SoylentNews

Ayn Anonymous writes:

Let's assume the information about the Windows 10 key logging is true.
Access to this key logger data is the holy grail in computer hacking.
A dream of every "commercial" hacker. This means you can fully automated generate Fullz each at the moment $35 USD worth.
45 mio. (of 1.5 billion, data from 11-Aug-2015, strong growing) Windows 10 systems at the moment.
The average DNS bit-flip error rate is 1 in 100,000 requests. See Bitsquatting: DNS Hijacking without exploitation

Here is one thought-provoking quote from that dinaburg.org article:

Some machines control considerably more traffic than others. While a bit-error in the memory of a PC or phone will only affect one user, a bit-error in a proxy, recursive DNS server, or a database cache may affect thousands of users. Bit-errors in web application caches, DNS resolvers, and a proxy server were all observed in my experiment. For instance, a bit error changing fbcdn.net to fbbdn.net led to more than a thousand Farmville players to make requests to my server.

P And this are only 1 bit-flips. As it turned out multiple bit flips are even more common than single bit-flips.
This means at least 450 wrong DNS requests from this 45 mio. Windows 10 users. Per domain.
3 domains (nsatc.net, footprintpredict.com, microsoft.com) Wrong requests every day: (A record TTL):
nsatc.net=3 h, footprintpredict.com=0.5 h, microsoft.com=2 h == (24/3*450)+(24/0.5*450)+(24/3*450)==30,600

Not all DNS Bitquatting domains have equal value. The order of bit flipping probability is 0,6,(1+2),8,(3+13),14,12,15,(4+5),(7+9+11),10
The bit in position #0 is 100 times more likely to be flipped than one in position #10
If someone like to exact calculate what are the most likely single and multi bit-flip bitquatting names are, here: Observations on checksum errors in DNS queries are all the data you need to do this.

Arthur T. Knackerbracket writes in witha story from phys.org:

Leaves of the European chestnut tree contain ingredients with the power to disarm dangerous staph bacteria without boosting its drug resistance, scientists have found.

The use of chestnut leaves in traditional folk remedies inspired the research, led by Cassandra Quave, an ethnobotanist at Emory University.

"We've identified a family of compounds from this plant that have an interesting medicinal mechanism," Quave says. "Rather than killing staph, this botanical extract works by taking away staph's weapons, essentially shutting off the ability of the bacteria to create toxins that cause tissue damage. In other words, it takes the teeth out of the bacteria's bite."

The discovery holds potential for new ways to both treat and prevent infections of methicillin-resistant S. aureus, or MRSA, without fueling the growing problem of drug-resistant pathogens.

Antibiotic-resistant bacteria annually cause at least two million illnesses and 23,000 deaths in the United States, according to the Centers for Disease Control and Prevention. MRSA infections lead to everything from mild skin irritations to fatalities. Evolving strains of this "super bug" bacterium pose threats to both hospital patients with compromised immune systems and young, healthy athletes and others who are in close physical contact.

"We've demonstrated in the lab that our extract disarms even the hyper-virulent MRSA strains capable of causing serious infections in healthy athletes," Quave says. "At the same time, the extract doesn't disturb the normal, healthy bacteria on human skin. It's all about restoring balance."

Quave, who researches the interactions of people and plants - a specialty known as ethnobotany - is on the faculty of Emory's Center for the Study of Human Health and Emory School of Medicine's Department of Dermatology. She became interested in ethnobotany as an undergraduate at Emory.

For years, she and her colleagues have researched the traditional remedies of rural people in Southern Italy and other parts of the Mediterranean. "I felt strongly that people who dismissed traditional healing plants as medicine because the plants don't kill a pathogen were not asking the right questions," she says. "What if these plants play some other role in fighting a disease?"

Hundreds of field interviews guided her to the European chestnut tree, Castanea sativa. "Local people and healers repeatedly told us how they would make a tea from the leaves of the chestnut tree and wash their skin with it to treat skin infections and inflammations," Quave says.

Original Submission

Arthur T. Knackerbracket writes in with an article from ITWorld:

An ex-Google engineer is developing a new file system for Linux, with the hopes that it can offer a speedier and more advanced way of storing data on servers.

After a number of years of development, the Bcache File System (Bcachefs) "is more or less feature complete -- nothing critical should be missing," wrote project head Kent Overstreet, in an e-mail to the Linux Kernel Mailing List late Thursday.

Linux currently has plenty of working file systems, though no one file system seems to be best-suited for all uses.

The main goal of Bcachefs is to match the speed of traditional Linux file systems with the advanced scalability and reliability of newer file systems, Overstreet wrote.

Although not a sexy technology, file systems provide the interface to the operating system for storing files on a disk.

The most widely used file system among Linux users is the decades-old Gnu/Linux Extended Filesystem series of filesystems -- Ext4 being the latest release. But many organizations and users have gravitated towards other file systems, such as Btrfs or XFS, to handle very large amounts of data, or to use advanced techniques in ensuring data integrity.

This file system evolved from the work Overstreet did at Google, where he worked as a software engineer for two years from 2011 until 2013 to create caching software.

Bcachefs has all the features of a modern file system, Overstreet wrote, including checksumming to ensure data integrity, compression to save space, caching for quick response, and copy-on-write, which offers the ability for a single file to be accessed by multiple parties at once.

...

Overstreet is working on the file system on his own time, without outside funding. He is seeking other administrators and developers to test the system and even contribute to its development.

Nonetheless, the release of Bcachefs seems to have met with cautious optimism by the Linux professionals on the Hacker News online forum, though one contributor did say of Overstreet that "I hope the guy has a large stash in his bank. File systems take notoriously long to stabilize."

Original Submission

Phoenix666 writes:

Given the title of Blenner's proposal for a NASA project—"Synthetic Biology for Recycling Human Waste into Food, Nutraceuticals, and Materials: Closing the Loop for Long-Term Space Travel​"—you can see where people would get the wrong idea about recycling poo. (It's currently being renamed.) What Blenner is really doing is a new take on something the International Space Station already does: He's recycling human exhalation and micturation (that is, breath and pee) and turning it into raw materials.

He and his team want to feed carbon dioxide from human breath to algae cultures. Those algae cultures in turn produce lipids and other fats that, in combination with urea (derived in this case from human urine), are a favorite snack of yeast. The genetically engineered yeast will use this feast to create two important chemicals for astronauts: omega 3 fatty acids, and plastics.

The Omega 3s are important because they could be developed into a dietary supplement that astronauts would take while in transit or consumed as a food product. The polyester plastics, meanwhile, would provide raw materials for 3D printing, so astronauts could make tools without having to haul bulky materials up to space. The algae and yeast cultures probably would be dry stored, reducing their weight upon launch.

Original Submission

Phoenix666 writes:

Optogenetics is a marvel of our age, enabling neuroscientists to turn brain cells on and off with pulses of light. But until now there's been an obvious difficulty: How do you deliver that light to brain cells that are tucked inside an animal's skull?

Today we get the best answer yet, from the Stanford lab of Ada Poon. She and her colleagues have invented a tiny, wireless LED device that can be fully implanted beneath the skin of a mouse. The device lets researchers turn on the light and stimulate neurons when the mouse is scampering around, behaving more or less normally. This system, described today in the journal Nature Methods, seems a big improvement over previous technology, which used wires or bulky head-mounted devices to activate the light switch.

Here's a quick optogenetics primer, in case you need it. The technique makes use of neurons that have been genetically altered to respond to light, often with the introduction of genes from a strain of green algae. Researchers can control which part of a mouse brain contains these light-sensitive neurons, and they can then study the function of that brain region by activating the neurons—essentially turning them on and off—while watching the animal's behavior. Using this method, scientists can learn about basic brain anatomy or study dysfunctions seen in human diseases.

Wirelessly powered, fully internal optogenetics for brain, spinal and peripheral circuits in mice [abstract]

Original Submission

Arthur T. Knackerbracket writes:

From the BBC:

The US space agency has issued another of the "selfie" portraits acquired by the Curiosity rover on Mars.

Nasa tries to make one of these mosaics at every location where the robot drills into the surface.

This latest picture was taken by the rover at "Buckskin" - the seventh rock target on the mission to provide a sample for analysis.

The portrait differs from previous ones in that it is taken from a low angle.

Curiosity manages this smart piece of planetary photography in the same way that any human would take a selfie - by holding a camera at arm's length and framing its own form.

The camera used is the "hand lens" known as Mahli. Normally used to study mineral grains in rocks at very close quarters, it can also be focussed on infinity.

Engineers instruct Mahli to send back multiple shots of the rover, after first practising the shoot sequence on a test vehicle kept on Earth.

The pictures must then be stitched together to make the final scene.

Good copies of the 'selfies' were also found on Engadget.

Original Submission

takyon writes:

From TomsHardware.com:

Yes, first signs. The announcement that the developers were going to implement Direct3D 11 support came a while back, and while there is now Direct3D 11 support, it is in a very basic form. This means that there isn't full support yet, and not all the features have yet been implemented. Therefore, not all Direct3D 11 software is supported as of now. The full release notes are available here.

Additionally, the new release includes the new Gecko engine based on Firefox 40, improved font matching in DirectWrite, added support for OpenMP when run on ARM platforms, and a heap of bugfixes.

It should be noted that Direct3D does not equal DirectX. Direct3D is part of DirectX, which handles the hardware access layer. It is therefore the most crucial component of the graphics API, but even full Direct3D support doesn't mean that all DirectX 11 applications will run perfectly. In the wine emulator, for various items that are completely implemented there is software that doesn't run smoothly.

Original Submission

Arthur T. Knackerbracket writes:

Original URL: http://phys.org/news/2015-08-future-weather-agency-titan-advance.html

According to the National Oceanic and Atmospheric Administration, extreme weather events have caused more than $1 trillion in devastation since 1980 in the United States alone. It's a staggering figure, but not nearly as staggering as the death toll associated with these events—approximately 10,000 lives.

The prediction of low-probability, high-impact events such as hurricanes, droughts, and tornadoes, etc., has proven to have profound economic and social impacts when it comes to limiting or preventing mass property damages and saving human lives. But regardless of the aim, predicting weather has always been a tricky business.

However, thanks to one of the world's most powerful computers, it's becoming less tricky and more accurate. Researchers from the European Centre for Medium-Range Weather Forecasts (ECMWF) have used the Titan supercomputer, located at the US Department of Energy's (DOE's) Oak Ridge National Laboratory, to refine their highly lauded weather prediction model, the Integrated Forecasting System (IFS), in hopes of further understanding their future computational needs for more localized weather forecasts.

ECMWF is both a research institute and a 24/7 operational service, supported by 34 European countries. In the United States, the IFS is perhaps best known as the weather model that gave the earliest indication of Hurricane Sandy's path in 2012. Sandy is the second costliest hurricane in US history and the most powerful of the 2012 season. "Our ensemble forecasting system predicted the landfall of superstorm Sandy on the US East Coast more than 7 days in advance," said Erland Kallen, director of research at ECMWF.

Sandy was responsible for 117 American deaths (primarily because of drowning) and cost the United States $65 billion. Obviously, the sooner decision makers know where storms like Sandy are heading, the faster they can move to minimize the damage.

And that's precisely the aim of ECMWF's research on Titan at the Oak Ridge Leadership Computing Facility, a DOE Office of Science User Facility. By harnessing 230,000 of Titan's cores and refining communication within their model, researchers have been able to determine the limits of their current model implementation and the computational refactoring necessary to take the model to unprecedented levels of resolution and detail.

Original Submission

tt0161216 writes:

Accused public records terrorist, Carl Malamud recently suffered a "copyright strike" by WGBH of Boston for a public domain, government produced video he had posted to Youtube. Youtube's policy is that if a user gets a copyright strike, his account is crippled and if he gets more than a handful, his account is disabled.

Malamud thinks that what's good for the goose should be good for the gander and that any account filing erroneous copyright strikes, aka copyright fouls, should have reciprocal consequences. Since these copyright strikes are Youtube policy, not legal requirements, Youtube would be completely within their rights to implement a system of copyright fouls too.

Rogue archivist Carl Malamud writes, "I got mugged by a bunch of Boston hooligans. Readers of Boing Boing may be familiar with my FedFlix project which has resulted in 6,000 government videos getting posted to YouTube and the Internet Archive."

One of the films the government sent me to post is Energy - The American Experience, a 1976 film created by the Department of Energy (YouTube, the Internet Archive).

Well, somebody at WGBH saw the words "American Experience" in the title and went through the laborous process of issuing a formal Copyright Strike on YouTube. This is no casual process, they had to swear on a stack of affidavits that this really, really is their video. As a result, my account got a strike, I had to endure the humiliation that is "copyright school," and my account has many features disabled.

Original Submission

Arthur T. Knackerbracket writes:

Original URL: El Reg has a story on Hyundai's new fuel cell car:

Ask me what my ideal electric car would be and I'll probably tell you one with a range of 400 miles and a three-minute charge time. Shame no such car exists, I hear you say. Not so. I drove just such a vehicle last week.

Hyundai's ix35 Fuel Cell is part technology demonstration, part run-of-the-mill, commercially available motor vehicle. Right now you can buy one off the shelf from Hyundai UK, though there are certain compromises to be made.

All the vehicles on sale or already sold in the UK (and that's exactly 17 at the time of writing) are LHD thanks to the fuel cell sitting where the steering column would need to be.

And they are all front-wheel drive only because one of the hydrogen fuel tanks takes up the space needed by the gubbins that usually drives the back wheels. Oh, and it will cost you over fifty grand. And, erm, there are only three hydrogen filling stations in the UK right now.

LHD only. And no 4WD. And a £50,000 price tag. So not quite mainstream yet

But if you can overlook those four drawbacks the ix35 Fuel Cell is a highly desirable little wagon which drives just like any other good, modern EV but without any of the range restrictions imposed by current battery technology.

An Anonymous Coward writes in with an article from Forbes:

The Snowden leaks have taught us much about the tactics employed by the NSA and GCHQ, from brazen malware attacks to more esoteric dark arts, such as infecting low-level pieces of computer code. Correspondingly, research into more surreptitious activities targeting the guts of modern systems has often been overshadowed by studies of more obvious attacks. Yet such high-tech techniques pose a more severe risk. They can, for instance, allow agencies to spy on Tails, the Linux-based secure operating system favored by Snowden. And they're not as difficult to exercise as many would imagine. They can totally obliterate the privacy of even the most careful computer user.

That will be the message of Corey Kallenberg and Xeno Kovah when they present research on easy-to-find BIOS-level vulnerabilities at the CanSecWest conference in Vancouver this week. BIOS firmware is the first software to run when a PC is switched on. It checks hardware and starts the load process for the operating system. Attackers who can get their code running at that level, usually installing a malware known as a rootkit, will be able to avoid most security detections systems, which tend to work at the operating system level, not below it. To get malicious tools running in the BIOS, however, the attacker will first have to hack their way to getting administrator privileges on a PC, through something like an Internet Explorer exploit, and then find some BIOS vulnerabilities to hack away at. The first part happens across the web every day, but the second part, the so-called "post-exploitation" phase, is considered the domain of highly-sophisticated hackers, such as the NSA or GCHQ, and extremely tricky to pull off.

But Kallenberg and Kovah have created a tool that automates the identification and exploitation of BIOS bugs, a number of which they will detail at CanSecWest. Using their own bespoke malware, they have repeatedly been able to gain access to System Management Mode (SMM), a part of the computer used by firmware that's entirely separate from other processes, but can read everything going through a machine's memory.

"Once the payload is delivered, we have an agent running in SMM," said Kallenberg during a demo session with FORBES. "The thing about SMM is that it runs independent of the operating system, the operating system has no visibility into system management mode, it's a protected region that can't be read or written by the OS – Tails can't read or write to it – but it has access to all of memory."

Original Submission

An Anonymous Coward writes:

"Just FYI, it appears there is a bug in wget while using a proxy that allows wget to be forced to use the FTP port and thereby unmask the user's IP (normal usage) or at least leak the user's network adapter IP (in TAILS)."

- Comment @Reddit:
https://www.reddit.com/r/TOR/comments/3hc02l/how_can_i_download_webm_videos_longer_than_30/cu6yzv5
https://archive.is/3YYo0

- Original discovery of bug @lists.gnu.org:
https://lists.gnu.org/archive/html/bug-wget/2015-08/msg00020.html
https://archive.is/Ah3Pg

- Reported to TAILS project development list (tails-dev):
https://mailman.boum.org/pipermail/tails-dev/2015-August/009370.html
https://archive.is/nPi5h

- First response @tails-dev
https://mailman.boum.org/pipermail/tails-dev/2015-August/009383.html
https://archive.is/derHC

Another bug in wget has been discussed on Soylentnews in the past.

Original Submission

Arthur T. Knackerbracket writes:

CNET has an article on the replacement of regular tablets with 2-in-1 hybrid tablet/laptop devices.

Apple CEO Tim Cook once compared a tablet-laptop combo to mashing up a refrigerator with a toaster. The resulting Frankenstein device would do an equally lousy job of chilling your food and warming it up. That was three years ago.

Today, these tablet-laptop hybrids -- which blend the mobility and touchscreen friendliness of a tablet with the capabilities of a PC -- are on track to becoming the fastest-growing computing category. Shipments of so-called 2-in-1 devices like Microsoft's Surface Pro 3 and the Lenovo Yoga 3 Pro, for example, are expected to grow almost fivefold this year. That's thanks in part to attachable or foldable keyboards and more-powerful hardware, such as Intel's Core M microprocessors, that let slimmer, tabletlike devices hit speeds on par with midrange laptops.

And tablet sales? The market for large slabs of glass that are used mostly for playing games, reading email and watching videos has begun to slide. Sales of slate-style tablets are expected to fall 8 percent, according to a report from research firm Strategy Analytics. Sales in Apple's iPad business, meanwhile, fell 18 percent year over year in its most recent quarter, the sixth consecutive quarterly decline.

Consumers can't seem to get enough of devices that let them have, and do, it all.

"I feel like this took about three years," said Patrick Moorhead, an analyst at Moor Insights & Strategy. "You now have very high quality 2-in-1s that are very thin, affordable -- and people haven't upgraded their notebook for a while."

Understanding the rise of the 2-in-1 means charting the decline of the standalone tablet.

Jean Philippe Bouchard, a research director at IDC who's focused on tablets, points to the 2010 Dell Streak, one of the earliest so-called phablets, or phone-tablet hybrids. Consumers and critics panned the Streak for its (then) ridiculously large 5-inch screen. Dell stopped selling it 13 months after release.

"At the time, everyone -- me included -- were all laughing about this product," Bouchard said. "When you look now, the 5-inch is the norm for smartphones."

Larger phablets, such as Apple's new iPhone 6 Plus and the devices in Samsung's Galaxy Note line, have become standard. And mobile software from companies like Microsoft, such as its Word document-editing application, have been tailored to work across devices as business users shift work between screens. Samsung has even managed to re-energize the smartphone stylus as a must-have productivity tool.

These phablets have eaten into the market for standalone 7- and 8-inch tablets, like the 7.9-inch iPad Mini. When your phone is only an inch or two shy, what's the point, Bouchard points out.

Original Submission

takyon writes:

"Happy or Not" feedback kiosks will be appearing outside of Transportation Security Administration (TSA) checkpoints in select airports as part of a year-long pilot program:

The silver kiosks now stand at 27 passport offices around the country and 14 Social Security offices. In the next few weeks, passengers at Reagan National, LaGuardia, Los Angeles International and San Francisco International airports will see them as they leave the Transportation Security Administration checkpoints. The Department of Veterans Affairs also plans to launch kiosks soon.

The system for customers is pretty simple, even if the technology isn't. You click on one of four emoji buttons: a happy face, a somewhat happy face, an angry face or a somewhat angry one. And someone in the agencies' customer service offices will be watching for the data to stream in seconds through a computer. The responses, all anonymous, will be summarized every hour.

Here is an official website of the US Government for the program. From the FAQ:

Will the feedback data be open to the general public?

During the pilot phase, the feedback data will only be available to GSA staff participating in this pilot, participating frontline supervisors, and other relevant staff determined by the agency. If the pilot is successful, we plan to eventually make the citizen feedback data available to the general public.

Who do I contact for more information about the pilot?

For more information, please contact FeedbackUSA@gsa.gov.

Original Submission

"gewg_" writes:

The Guardian reports

Seven months after he was elected on a promise to overturn austerity, the Greek prime minister, Alexis Tsipras, has announced he is stepping down to pave the way for snap elections next month.

As the debt-crippled country received the first tranche of a punishing new €86bn (£61bn) bailout, Tsipras said on Thursday he felt "a moral obligation to place this deal in front of the people, to allow them to judge ... both what I have achieved, and my mistakes".

The 41-year-old Greek leader is still popular with voters for having at least tried to stand up to the country's creditors and his leftwing Syriza party is likely to be returned to power in the imminent general election, which government officials told Greek media was most likely to take place on 20 September.

Time magazine notes

It's one of the most basic rules of electoral politics: Keep your campaign promises or you will lose the support of your voters--but Greek Prime Minister Alexis Tsipras has deftly managed to skirt that rule. On Thursday, when he announced that he will resign and call snap elections for September 20, Tsipras wagered that voters would stay behind him regardless of the fact that he has failed to keep most of his core campaign pledges. And he is probably right.

At the end of July--after he had abandoned hopes of shielding the Greek welfare state from further cuts and austerity measures--Tsipras' approval rating was still at a comfortable 60% in all the major polls. Even now he is comfortably ahead of any other political leader in the country, and his move on Thursday to call elections is intended to lock in that support.

The prime minister will be replaced for the duration of the short campaign by the president of Greece's supreme court, Vassiliki Thanou-Christophilou--a vocal bailout opponent--as head of a caretaker government.

In related news, in the first move to sell off Greece's public infrastructure, as required by the terms of the third bailout, New Media outlet enikos indicates that German corporation Fraport doesn't think it has squeezed the Greek government quite hard enough yet and wants an even better deal than €1.2B to take over Greece's airports.

While opposed to asset sales when elected in January, Tsipras reversed his pre-election promise in order to seal a bailout deal in July. The shift has split the ruling Syriza party with the prospect of new elections as early as September. Tsipras is planning a confidence vote after 44 of his lawmakers voted against him when the bailout deal was approved last week.

...and this was after a public referendum July 5 where 61 percent of the Greek electorate said NO AUSTERITY.

Original Submission