SoylentNews

Arthur T. Knackerbracket writes in with a story from Arstechnica:

Some of the most widely used BitTorrent applications, including uTorrent, Mainline, and Vuze are also the most vulnerable to a newly discovered form of denial of service attack that makes it easy for a single person to bring down large sites.

The distributed reflective DoS (DRDoS) attacks exploit weaknesses found in the open BitTorrent protocol, which millions of people rely on to exchange files over the Internet. But it turns out that features found uTorrent, Mainline, and Vuze make them especially suitable for the technique. DRDoS allows a single BitTorrent user with only modest amounts of bandwidth to send malformed requests to other BitTorrent users.

The BitTorrent applications receiving the request, in turn, flood a third-party target with data that's 50 to 120 times bigger than the original request. Key to making the attack possible is BitTorrent's use of the user datagram protocol, which provides no mechanism to prevent the falsifying of IP addresses. By replacing the attacker's IP address in the malicious request with the spoofed address of the target, the attacker causes the data flood to hit victim's computer.

"An attacker which initiates a DRDoS does not send the traffic directly to the victim," researchers wrote in a research paper [PDF] recently presented at the 9th Usenix Workshop on Offensive Technologies. "Instead he/she sends it to amplifiers which reflect the traffic to the victim. The attacker does this by exploiting network protocols which are vulnerable to IP spoofing. A DRDoS attack results in a distributed attack which can be initiated by one or multiple attacker nodes."

The reflective form of DoS has three main advantages for the attacker, including:

• it hides the identity of the attacker;
• it can be initiated by a single computer while resulting in a distributed attack, that is, one that's carried out by multiple computers with many different IP addresses; and
• it amplifies the original attack packet, in some cases by as much as 120 fold.

Original Submission

The Mighty Buzzard writes:

Richard Rabins over at fastcompany.com has this to say on the subject of small teams and tech innovation:

There's a reason startups are driving so much innovation today. In many cases, it's a simple matter of size. Smaller teams of smart, qualified, motivated people are often able to collaborate and communicate better than bigger ones. That's hardly a new idea in the business world, but how bigger organizations can go about creating small-team dynamics is still an open question. So here's a look at what we know about small teams' effectiveness in the tech sector and how to put them to good use.

According to Gallup's 2013 "State of the American Workplace" report, 42% of U.S. employees working at companies of 10 or fewer people felt they were "engaged" at work. That's compared with the 30% of employees at large companies who said the same. To be sure, neither of those are especially high scores for engagement, but it's clear that smaller teams have a leg up.

The tl;dr version of TFA for those of you who aren't going to read it:

1. Quality over quantity
2. Communication
3. Teamwork

Original Submission

takyon writes:

The U.S. Internal Revenue Service has increased its estimate of the amount of taxpayers affected by a security flaw to about 334,000:

The IRS says more taxpayers than it originally believed had their data stolen by hackers. The agency now says the total is now more than 300,000.

In May, when it first revealed the breach, the IRS reported some 114,000 taxpayers had their data stolen. But in what the IRS is calling a "deeper analysis" of the breach, it identified an additional 220,000 cases where hackers got access to taxpayer records. The agency says hackers tried, but failed to access the data of some 280,000 more taxpayers.

The hackers got into the accounts by clicking a link on the IRS website called Get Transcripts. The link allowed taxpayers to get copies of their own back tax returns to use, for example, in applying for loans.

The hackers, who the IRS believes may have been part of an organized crime syndicate possibly based in Russia, were sophisticated.

Reuters, CBS, WSJ.

Previously: IRS Coughs up 100,000 Tax Returns to Thieves

Original Submission

An Anonymous Coward write:

A friend from academia recently invited me to write a paper for a journal that he is guest editing. I don't write many papers (not in academia), so I figured I better look through the Author Guidelines to see what formats they would accept, etc.

Here is the Inderscience author faq page.

This one stopped me in my tracks:

Has anyone else been asked to identify professional friends by a journal publisher?

Needless to say, I'm not writing anything for Inderscience until this request is removed. Or maybe I'll write the paper as a favor to my friend...and provide names of experts from my field who are deceased.

Original Submission

basstard writes:

BBC has an article by Christopher Watson on what makes a planet habitable.

What if the planet sports a blanket of white clouds? Clouds are reflective and therefore will cool the planet, acting to push the habitable zone closer to the star. Amusingly, if we calculate this "equilibrium temperature" for the Earth, taking into account its beautifully reflective clouds, then it turns out that we live outside the classical habitable zone! The same calculation for Venus gives an expected equilibrium temperature of about -10°C, but in reality it is more like 450°C.

Both these planets have greenhouse gases present in their atmospheres, warming the planet up and driving the outer-boundary of the habitable zone further away from the star (while clouds drive the inner-boundary closer to the star). The very latest habitable zone definitions use simulations of these cloud and greenhouse effects - widening and blurring the crude classical definition. Throw into the mix that we currently can't study the atmospheres of rocky terrestrial exoplanets (and therefore have no idea whether they have clouds, greenhouse gases, or even an atmosphere at all!) - then to say "that planet is habitable" is impossible, for the time-being at least.

Just to complicate matters, the habitable zone also depends on the type of star the planet orbits. The more massive and hotter the star, the further out the habitable zone will lie. Conversely, small cool stars will have a habitable zone that is much closer in. Indeed, "red dwarf" stars are so cool and dim that a planet in the habitable zone might have a "year" that lasts only a few days, so feeble is the red dwarf's light.

This would raise other problems for life on such a planet. Red dwarfs like to chuck out large flares, stellar eruptions that release charged particles and X-rays. Given the close proximity of the planet, this might cause substantial atmospheric losses. High doses of radiation also tend to be harmful to biological material, and X-rays are capable of dissociating water - thereby depleting any water supply. Not ideal. Maybe things are better around hotter stars, where a habitable planet would lie further way from any nasty stellar blasts? Well, now we run into another problem, that of the lifetime of the star.

Massive, hot stars are real gas-guzzlers. Yes, they may have far larger "fuel tanks" (they have a lot more mass to "burn"), but they gobble that fuel much, much faster, and die much younger than small, frugal cool stars. For example, some of the most massive stars may live for only a few million years, while our Sun will hang around for about eight billion years. Based on our knowledge of how life evolved on Earth, it is unlikely that even simple life would have time to evolve around stars that are all that much hotter than our Sun. Returning to the diminutive red dwarf stars at the other end of the scale, these can hang around for about 100 billion years. Perhaps if a planet DID hang on to its atmosphere, then over such a long time life might evolve to cope with being frequently doused in radiation?

[...]

Original Submission

patella.whack writes:

Many have long speculated on the ramifications to open-source software if Microsoft and company really cracked down on Piracy. We may soon find that out if the abilities of Windows 10 are put into effect. MaximumPC writes: [maximumpc.com]

Have you read through the End User License Agreement (EULA) for Windows 10? If not, you might be in for a surprise if Microsoft decides to follow through terms outlined in Section 7b, which warns that Windows 10 can automatically check for and block access to illegal software, including counterfeit games, and unauthorized hardware.

Have a look:

Sometimes you'll need software updates to keep using the Services. We may automatically check your version of the software and download software updates or configuration changes, including those that prevent you from accessing the Services, playing counterfeit games, or using unauthorized hardware peripheral devices. You may also be required to update the software to continue using the Services. Such updates are subject to these Terms unless other terms accompany the updates, in which case, those other terms apply. Microsoft isn't obligated to make any updates available and we don't guarantee that we will support the version of the system for which you licensed the software.

These terms don't just apply to Windows 10, they also cover other Microsoft services and software, such as Skype, Office 365, Xbox Live, and several more.

Original Submission

Arthur T. Knackerbracket writes in with this cool story from Phys.org:

Sunlight can be brutal. It wears down even the strongest structures, including rooftops and naval ships, and it heats up metal slides and bleachers until they're too hot to use. To fend off damage and heat from the sun's harsh rays, scientists have developed a new, environmentally friendly paint out of glass that bounces sunlight off metal surfaces—keeping them cool and durable.

The researchers present their work today at the 250th National Meeting & Exposition of the American Chemical Society (ACS).

"Most paints you use on your car or house are based on polymers, which degrade in the ultraviolet light rays of the sun," says Jason J. Benkoski, Ph.D. "So over time you'll have chalking and yellowing. Polymers also tend to give off volatile organic compounds, which can harm the environment. That's why I wanted to move away from traditional polymer coatings to inorganic glass ones."

Glass, which is made out of silica, would be an ideal coating. It's hard, durable and has the right optical properties. But it's very brittle.

To address that aspect in a new coating, Benkoski, who is at the Johns Hopkins University Applied Physics Lab, started with silica, one of the most abundant materials in the earth's crust. He modified one version of it, potassium silicate, that normally dissolves in water. His tweaks transformed the compound so that when it's sprayed onto a surface and dries, it becomes water resistant.

Unlike acrylic, polyurethane or epoxy paints, Benkoski's paint is almost completely inorganic, which should make it last far longer than its counterparts that contain organic compounds. His paint is also designed to expand and contract with metal surfaces to prevent cracking.

Mixing pigments with the silicate gives the coating an additional property: the ability to reflect all sunlight and passively radiate heat. Since it doesn't absorb sunlight, any surface coated with the paint will remain at air temperature, or even slightly cooler. That's key to protecting structures from the sun.

Original Submission

Phoenix666 writes:

[translation mine] A small white drone took off from Frankfurt an der Oder at the end of June and flew over the border to Poland. The remote-controlled device carried two packets of abortion pills as cargo. On the other side of the border, two pregnant women waited and collected the pills immediately. In Poland abortions are illegal. The supply by drone represents help and a sign--and an effective PR stunt.

Behind the action is, among others, the Dutch doctor Rebecca Gomperts. She has founded two organizations to help women in countries where abortion is illegal to nevertheless have an abortion - with help from medication and unusual methods: The organization Women on Waves sails with a Dutch ship to countries in which abortion is illegal. There the activists pick up pregnant women who don't want to carry to term and take them to international waters. There, the abortions are undertaken.

Does the use of a drone and app represent something new, or is it merely another chapter in the history of smuggling? Will the ubiquity of such devices and practices erase national borders?

[My German skills are quite rusty but it appears that an App is available in the Google Play store for Android but was rejected by Apple. It is, however, unclear to me exactly what the App does. Please reply in the comments if you can shed some light on this. -Ed.]

Original Submission

"gewg_" writes:

Martin Brinkmann at gHacks reports

Most browsers use some sort of preloading or precaching to speed up the connection and sometimes even the loading process in the browser.

The idea behind this is to improve the process for users by making it snappier and faster. The downside is that connections are made before an explicit action by the user.

If you hover over links in the Firefox browser for instance, connections are made to those resources automatically by the browser to improve the loading speed. To be precise, TCP and SSL handshakes are set up in advance but page contents are not downloaded until a click on the link is registered.

That's however only helpful if you click on the link to load that site, and not helpful if you don't. In addition, some users may have privacy concerns as connections are made to servers and domains they may not visit.

[...] The feature launched in Firefox 22 and been criticized for a lack of control in the graphical user interface.

[...] If you want to prevent Firefox from making connections when you hover over links in the browser, do the following:

1. Type about:config in the browser's address bar and hit enter.
2. Confirm you will be careful if the prompt appears.
3. Use the search to find network.http.speculative-parallel-limit.
4. Double-click on the preference and change its value from 6 to 0.

This disables the feature. If you want to restore the original value at any point in time, repeat the process above and set it back to 6.

  Other automatic connections

The Firefox web browser makes additional automatic connections which you can prevent as well:
DNS Prefetching [and] Link Prefetching [...]

In the comments, Pants notes that this can be made easier on multiple boxes via a user.js file.

[Editor's Note: The network.http.speculative-parallel-limit also affects Pale Moon v25.6.0 (x86) on Windows. We have not confirmed for any other versions or operating systems.]

Original Submission

Phoenix666 writes in with a story from the BBC:

An Australian court has blocked a US company from accessing details of customers who illegally downloaded the US movie Dallas Buyers Club.

The company, which owns the rights to the 2013 movie, is seeking compensation from people who pirated the movie.

But the Federal Court of Australia said the company had to pay a large bond before it could access their data.
...
Dallas Buyers Club LLC (DBC) said it had identified 4,726 unique IP addresses from which the film was shared online using BitTorrent, a peer-to-peer file sharing network.

But the Federal Court of Australia said DBC would have to pay A$600,000 ($442,000; £283,000) to obtain customer details.

In a judgement published on Friday, the court also limited any damages DBC could seek from alleged copyright infringers.

The ruling will prevent the company from so-called speculative invoicing.

This is where account holders accused of piracy are threatened with court cases that could result in large damages unless smaller settlement fees are paid.

Is this ruling a model for courts elsewhere?

Original Submission

An Anonymous Coward writes in with this story from the Press Examiner:

In the state's latest drought-conservation measure, California regulators Wednesday adopted stricter low-flow standards for showerheads in a move designed to save billions of gallons of water annually.

Standards adopted today require that all showerheads sold not exceed 2.0 gallons per minute maximum flow rate as of July 2016.

The commission predicts that the new standards will save more than 2.4 billion gallons of water in the first year and 38 billion gallons after full stock turnover in 10 years. The California Energy Commission voted Wednesday to phase in shower-head efficiency standards, limiting them to just 1.8 gallons a minute after July 2018.

In related news, the San Diego Metropolitan Water District is thanking San Diegans for saving so much water during the shortage that they will need to raise water rates:

San Diego water customers could see their bills climb about 17 percent in the next year under a proposal that would raise rates.

A proposal that city utility officials presented Monday to the Independent Rates Oversight Committee called for overall rate increases of 9.8 percent on Jan. 1, 2016, and another 6.9 percent on July 1, 2016. The increases will cover costs including the increasing price of imported water, and lower sales expected as customers slash water use 16 percent.

tt0181689 writes:

In a little-noticed filing before an Oregon federal judge, the US Justice Department and the FBI conceded that stopping US and other citizens from traveling on airplanes is a matter of "predictive assessments about potential threats."

It is believed to be the government's most direct acknowledgement to date that people are not allowed to fly because of what the government believes they might do and not what they have already done.

Last Friday, the ACLU told the court that the administration's predictive assessments pose an "extremely high risk of error".

Marc Sageman, a former CIA counterterrorism analyst and current academic researcher of terrorism, submitted a brief for the ACLU arguing that the government's predictive model underpinning the blacklist inclusion was not responsibly rigorous. Without a "scientifically validated process", Sageman asserted, the government's judgements about who does and does not pose a terrorist threat to aviation "amount to little more than the 'guesses' or 'hunches' that do not meet the standard for reasonable suspicion.

These official revelations confirm Bruce Schneier's criticism of more than a decade past where he called the no-fly list "a list of suspected terrorists so dangerous that we can't ever let them fly, yet so innocent that we can't arrest them - even under the draconian provisions of the Patriot Act."

Original Submission

Phoenix666 writes:

In a new study published online in the journal Appetite, researchers found that women's brains respond more to romantic cues on a full stomach than an empty one. The study explored brain circuitry in hungry versus satiated states among women who were past-dieters and those who had never dieted.
...
Specifically, the researchers looked at whether the brain's reward response to food differed significantly in women at risk for future obesity (historical dieters) versus those who had never dieted. All of the study participants were young, college-age women of normal weight.

In that study, published in Obesity in 2014, the researchers found that the brains of women with a history of dieting responded more dramatically to positive food cues when fed as compared to women who had never dieted or who were currently dieting.

"In the fed state, historical dieters had a greater reaction in the reward regions than the other two groups to highly palatable food cues versus neutral or moderately palatable cues," she said. Highly palatable cues included foods like chocolate cake; neutral cues were things like carrots.

Ely said the data suggests historical dieters, who longitudinal studies have shown are more at risk for weight gain, may be predisposed by their brain reward circuitry to desire food more than people who have not dieted.

Taking a woman to dinner does seem to predispose her to romance.

Original Submission

Phoenix666 writes:

Motorists will be able to recharge their cars as they drive if a scheme being proposed by Highways England comes to fruition.

The government agency has announced plans to test wireless power-transfer tech that it hopes to build under the country's motorways and major A roads.

It has already completed a feasibility study and is now asking companies to tender bids to host off-road trials.
...
It aims to run the experiments for about 18 months before deciding whether to commit itself to an on-road trial.

"The potential to recharge low emission vehicles on the move offers exciting possibilities," commented Transport Minister Andrew Jones.

How long before after-market devices allow bus passengers to recharge their iPhones?

Original Submission

c0lo writes:

Speaking of bugs, Ars Technica carried a story about the resurgence of tropical diseases in south Texas (with a title almost inviting Betteridge's law: "Can America cope with a resurgence of tropical disease?").

One rainy Friday morning in March 2015, Dr. Laila Woc-Colburn saw two patients with neurocysticercosis (a parasitic infection of the brain) and one with Chagas disease, which is transmitted by insects nicknamed ‘kissing bugs.’ Having attended medical school in her native Guatemala, she was used to treating these kinds of diseases. But she was not in Guatemala anymore—this was Houston, Texas.

[...] “While we were calling them neglected tropical diseases, the ‘tropical’ part is probably a misnomer,” says Hotez. “Most of the world’s neglected tropical diseases are in wealthy countries. It’s the poor living among the wealthy.”

Once aggressive government-funded eradication programs finally halted local malaria transmission, the optimism of the 1950s and early 1960s—combined with the advent of life-saving antibiotics and anti-parasitic drugs—made infectious diseases seem like ancient relics.
“People thought that specializing in infectious diseases would be a waste of time because they would soon be history,” says Lucas Blanton, an infectious disease physician at the University of Texas Medical Branch.

[...] Edwards knows a few things about Chagas: it is caused by the parasite Trypanosoma cruzi and spread by a group of insects called Triatoma, or ‘kissing bugs’ (because they like to bite near the mouth). .... Chagas is a major problem in Latin America, where an estimated 8 million people are infected.

[...] Edwards’ new patient, however, had never been to Latin America. She had never even left the USA. She was, Edwards explains, “your All-American girl,” hardly a candidate for a disease that mainly infected poor, rural populations in Central and South America. ... The case has stayed with Edwards for several reasons, the main one being the mystery of how the girl became infected if she’d never left the country. But south Texas is home to the same kissing bugs that transmit Chagas. The answer, then, had to be this: she had been infected with Chagas in Texas. And she was unlikely to be the only one.

[...] Results from studies that tested donated blood for Chagas support the idea that it is a major problem in Texas. A 2014 study showed that one out of every 6,500 people who donated blood screened positive for Chagas—almost 50 times more than the CDC’s estimate that one in 300,000 Americans was infected.

Original Submission