SoylentNews

Phoenix666 writes:

Where did dogs first arrive on the scene? Scientists have long debated that question, and now a study of doggie DNA from around the world is pointing to Central Asia.

Man's best friend may have evolved somewhere near what is now Nepal and Mongolia, researchers say.

Previous studies have suggested southern China, the Middle East, Siberia and Europe as the place where our first domesticated animal arose from wolves at least 15,000 years ago.

For the new work, Adam Boyko of Cornell University and others analyzed DNA from 549 dogs that represented 38 countries in Africa, the Americas, Asia, Europe, India, the Middle East and islands north and east of Australia. The animals weren't house pets, but rather "village dogs" that wandered freely in the streets or fields.

The researchers examined the DNA for signals of where the dogs had the most ancient roots. That pointed to Central Asia. The analysis did not tackle the contentious question of when dogs appeared.

Genetic structure in village dogs reveals a Central Asian domestication origin [abstract]

Original Submission

Phoenix666 writes:

Got a concept for cutting-edge spy tech? Jason Matheny, who was named director of the Intelligence Advanced Research Projects Activity (IARPA) in August, wants your great ideas. The agency, established in 2006, invests in high-risk, high-payoff research to solve problems faced by the U.S. intelligence community. Partly due to Matheny's work, the agency is tapping resources outside of government, including crowdsourcing ideas from the general public.

Matheny joined IARPA in 2009 after a career in both academia—Oxford University, Princeton University, and the Johns Hopkins Applied Physics Laboratory—and the startup world. He previously headed IARPA's comically named Office for Anticipating Surprise—which develops new forecasting capabilities—and served as program manager of Aggregative Contingent Estimation (ACE), an outfit that crowdsourced forecasts from more than 20,000 people on various geopolitical issues. He also worked at the agency's Office of Incisive Analysis, which analyzes data sets.

How would you surprise him?

Original Submission

An Anonymous Coward writes:

Microsoft's telemetry features in Windows 10 are a privacy advocate's nightmare. Now that Microsoft is trying to back port these "features" into existing versions of Windows, it seems like many of us have no future upgrade path. Sure there is Linux, but I have some older Windows software that I still want to use. ReactOS is still out there, but does not look like there have been any updates in a while.

Does the Soylent community believe it is possible to get this project going full steam to producing a useable alternative for existing Windows users?

Original Submission

darkfeline writes:

Just recently, I moved my personal website to HTTPS, making sure to use a secure 2048-bit RSA key and TLS 1.2, and guarding against vulnerabilities such as POODLE and Logjam. It took some work, but not that much work, even for doing the research. Yet there are some people who just don't care.

Due to a new technique, 512-bit keys are now completely vulnerable for as little as $75.

The technique, which uses Amazon's EC2 cloud computing service, is described in a paper published last week titled Factoring as a Service .

[...] The researchers concluded that despite widespread awareness that 512-bit keys are highly susceptible to breaking, the message still hasn't adequately sunk in with many administrators. The researchers wrote:

512-bit RSA has been known to be insecure for at least fifteen years, but common knowledge of precisely how insecure has perhaps not kept pace with modern technology. We build a system capable of factoring a 512-bit RSA key reliably in under four hours. We then measure the impact of such a system by surveying the incidence of 512-bit RSA in our modern cryptographic infrastructure, and find a long tail of too-short public keys and export-grade cipher suites still in use in the wild. These numbers illustrate the challenges of keeping an aging Internet infrastructure up to date with even decades-old advances in cryptanalysis.

The article reports finding a significant number of sites that are still using 512-bit RSA keys to protect HTTPS, DNSSEC, ssh, e-mail (SMTP, POP3, and IMAP), and other services.

Original Submission

Thanks to all of our wonderful supporters, we have exceeded our financial goal for this period! This period covers the second half of 2015, so we still have a few months before this period is over. Up until now, the only thing we have budgeted for was immediate and expected expenses (hosting, tax preparation, domain registrations, etc.). While we have been luckily staying ahead of these projected expenses by a small margin (about 10% in the first half of the year), it appears we have an opportunity to exceed the goal set for this period. Subsequently, we had the idea of a stretch goal. There are quite a few things that we could use this money for (not for more more servers.)

One of the biggest "expenses" that we rarely discuss is the initial capital outlay that went into the site's startup costs — $3,417 coming out of the personal accounts of our staff. Of course, we aim to reimburse these sizable contributions. Though they have noted that they wished us to first focus on making the site self-sustaining, it appears we are already doing that.

Another possible use for "extra" funds would be to have some money on hand for lawyers. We often talk about how any kind of lawsuit or legal proceedings would be a huge financial burden on us. We do try to avoid any case that may invite that; for example, we are registered for DMCA requests, we take steps so that we are not breaking laws here in the USA (etc.). However, even if we are following the laws/guidelines exactly, that does not rule out the possibility of a lawsuit, so it would be ideal that we had some funds in case such a situation ever arises.

Further down the road we would love to be able to compensate some of our dedicated — and so far entirely volunteer staff — many of whom have been working tirelessly on this site since it went live; taking time away from their lives and families so that we can have this community. This is a "for the future" thing. It would have its own quirks and issues that we would have to figure out. It's a nice-to-have-problem in case we ever do have the extra capital. Surely, having a few paid employees, at least, would help ensure the long-term viability of the site, as well as open up the opportunity to really improve and expand on what we are trying to do here.

For this stretch goal we are aiming for an additional $2,000. This should cover any unexpected costs that come up in the way of taxes for last year (yes, we are still working to finish up the filing for last year) and give us a buffer that we could just leave in the bank for now. If things continue financially in this direction (or even grow), then we can start to use this money to begin to pay back the the startup costs for the site, and keep a few dollars on hand for things that come up in the future.

I also wanted to mention that we are working on getting direct credit card payments possible through Stripe for those that prefer not to use PayPal. Though we don't have a timeline yet, it is in the pipeline.

Once again, I am personally astounded by the support that we have seen since we went live in February of 2014: over a quarter-million comments as well as all the submissions, volunteers, and subscribers — the feeling of being a part of this is hard to describe. So thank you all for being you.

-mrcoolbp

takyon writes:

Update: Western Digital announced its acquisition of SanDisk on Wednesday for $86.50 per share, or about $19 billion.

Bloomberg reports that hard disk drive maker Western Digital (WD) is considering purchasing SanDisk Corp. for between $80 and $90 a share, or around $17-18 billion.

A merger would give WD access to SanDisk's NAND flash chip foundry deal with Toshiba and make WD an instant competitor in the solid-state drive market. As we reported last week, SanDisk is also partnering with Hewlett-Packard on Storage-Class Memory (SCM), a post-NAND competitor to Intel and Micron's 3D XPoint offering.

After three years of delay, Chinese trade regulator MOFCOM has approved WD's integration with HGST. The two businesses will be required to keep product brands and sales teams separate for two more years, but can begin "combining operations and sharing technology," such as HGST's helium-filled 7-platter hard drives. $400 million in annual operating expenses could be reduced by the integration.

WD can be expected to include helium-filled hard drives in its product lineup imminently. If WD merges with SanDisk, we may also see the inclusion of more large NAND flash caches in the form of hybrid hard drive (HHD/SSHD) products. The Xbox One Elite Bundle ships with a 1 terabyte SSHD, and Seagate recently released a 4 terabyte desktop SSHD.

It's not all good news for Western Digital this week. Security researchers have just disclosed multiple vulnerabilities in WD's "My Passport" and "My Book" self-encrypting hard drives that allow encryption to be bypassed.

Phoenix666 writes:

The director of the US National Security Agency on Monday sought allies at an elite technology conference amid lingering distrust about widespread online snooping.

Admiral Michael Rogers, who heads US Cyber Command as well as directing the NSA, stated his case at the opening of a Wall Street Journal WSJDLive conference here.

"We increasingly live in an acrimonious environment where differences in perspective are made almost personal," Rogers said.

"Government is largely distrusted. We have got to work our way through things and find out how we are going to work together."

Rogers avoided being pinned down regarding whether he favored having US tech companies install "back doors" that intelligence agents could use to get into systems or devices.

Original Submission

Phoenix666 writes:

As ever under such circumstances, I went through my list of email and Twitter contacts, seeing this as a good opportunity to offer some exposure to indie developers whose work I've enjoyed over the years. One response came back very quickly, albeit from a name I didn't quite recognise. The message was in fact from a developer's wife; the person I was trying to get in touch with had died the previous week.

The developer in question was Stewart Hogarth, who'd lost his battle with congenital heart disease; he was just 34. We'd only been in touch a few times, but I'd been captivated a couple of years ago by his truly excellent 8-bit tribute I Am Level for iOS and Android. This was a smart, charming, entertaining title that married eye-searing Spectrum-style graphics, old-school single-screen platforming challenges, and modern mobile tilt-based controls. It was still installed on all of my devices, and it was strange and very sad to think that the person who created it was no longer with us.

Another developer I was interviewing at the time expressed his shock regarding Stew's passing, and also concern that his work's availability was now potentially on borrowed time.

As a developer, he said it was almost like a little of his soul somehow went into each app or game he made; through what you've created, you can in some way live on if you're no longer around. This of course isn't new thinking — people often say similar things when it comes to art and literature, and even film and music. But those mediums[sic] have the kind of longevity that just isn't afforded to modern digital apps.

Original Submission

Phoenix666 writes:

The Obama Administration has ordered US federal agencies to hold off on purchasing new PCs in hopes of patching up a broken ordering system.

The White House Office of Management and Budget (OMB) has put a hold on new desktops and notebooks while it sorts through what it says are "thousands" of new system orders every year.

OMB said that because agencies lack a standardized way to order, maintain, and replace their IT infrastructure, officials are forced to seek out their own contracts and purchase orders to get new PCs, leading to huge accumulated costs in waste.

"There is no need for thousands of contracts to purchase common laptops and desktops," the OMB said in its order late last week.

What answer do you predict the US government will reach, "Surfaces for everyone!"?

Original Submission

Phoenix666 writes:

Beneath the Aurora Borealis an oil tanker glides through the night past the Coast Guard ice breaker Amundsen and vanishes into the maze of shoals and straits of the Northwest Passage, navigating waters that for millennia were frozen over this time of year.

Warming has forced a retreat of the polar ice cap, opening up a sea route through the Canadian Arctic Archipelago and connecting the Atlantic and Pacific Oceans for several months of the year.

Commander Alain Lacerte is at the helm as the vessel navigates the Queen Maud Gulf, poring over charts that date from the 1950s and making course corrections with the help of GPS.

[...] Today, taking this route cuts 7,000 kilometers (4,350 miles) off a trip from London to Tokyo, saving time and fuel.

Original Submission

magamo writes:

A WiFi connected tea kettle, the iKettle, was recently tested by Pen Test Partners and found severely lacking, spewing forth WiFi access codes for encrypted networks to unencrypted clients with just a few tricks. As reported by geek.com:

Ken Munro, a researcher at Pen Test Partners, recently took to the stage in London to show off what he and his co-workers discovered. Their mark was the iKettle, which was proclaimed "the world's first WiFi kettle" by its creators on the crowd-funding site Firebox.

He was able to trick the kettle into connecting to an unencrypted WiFi network just by giving it the same name as the encrypted network it was originally connected to and using a directional antenna to make sure the signal was loud and clear. Once they'd hijacked the wireless connection, Munro and his partner were able to convince the iKettle to spill the key for the encrypted network.

All it took was two little commands sent via Telnet. And being the helpful little kettle that it is, it even handed Munro the key in plain text.

Original Story: http://www.geek.com/news/connected-kettles-found-brewing-up-security-problems-1637249/

Original Submission

NotSanguine writes:

The New York Times is reporting on a disturbing courtroom scene in rural Alabama. A circuit judge apparently required those who owe fines to give blood or face incarceration.

From the article:

“Good morning, ladies and gentlemen,” began Judge Wiggins, a circuit judge here in rural Alabama since 1999. “For your consideration, there’s a blood drive outside,” he continued, according to a recording of the hearing. “If you don’t have any money, go out there and give blood and bring in a receipt indicating you gave blood.”

For those who had no money or did not want to give blood, the judge concluded: “The sheriff has enough handcuffs.”

[...] The dozens of offenders who showed up that day, old and young, filed out of the Perry County courthouse and waited their turn at a mobile blood bank parked in the street. They were told to bring a receipt to the clerk showing they had given a pint of blood, and in return they would receive a $100 credit toward their fines — and be allowed to go free.

[...] On Monday, the Southern Poverty Law Center filed an ethics complaint against Judge Wiggins, saying he had committed “a violation of bodily integrity.” The group also objected to the hearing beyond the matter of blood collection, calling the entire proceeding unconstitutional.

Payment-due hearings like this one are part of a new initiative by Alabama’s struggling courts to raise money by aggressively pursuing outstanding fines, restitution, court costs and lawyer fees. Many of those whose payments are sought in these hearings have been found at one point to be indigent, yet their financial situations often are not considered when they are summoned for outstanding payments.

Is it ethical to require blood donations under any circumstance?

Is the threat of jail for non-compliance (given that, theoretically, we don't have debtor's prison in the U.S.) even constitutional?

Is this a Fourth Amendment issue?

Original Submission

Phoenix666 writes:

A newly-developed mathematical method can detect geometric structure in neural activity in the brain. "Previously, in order to understand this structure, scientists needed to relate neural activity to some specific external stimulus," said Vladimir Itskov, associate professor of mathematics at Penn State University. "Our method is the first to be able to reveal this structure without our knowing an external stimulus ahead of time. We've now shown that our new method will allow us to explore the organizational structure of neurons without knowing their function in advance."

"The traditional methods used by researchers to analyze the relationship between the activities of neurons were adopted from physics," said Carina Curto, associate professor of mathematics at Penn State, "but neuroscience data doesn't necessarily play by the same rules as data from physics, so we need new tools. Our method is a first step toward developing a new mathematical toolkit to uncover the structure of neural circuits with unknown function in the brain."

The method -- clique topology -- was developed by an interdisciplinary team of researchers at Penn State, the University of Pennsylvania, the Howard Hughes Medical Institute, and the University of Nebraska-Lincoln. The method is described in a paper that will be posted in the early online edition of the journal Proceedings of the National Academy of Sciences during the week ending October 23, 2015.

Original Submission

Phoenix666 writes:

It's not an urban sci-fi fantasy: Someone is actually building a leafy underground park below Delancey Street on Manhattan's Lower East Side. The Lowline is a plan to turn an abandoned trolley terminal there into a public green space, using special technology that pipes in sunlight beneath the street's surface. The real deal probably won't be ready until 2020, but this week the creators opened the Lowline Lab, a proof of concept and an experiment for seeing the ideas and tech in action. We got an early look inside.

New York's High Line has been an excellent addition to the city's greenspaces, and has really added an extra dimension to urban living. The Lowline could do the same underground. Is transforming derelict industrial structures a better alternative to urban renewal than straightforward redevelopment?

Original Submission

Phoenix666 writes:

But South Korean researchers say they've found several weaknesses in VoLTE networks in the U.S. and South Korea.

Their findings, released in a research paper, conclude that it would be possible to spoof phone calls, conduct denial-of-service attacks and overbill customers. They also found it would be possible for a malicious Android app to make secret phone calls in the background due to a flaw in the mobile OS.

The fault also lies in part with operators, which haven't full[y] vetted their infrastructure for security issues. Also, LTE standards have been implemented in different ways by operators, opening up a variety security holes.

"Basically, there are mistakes and things they have overlooked," said Yongdae Kim, a professor with the Korea Advanced Institute of Science and Technology's (KAIST) electrical engineering department, in a phone interview Tuesday.

T-Mobile, Verizon and AT&T were notified of the issues in May, according to an advisory updated on Monday from Carnegie Mellon University's CERT. None of the companies had an immediate comment.

Original Submission

Phoenix666 writes:

Security researchers have discovered a fiendish form of browser malware that stands in for your copy of Google Chrome and hopes you won't notice the difference.

As reported by PCRisk, the "eFast Browser" works by installing and running itself in place of Chrome. It's based on Google's Chromium open-source software, so it maintains the look and feel of Chrome at first glance, but its behavior is much worse.

First, makes itself the default and takes over several system file associations, including HTML, JPG, PDF, and GIF, according to MalwareBytes. It also hijacks URL associations such as HTTP, HTTPS, and MAILTO, and replaces any Chrome desktop website shortcuts with its own versions. Essentially, eFast Browser makes sure to open itself at any opportunity.

During use, eFast Browser constantly displays pop-up and search ads on top of the page you're visiting. Some of these ads lead to ecommerce sites, while others redirect to potentially malicious webpages, where there's a risk of installing more adware or malware. PCRisk also warns that the browser collects browsing information that could be personally identifiable. It's unclear if eFast Browser adheres to any sort of privacy policy. (The company behind eFast Browser, Clara Labs, has its own privacy policy, though trying to load this page in Chrome brings up a malware warning.)

Original Submission

HughPickens.com writes:

Rafael Minder writes in the NY Times that almost 50 years after coming close to possibly provoking a nuclear disaster, Secretary of State John Kerry, following years of wrangling between Spain and the US, signed an agreement to remove contaminated soil from an area in southern Spain where an American warplane accidentally dropped hydrogen bombs.

In 1966 a bomber collided with a refueling tanker in midair and dropped four hydrogen bombs, two of which released plutonium into the atmosphere. No warheads detonated, narrowly averting what could have been an explosion more powerful than the atomic strikes against Japan at the end of World War II. Four days after the accident, the Spanish government stated that "the Palomares incident was evidence of the dangers created by NATO's use of the Gibraltar airstrip", announcing that NATO aircraft would no longer be permitted to fly over Spanish territory either to or from Gibraltar. The US later announced that it would no longer fly over Spain with nuclear weapons, and the Spanish government formally banned US flights over its territory that carried such weapons.

Neither Kerry nor Spanish Foreign Minister García-Margallo said exactly how much contaminated soil would be sent back, where it would be stored in the United States, or who would pay for the cleanup — some of the issues that have held up a deal until now. Spain has insisted that any contaminated soil be sent to the United States, because Spain does not have plants to store it. Concern over the site was reawakened in the 1990s when tests revealed high levels of americium, an isotope of plutonium, and further tests showed that 50,000 cubic meters of earth were still contaminated. The Spanish government appropriated the land in 2003 to prevent it being used.

Original Submission

jdavidb writes:

The Orionid meteor shower peaks over the next couple nights (October 20/21). The Orionids are composed of debris from Halley's comet, which last visited the inner solar system in 1986 and will next visit in 2061.

takyon: NASA says:

"The Orionids will probably show weaker activity than usual this year," says Bill Cooke of the NASA Meteoroid Environments Office at Marshall Space Flight Center in Huntsville, Ala. "Bits of comet dust hitting the atmosphere will probably give us about a dozen meteors per hour." The best time to look for Orionid meteors is just before sunrise this Thursday, Oct. 22, when Earth encounters the densest part of Halley's debris stream.

Observing is simple: set the alarm a few hours before dawn, go outside and look up in the direction of the constellation Orion. No telescope is necessary to see Orionids shooting across the sky. While the meteor count may be lower this year, viewing conditions are favorable, as the gibbous moon will set by 2 a.m. EDT time, permitting good viewing just before dawn when rates will be at their highest.

A live stream of the night sky from NASA's Marshall Space Flight Center will be available via Ustream beginning October 21, at 10 p.m. EDT. [...] The next meteor shower on deck is the Leonids, with the peak expected from midnight until dawn on Nov. 18.

Original Submission