SoylentNews

AnonTechie writes:

The Register covers the difficulty of putting SHA-1 crypto algorithm to bed:

The road towards phasing out the ageing SHA-1 crypto hash function is likely to be littered with potholes, security experts warn.

SHA-1 is a hashing (one-way) function that converts information into a shortened "message digest", from which it is impossible to recover the original information. This hashing technique is used in digital signatures, verifying that the contents of software downloads have not been tampered with, and many other cryptographic applications.

The ageing SHA-1 protocol – published in 1995 – is showing its age and is no longer safe from Collision Attacks, a situation where two different blocks of input data throw up the same output hash. This is terminal for a hashing protocol, because it paves the way for hackers to offer manipulated content that carries the same hash value as pukka packets of data.

Certificate bodies and others are beginning to move on from SHA-1 to its replacement, SHA-2. Microsoft announced its intent to deprecate SHA-1 in Nov 2013. More recently, Google joined the push with a decision to make changes in he latest version of its browser, Chrome version 42, so that SHA-1 certificates are flagged up as potentially insecure.

Just updating to SHA-2 is not as simple as it might seem, because of compatibility issues with Android and Windows XP. More specifically, Android before 2.3 and XP before SP3 are incompatible with the change (a fuller compatibility matrix maintained by digital certificate firm GlobalSign can be found here).

MS Releases "Visual Studio Code" - a Slim Cross Platform Code Editor

CoolHand writes:

Microsoft appears like they may actually be starting to get serious about cross platform support. Their new slim code editor for developing cloud applications supports both OS X and Linux, as well as Windows.

At its Build developer conference, Microsoft today announced the launch of Visual Studio Code, a lightweight cross-platform code editor for writing modern web and cloud applications that will run on OS X, Linux and Windows. The application is still officially in preview, but you can now download it here (if this link isn’t live yet, give it a few more minutes and then try again).

This marks the first time that Microsoft offers developers a true cross-platform code editor. The full Visual Studio is still Windows-only, but today’s announcement shows the company’s commitment to supporting other platforms.

From the Techcrunch article:

Today’s announcement will surely come as a surprise to many. It does, however, fit in well with the direction the company’s developer group has been on for quite a while now, be that the open sourcing of .NET Core (and taking that platform cross-platform) or the launch of the free Visual Studio Community edition.

Another Publicity Stunt from MSFT: "Visual Studio Code"

"gewg_" writes however, with an entirely opposite take:

Roy Schestowitz at TechRights reports "Visual Studio Code": Not News, Not Free, Not Open Source

Another publicity stunt from Microsoft, this time going under the name "Visual Studio Code", which is basically proprietary lock-in

Despite an openwashing campaign and an effort to deceive the public (as chronicled here before), Visual Studio is (and will remain) proprietary. There is currently yet another PR blitz from Microsoft, which at the moment is trying to openwash it and pretend that it's "news" (it's not, it goes back to last year).

Sadly, some FOSS proponents have already fallen for it and Phoronix is doing marketing for Microsoft. This is not really news and it's not even a surprise. It's just some publicity stunt which got Microsoft boosters and Microsoft-friendly sites on board.

Hugh Pickens writes:

The Telegraph reports that as the Vatican forges an alliance with the UN to tackle climate change, skeptics accuse Pope Francis of being deeply ill-informed about global warming. The Pope discussed climate change with Ban Ki-Moon, the UN Secretary-General, who then opened a one-day Vatican conference called "The Moral Dimensions of Climate Change and Sustainable Development". Organized by the Pontifical Academy of Sciences, the Pontifical Academy of Social Sciences, SDSN and Religions for Peace, the goal of the conference is to help strengthen the global consensus on the importance of climate change in the context of sustainable development.

But a group of British and American skeptics say the Pope is being fed “mistaken” advice from the UN and that he should stick to speaking out on matters of morality and theology rather than getting involved in the climate change debate. "The Pope has great moral authority but he’s not an authority on climate science. He’s a learned man but the IPCC has got it wrong,” says Jim Lakely of the Heartland Institute, a conservative American pressure group partly funded by billionaire industrialists who question climate change. "The Pope would make a grave mistake if he put his moral authority behind scientists saying that climate change is a threat to the world. Many scientists have concluded that human activity is a minor player. The Earth has been warming since the end of the last Ice Age.”

It was the first time the Heartland Institute, which is based in Chicago and has been described by the New York Times as "the primary American organization pushing climate change skepticism," has traveled to Rome to try to influence a pope. "The sideshow envisioned by these organizations will not detract from the deep concern that Pope Francis has for the truth and how it relates to the environment," says Dr. Bernard Brady, Professor and Chair of the Theology Department at the University of St. Thomas. "Pope Francis will probably follow his predecessor, Benedict XVI, recognizing the interrelatedness of climate change with other moral issues and calling for persons, organizations, communities, nations, and indeed the global community, to reconsider established patterns of behavior."

frojack writes:

The Washington Post has an article discussing the proposed USA Freedom Act. The "act" is not yet an act, it is just a bill pending before before Congress, a measure that would put an end to the NSA’s bulk collection under Section 215 of the Patriot Act.

The article poses a hopeful scenario under which this bill might actually be passed by Congress, or run the risk of allowing the Patriot Act in total, to sunset by itself on June 1.

The article makes the case that a large enough contingent of the Senate will realize this, and jump to supporting the banning of mass surveillance, in exchange for reauthorizing some of the other (less controversial) sections of the Patriot act which they feel are more important.

A companion version of the bill has been introduced in the House, where there is already a left-right alliance against bulk surveillance. A good showing in the House might help get this passed in the Senate.

The article seems to think even President Obama would sign the act into law if passed by both houses, especially if hopeful democratic candidates put the screws to him.

The USA Freedom act may appear to be a "Hail Mary" by a few members of Congress. But circumstance and timing may may conspire to make it possible.

So it might be worth an email to your congress-critters for our U.S. Soylentils.

[Update: Removed link to incorrect version of the USA Freedom Act. According to http://judiciary.house.gov/index.cfm/usa-freedom-act, (H.R. 2048, the USA Freedom Act) "On April 30, 2015, the House Judiciary Committee approved by a vote of 25-2 the USA Freedom Act."]

AnonTechie writes:

The US government will be forced to explain why its cell network kill-switch plans should be kept secret today.

Under Standard Operating Procedure (SOP) 303, the US government – in particular the Department of Homeland Security (DHS) – is allowed to shutdown cellphone service anywhere in the country, and even across an entire city if it feels there is a crisis situation.

However, the actual content of the policy remains secret, raising fears that it is open to abuse. For example, it's not clear who is authorized to make such a decision nor under what circumstances.

There are also groups concerned that killing of cellphone service during an emergency could make things worse.

In a frequently quoted example, San Francisco's rail system BART flipped a cell network kill-switch in several subway stations in 2011 amid a protest over a BART cop who shot and killed a drunk homeless man ( http://www.theregister.co.uk/2011/08/12/bart_polioce_cut_mobile_phone_service/ ). Charles Hill allegedly threw a knife at an officer before the police opened fire.

The fact that the network shutdown was ordered against a public demonstration raised immediate concerns over how the policy is written and implemented.

In February 2013, sparked by the BART event and a refusal by the DHS to release the policy under a Freedom of Information Act request, the Electronic Privacy Information Center (EPIC) sued the DHS ( https://regmedia.co.uk/2015/04/27/epic-case-dhs-phone-kill-switch.pdf ) [PDF] in order to get it to disclose the details.

Walzmyn writes regarding a story that was released in Nov 2014, but I don't recall it being published here so I'll give it a try:

NASA has tested a new shape-shifting wing technology, which integrates the control surfaces into the wing itself.

NASA's green aviation project is one step closer to developing technology that could make future airliners quieter and more fuel-efficient with the successful flight test of a wing surface that can change shape in flight. This past summer researchers replaced an airplane’s conventional aluminum flaps with advanced, shape-changing assemblies that form seamless bendable and twistable surfaces.

Basically, instead of the normal, segmented control surfaces we're all used to, this is a long twistable surface. The downside is difficult engineering and production cost. The upside is less space taken up (more fuel in the wing) and improved aerodynamics. The aerodynamic gains lead to less cost and is better for the environment (if that's your kind of thing).

I found a YouTube Promotional video from the company actually producing the wings. I'd love to see a video of the actual tests if anyone can find one.

AnonTechie writes:

Security and privacy are not mutually exclusive says Europe’s privacy watchdog – and people should stop saying they are.

The European Data Protection Supervisor (EDPS), Giovanni Buttarelli, told a Brussels conference he was concerned that “the objective of cyber-security may be misused to justify measures which weaken protection of [data protection] rights.”

“Cyber-security must not become an excuse for disproportionate processing of personal data. Let's not forget that when the European Court of Justice (ECJ) last year found the Data Retention Directive to be invalid, one of the reasons was concern about the inadequacy of the data security provisions in the directive,” he continued . Although some commentators interpreted the ECJ ruling to mean that data must be stored within national borders, Buttarelli disagreed.

“Physical location is not the determining factor in security. Rather, it is degree of control, accountability and responsibility which data controllers demonstrate when processing personal information. They must take full responsibility for all the measures they implement, regardless of the technology they use. Responsibility must not vanish in the clouds,” said the newly appointed EDPS. Negotiations on a new Data Protection Regulation are currently underway and Buttarelli says that accountability should not be sacrificed in the inevitable compromise.

An Anonymous Coward writes:

An L.A. Councilman is attempting to blame the application Waze for neighborhood "cut-throughs", where people divert to side streets during traffic congestion.

In his view this is a new phenomenon that has never happened before, although it is widespread around the world and has been so for many years, certainly existing long before 'apps' became popular. The councilor is planning on using a data sharing agreement with Waze in order to strong-arm the application into becoming less useful, which will not solve the problem because people will just use other applications, and those with local knowledge will still know the quickest route from A to B.

The popularity of Waze is largely because it helps drivers avoid delays and to find alternative routes based on the the reports received from other drivers. Applying the measures that the councilor is hoping for will neuter the app completely, rendering it pointless. However, the councilor does make one good point - there are more pedestrian safety facilities (e.g. crossing points, barriers etc) on major routes and that the practice might lead to increased casualty rates in residential areas.

GlennC writes:

Twitter was due to announce its earnings for the first quarter of the year after close of trading on the New York Stock Exchange, where the company is listed.

Except it turns out that somebody thought it would be a good idea to release this information early, on the technology-led NASDAQ run Investor Relations page for Twitter.

Initially it seemed no one really noticed the error, until a well-placed tweet highlighted the mistake and revealed Twitter's disappointing results.

http://www.bbc.com/news/technology-32511932

At one point in the final hours of trading, the stock had lost more than $8 BILLION.

Related to the earlier discussion about where ISIS gets its weapons, I wanted to share this great in-depth article from The Atlantic about the motivations of ISIS. Then In order to provide a more nuanced view of ISIS, here is criticism of that Atlantic article from thinkprogress.org.

From the Atlantic:

The Islamic State is no mere collection of psychopaths. It is a religious group with carefully considered beliefs, among them that it is a key agent of the coming apocalypse.

We can gather that their state rejects peace as a matter of principle; that it hungers for genocide; that its religious views make it constitutionally incapable of certain types of change, even if that change might ensure its survival; and that it considers itself a harbinger of—and headline player in—the imminent end of the world.

The thinkprogress.org criticism by one of the primary sources cited in the Atlantic article:

One of the oft-mentioned criticisms of The Atlantic piece is that it echoed the inaccurate belief that since ISIS’s theology draws upon Islamic texts to justify its horrendous practices, it is an inevitable product of Islam. Haykel didn’t say whether or not he thought Wood’s article says as much, but when ThinkProgress asked him directly whether Islamic texts and theology necessitate the creation of groups like ISIS, he was unequivocal.

“No,” he said. “I think that ISIS is a product of very contingent, contextual, historical factors. There is nothing predetermined in Islam that would lead to ISIS.”

He was similarly unambiguous when responding to the related critique that Muslims who disavow ISIS are somehow deluded or not “real” Muslims.

“I consider people … who have criticized ISIS to be fully within the Islamic tradition, and in no way ‘less Muslim’ than ISIS,” he said. “I mean, that’s absurd.”

AnonTechie writes:

Russian space boffins have lost control of a Progress cargo capsule which had been due to deliver 6,000lb of supplies to the International Space Station. The crazy podule is spinning and tumbling in orbit above the Earth as controllers try to establish contact with it.

The Progress 59 space-mule lifted off flawlessly from Baikonur Cosmodrome in Kazakhstan at 0309 EDT (0109 local time) today, and was scheduled to rendezvous with the ISS on Thursday. But shortly after takeoff the spacecraft's telemetry started failing, and the cargo pod is now not accepting navigation commands.

"The Russian flight control team attempted to command the vehicle over four orbits flying over Russian ground sites with no success," said NASA in a blog post. ( https://blogs.nasa.gov/spacestation/2015/04/29/progress-59-cargo-craft-updates/ )

"The next series of ground station passes is expected to resume late Tuesday evening. Teams are standing down on the Thursday docking attempt while Russian teams continue to analyze data and develop a troubleshooting plan going forward."

The blunder appear to stem from improperly deployed navigational antennas, and problems with the pressurization of the manifolds in the propulsion system. The Progress capsule is still in a low orbit, and doesn't pose a direct threat to the ISS.

http://www.theregister.co.uk/2015/04/28/russian_iss_cargo_out_of_control/

"gewg_" writes:

Inter Press Service reports

Ten years of debate in the European Union over the detrimental effects of the demand for biofuels for transport on food prices, hunger, forest destruction, land consumption, and climate change have come to an end.

The European Parliament finally agreed [to] new E.U. laws on Apr. 28 [which will] limit the use of crop-based biofuels, setting a limit on the quantity of biofuels that can be used to meet E.U. energy targets.

With Europe the world's biggest user and importer of biodiesel--from crops such as palm oil, soy, and rapeseed--the vote is expected to have a major impact around the world, notably in the European Union's main international supplier countries Indonesia, Malaysia, and Argentina. It is likely to signal the end to the expanding use of food crops for transport fuel.

[...]With the vote, the European Union has agreed to put a limit on biofuels from agricultural crops at seven percent of E.U. transport energy--with an option for member states to go lower. Before the vote, the expected "business as usual" scenario was for biofuels to account for 8.6 percent of E.U. transport energy by 2020. Current usage (PDF) stands at 4.7 percent, having declined in 2013.

canopic jug writes:

Via BSD Now, the old, familiar file command has been completely rewritten by OpenBSD developer Nicholas Marriott, who also happens to be the author of tmux. This new edition takes advantage of modern coding practices and the usual OpenBSD scrutiny. It will run by default as an unprivileged user with no shell, and in a systrace sandbox, strictly limiting what system calls can be made and has a drastically reduced potential for damage which a malicious file could do. Ian Darwin, the original author of the utility, saw the commit and, in what may be a moment in BSD history to remember, replied.

AnonTechie writes:

The possibility that Earth could have a supercontinent that would occupy two-thirds of the planet's surface in a couple of hundred million years' time is just one of the geological projects being investigated by an international team of academics.

The five-year project is sponsored by UNESCO and the International Union for Geological Sciences (IUGS) and will investigate the Earth's evolutionary 'supercycles' involving both tectonic plates and its deep mantle.

Curtin University Institute of Geoscience Research (TIGeR) ( http://geodynamics.curtin.edu.au ) geologist Professor Zheng-Xiang Li will work with project co-leaders Yale University Professor David Evans, University of Colorado Professor Shijie Zhong and University of Saskatchewan Professor Bruce Eglington.

"The project will assemble a multidisciplinary team of hundreds of scientists and research students from around the world to establish new concepts, tools, maps and global databases to assist the modeling of global changes and the discovery of new Earth resources," Prof Li says.

Twenty years ago Prof Li was involved in uncovering the evolutionary history of Rodinia which is the precursor to the well-known supercontinent Pangea.
"Global GPS measurements of plate motions tell us that the Atlantic Ocean has been [and still is] widening by a few centimetres a year, whereas the Pacific Ocean is becoming narrower at a similar rate," Prof Li says.

"If such a trend continues, within the next one or two hundred million years, the Pacific Ocean would close up to bring the Americas to collision with the Eurasian continent while the Australian continent is set to join this future supercontinent 'Amasia', by moving around seven centimetres per year toward Asia."

http://phys.org/news/2015-04-australia-path-supercontinent-amasia.html

sigma writes:

Open Source.com has raised an interesting issue.

With household and municipal scale electricity generation becoming commonplace, it appears that the energy market is about to experience a major technological disruption. Of course, with disruption comes opportunity, and there's already some clear contenders in the field, from Tesla with their cars and batteries, Suntech with their solar panels, to Vestas with their huge turbines.

There's a big caveat with all of this large-scale investment though, and that's contending with the existing centralized power grids and the utilities that manage them. Open source models are a good fit for this new paradigm, with collaboration replacing monopolies and open systems displacing proprietary vendor controls. High quality open source software tools exist already, including the well-supported PowerMatcher suite, but how will this collection of solutions wrest control of the key "last mile" hardware from the hostile and entrenched utilities?

Any suggestions from the SoyLentil team? If we get it right, all of us could become unfeasibly wealthy...