology Policy

TOP DEMS PRESS TWITTER AND FACEBOOK TO PROBE NEW RUSSIAN BOT CAMPAIGN: Top-ranking Democrats in the House and the Senate are calling on Twitter and Facebook to launch investigations of potential Russian-linked accounts that are pushing for the...


SpriteCoin cryptocurrency ransomware spy on user, steal saved passwords HackRead

By Waqas

Another day, another ransomware scam but this time scammers are

This is a post from Read the original post: SpriteCoin cryptocurrency ransomware spy on user, steal saved passwords


Gday mate: 1.7-billion-year-old chunk of North America found in Australia Lifeboat News: The Blog

Rocks recently discovered in Australia bear striking similarities to those found in North America, according to a new study.


Tech trade association tells lawmakers it will create a 'director of diversity' role The Hill: Technology Policy

A trade association representing major technology firms like Amazon, Facebook and Google told lawmakers that it will create a new director of diversity and inclusion position to address diversity, technology, and workforce policy issues."The...


Retro Flip Clock Gets A Retrofit Hackaday

Retro tech is almost always ripe for the hacking be it nostalgia, an educational teardown, or acknowledging and preserving the shoulders upon which we stand. Coming across an old West-German built flip clock, YouTuber [Aaron Christophel] retrofitted the device while retaining its original mechanical components!

No modern electronics are complete without LEDs of some kind, so he has included a strip in the base of the clock face for visibility and cool factor. He doesnt speak to the state of the clock beforehand, but he was able to keep the moving bits of the clock working for its second shot at life.

Controlling the clock is an Arduino Mini Pro and a simple DS1307 RTC board housed within the clock itself. Originally, it had a conspicuous external box that housed the electronics and power supply that has now been rendered obsolete or ready for re-purposing another day! Code for the Arduino is an efficient few lines using a pair of libraries. All it needs to do is flip the polarity of the electromagnet motor every minute to update the time.

We like an elegant hack once in a while and sometimes retro tech lends itself to exactly that.


HPR2473: Frotz - A Portable Z-Machine Interpreter Hacker Public Radio

Frotz is an interpreter for Infocom games (like Zork) and other Z-machine games. You can install it via your respective package manager or download the source code from the URLs below. Website: Github:


Stable kernel updates

Stable kernels 4.14.15, 4.9.78, and 4.4.113 have been released. They all contain important fixes and users should upgrade.


Want a Healthier Population? Spend Less on Health Care and More on Social Services SoylentNews

"Spending more on health care sounds like it should improve health, but our study suggests that is not the case and social spending could be used to improve the health of everyone," says Dr. Daniel Dutton, The School of Public Policy, University of Calgary, Calgary, Alberta. "Relative to health care, we spend little on social services per person, so redistributing money to social services from health care is actually a small change in health care spending."

Health care costs are expanding in many developed countries like Canada, and governments are seeking ways to contain costs while maintaining a healthy population. Treating the social determinants of health like income, education, or social and physical living environments through spending on social services can help address the root causes of disease and poor health. However, health spending continues to make up the lion's share of spending.

[...] The commentary author suggests governments should allocate social spending fairly for both young and old to ensure that the younger generation is not being shortchanged.

[Paper]: Effect of provincial spending on social services and health care on health outcomes in Canada: an observational longitudinal study

[Related]: The need for health in all policies in Canada

Original Submission

Read more of this story at SoylentNews.


Security updates for Tuesday

Security updates have been issued by Debian (smarty3), Fedora (bind, bind-dyndb-ldap, dnsperf, glibc, kernel, libtasn1, libvpx, mariadb, python-bottle, ruby, and sox), Red Hat (rh-eclipse46-jackson-databind), SUSE (kernel), and Ubuntu (kernel, linux, linux-aws, linux-euclid, linux-hwe, linux-azure, linux-gcp, linux-oem, linux-lts-trusty, linux-lts-xenial, linux-aws, and rsync).



The Complete Crumb Comics Random Thoughts

Robert Crumb is one of the most highly regarded American comics creators, but the past few years has seen both a backlash against his perceived sexism and downright revulsion towards his comics by younger people, as well as a free-floating discussion over teh comix blogs about how Crumb isnt seen as a major influence over the current generation of comics artists.

Ive always been a Crumb fan, but not a fanatical one: Ive bought all his solo comics as theyve been published over the years (from the late 80s on; Im old but not that old), but havent really gone all in.

So some months ago these things made me wonder whether Crumb still has a significant presence publishing wise. Somebody as famous, controversial and talented as him would surely have his work collected in a series of beautifully designed and curated collections?

It turns out, while Ive not been paying attention, Fantagraphics Books released 17 volumes of The Complete Crumb Comics, released between 1987 and 2005.

Whaa? How did that happen? I was vaguely aware of these things, but Ive either never seen anybody talk about them, or Iv...


Is It Time For Open Processors? SoylentNews

Is it time For open processors? Jonathan Corbet over at seems to think so. He lists several ongoing initiatives such as OpenPOWER, OpenSPARC and OpenRISC, but feels that most of the momentum is in the RISC-V architecture right now.

Given the complexity of modern CPUs and the fierceness of the market in which they are sold, it might be surprising to think that they could be developed in an open manner. But there are serious initiatives working in this area; the idea of an open CPU design is not pure fantasy.

[...] Much of the momentum these days, instead, appears to be associated with the RISC-V architecture. This project is primarily focused on the instruction-set architecture (ISA), rather than on specific implementations, but free hardware designs do exist. Western Digital recently announced that it will be using RISC-V processors in its storage products, a decision that could lead to the shipment of RISC-V by the billion. There is a development kit available for those who would like to play with this processor and a number of designs for cores are available.

Unlike OpenRISC, RISC-V is intended to be applicable to a wide range of use cases. The simple RISC architecture should be relatively easy to make fast, it is hoped. Meanwhile, for low-end applications, there is a compressed instruction-stream format intended to reduce both memory and energy needs. The ISA is designed with the ability for specific implementations to add extensions, making experimentation easier and facilitating the addition of hardware acceleration techniques.

[...] RISC-V seems to have quite a bit of commercial support behind it the RISC-V Foundation has a long list of members. It seems likely that this architecture will continue to progress for some time.

Original Submission

Read more of this story at SoylentNews.


Qubes Air: Generalizing the Qubes Architecture

The Qubes project has described a new, not-yet-implemented design intended to address a number of problems that this high-security distribution project has encountered. "One possible solution to these problems is actually to 'move Qubes to the cloud.' Readers who are allergic to the notion of having their private computations running in the (untrusted) cloud should not give up reading just yet. Rest assured that we will also discuss other solutions not involving the cloud. The beauty of Qubes Air, we believe, lies in the fact that all these solutions are largely isomorphic, from both an architecture and code point of view."


Uber hires first-ever chief diversity and inclusion officer The Hill: Technology Policy

Uber confirmed on Tuesday that it will hire Bo Young Lee to be its first-ever chief diversity and inclusion officer. Lee is currently the global head of diversity and inclusion at financial services firm Marsh & McLennan. She is slated to fill...


NTSB opens investigation into Tesla crash in Southern California The Hill: Technology Policy

The National Transportation Safety Board (NTSB) on Tuesday announced it will dispatch two investigators to launch a field probe into a crash involving a Tesla vehicle reportedly operating on Autopilot.The safety agency said the investigation will...


Intel recommended to stop deploying the current versions of Spectre/Meltdown patches Security Affairs

Intel recommended OEMs, cloud service providers, system manufacturers, software vendors as well as end users to stop deploying the current versions of Spectre/Meltdown patches.

While the Linux father Linus Torvalds defines the Spectre updates utter garbage, Intel warns to stop installing current versions of Spectre/Meltdown patches.

Intel explained its approach in its technical note about Spectre mitigation (Speculative Execution Side Channel Mitigations), the tech giant addressed the issue with an opt-in flag dubbed IBRS_ALL bit (IBRS states for Indirect Branch Restricted Speculation).

The Indirect Branch Restricted Speculation, along with Single Thread Indirect Branch Predictors (STIBP) and Indirect Branch Predictor Barrier (IBPB), prevent the abuse of the prediction feature and the exploitation of the flaw.

Torvalds speculate the Intels decision to address the issues in this way is mainly motivated by the intention to avoid legal liability. Recalling two decades of flawed chips would have a catastrophic impact on the tech giant.

Torvalds explained that the impact of using IBRS on existing hardware is so severe that no one will set the hardware capability bits.

Users and IT companies are reporting severe problems after installing the patches, such as a significant degradation of performance and unwanted reboots.

Intel recommended OEMs, cloud service providers, system manufacturers, software vendors as well as end users to stop deploying the current versions of Spectre/Meltdown patches. The company announced to have found the root cause of reboot issued for Broadwell and Haswell platforms and is asking to wait for a fix.



DIY Graphene Putty Makes Super Sensitive Sensor Hackaday

It is sort of an electronics rule 34 that if something occurs, someone needs to sense it. [Bblorgggg], for reasons that arent immediately obvious, needs to sense ants moving over trees. No kidding. How are you going to do that? His answer was to use graphene.

Silly Putty, which is just silicone putty, gives the graphene an unusually large dynamic range. That is, it can detect large pressures (say, a finger pressing) and still detect a very faint pressure (like your heart beating through the finger). Apparently, the graphene lines up to become pretty conductive in the putty and then any deformation causes the resistance to go up. However, when the pressure subsides, the graphene lines back up.

This isnt just for ants, of course. Some of the items that Goophene has detected successfully include:

  • Heartbeats
  • Breathing
  • Swallowing
  • Talking
  • Light touches with a napkin
  • Typing on a table nearby
  • Finger Movements

As sensitive as it, though Goophene has only successfully detected angry ants. Apparently, ants are light steppers unless they are stomping mad.

The Gputty used some harsh chemicals and lab procedures. Goophene is a lot easier to make and looks like you are mixing epoxy to the untrained eye. You dont have to do it, but you can get a better blend using an electric massager that he apparently uses on his back.

In addition to just making a pliable sensor, you can also embed monofilament line into the putty and make super sensitive artificial cilia. Just the thing for your next artificial alien project.

There are quite a few videos in the post you can check out. The second video below, though, shows the device sensing a captive ants footsteps. We presume it is the captivity thats making him angry enough to show up.

[Bblorgggg] must really want to sense the little critters because he bought graphene which is quite expensive. However, weve covered a lot of ways to make it if you want to try your hand at making Goophene. Depending on how much you need and what you can start with, there are...


Ancient Insect Scales Analyzed With Help Of Nose Hair SoylentNews

Submitted via IRC for TheMightyBuzzard

Scientists working to advance the frontier of knowledge frequently also need to invent their tools along the way. Sometimes these are interesting little hacks to get a job done. Recently some researchers found ancestors of moths and butterflies older than any previously known by analyzing tiny scales found alongside ancient pollen. They needed a tool to manipulate these scales: separating them from surrounding debris, transferring them to microscope slides. The special tool was a needle tipped with a single human nostril hair.

As ancient insects were the published paper's focus, their use of nose hair tipped needle was only given a brief mention in the "Materials and Methods" section. Interviews by press quoted researchers' claim that nose hair has the right mechanical properties for the job, without further details. Not even a picture of the tool itself. What properties of insect scales made them a good match with the properties of nose hair? Was there a comprehensive evaluation of multiple types of hair for the task? Would we regret asking these questions?


Original Submission

Read more of this story at SoylentNews.


India & Japan combine defense forces in AI, robotics to curb Chinese ambitions Lifeboat News: The Blog

India and Japan have vowed to strengthen their strategic ties by increasing cooperation in the defense, robotics and AI sectors in coming years in response to Chinese regional ambitions and North Koreas nuclear plans.

You should expect to see increased bilateral cooperation between us to develop unmanned ground vehicles (UGV) and robotics,Japanese State Minister for Foreign Affairs Kentaro Sonoura told the Times of India. The move follows the successful ratification of the Indo-Japanese civil nuclear agreement by Japans parliament in late 2017.

The two countries are launching a working group on cooperation between nuclear companies. Japans intention is to start this quickly, possibly by the end of this month, Sonoura said.


NAFTA Negotiations Heat Up Copyright Safe Harbor Clash TorrentFreak

The North American Free Trade Agreement (NAFTA) between the United States, Canada, and Mexico was negotiated more than 25 years ago.

Over the past quarter-century trade has changed drastically, especially online, so the United States is now planning to modernize the international deal.

One of the topics that has received a lot of interest from various experts and stakeholders are safe harbors. In the US, Internet services are shielded from copyright infringement liability under the safe harbor provisions of the DMCA, but in Mexico and Canada, thats not the case.

The latest round of NAFTA renegotiations are currently taking place in Montreal and this is heating up the debate once again. Several legal scholars and advocacy groups believe that such US-style safe harbor provisions are essential for Internet services to operate freely on the Internet.

A group of more than fifty Internet law experts and organizations made this clear in a letter sent to the negotiators this week, urging them to make safe harbors part of the new deal.

When NAFTA was negotiated, the Internet was an obscure electronic network. Since then, the Internet has become a significant and essential part of our societies and our economies, the letter reads.

To acknowledge this, if a modernized NAFTA contains a digital trade chapter, it should contain protections for online intermediaries from liability for third party online content, similar to the United States Section 230.

The safe harbors in the Communications Decency Act and the DMCA ensure that services which deal with user-generated content, including Google, YouTube, Facebook, Twitter, and Wikipedia, are shielded from liability.

This immunity makes it easier for new user-generated services to launch, without the fear of expensive lawsuits, the argument goes.

However, not everyone sees it this way. In a letter cited by Variety, a group of 37 industry groups urges U.S. Trade Representative Robert Lighthizer to negotiate strong safe harbor protections. Strong, in this case, means that simply responding to takedown notices is not always enough.

If these anti-IP voices succeed, they will turn long-standing trade policy, with creativity and innovation at its core, on its head by transforming our trade agreements into blueprint...


Engineers, Stop Doing Algebra by Hand! IEEE Spectrum Recent Content full text

Computer algebra systems mechanize equation manipulation to save money and eliminate risk

Doing algebra by hand drains time and resources. Computer algebra systems mechanize equation manipulation to save money and eliminate risk.

Cyberdyne's Medical Exoskeleton Strides to FDA Approval IEEE Spectrum Recent Content full text

Users in the United States can now take advantage of this friendly exoskeleton to help them with physical rehabilitation Photo: Prof. Sankai/University of Tsukuba/Cyberdyne

Cyberdyne, the Japanese robotics company with the slightly suspicious name, has just gotten approval from the U.S. Food and Drug Administration (FDA) to begin offering its HAL (Hybrid Assistive Limb) lower-body exoskeleton to users in the United States through licensed medical facilities. HAL is essentially a walking robot that you strap to your own legs; sensors attached to your leg muscles detect bioelectric signals sent from your brain to your muscles telling them to move, and then the exoskeleton powers up and assists, enhancing your strength and stability.

HAL for Medical Use has been available in Japan for several years now; here's a video from Japan Times showing how it works in practice:

HAL establishes interactive biofeedback according to intention-based motion information from the brain-nervous system and activating sensory systems like muscle spindle fibers to form a neural loop between the brain-nerve system and the musculoskeletal system. Even if the patient is unable to generate enough muscle strength to move due to motor dysfunction, the treatment is able to repeatedly realize actual movement that is in sync with the motion intent of the brain while avoiding excessive burden on the brain-nerve-muscle systems, thus making functional improvement/regeneration possible. The HAL will not move until it detects an electrical signal, ideally one of the users attempting to move the limb being assisted. This creates a stronger cause-and-effect dynamic between the u...


Victory for libre networks: ActivityPub is now a W3C recommended standard FSF blogs

This guest post is from GNU MediaGoblin founder Christopher Lemmer Webber.

I'm happy to announce that after three years of standardization work in the World Wide Web Consortium (W3C) Social Working Group, ActivityPub has finally been made an official W3C recommended standard. Hooray!

ActivityPub is a protocol for building decentralized social networking applications. It provides both a server-to-server protocol (i.e. federation) and a client-to-server protocol (for desktop and mobile applications to connect to your server). You can use the server-to-server protocol or the client-to-server protocol on their own, but one nice feature is that the designs for both are very similar. Chances are, if you've implemented support for one, you can get support for the other with very little extra effort! We've worked hard to make ActivityPub easy to understand. If this is your first time reading about it, I recommend diving into the overview.

Why ActivityPub? Increasingly, much of our lives is mediated through social networks, and so network freedom in these spaces -- and thus removing central control over them -- is critical. One thing you may have noticed in the last decade is that many decentralized free software social networking applications have been written. Sadly, most of those applications can't actually speak to each other -- a fractured federation. I hope that with ActivityPub, we've improved that situation. And indeed, you may already be using ActivityPub now without realizing it. Mastodon, the incredibly popular free software microblogging platform with over one million registered users, uses ActivityPub to federate between servers, and many more applications already either partially or fully support ActivityPub. Seeing is believing, and in that vein I encourage you to watch this video, which shows two totally different instances of two totally different codebases (PeerTube and Mastodon) federating. Pretty cool, right?

The standardization of ActivityPub has been a long journey. Three years ago, MediaGoblin contributor Jessica Tallon and I agreed that we wanted to make sure that whatever federation API we used was as broadly compatible with other libre social networking sites as possible, so when we heard about the Social Working Group, we applied as invited experts. "We'll just show up to the hour-long meetings once a week to make sure things are on track as far as our needs go," we thought.

Well, n...


LunarG Rolls Out Vulkan "DevSim" Device Simulator Phoronix

LunarG has rolled out their "DevSim" device simulator for Vulkan so developers can easily test their applications/games in varying configurations without actually changing out the underlying Vulkan driver or graphics processor...


[ANNOUNCE] CVE fixes in Apache NiFi 1.5.0 Open Source Security

Posted by Andy LoPresto on Jan 23

The Apache NiFi PMC would like to announce the following CVE discoveries and resolutions in Apache NiFi 1.5.0, released
January 12, 2018. NiFi is an easy to use, powerful, and reliable system to process and distribute data. It supports
powerful and scalable directed graphs of data routing, transformation, and system mediation logic. For more
information, see <>....


The Hallmarks of Aging: Deregulated Nutrient Sensing Lifeboat News: The Blog

As part of our ongoing series covering the hallmarks of aging, we are taking a look at deregulated nutrient sensing today and how these four pathways regulate metabolism and influence aging.

To understand studies on nutrient sensing in the context of aging, lets introduce four key protein groups. In this post, well explore the pathways they help control and how they affect aging. These key proteins are IGF-1, mTOR, sirtuins, and AMPK[2]. We call these proteins nutrient sensing because nutrient levels influence their activity[2].


Intel's Latest Icelake Patches Let The Display Light-Up Phoronix

Earlier this month Intel open-source driver developers posted the initial graphics enablement for Icelake, the "Gen 11" graphics coming after the yet-to-be-launched "Gen 10" Cannonlake processors. The latest patches in this series have now been published for allowing initial Icelake display support...


Forensic Software Pieces Together Leibnizs Last Puzzle IEEE Spectrum Recent Content full text

Technology pioneered to reveal Cold War secrets is being used to reconstruct the polymaths journals Photo: Michael Dumiak

photo of a researcher at work in the scanning room Photo: Michael Dumiak The Last Integration: Researchers are using advanced scanners and software originally developed to crack Cold War secrets to reassemble Leibnizs notes.

Behind an unmarked door in Hanover, Germany, a bearded young man with stylish glasses and a pierced lip is loading 350-year-old pieces of paper onto glass plates for digitization by a souped-up scanner. These pieces of paper are part of an immense puzzle. If solved, it could give insights into one of the greatest minds of all time: Gottfried Wilhelm Leibniz.

Leibniz independently discovered calculus in the 17th century and made many other contributions to philosophy and mathematics. During his lifetime, he created many notes, but today they are mostly a jumbled mass of snippets. Michael Kempe, research leader at the Leibniz archive, says this was a result of Leibnizs polymath tendencies. In order to save paper, which at the time was hand pressed and expensive, Leibniz would use the same sheet for all different kinds of writing and drawing. A few lines on metaphysics would sit next to a differential equation, next to a sketch of an optimized windmill. Leibniz would later cut up the notes with scissors and set them aside for grouping by theme. Unfortunately, the ordering of the snippets is long lost.

Now, on the second floor of the Gottfried Wilhelm Leibniz Library, these snippets are being digitally reassembled. Restoring the notes to their original order, researchers on the project say, could go a long way toward a better understanding of the way Leibniz came to his conclusions and establish a clearer timeline for the development of his ideas. The restoration is a collaboration between Fraunhofer IPK (Fraunhofer Institute for Production Systems and Design Technology), archivists and editors at the Leibniz library, and MusterFabrik Berlin, makers of specialized digital scanners.

photo of a document Photo: Michael Dumiak Th...


Facebook exec to retire, help Dems in midterms The Hill: Technology Policy

A top Facebook executive announced this week that he would be stepping down from the company in part to focus on helping Democrats in this years midterm elections.Gary Briggs, Facebooks chief marketing officer (CMO), wrote in a post on Monday that...


On that Spectre mitigations discussion

By now, almost everybody has probably seen the press coverage of Linus Torvalds's remarks about one of the patches addressing Spectre variant 2. Less noted, but much more informative, is David Woodhouse's response on why those patches are the way they are. "That's why my initial idea, as implemented in this RFC patchset, was to stick with IBRS on Skylake, and use retpoline everywhere else. I'll give you 'garbage patches', but they weren't being 'just mindlessly sent around'. If we're going to drop IBRS support and accept the caveats, then let's do it as a conscious decision having seen what it would look like, not just drop it quietly because poor Davey is too scared that Linus might shout at him again."


3D Printed Desk Harnesses the Power of Fusion 360 and McMaster-Carr Hackaday

Black pipe furniture is all the rage now, and for good reason it has a nice industrial aesthetic, its sturdy, and the threaded fittings make it a snap to put together. But if youve priced out the fittings lately, you know that its far from cheap, so being able to 3D-print your own black pipe fittings can make desks and tables a lot more affordable.

Cheapness comes at a price, of course, and [Vladimir Mariano] takes pains to point out that his desk is a light-duty piece that would likely not stand up to heavy use. But since the flange fittings used to connect the plywood top to the legs and as feet would cost about $64 all by themselves from the local home center, printing them made sense. Together with custom pieces to mount stretchers between the legs, the 3D-printed parts made for a decently sturdy base.

But the end product isnt the main point of the video below. Thanks to the ability to browse the McMaster-Carr catalog from within Fusion 360, [Mariano] was able to seamlessly import the CAD model of a suitable iron flange and quickly modify it to his needs. The power of this feature is hard to overstate; you can literally browse through a catalog of engineered parts and print usable replicas instantly. Sure, its not made of metal, but its a huge boon to designers to be able to see how the final product would look, especially in the prototyping phase of a project.

Not familiar with McMaster-Carr? Its an engineers online playground, and we covered the ins and outs of doing business with McMaster a while back.


WordPress plugins and themes vulnerabilities statistics for 2017 Security Affairs

WordPress plugins and themes vulnerabilities statistics for 2017. The statistics were derived from our up-to-date WordPress Vulnerabilities Database. We are monitoring a large number of sources to add new vulnerabilities to the database on a daily basis.

The year in figures

We added 221 vulnerabilities to our database. The total number of vulnerabilities decreased by 69%. During 2017, just like in 2016, Cross-Site Scripting (XSS) has been at the top of the list. More and more WordPress plugins and themes are found to be vulnerable to Cross-Site Scripting (XSS) vulnerability. This is because many developers do not pay enough attention to escaping data output.

Overall statistics for 2017

2017 has also seen a substantial rise in SQL Injection vulnerabilities. Its surprising how many sites were put in danger by vulnerabilities found in WordPress plugins. The total number of active installs is 17,101,300+.

  • Total vulnerable plugins 202
  • Total vulnerable themes 5
  • Plugins affected by vulnerabilities in repository 153
  • repository plugins affected by vulnerabilities 24

WordPress plugins vulnerabilities-2017

WordPress top 3 vulnerabilities

  • Cross-Site Scripting (XSS)
  • SQL Injection (SQLi)
  • Broken Access Control

Plugins by vulnerability type

  • XSS (Cross-Site Scripting) 71
  • SQL Injection 40
  • Unrestricted Access 20
  • Cross Site Request Forgery (CSRF) 12
  • Multi 10
  • Information Disclosure 10
  • Arbitrary File Upload 7
  • BYPASS 7
  • Arbitrary File Download 7
  • PHP Object Injection 5
  • Remote File Inclusion 3
  • Local File Inclusion 3
  • Arbitrary Code Execution 2
  • Direct static code injection 1
  • Directory Traversal 1

Top 5 most popular plugins affected by vulnerabilities in 2017

  • Yoast SEO (most popular SEO plugin) 5,000,000+ XSS (Cross-site Scripting)
  • WooCommerce (most popular ecommerce pl...


Google Ditches Ubuntu for Debian SoylentNews

For years, Google used an in-house Linux distribution called Goobuntu (based on Ubuntu LTS releases), as its development platform. No more.

After more than five years with Ubuntu, Google is replacing Goobuntu with gLinux, a Linux distribution based on Debian Testing.

[...] As MuyLinux reports, gLinux is being built from the source code of the packages and Google introduces its own changes to it. The changes will also be contributed to the upstream.

[...] How does Google plan to move to Debian Testing? The current Debian Testing release is upcoming Debian 10 Buster. Google has developed an internal tool to migrate the existing systems from Ubuntu 14.04 LTS to Debian 10 Buster. Project leader Margarita claimed in the Debconf talk that tool was tested to be working fine.

Google also plans to send the changes to Debian Upstream and hence contributing to its development.

[...] Back in 2012, Canonical had clarified that Google is not their largest business desktop customer. However, it is safe to say that Google was a big customer for them. As Google prepares to switch to Debian, this will surely result in revenue loss for Canonical.

Original Submission

Read more of this story at SoylentNews.


[$] BPFd: Running BCC tools remotely across systems and architectures

BPF is an increasingly capable tool for instrumenting and tracing the operation of the kernel; it has enabled the creation of the growing set of BCC tools. Unfortunately, BCC has no support for a cross-development workflow where the development machine and the target machine running the developed code are different. Cross-development is favored by embedded-systems kernel developers who tend to develop on an x86 host and then flash and test their code on SoCs (System on Chips) based on the ARM architecture. In this article, I introduce BPFd, a project to enable cross development using BPF and BCC.


PlayStation 4 hacked to run PS2 emulation & homebrew software HackRead

By Uzair Amir

A user at has announced that the hack version

This is a post from Read the original post: PlayStation 4 hacked to run PS2 emulation & homebrew software


Virtual Ski Slopes Prepare Olympians for Winter Games IEEE Spectrum Recent Content full text

Stanford's virtual reality training is helping prepare U.S. skiers for the Olympics and other competitions Photo: Christophe Pallot/Agence Zoom/Getty Images Laurenne Ross back in action during the Audi FIS Alpine Ski World Cup Women's Downhill on January 19, 2018 in Cortina d'Ampezzo, Italy.

Back in March, Laurenne Ross was left wondering if her professional ski career was finished after she fell and sustained a severe injury to her right knee on the last day of the 2016-2017 skiing season. Almost a year later, Ross is ready to represent the United States at the 2018 Winter Olympic Games after a long rehabilitation period that included some time spent skiing the slopes in virtual reality.

Ross recovery and return to the Olympics is a testament to her own sheer grit and the support of family, friends, physicians, physical therapists and trainers. But she also represents one of a growing number of professional U.S. skiers who have begun incorporating virtual reality experiences into their training. Almost all the top U.S. athletes who participate in the international alpine skiing competitions have at least tried out VR, according to U.S. Ski & Snowboard, the national governing body for competitive skiing and snowboarding. Some have even made VR a regular part of their training routines.

VR is a tool that is used regularly by the athletes, including those who have qualified for the Olympics, says Troy Taylor, a sports scientist and high performance director for U.S. Ski & Snowboard.

Just over two years ago, Taylor placed a cold call to STRIVR, a Stanford University spinout startup that has created VR experiences for clients such as American football teams at the college and NFL levels. He had the idea that a similar form of VR training could prove beneficial for skiers and snowboarders, but he professed to having no idea how to shoot, stitch together and review a 360-degree video.

Thankfully, STRIVR didnt hang up on me, and weve worked closely together ever since, Taylor says.

The results from the collaboration between U.S. Ski & Snowboard and STRIVR are less like video games where players typically have some degree of movement freedom and more like the 360-degree videos that can be viewed on YouTube. Such experiences can be viewed through higher-end VR headsets such as the Oculus Rift, but athletes will often rely on simpler smartphone-based VR head-mounted displays when theyre on the road at competitions.



Links 23/1/2018: Castle Game Engine 6.4, Qt 5.9.4, SQLite 3.22.0 Techrights

GNOME bluefish




Microsoft Software Sales to Russian Firms Curbed by Sanctions SoylentNews

Exclusive: U.S. sanctions curb Microsoft sales to hundreds of Russian firms

Two of Microsoft's official distributors in Russia have imposed restrictions on sales of Microsoft software to more than 200 Russian companies following new U.S. sanctions, according to notifications circulated by the distributors.

While much of the focus around U.S. sanctions has been on ways they are being skirted, the moves by the Russian distributors show how tougher restrictions that came into force on Nov. 28 are starting to bite.

[...] One of the two Microsoft distributors, a Russian company called Merlion, said in its notification to partners that all sanctioned buyers of Microsoft licenses must pay within tight deadlines, or even pay upfront in some cases.

The second distributor, RRC, said in its notification, seen by Reuters, that "serious restrictions are being introduced" on Microsoft orders from firms subject to U.S. sanctions.

Both Merlion and RRC cited rules stemming from the new package of U.S. sanctions - signed into law on Aug. 2 for Russia's involvement in Ukraine and cyber attacks - as the reason for the additional restrictions.

Original Submission

Read more of this story at SoylentNews.


LibreOffice Gets "KDE 5" Integration That's A GTK3/KDE5 Hybrid Phoronix

It's unfortunately too late for the upcoming LibreOffice 6.0 open-source office suite that was branched two weeks ago, but its next release will feature a KDE5 desktop back-end...


How to set and use sudo password for Ansible Vault nixCraft

How can I set a sudo password for Ansible from the Linux or Unix cli? How can I store sudo password in a vault file and use it securely without exposing my details?

The post How to set and use sudo password for Ansible Vault appeared first on nixCraft.


Mesa 18.0 Now Under Feature Freeze With 18.0-RC1 Premiere Phoronix

Feature development on Mesa 18.0 has now ended with the release today of 18.0-RC1 following the code-base being branched...


Artificial synapses fill the gaps for brainier computer chips Lifeboat News: The Blog

Right now, youre carrying around the most powerful computer in existence the human brain. This naturally super-efficient machine is far better than anything humans have ever built, so its not surprising that scientists are trying to reverse-engineer it. Rather than binary bits of information, neuromorphic computers are built with networks of artificial neurons, and now an MIT team has developed a more lifelike synapse to better connect those neurons.

For simplicitys sake, computers process and store information in a binary manner everything can be broken down into a series of ones and zeroes. This system has served us well for the better part of a century, but having access to a whole new world of analog grey areas in between could really give computing power a shot in the arm.


Top Dems call on Twitter, Facebook to investigate Russian bot campaign The Hill: Technology Policy

Top-ranking Democrats in the House and the Senate are calling on Twitter and Facebook to launch investigations of potential Russian-linked accounts pushing for the release of a controversial congressional memo.The top Democrat on the House...


DHS is convincing states to lower their BAC limit to 0.05 or one drink MassPrivateI

This month the National Academy of Sciences Engineering and Mathematics (NASEM) published a report that encourages states to make it illegal for people to have one drink and drive.

The NASEM report titled 'Getting to Zero Alcohol-Impaired Driving Fatalities' claims that a persons ability to operate a motor vehicle begins to deteriorate at a BAC below 0.05 percent and recommends police arrest motorists for consuming one drink.

"The committee recommends that state governments enact per se laws for alcohol-impaired driving at 0.05 percent". 

A Google search of the NASEM and Homeland Security returned close to a million hits. (If you still have doubts about NASEM's close relationship with the Feds, click here.)

Currently, police in America use twenty-two different checkpoints to question and arrest anyone. They also stop and question 50,000 motorists daily or 20 million a year.

Can you imagine how much higher those numbers will be if police are allowed to arrest people for consuming just one drink?

DHS is using numerous government agencies to convince states to lower their BAC limit.

NTSB h...


Pirated Version of Fire and Fury Book Loaded with Malware HackRead

By Uzair Amir

Another day, another malware scam This time, the pirated

This is a post from Read the original post: Pirated Version of Fire and Fury Book Loaded with Malware


Why You Should Fear 'Slaughterbots'A Response IEEE Spectrum Recent Content full text

Lethal autonomous weapons are not science fiction; they are a real threat to human security that we must stop now Image: Slaughterbots/YouTube A scene from Slaughterbots, a video produced by the Future of Life Institute to illustrate the dangers of autonomous weapons, depicts an explosive-carrying micro-drone that uses AI to autonomously target specific individuals.

This is a guest post. The views expressed here are solely those of the authors and do not represent positions of IEEE Spectrum or the IEEE.

Paul Scharres recent article Why You Shouldnt Fear Slaughterbots dismisses a video produced by the Future of Life Institute, with which we are affiliated, as a piece of propaganda. Scharre is an expert in military affairs and an important contributor to discussions on autonomous weapons. In this case, however, we respectfully disagree with his opinions.

Why we made the video

We have been working on the autonomous weapons issue for several years. We have presented at the United Nations in Geneva and at the World Economic Forum; we have written an open letter signed by over 3,700 AI and robotics researchers and over 20,000 others and covered in over 2,000 media articles; one of us (Russell) drafted a letter from 40 of the worlds leading AI researchers to President Obama and led a delegation to the White House in 2016 to discuss the issue with officials from the Departments of State and Defense and members of the National Security Council; we have presented to multiple branches of the armed forces in the United States and to the intelligence community; and we have debated the issue in numerous panels and academic fora all over the world.

Because autonomous weapons do not require individual human supervision, they are potentially scalable weapons of mass destructionunlimited numbers could be launched by a small number of people

Our primary message has been consistent: Because they do not require individual human supervision, autonomous weapons are potentially scalable weapons of mass destruction (WMDs); essentially unlimited numbers can be launched by a small number of people. This is an inescapable...


Microsoft to Challenge Education-Oriented Chromebooks With Windows 10 Laptops Priced From $189 SoylentNews

Microsoft challenges Chromebooks with $189 Windows 10 laptops for schools

Microsoft is making a bigger push to keep students and teachers using Windows this week. At the annual Bett education show in London, Microsoft is revealing new Windows 10 and Windows 10 S devices that are priced from just $189. The software giant is also partnering with the BBC, LEGO, NASA, PBS, and Pearson to bring a variety of Mixed Reality and video curricula to schools.

Lenovo has created a $189 100e laptop. It's based on Intel's Celeron Apollo Lake chips, so it's a low-cost netbook essentially, designed for schools. Lenovo is also introducing its 300e, a 2-in-1 laptop with pen support, priced at $279. The new Lenovo devices are joined by two from JP, with a Windows Hello laptop priced at $199 and a pen and touch device at $299. All four laptops will be targeted towards education, designed to convince schools not to switch to Chromebooks.

JP apparently refers to JP S Couto.

Also at Windows Blog, Engadget, and ZDNet.

Related: First ARM Snapdragon-Based Windows 10 S Systems Announced

Original Submission

Read more of this story at SoylentNews.


Hackers managing to get the PlayStation4 hacked Hacker News Bulletin | Find the Latest Hackers News

2017 was a year which saw significant growth in the gaming market, especially for the PlayStation 4. Heading into 2018, the expectations are even higher, and Sony is expecting to grow their revenues even more through PlayStation 4. But what if we tell you that only of the most popular gaming console PlayStation 4 is

The post Hackers managing to get the PlayStation4 hacked appeared first on Hacker News Bulletin | Find the Latest Hackers News.


Tech giants spent record sums on lobbying in 2017 The Hill: Technology Policy

The five biggest tech companies in the U.S. collectively spent nearly $60 million on federal lobbying in 2017.Google, Facebook, Apple, Amazon and Microsoft combined spent a record $58 million on advocacy in Washington during a year in which the...


Tips for an Information Security Analyst/Pentester career - Ep. 55: Deception (Honeypots) The S@vvy_Geek Tips Tech Blog

In the last three posts we've dealt with detection of a Meterpreter payload.

Let's now see how we can use deception to fool our attackers, by developing a honeypot (if you don't know what I'm talking about, check the link for a definition of this term).

For the purposes of this tutorial, I'm going to use a custom Linux distribution based on Xubuntu, called Honeydrive, which includes several honeypots already pre-installed and configured.

I'm going to analyze a very popular honeypot, called Dionaea.

Once downloaded the OVA file, you can run its related VM through VirtualBox or VMware. 

Once the VM has booted up, all its configurations are explained in the README.txt file, located on the desktop.

After starting the honeypot by running its start script, I performed an Nmap scan with Kali Linux to understand what it was detected  on the other end.


Sadly, the default configuration for Dionaea isn't stealthy enough, and Nmap detected it immediately.

Its creator doesn't have time or resources to play this mouse and cheese game between Dionaea and software like Nmap, that constantly updates its signatures.


First thing we want to do is to change the MAC address of the network adapter, so our honeypot doesn't result to be a VM.

For this purpose, we need to go Settings/Network Ada...


New Nokia 10 smartphone to come with high performing penta-lens camera TechWorm

Nokia reportedly developing a new smartphone with Penta- lens camera setup

Nokia 9, Finnish mobile manufacturer HMD Globals another entry in the smartphone market has been in the news for the last few months with speculations of it being revealed at the upcoming Mobile World Congress (MWC) 2018 in Barcelona, Spain next month.

While everyone is speculating about the upcoming Nokia 9, leaked images from the Chinese social network Baidu reveals that HMD Global has already started working on the ultimate 2018 flagship dubbed the Nokia 10.

If the information coming from Baidu is to be believed, Nokia 10 could be the worlds first smartphone to feature a penta-lens (5-lens) rear camera. According to the sketch, the smartphone will feature a large circular placed on the rear with five cameras and two LEDs, and a fingerprint reader on the rear. The 2018 Nokia flagship device could have a rotating camera developed by Zeiss.

The source of the new rumor suggests the Nokia 10 will feature a full-screen design with 18:9 aspect ratio display, even though the exact resolution hasnt been confirmed just yet. In terms of design, the smartphone is said to feature a double-glass (both front and back) design to support wireless charging. The Nokia 10 is believed to be powered by Qualcomms latest Snapdragon 845 SoC processor.

The mass production of the handset is believed to begin sometime in the mid-2018. While there is no confirmed information regarding the exact release date, sources suggest the phone could arrive as early as IFA 2018 in Berlin later in the year.

The post New Nokia 10 smartphone to come with high performing penta-lens camera appeared first on TechWorm.


Heres Something Strange, the Afterglow from Last years Kilonova is Continuing to Brighten By Matt Williams | Universe Today Lifeboat News: The Blog

This unexpected behavior has led to a serious buzz in the scientific community, with astronomers trying to come up with explanations as to what type of physics could be driving these emissions.

Read more



World Bank plans Scaling Solar and Storage program By Tom Kenning | PV Tech Lifeboat News: The Blog

The new Scaling Solar and Storage (SSS) program, which has yet to be formerly announced and is expected to be rolled out over the next couple of years, would work on utility-scale tenders that pair solar PV with battery storage technology.

Read more


Robots could take your job but you can retrain to find a better one, says WEF report By Alan Tovey | The Telegraph Lifeboat News: The Blog

The latest research focused on the impact the Fourth Industrial Revolution digital and traditional technology coming together to deliver efficiencies that will mean more jobs can be automated will have on employment in the US.

Read more





Firefox 58 Arrives With Continued Speed Optimizations Phoronix

Mozilla has set free Firefox 58.0 today as their latest "Firefox Quantum" release that continues work on being a performant web browser...


Atom-Thin Memristors Discovered IEEE Spectrum Recent Content full text

Experts thought memory in 2D materials was impossible. Then engineers in Texas discovered Atomristors Illustration: Cockrell School of Engineering

Two-dimensional atom-thin materials are good for a lot of things, but they dont make good memory devices. At least thats what everyone thought until   Ruijing Ge, a first-year graduate student at the University of Texas, Austin, persuaded her mentorflexible electronics guru Deji Akinwandeto let her try. They sandwiched an atom-thick layer of molybdenum disulfide between two electrodes and found that, contrary to expectation, the structure displayed memristance; it can be set to a high resistance or low resistance state by particular voltages and remain stable long after the voltage is removed.

Its not completely clear why it works, but these atomristors, as Akinwande has christened them, could have a big impactand not just as memory devices. They could serve as switches in radios of 5G smartphones and Internet-of-Things gadgets, and as computational elements in brain-inspired artificial intelligence circuits.

Ordinary memristors are made of oxide materials sandwiched between two conductors. The resistance across the oxide changes when a high current in one direction moves oxygen atoms vertically through the oxide. The original resistance is restored by switching the direction of the current, putting the oxygen back in its place.

But that cant be whats happening in an atomristor. There is neither oxygen nor a vertical direction for it to move. Instead, Akinwande hypothesizes that defects in the 2D crystal latticethe holes left by occasional missing sulfur atoms, for instanceare what are moving around. Voltage of one polarity attracts the defects, bunching them together in a way that decreases the resistance across the material. Switching the polarity scatters the defects, ramping the resistance back up.

Thats the theory, at least. Akinwande says his group is collaborating with one of the U.S. National Labs, which have the kind of microsco...

IndyWatch Science and Technology News Feed Archiver

Go Back:30 Days | 7 Days | 2 Days | 1 Day

IndyWatch Science and Technology News Feed Today.

Go Forward:1 Day | 2 Days | 7 Days | 30 Days

IndyWatch Science and Technology News Feed was generated at World News IndyWatch.

Resource generated at IndyWatch using aliasfeed and rawdog