SoylentNews

takyon writes:

A group is claiming that they hacked the NSA and obtained advanced malware and hacking tools (such as Stuxnet):

A mysterious hacker or hackers going by the name "The Shadow Brokers" claims to have hacked a group linked to the NSA and dumped a bunch of its hacking tools. In a bizarre twist, the hackers are also asking for 1 million bitcoin (around $568 million) in an auction to release more files.

"Attention government sponsors of cyber warfare and those who profit from it!!!!" the hackers wrote in a manifesto posted on Pastebin, on GitHub, and on a dedicated Tumblr. "How much you pay for enemies cyber weapons? [...] We find cyber weapons made by creators of stuxnet, duqu, flame."

The hackers referred to their victims as the Equation Group, a codename for a government hacking group widely believed to be the NSA.

Also at Computerworld:

The whole episode screams elaborate SCAM, but maybe it is legit as Twitter chatter by some security experts seem to lean toward believing it. On the flipside, it doesn't appear as if many trust it enough yet to have coughed up bitcoins. Other hackers are suggesting the auction is made up of really old vulnerabilities; this is partially based on the "free" files being offered by Shadow Broker as proof of hacking the Equation Group. Or it could be a mix, old and new, to keep everyone off-balance. Another oddity, pointed out in a Pwn All The Things tweet, is that the "free sample" file size is actually larger than the auction file size.

Yet security pro Matt Suiche dived into the free files offered by Shadow Broker, then took to Medium to say, "Most of the code appears to be batch scripts and poorly coded Python scripts. Nonetheless, this appears to be legitimate code." Suiche said the main targets in the dump he reviewed "appeared to be Fortigate, TopSec, Cisco and Juniper firewalls." He described some of the codenamed-exploits such as Eligible Bachelor, Extra Bacon and Banana Glee. The latter, he pointed out, is "particularly interesting because it allows references to the JETPLOW explanation from the 2014 NSA's Tailored Access Operations (TAO) catalog."

Original Submission

n1 writes:

Private law firms will be hired by police to pursue criminal suspects for profit, under a radical new scheme to target cyber criminals and fraudsters.

In a pilot project by the City of London police, the lead force on fraud in England and Wales, officers will pass details of suspects and cases to law firms, which will use civil courts to seize the money.

The force says the scheme is a way of more effectively tackling fraud – which is now the biggest type of crime, estimated to cost £193bn a year. It is overwhelming police and the criminal justice system.

Under the shakeup being piloted, a law firm will pursue the suspect in the civil courts before any conviction and possibly even without a criminal charge. The burden of proof is lower in civil courts, and they will only have to show that the suspect stole the money on the balance of probabilities.

[...] Katie Wheatley, joint head of criminal law at Bindmans, a London law firm, expressed unease over the proposals, which she said gave police "what they would regard as an easy deterrent, without having the inconvenience of proving an offence to a criminal standard".

[...] A working group to oversee the experiment has been set up by the City of London police, officers from the National Crime Agency, and Metropolitan police, and law and private investigation firms.

Source: The Guardian

takyon: The City of London is a small county within Greater London, run by the City of London Corporation. It is well known for being a centre of evil finance.

Original Submission

butthurt writes:

In a paper (PDF of full article) which has been accepted for Geophysical Research Letters, NASA researchers

According to the output of the general circulation model, "Venus may have had a climate with liquid water on its surface for approximately 2 billion years." In the simulation, extensive, highly reflective, H₂O clouds formed on the lit side of the planet. "A strong day-night circulation" carried heat to the dark side. These factors limited the range of temperatures, in spite of a slow rotation rate. The authors note that liquid water can be not only a sign of habitability, but a cause of it:

Venus today has little water. The high ratio of deuterium to protium (as compared to the ratio in Earth's surface water) leads us to believe that large most of the planet's hydrogen has escaped to space.

in the popular press:

• Scientific American
• Engadget
• Washington Post
• CNN

Original Submission

Since people seem to rather enjoy when I run articles on backend upgrades, here's another set of changes I made over the last week as I get back into the full swing working on the site.

The short list:

• Migrated Beryllium (which hosts wiki+IRC+mail) to Apache 2.4
• • Upgraded said machine to PHP7
  • Needed to support OCSP stapling
  • Validating final checks before deploying HSTS to all public domains
  • Upgraded MediaWiki, SquirrelMail, and YOURLS to PHP7 compatible versions
• Worked with TheMightyBuzzard and user comments to determine additional XSS protection headers we should deploy
• Found (and removed) SSLv3 support on postfix and dovecot
• Deployed DNSSEC on sylnt.us in preparation for signing soylentnews.org (here's the test results)

Read past the fold for more information.

An Anonymous Coward writes:

Don't want the new Facebook ads? In a brilliant demonstration of the arms race between ad companies and content filtering software, uBlock Origin already blocked them. This occurred hours after being introduced by Facebook.

The commit was here: https://github.com/uBlockOrigin/uAssets/commit/773512c844ab0e92e0dbb1fd9c00291d1ae0ba38

And from PC World:

Thursday morning, Adblock Plus announced that a new filter for banning Facebook's ads has been added to the main EasyList filter list used by the extension. Here's how to force Adblock Plus's filter list to update if you want in on the adblocking action.

Update: Facebook already rolled out new code to break Adblock Plus's workaround, according to Techcrunch. And then Adblock Plus rolled out a new filter to block the new workaround. And then Facebook released another patch to break the new Adblock Plus filter. Whack-a-mole indeed.

But you might not rush to do so. Adblock Plus's blog post warns that the new filter hasn't been heavily tested and may block additional content. An initial response sent out by Facebook suggests it may indeed be doing so.

"We're disappointed that ad blocking companies are punishing people on Facebook as these new attempts don't just block ads but also posts from friends and Pages," a spokesperson told AdAge. "This isn't a good experience for people and we plan to address the issue. Ad blockers are a blunt instrument, which is why we've instead focused on building tools like ad preferences to put control in people's hands."

[...] If you see an ad in your Facebook News Feed, click the drop-down arrow on the top left of the ad, and then choose "Manage your ad preferences." There, you'll be able to see which topics Facebook thinks you're into, and advertises against. Deleting them all should eliminate hyper-targeted ads—though not all ads, and Facebook will repopulate the list over time. Blocking ads via ad blockers isn't possible in Facebook's mobile apps, only in-browser.

Original Submission

"exec" writes:

National Aeronautics and Space Administration (NASA) officials confirmed last week that they had mistakenly auctioned a bag used by astronauts Buzz Aldrin and Neil Armstrong during the Apollo 11

The rare artifact, which was used to collect samples of moon rock during the first manned lunar mission back in 1969, was sold as a result of a clerical error, TechTimes reported.

In a government auction held last year, Nancy Carlson from Inverness, Illinois,USA, bought the white bag for just $995. NASA only realised its blunder when the woman sent the bag to the Johnson Space Center in Houston for authentication.

Upon multiple verifications, the space governing body decided to take possession of the artifact—for which Carlson has sued NASA, seeking the return of the bag.

The US government also acknowledged the mistake and described the bag as a "a rare artifact, if not a national treasure."

The bag in question was part of a collection of priceless items that was seized from the home of Max Ary, director of Kansas Cosmosphere and Space Center, the report said. He was later found guilty of stealing and selling off a number of the artefacts that were given on loan to the space centre.

http://technology.inquirer.net/51015/nasa-accidentally-sold-apollo-11-moon-landing-bag-in-an-auction

-- submitted from IRC

Original Submission

Arthur T Knackerbracket has found the following story:

The Wi-Fi Alliance says it’s taken more steps toward compromise since backers of LTE-Unlicensed slammed a coexistence workshop that took place last week. But those moves haven’t brought about wireless peace just yet.

LTE-U is a system for running LTE networks in some of the unlicensed frequencies used by Wi-Fi. The workshop, the latest of several intended to make sure LTE-U doesn’t unfairly interfere with Wi-Fi, brought together participants that want to use the new cellular system as well as those devoted to Wi-Fi.

When it was done, the Alliance said a test for coexistence was on track for completion next month. However, LTE-U supporters, including Qualcomm, said the whole effort was technically unsound and biased against them.

Representatives of both sides are supposed to be working toward consensus on a test to make sure LTE-U and Wi-Fi products can get along. But some LTE-U backers objected to aspects of the proposed test plan after the workshop last week.

Original Submission

An Anonymous Coward writes:

Enrico Zini wrote:

There are currently at least 3 ways to refer to a GPG key: short key ID (last 8 hex digits of fingerprint), long key ID (last 16 hex digits) and full fingerprint. The short key ID used to be popular, and since 5 years it is known that it is computationally easy to generate a GnuPG key with an arbitrary short key id.

LWN.net wrote in June 3, 2016:

Gunnar Wolf urges developers to stop using "short" PGP key IDs as soon as possible. The impetus for the advice originates with Debian's Enrico Zini, who recently found two keys sharing the same short ID in the wild.

After contacted the owner, it turned out that one of the keys is a fake. In addition, labelled same names, emails, and even signatures created by more fake keys. Weeks later, more developers found their fake "mirror" keys on the keyserver, including the PGP Global Directory Verification Key. Gunnar Wolf wrote:

We don't know who is behind this, or what his purpose is. We just know this looks very evil. [...] In short, that cutting a fingerprint in order to get a (32- or 64-bit) short key ID is the worst of all worlds, and we should rather target either always showing full fingerprints, or not showing it at all (and leaving all the crypto-checking bits to be done by the software, as comparing 160-bit strings is not natural for us humans).

Now, a fake key (fake: 0x6211aa3b00411886, real: 0x79be3e4300411886) of Linus Torvalds was found in the wild, scroll the page and you'll see two. It looked like that every single key from the Linux kernel community have been forged successfully, another example is Greg Kroah-Hartman (fake:0x27365dea6092693e, real: 0x38dbbdc86092693e). LWN reader "rmayr" commented:

so it seems somebody is actually constructing a database of fake keypairs with "well-known" short IDs. Something is going on here...

Original Submission

MrPlow writes:

Submitted via IRC for mecctro

After a night of violent protests, Milwaukee residents gathered Sunday evening to mourn an armed man shot to death by police and begin the healing process.

Family and friends of Sylville Smith, 23, held a candlelight vigil at the site of Saturday's shooting in a residential area of North Milwaukee.

The shooting triggered unrest in the city's north side Saturday night as protesters torched businesses and threw rocks at officers. Four officers were injured and 17 people were arrested, Mayor Tom Barrett said.

Tensions on Sunday gave way to calls for peace as activists gathered outside the affected businesses.

Smith's sister, Sherelle Smith, condemned violence carried out in her brother's name, saying the community needs those businesses.

Black Lives Shatter

Source: http://www.cnn.com/2016/08/14/us/milwaukee-violence-police-shooting/

Original Submission

fork(2) writes:

A study by Huy Le, associate professor of management at the University of Texas at San Antonio (UTSA), has identified factors that could lead more young students to successful careers in STEM (Science, Technology, Engineering, and Math) fields.

"People seek out the environment that fits their personal characteristics," Le said. "If they work in an arena that suits them, they'll be happy and successful. With these predictors, we can identify students with potential for obtaining a STEM degree nearly a decade before they pursue it."

Le also found no difference between the abilities of girls and boys to succeed in STEM, based on these two predictors. Essentially, if a girl and a boy have the same amount of interest and ability to succeed, they are each entirely capable of doing so.

"There are many theories about the social pressure that keeps women out of STEM," he said. "We found that young men in general were more interested in the field, but considering that young women showed the same ability in our study, that seems to suggest that the dearth of women in the field is probably due to societal factors."

Le notes that many students, especially women, who excel cognitively also have excellent verbal ability and will often choose a career other than STEM because they have so many opportunities before them. Le says that educators and counselors can influence those decisions by simply introducing students to the benefits of a career in science or engineering.

"This is a critical issue in our economy right now," he said. "We have a crippling deficit of participants in the STEM field, and if we can encourage our students to pursue this path, we'll be on our way to eradicating [the issue]."

The full report, Building the STEM pipeline: Findings of a 9-year longitudinal research project (pdf), is available at Research Gate.

Original Submission

MrPlow writes:

Submitted via IRC for butthurt

Comets in our solar system that travel to its interior in their highly elliptical orbits tend to come close to the Sun before heading out again to the cold, far reaches of the Solar System again — the Kuiper Belt beyond Neptune or even farther out, beyond Pluto, to the Oort Cloud. The heating up of the frozen comet, when it nears the Sun, causes it to display the large tail that is its hallmark.

But sometimes, a sungrazing comet — a term for comets that pass extremely close to the Sun on their nearest approach to it — gets too close to the center of the Solar System and instead of whipping around our star, it plunges to a fiery death. However, there are other ways for a comet to die and one such incident was captured on camera by NASA and European Space Agency's Solar and Heliospheric Observatory (SOHO) on Aug. 3-4.

Source: International Business Times

Original Submission

"Anonymous Cowherd" writes:

Rob Rhinehart, developer of the "magical milkshake" known as Soylent, has been criminally charged for attempting to build an off-grid "experiment in sustainable living" without obtaining city permits. He could face up to two years in prison and a $4,000 fine. [...]

"Flat Top hill has been a gathering spot since long before I arrived. I would be thrilled if the area became a park, but that has not materialized so in the meantime I have a right to use land that I own," Rhinehart told The Guardian via email. "I want a sturdy, lightweight, affordable home."

Nearby residents have long called for the area to be turned into a park, but the city wanted to make a buck from it, so they auctioned it in December, allowing Rhinehart to purchase the land.

Now, after residents complained, and with no indication Rhinehart intends to connect to the city grid, Los Angeles has deemed the shipping container an "unlawful structure" and removed it.

"Unpermitted structures pose a safety risk," said City Attorney Mike Feuer. "They also can be unsightly and erode the quality of life in a neighborhood."

Source: The Free Thought Project

Don't paint your house bright red.

~childo

Original Submission

Arthur T Knackerbracket has found the following story:

The CRISPR–Cas9 tool enables scientists to alter genomes practically at will. Hailed as dramatically easier, cheaper and more versatile than previous technologies, it has blazed through labs around the world, finding new applications in medicine and basic research.

But for all the devotion, CRISPR–Cas9 has its limitations. It is excellent at going to a particular location on the genome and cutting there, says bioengineer Prashant Mali at the University of California, San Diego. "But sometimes your application of interest demands a bit more."

The zeal with which researchers jumped on a possible new gene-editing system called NgAgo earlier this year reveals an undercurrent of frustration with CRISPR–Cas9 — and a drive to find alternatives. "It's a reminder of how fragile every new technology is," says George Church, a geneticist at Harvard Medical School in Boston, Massachusetts.

NgAgo is just one of a growing library of gene-editing tools. Some are variations on the CRISPR theme; others offer new ways to edit genomes.

[Continues...]

hemocyanin writes:

I ran across a story in the acclaimed “medical journal”, International Business Times, about how an old PMS medication from the 60s might be an Alzheimer's cure. Considering the source, I don't put a ton of stock in the story but it was interesting enough to look around a little more. That led me first to wikipedia to learn a little more about the drug in question (sounds like it has nasty side effects), which is when I got totally sidetracked:

Mefenamic acid is generic and is available worldwide under many brand names.[5]

In the USA, wholesale price of a week's supply of generic mefenamic acid has been quoted as $426.90 in 2014. Brand-name Ponstel is $571.70.[15] In contrast, in the UK, a weeks supply is £1.66, or £8.17 for branded Ponstan.[16] In the Philippines, 10 tablets of 500 mg generic mefenamic acid cost PHP39.00 (or the equivalent of $0.88USD) as of October 25, 2014.

The numbers in wikipedia may be extreme, but not by much. Looking online, I see that thirty 250mg tablets cost at least $111 at Walmart. In an almost direct reversal of the quantity and price numbers, one hundred 250mg tablets cost $35 from a UK manufacturer, but to get the drug at that price, you must break Federal law.

The rest of my comment would be a long string of expletives which I shall omit.

Original Submission

butthurt writes:

BBC News reports on an ESA essay (PDF), Spacecraft risk posed by the 2016 Perseid outburst. The essay warned of

The BBC explains that this means the Earth was predicted to pass "through a particularly distinct bit of debris" that had been deflected by Jupiter. The meteor strikes have been taking place since mid-July and are expected to continue through the weekend.

additional coverage:

• Daily Mail
• Los Angeles Times
• NASA (Javascript required)

Original Submission