SoylentNews

-- OriginalOwner_ writes:

Handelsblatt GmbH reports

A German government task force has now discovered the same devices designed to cheat emissions tests were found in two of luxury carmaker Audi's models -- the Audi A8 Automatic with V8 and V6 engine, built from 2009 to 2013. A total of some 24,000 Audi vehicles are affected by the cheat, with around half of them having been sold in the carmaker's home market Germany and the rest throughout Europe.

Germany's Transport Minister Alexander Dobrindt, who announced the findings on Thursday, has demanded a recall of those vehicles and set a June 12 deadline for the carmaker to come up with a comprehensive plan to refit the cars. On Friday, state prosecutors in Munich confirmed to Handelsblatt that they would investigate the new disclosures.

The findings mean that Audi cars sold in Europe will also now be investigated, according to Ken Heidenreich, a spokesperson for the Munich state prosecutors office. Until now, prosecutors had only been looking into some 80,000 cars sold in the United States, where Audi admitted at the start of 2017 that cars had been manipulated to cheat emissions tests. Europe wasn't part of the investigation because Germany's automotive authorities believed there was no manipulation on this side of the Atlantic.

Further, Ars Technica reports A year of digging through code yields "smoking gun" on VW & Fiat diesel cheats

For more than a year, researchers studied 926 firmware images from the VWs and Audis identified by the EPA in 2015, and they found a potential defeat device in 406 of those firmware images. All the cars studied had Engine Control Unit (ECU) systems developed by Bosch.

Interestingly, Volkswagen may not have written any of the code that enabled its scandal, although it may have requested certain functions from Bosch. The researchers note: "We have found no evidence that automobile manufacturers write any of the code running on the ECU [Engine Control Unit]. All code we analyzed in this work was documented in documents copyrighted by Bosch and identified automakers as the intended customers."

[...] The researchers [...] discovered that Volkswagen's defeat devices were far more nuanced than anything found previously. [Team leader, computer scientist Kirill Levchenko of the University of California San Diego said] told Eurekalert that the "Volkswagen defeat device is arguably the most complex in automotive history."

The researchers found that the cars assumed they were being tested in a lab until a sensor reading ruled out a lab test. At that point, "the vehicle can switch to an operating regime favored by the manufacturer for real driving rather than the clean regime necessary to pass the emission test," the research paper noted (PDF).

Original Submission

takyon writes:

Walmart associates are being trained (briefly) using Oculus Rift virtual reality headsets:

Walmart's 200 "Walmart Academy" training centers are all planning to incorporate virtual reality by the end of 2017, after an earlier pilot program. The limited curriculum is being produced by Strivr, a company previously known for helping NFL players train through VR. New Walmart employees will put on an Oculus Rift headset and enter different real-world scenarios, during which they'll be asked to make simple choices based on what they see. Eventually, Strivr and Walmart hope to expand the program to all stores, not just the academies.

[...] One of the biggest problems for Strivr and Walmart is that high-end VR headsets like the Oculus Rift are expensive and space-consuming. That's why, for now, only one person will go through the training at a time, while other people watch on a flat screen. Everybody will eventually get to spend time in VR, but only over the course of their two-week training period, with each session lasting between 5 and 20 minutes. "In a perfect world, everybody has a VR headset," says Belch. "VR is not there yet. Even the mobile devices, there's a lot of challenges in getting that much hardware out into people's hands at scale." So for now, VR is a small, supplemental part of Walmart training.

From Walmart's blog:

Imagine you're a new Walmart store manager and you've never experienced a Black Friday. Wouldn't it be helpful to understand the dynamics of such a busy day before you ever had to actually manage your associates and customers through it?

Have you ever been punched in the face and trampled on in the virtual world?

Original Submission

Phoenix666 writes:

The Trump administration has rolled out a new questionnaire for U.S. visa applicants worldwide that asks for social media handles for the last five years and biographical information going back 15 years.

The new questions, part of an effort to tighten vetting of would-be visitors to the United States, was approved on May 23 by the Office of Management and Budget despite criticism from a range of education officials and academic groups during a public comment period.

Critics argued that the new questions would be overly burdensome, lead to long delays in processing and discourage international students and scientists from coming to the United States.

Under the new procedures, consular officials can request all prior passport numbers, five years' worth of social media handles, email addresses and phone numbers and 15 years of biographical information including addresses, employment and travel history.

Officials will request the additional information when they determine "that such information is required to confirm identity or conduct more rigorous national security vetting," a State Department official said on Wednesday.

The State Department said earlier the tighter vetting would apply to visa applicants "who have been determined to warrant additional scrutiny in connection with terrorism or other national security-related visa ineligibilities."

Original Submission

takyon writes:

A Dutch court will allow DNA testing of the late Jan Karbaat's personal belongings. The fertility clinic doctor had been accused of fathering children with his own sperm:

A Dutch court has approved a request by families seeking DNA tests on the belongings of a late fertility clinic doctor accused of using his own sperm in dozens of cases. Jan Karbaat is suspected of fathering about 60 children at the centre he ran in Bijdorp, near Rotterdam. Tests will now be conducted on items seized from his home after his death in April, at the age of 89.

A lawyer for his family said there was no evidence to support the claims. Jan Karbaat called himself "a pioneer in the field of fertilisation".

Ethics! Also at DW.

"Related": IVF Error May Have Affected 26 Dutch Women (separate incident)

Original Submission

takyon writes:

NASA's Neutron Star Interior Composition Explorer will be launching soon:

Nearly 50 years after British astrophysicist Jocelyn Bell discovered the existence of rapidly spinning neutron stars, NASA will launch the world's first mission devoted to studying these unusual objects. The agency also will use the same platform to carry out the world's first demonstration of X-ray navigation in space.

The agency plans to launch the two-in-one Neutron Star Interior Composition Explorer, or NICER, aboard SpaceX CRS-11, a cargo resupply mission to the International Space Station to be launched aboard a Falcon 9 rocket.

About a week after its installation as an external attached payload, this one-of-a-kind investigation will begin observing neutron stars, the densest objects in the universe. The mission will focus especially on pulsars — those neutron stars that appear to wink on and off because their spin sweeps beams of radiation past us, like a cosmic lighthouse.

NICER will be attached to the International Space Station, which is being resupplied:

SpaceX will launch its first re-used Dragon spacecraft aboard a Falcon 9 on Saturday, beginning the CRS-11 resupply mission to the International Space Station. The launch was scrubbed during the initial attempt due to poor weather, meaning Falcon 9 will lift off from the Kennedy Space Center – making the hundredth flight from the historic Launch Complex 39A – to the weekend.

[...] C106 is the first Dragon spacecraft to be used for a second mission. The spacecraft was inspected and refurbished following its return to Earth and has had its heat shield replaced. However, the spacecraft's hull and most of its systems are flight-proven.

Phoenix666 writes:

A couple years ago I set up a simple brochure-ware site for the School Board in the district here in Brooklyn, hosted on a VPS instance on Linode, to publicize the dates of public meetings, meeting minutes, etc. The VPS doesn't contain any sensitive information so I locked down the ports to 80, 443, and 22, hardened the SSH with measures like fail2ban, kept the system updated every week or so, and called it a day.

Last week, though, the site was compromised. Blowing the instance away and re-creating it from physical backups is not a problem, but in poring through the system to figure out how it was breached I realized both that my own security chops aren't deep enough and that standard best security practices might not be good enough anymore, anyway, given the many vulnerabilities exposed in the last year and realities like the NSA trove that Shadow Brokers leaked.

So the question for the more experienced security professionals in the Soylent community is, can they recommend a good guide and/or site to hone linux security chops and forensic skills that's current?

Original Submission

Phoenix666 writes in with a report from Purdue University:

Current electric cars need convenient locations built for charging ports.

"Designing and building enough of these recharging stations requires massive infrastructure development, which means the energy distribution and storage system is being rebuilt at tremendous cost to accommodate the need for continual local battery recharge," said Eric Nauman, co-founder of Ifbattery and a Purdue professor of mechanical engineering, basic medical sciences and biomedical engineering. "Ifbattery is developing an energy storage system that would enable drivers to fill up their electric or hybrid vehicles with fluid electrolytes to re-energize spent battery fluids much like refueling their gas tanks."

The spent battery fluids or electrolyte could be collected and taken to a solar farm, wind turbine installation or hydroelectric plant for re-charging.

"Instead of refining petroleum, the refiners would reprocess spent electrolytes and instead of dispensing gas, the fueling stations would dispense a water and ethanol or methanol solution as fluid electrolytes to power vehicles," Cushman said. "Users would be able to drop off the spent electrolytes at gas stations, which would then be sent in bulk to solar farms, wind turbine installations or hydroelectric plants for reconstitution or re-charging into the viable electrolyte and reused many times. It is believed that our technology could be nearly 'drop-in' ready for most of the underground piping system, rail and truck delivery system, gas stations and refineries."

It's got electrolytes.

Original Submission

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

In February 2015, the FCC's then-Democratic leadership led by Chairman Tom Wheeler classified broadband as "telecommunications," superseding the previous treatment of broadband as a less heavily regulated "information service." This was crucial in the rulemaking process because telecommunications providers are regulated as common carriers under Title II of the Communications Act, the authority used by the FCC to impose bans on blocking, throttling, and paid prioritization.

Thus, when the FCC's new Republican majority voted on May 18 to start the process of eliminating the current net neutrality rules, the commission's Notice of Proposed Rulemaking (NPRM) also proposed redefining broadband as an information service once again.

To make sure the net neutrality rollback survives court challenges, newly appointed FCC Chairman Ajit Pai must justify his decision to redefine broadband less than three years after the previous change. He argues that broadband isn't telecommunications because it isn't just a simple pipe to the Internet. Broadband is an information service because ISPs give customers the ability to visit social media websites, post blogs, read newspaper websites, and use search engines to find information, the FCC's new proposal states. Even if the ISPs don't host any of those websites themselves, broadband is still an information service under Pai's definition because Internet access allows consumers to reach those websites.

Source: https://arstechnica.com/information-technology/2017/06/to-kill-net-neutrality-rules-fcc-says-broadband-isnt-telecommunications/

Original Submission

takyon writes:

http://www.livescience.com/59353-tattoo-flesh-eating-bacteria.html

A 31-year-old man died after he went swimming in the Gulf of Mexico and his tattoo became infected with flesh-eating bacteria that live in ocean water, according to a new report.

The man had recently gotten a tattoo on his right calf. Despite the common advice to avoid swimming for a few weeks after getting a new tattoo, the man went for a swim in the ocean just five days after he received the tattoo, according to the report, published [DOI: 10.1136/bcr-2017-220199] [DX] May 27 in the journal BMJ Case Reports.

A few days later, he developed a fever and chills, and his skin became red over his tattoo and on other parts of his legs. Soon after the man arrived at the hospital, the red, painful lesions on his legs turned purple, and he developed large blisters filled with fluid.

Also at CNN:

To make matters worse, the man had chronic liver disease from drinking six 12-ounce beers a day.

Jesus is my life.

Original Submission

DannyB writes:

Uber Fires Former Google Engineer at Heart of Self-Driving Dispute

Uber said Tuesday that it had fired Anthony Levandowski, a star engineer brought in to lead the company's self-driving automobile efforts who was accused of stealing trade secrets when he left a job at Google.

What Mr. Levandowski did when he quit Google to start his own company, Otto, which was acquired by Uber for nearly $700 million last year, is the key question in a closely watched lawsuit that pits one of the world's most powerful companies against Uber, a richly financed up-and-comer.

The stakes are enormous for both businesses. Google was a pioneer in autonomous car technology and has spent nearly a decade and hundreds of millions of dollars on its effort, which is now run through Waymo, a subsidiary of Google's parent company, Alphabet. And Travis Kalanick, Uber's chief executive, has said the future of his ride-hailing company, privately valued at nearly $70 billion, hinges on work being done to create cars that can drive themselves.

The dismissal of one of Uber's most prized technical talents also points to the risks of the star engineering culture that has emerged in Silicon Valley in recent years, leading to giant paydays for a small group of employees.

No Johnny Cab for you.

Original Submission

An Anonymous Coward writes:

The Guardian reports:

The European Union has rejected Donald Trump's offer to renegotiate the Paris climate agreement and pledged instead to bypass Washington to work with US business leaders and state governors to implement the historic accord's commitments.

Less than 24 hours after the US president announced his decision to withdraw from the 2015 agreement and strike a new, less ambitious deal with the rest of the world, Brussels declared its outright refusal to engage in such talks.

EU officials will instead cut out the White House to deal directly with the US states and major corporations, many of whom have already pledged to live by the terms forged in Paris.

China vows to partner with the EU on clean energy.

But Beijing and Brussels have been preparing to announce their intention to accelerate joint efforts to reduce global carbon emissions.

According to a statement being prepared before an EU-China summit in Brussels on Thursday and Friday, the new alliance will say they are determined to "lead the energy transition" toward a low-carbon economy.

The EU's climate commissioner, Miguel Arias Cañete, told the Guardian: "The EU and China are joining forces to forge ahead on the implementation of the Paris agreement and accelerate the global transition to clean energy."

quietus writes:

Let's not wait for the guy with the awkward handshake anymore.

That's the gist of documents, seen by the Financial Times*, about the upcoming EU-China summit this Friday in Brussels.

Cooperation on the deployment of electric cars, energy efficiency labelling, and scientific research into green innovation. Further increasing the share of renewable energy, by boosting interconnected power networks. Setting up a scheme for emissions trading in China, with an eye of coupling that scheme to the pioneering EU version. Money to fund developing countries' climate plans.

"The increasing impacts of climate change require a decisive response", the joint statement reads,"Tackling climate change and reforming our energy systems are significant drivers of job creation, investment opportunities and economic growth."

* EU and China strengthen climate ties to counter US retreat. Financial Times, Wednesday May 31, 2017. [Paywalled]

Original Submission #1 Original Submission #2

butthurt writes:

Citrix has launched an application specifically aimed at Windows 10 S, and thus published in the Windows Store, which makes it possible to run Win32 software even if it's not available in the Store.

Source: Softpedia

related stories:
Microsoft Knows Windows is Obsolete. Here's a Sneak Peek at Its Replacement.
New Windows 10 S Only Runs Software From Windows Store

Original Submission

-- OriginalOwner_ writes:

The Security Ledger reports:

Software used to remotely program implantable cardiac devices by a number of vendors is rife with exploitable software vulnerabilities that leave the devices vulnerable to attacks and compromise, according to a report by the firm Whitescope Inc.

The analysis of hardware and software associated with implantable cardiac devices spanned four separate vendors and product families but found a wide range of security weaknesses, among them the use of permanent (or "hardcoded") authentication credentials like user names and passwords and the use of insecure communications, with one vendor transmitting patient data "in the clear." All four product families were found to be highly susceptible to "reverse engineering" by a knowledgeable adversary, exposing design flaws that might then be exploited in remote or local attacks, researchers Billy Rios of Whitescope and Dr. Jonathan Butts wrote in their report.

The two researchers investigated a range of hardware and software tools that together make up the ecosystem of implantable cardiac devices. In addition to the implantable devices, Rios and Butts obtained and analyzed "physician programmers" that are used to configure and update implanted devices wirelessly, home monitoring system hardware and software and the patient support network.

[...] A subsequent report by the U.S. Food and Drug Administration (FDA), released in April, found that St. Jude Medical knew about serious security flaws in its implantable medical devices as early as 2014, but failed to address them with software updates or other mitigations, or by replacing those devices.

The latest report, while omitting the names of specific products or vendors, finds similar evidence of lax security throughout implantable device ecosystems.

[...] "Across the 4 programmers built by 4 different vendors, we discovered over 8,000 vulnerabilities associated with outdated libraries and software in pacemaker programmers," the researchers report.

[...] Use of third-party hardware and software is rife in these medical devices. Across the four vendors, there was an average of 86 third-party components used in the implantable devices and 43 vulnerable third-party components. Per-device, the average number of known vulnerabilities in those third-party components was 2,166.

In its article on the topic, The BBC reports:

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

The new Denuvo system 'protecting' the game 'RiME' has been defeated in less than a week. This is notable, not least since the developers promised to remove Denuvo if it was cracked. Furthermore, a report from the cracker suggests that an apparently desperate Denuvo pulled out all the stops to protect RiME, but still failed.

[...] In a fanfare of celebrations, rising cracking star Baldman announced that he had defeated the latest v4+ iteration of Denuvo and dumped a cracked copy of RiME online. While encouraging people to buy what he describes as a "super nice" game, Baldman was less complimentary about Denuvo.

Labeling the anti-tamper technology a "huge abomination," the cracker said that Denuvo's creators had really upped their efforts this time out. People like Baldman who work on Denuvo talk of the protection calling on code 'triggers.' For RiME, things were reportedly amped up to 11.

Source: https://torrentfreak.com/new-control-denuvo-piracy-protection-cracked-170602/

Original Submission

takyon writes:

Google plans to block "unacceptable" ads in Google Chrome starting in 2018, and is preparing publishers for this reality:

News that Google intends to install an ad-blocker in its Chrome browser shocked the tech and publishing world in April. Now, details of how the program will work are starting to become clear.

The Google ad-blocker will block all advertising on sites that have a certain number of "unacceptable ads," according to The Wall Street Journal. That includes ads that have pop-ups, auto-playing video, and "prestitial" count-down ads that delay the display of content.

[...] The company hasn't made its plans public, but Google has discussed its plans with publishers, who will get at least six months to prepare for the change coming sometime in 2018. Publishers will get a tool called "Ad Experience Reports," which "will alert them to offending ads on their sites and explain how to fix the issues," the Journal reports.

Google is also offering a tool called "Funding Choices," which would present users who have non-Chrome ad blockers with a message asking them to disable their ad-blockers or pay to remove advertising.

When you open a YouTube video, it typically auto-plays an advertisement.

Will this become Google's antitrust moment?

Original Submission