2017-07-01 00:00:00 ..
2017-11-15 12:53:09 UTC
2017-11-19 08:14:01 UTC
We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.
Stephen Foskett has written a detailed post about why he considers ZFS the Best Filesystem (For Now...). He starts out:
ZFS should have been great, but I kind of hate it: ZFS seems to be trapped in the past, before it was sidelined it as the cool storage project of choice; it's inflexible; it lacks modern flash integration; and it's not directly supported by most operating systems. But I put all my valuable data on ZFS because it simply offers the best level of data protection in a small office/home office (SOHO) environment. Here's why.
It's been a long road to get to where it is and there have been many hinderances, including software patents and malicious licensing.
Bob: "I can can I I everything else."
Alice: "Balls have zero to me to me to me to me to me to me to me to me to."
To you and I, that passage looks like nonsense. But what if I told you this nonsense was the discussion of what might be the most sophisticated negotiation software on the planet? Negotiation software that had learned, and evolved, to get the best deal possible with more speed and efficiency–and perhaps, hidden nuance–than you or I ever could? Because it is.
This conversation occurred between two AI agents developed inside Facebook. At first, they were speaking to each other in plain old English. But then researchers realized they'd made a mistake in programming.
"There was no reward to sticking to English language," says Dhruv Batra, visiting research scientist from Georgia Tech at Facebook AI Research (FAIR). As these two agents competed to get the best deal–a very effective bit of AI vs. AI dogfighting researchers have dubbed a "generative adversarial network"–neither was offered any sort of incentive for speaking as a normal person would. So they began to diverge, eventually rearranging legible words into seemingly nonsensical sentences.
"Agents will drift off understandable language and invent codewords for themselves," says Batra, speaking to a now-predictable phenomenon that Facebook as observed again, and again, and again. "Like if I say 'the' five times, you interpret that to mean I want five copies of this item. This isn't so different from the way communities of humans create shorthands."
Indeed. Humans have developed unique dialects for everything from trading pork bellies on the floor of the Mercantile Exchange to hunting down terrorists as Seal Team Six–simply because humans sometimes perform better by not abiding to normal language conventions. So should we let our software do the same thing? Should we allow AI to evolve its dialects for specific tasks that involve speaking to other AIs? To essentially gossip out of our earshot? Maybe; it offers us the possibility of a more interoperable world, a more perfect place where iPhones talk to refrigerators that talk to your car without a second thought.
The tradeoff is that we, as humanity, would have no clue what those machines were actually saying to one another.
[Reminds me of]: Voynich Manuscript
What are your thoughts on this topic?
Women and girls with autism may face greater challenges with real world planning, organization and other daily living skills, according to a study published in the journal Autism Research.
Led by researchers within the Center for Autism Spectrum Disorders at Children's National Health System, the National Institute of Mental Health, and The George Washington University, the study is the largest to date examining executive function-including the ability to make a plan, get organized, and follow through on the plan as needed-and adaptive skills-ability to perform basic daily tasks like getting up and dressed or making small talk- in women and girls with ASD.
"Our goal was to look at real world skills, not just the diagnostic behaviors we use clinically to diagnose ASD, to understand how people are actually doing in their day to day lives," says Allison Ratto Ph.D., , a psychologist in the Center for Autism Spectrum Disorders at Children's National and one of the study's authors. "When parents were asked to rate a child's day-to-day functioning, it turns out that girls were struggling more with these independence skills. This was surprising because in general, girls with ASD have better social and communication skills during direct assessments. The natural assumption would be that those communication and social skills would assist them to function more effectively in the world, but we found that this isn't always the case."
The study collected parent-reported data from several rating scales of executive function and adaptive behavior, including the Behavior Rating Inventory of Executive Function, Parent Form (BRIEF) and the Vineland Adaptive Behavior Scales-II (VABS-II). The group included 79 females and 158 males meeting clinical criteria for autism spectrum disorders, ranging in ages from 7 to 18 years old. The groups were matched for intelligence, age and level of autism and ADHD symptoms.
Journal Reference: Emily I. White, Gregory L. Wallace, Julia Bascom, Anna C. Armour, Kelly Register-Brown, Haroon S. Popal, Allison B. Ratto, Alex Martin, Lauren Kenworthy. Sex differences in parent-reported executive functioning and adaptive behavior in children and young adults with autism spectrum disorder. Autism Research, 2017; DOI: 10.1002/aur.1811
The new Dr Who has been announced....
I'll get the popcorn..
Jodie Whittaker has been announced as Doctor Who's 13th Time Lord - the first woman to get the role.
She was revealed in a trailer that was broadcast on BBC One at the end of the Wimbledon men's singles final.
The Broadchurch star succeeds Peter Capaldi, who took the role in 2013 and leaves in this year's Christmas special.
Whittaker, 35, said it was "more than an honour" to become the Doctor. She will make her debut on the sci-fi show when the Doctor regenerates in the Christmas Day show.
report that a 100 foot (~30m) racing catamaran has had the mast(s) removed and instead fitted with a combo of solar cells and vertical axis wind turbines. It also makes H2 by electrolysis of sea water and can run off a hydrogen fuel cell at night.
Originally designed in 1983, the boat enjoyed a successful career in open-sea sailing races before skippers Frederic Dahirel and Victorien Erussard and a French research institute converted it into the Energy Observer project.
Nearly three years after she became the first woman to win math's equivalent of the Nobel Prize, Maryam Mirzakhani has died of breast cancer at age 40. Her death was confirmed Saturday by Stanford University, where Mirzakhani had been a professor since 2008.
Mirzakhani is survived by her husband, Jan Vondrák, and a daughter, Anahita — who once referred to her mother's work as "painting," because of the doodles and drawings that marked her process of working on proofs and problems, according to an obituary released by Stanford.
Mirzakhani has made several contributions to the theory of moduli spaces of Riemann surfaces. In her early work, Mirzakhani discovered a formula expressing the volume of a moduli space with a given genus as a polynomial in the number of boundary components. This led her to obtain a new proof for the formula discovered by Edward Witten and Maxim Kontsevich on the intersection numbers of tautological classes on moduli space, as well as an asymptotic formula for the growth of the number of simple closed geodesics on a compact hyperbolic surface, generalizing the theorem of the three geodesics for spherical surfaces. Her subsequent work has focused on Teichmüller dynamics of moduli space. In particular, she was able to prove the long-standing conjecture that William Thurston's earthquake flow on Teichmüller space is ergodic.
Most recently as of 2014, with Alex Eskin and with input from Amir Mohammadi, Mirzakhani proved that complex geodesics and their closures in moduli space are surprisingly regular, rather than irregular or fractal. The closures of complex geodesics are algebraic objects defined in terms of polynomials and therefore they have certain rigidity properties, which is analogous to a celebrated result that Marina Ratner arrived at during the 1990s. The International Mathematical Union said in its press release that, "It is astounding to find that the rigidity in homogeneous spaces has an echo in the inhomogeneous world of moduli space."
Mirzakhani was awarded the Fields Medal in 2014 for "her outstanding contributions to the dynamics and geometry of Riemann surfaces and their moduli spaces".
After a noted emergency responder died in rescuing an endangered right whale, the National Oceanic and Atmospheric Administration says it's suspending efforts to free whales that are similarly trapped by fishing lines and gear.
News of the suspension comes as the whale rescue community mourns Joe Howlett, a Canadian who died during a rescue operation on Monday. Howlett, a former fisherman and boat captain, had founded a whale rescue team and was based in Campobello Island, just across the border from Lubec, Maine.
Howlett died after freeing a right whale in Canada's Gulf of St. Lawrence. At the time, he was aboard a fast response vessel and had just cut the whale loose — an operation that often involves using long poles with blades on the end to sever crab floats and fishing lines that have become wrapped around the large mammals.
"His colleagues reported that he was struck by the animal as it sped away," Maine Public Radio reports.
[The Maine Public Radio story notes "There are believed to be just 500 Right Whales remaining in the world." -Ed.]
Arthur T Knackerbracket has found the following story:
The Championships at Wimbledon, which consumes some 28 tons of strawberries, 10,000 litres of cream, and 320,000 glasses of Pimm's per year, is notable for its seemingly unchecked luxuriant hedonism. But while most companies, organisations, and institutions are looking to cut costs, Wimbledon has stuck to its mantra. Don't do things cheaper; do things better.
Case in point: Wimbledon's use of technology is really quite impressive. I've been lucky enough to follow Wimbledon's tech over the last three years, and it has been very encouraging to see a massive endeavour like The Championships dive deeper and deeper into technology. You might think that after 140 years Wimbledon could be stuck in its ways, but far from it. When technology is the only viable way of providing consistent, significant gains for players, visitors, and hundreds of millions of people spectating remotely, you don't try to fight it; you embrace it.
Of course, Wimbledon is embracing tech in a distinctly Wimbledon way. This year, for example, The Championships are trialling free Wi-Fi—but because they don't yet know how people will behave with free Wi-Fi, it's only available in three specific locations (near the food court, in the ticket resale area, and on the west side of court 12). The tournament continues through this weekend, but its team has already started analysing the data. It turns out that, thankfully, the Wi-Fi users on court 12 only use their phones between points. When play begins, Wi-Fi usage stops. If the trial is a success, Wi-Fi could be rolled out across Wimbledon in 2018.
[...] Perhaps most excitingly, Wimbledon is now storing the 3D state of tennis matches via the Hawk-Eye camera system available on some of the courts. Hawk-Eye, which uses multiple cameras to track the ball and resolve line judging disputes, outputs a constant stream of data that IBM can process into a useful format. But actually doing something with that data is a risky affair, because it isn't clear who owns it. Some tennis players, as you can imagine, aren't keen for some wily big data/machine learning software to reveal the secrets of their play style to the world.
-- submitted from IRC
Datamation examines the Debian and Ubuntu distros in detail by starting with the question, what is the difference between Debian and Ubuntu? Neither GNU/Linux distro has been out of Distrowatch's top six since 2005, and for the last four years neither has been out of the top three. There are good reasons for that. Though if systemd is not your cup of tea, there is also a Debian fork, Devuan, which is basically Debian GNU/Linux minus systemd.
Commercial space companies want NASA to expand the Commercial Orbital Transportation Services program. SpaceX's senior vice president for global business and government affairs called for the COTS program to be extended to deep space activities:
Commercial space companies today (July 13) urged legislators to extend NASA's successful public-private partnerships for International Space Station transportation to future programs, including human missions to Mars.
NASA already is working with six firms to develop prototype habitats that would augment the agency's multibillion-dollar Orion capsule and Space Launch System heavy-lift rocket. NASA has said it intends to use the system to send astronauts to Mars in the 2030s.
[...] Technologies that SpaceX would be interested in developing in partnership with NASA include heavy-cargo missions to Mars, deep-space communications systems, and demonstrations of vertical takeoff and landing on the moon, Hughes said.
This proposal was foreshadowed last year in Guadalajara, Mexico. At the International Astronautical Congress there, Musk presented a sketch of the architecture needed to lower the cost of transit to Mars enough to make colonization feasible. His top-line cost of $10 billion, however, is likely out of reach for SpaceX in the near term—without the help of a big-pocketed government. "There's a lot of people in the private sector who are interested in helping fund a base on Mars, and perhaps there will be interest on the government sector side to do that," Musk said last fall.
Arthur T Knackerbracket has found the following story:
A new era of treating disease has moved a step closer to reality in the United States.
A Food and Drug Administration panel gave a thumbs-up Wednesday to a gene therapy that involves genetically engineering a patient's T-cells to fight a particular type of leukemia, The New York Times reports.
If the FDA agrees with the panel's recommendation and moves to approve the treatment for commercial use, it would be the first such gene-altering treatment to make it to market.
[...] Once the stuff of science fiction, altering human genes has been creeping into reality of late. Also on Wednesday, researchers at Harvard announced they'd managed to encode video files into the genetic material of living cells, demonstrating the viability of a "molecular recorder" that could lead to more disease treatments in the future.
-- submitted from IRC
Here are some links from the past two weeks on the plans to add Digital Restrictions Management technology to HTML5. Maybe there are more links...
How much do you worry about security? For me, it's a risk/value assessment. How much is my stuff worth? How much am I willing to be inconvenienced to protect it? How well do the protections actually work? Periodically, that last one comes up for reassessment. New threats are revealed and suddenly what seemed reasonable behavior undergoes a major reappraisal.
Well, here we go again. The Blackhat USA 2017 conference is coming to the Mandalay Bay in Las Vegas, Nevada on July 22-27. There are 118 briefings scheduled — the result of 225 researcher's work. I've extracted the titles (and provided links) to these briefings and provided them below.
Just reading the titles of these 118 presentations seems overwhelming. On first try, I skimmed through the briefings on about half of them and then my eyes started glazing over. One thing I am sure of, after these presentations are made public, there will be a surge of implementations that will affect our daily activities. On the internet, of course, but also in other areas such as power grid security, home/office automation, and GPS jammers.
On the other hand, there are presentations geared to improving security of devices and applications, as well.
And these are the ones that are being publicized — how many more are known and NOT published? Is there any hope for genuine privacy and security these days? Building a cabin in the woods and eschewing all technology may be one effective, albeit draconian, response. Just go along and hope that any problems are going to include a bunch of other folks and I'll just end up doing what they do to recover from the breach? What about friends and family who are even less technology-savvy? What practical warnings and cautions can one realistically offer to them?
1 Stepping Up Our Game: Re-focusing the Security Community on Defense and Making Security Work for Everyone
2 'Ghost Telephonist' Link Hijack Exploitations in 4G LTE CS Fallback
3 (in)Security in Building Automation: How to Create Dark Buildings with Light Speed
4 A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
5 Advanced Pre-Breach Planning: Utilizing a Purple Team to Measure Effectiveness vs. Maturity
6 Adventures in Attacking Wind Farm Control Networks
7 All Your SMS & Contacts Belong to ADUPS & Others
8 An ACE Up the Sleeve: Designing Active Directory DACL Backdoors
9 And Then the Script-Kiddie Said Let There be No Light. Are Cyber-Attacks on the Power Grid Limited to Nation-State Actors?
10 Attacking Encrypted USB Keys the Hard(ware) Way
11 Automated Detection of Vulnerabilities in Black-Box Routers (and Other Network Devices)
12 Automated Testing of Crypto Software Using Differential Fuzzing
13 AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
14 Betraying the BIOS: Where the Guardians of the BIOS are Failing
15 Big Game Theory Hunting: The Peculiarities of Human Behavior in the InfoSec Game
16 Blue Pill for Your Phone
17 Bochspwn Reloaded: Detecting Kernel Memory Disclosure with x86 Emulation and Taint Tracking
18 Bot vs. Bot for Evading Machine Learning Malware Detection
19 Breaking Electronic Door Locks Like You're on CSI: Cyber
20 Breaking the Laws of Robotics: Attacking Industrial Robots
21 Breaking the x86 Instruction Set
22 Broadpwn: Remotely Compromising Android and iOS via a Bug in Broadcom's Wi-Fi Chipsets
23 Bug Collisions Meet Government Vulnerability Disclosure
24 Challenges of Cooperation Across Cyberspace
25 Cloak & Dagger: From Two Permissions to Complete Control of the UI Feedback Loop
26 Cracking the Lens: Targeting HTTP's Hidden Attack-Surface
27 Cyber Wargaming: Lessons Learned in Influencing Security Stakeholders Inside and Outside Your Organization
28 Datacenter Orchestration Security and Insecurity: Assessing Kubernetes Mesos and Docker at Scale
29 Dealing the Perfect Hand - Shuffling Memory Blocks on z/OS
30 Defeating Samsung KNOX with Zero Privilege
32 Developing Trust and Gitting Betrayed
33 Digital Vengeance: Exploiting the Most Notorious C&C Toolkits
34 Don't Trust the DOM: Bypassing XSS Mitigations via Script Gadgets
35 Electronegativity - A Study of Electron Security
36 Escalating Insider Threats Using VMware's API
37 Evading Microsoft ATA for Active Directory Domination
38 Evil Bubbles or How to Deliver Attack Payload via the Physics of the Process
39 Evilsploit – A Universal Hardware Hacking Toolkit
40 Evolutionary Kernel Fuzzing
41 Exploit Kit Cornucopia
42 Exploitation of Kernel Pool Overflow on Microsoft Windows 10 DKOM/DKOHM is Back in DKOOHM! Direct Kernel Optional Object Header Manipulation
43 Exploiting Network Printers
44 Fad or Future? Getting Past the Bug Bounty Hype
45 Fighting Targeted Malware in the Mobile Ecosystem
46 Fighting the Previous War (aka: Attacking and Defending in the Era of the Cloud)
47 Firmware is the New Black - Analyzing Past Three Years of BIOS/UEFI Security Vulnerabilities
48 FlowFuzz - A Framework for Fuzzing OpenFlow-Enabled Software and Hardware Switches
49 Fractured Backbone: Breaking Modern OS Defenses with Firmware Attacks
50 Free-Fall: Hacking Tesla from Wireless to CAN Bus
51 Friday the 13th: JSON Attacks
52 Game of Chromes: Owning the Web with Zombie Chrome Extensions
53 Garbage In Garbage Out: How Purportedly Great Machine Learning Models can be Screwed Up by Bad Data
54 Go Nuclear: Breaking Radiation Monitoring Devices
55 Go to Hunt Then Sleep
56 Hacking Hardware with a $10 SD Card Reader
57 Hacking Serverless Runtimes: Profiling AWS Lambda Azure Functions and More
58 Honey I Shrunk the Attack Surface - Adventures in Android Security Hardening
59 How We Created the First SHA-1 Collision and What it Means for Hash Security
60 Hunting GPS Jammers
61 Ichthyology: Phishing as a Science
62 Industroyer/Crashoverride: Zero Things Cool About a Threat Group Targeting the Power Grid
63 Infecting the Enterprise: Abusing Office365+Powershell for Covert C2
64 Influencing the Market to Improve Security
65 Intel AMT Stealth Breakthrough
66 Intel SGX Remote Attestation is Not Sufficient
67 Intercepting iCloud Keychain
68 IoTCandyJar: Towards an Intelligent-Interaction Honeypot for IoT Devices
69 kR^X: Comprehensive Kernel Protection Against Just-In-Time Code Reuse
70 Lies and Damn Lies: Getting Past the Hype of Endpoint Security Solutions
71 Many Birds One Stone: Exploiting a Single SQLite Vulnerability Across Multiple Software
72 Network Automation is Not Your Safe Haven: Protocol Analysis and Vulnerabilities of Autonomic Network
73 New Adventures in Spying 3G and 4G Users: Locate Track & Monitor
74 Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev
75 Offensive Malware Analysis: Dissecting OSX/FruitFly via a Custom C&C Server
76 OpenCrypto: Unchaining the JavaCard Ecosystem
77 Orange is the New Purple - How and Why to Integrate Development Teams with Red/Blue Teams to Build More Secure Software
78 PEIMA: Harnessing Power Laws to Detect Malicious Activities from Denial of Service to Intrusion Detection Traffic Analysis and Beyond
79 Practical Tips for Defending Web Applications in the Age of DevOps
80 Protecting Pentests: Recommendations for Performing More Secure Tests
81 Protecting Visual Assets: Digital Image Counter-Forensics
82 Quantifying Risk in Consumer Software at Scale - Consumer Reports' Digital Standard
83 RBN Reloaded - Amplifying Signals from the Underground
84 Real Humans Simulated Attacks: Usability Testing with Attack Scenarios
85 Redesigning PKI to Solve Revocation Expiration and Rotation Problems
86 Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
87 rVMI: A New Paradigm for Full System Analysis
88 ShieldFS: The Last Word in Ransomware Resilient File Systems
89 Skype & Type: Keystroke Leakage over VoIP
90 So You Want to Market Your Security Product...
91 Sonic Gun to Smart Devices: Your Devices Lose Control Under Ultrasound/Sound
92 Splunking Dark Tools - A Pentesters Guide to Pwnage Visualization
93 SS7 Attacker Heaven Turns into Riot: How to Make Nation-State and Intelligence Attackers' Lives Much Harder on Mobile Networks
94 Taking DMA Attacks to the Next Level: How to do Arbitrary Memory Reads/Writes in a Live and Unmodified System Using a Rogue Memory Controller
95 Taking Over the World Through MQTT - Aftermath
96 Taking Windows 10 Kernel Exploitation to the Next Level - Leveraging Write-What-Where Vulnerabilities in Creators Update
97 The Active Directory Botnet
98 The Adventures of AV and the Leaky Sandbox
99 The Art of Securing 100 Products
100 The Avalanche Takedown: Landslide for Law Enforcement
101 The Epocholypse 2038: What's in Store for the Next 20 Years
102 The Future of ApplePwn - How to Save Your Money
103 The Industrial Revolution of Lateral Movement
104 The Origin of Array [@@species]: How Standards Drive Bugs in Script Engines
105 The Shadow Brokers - Cyber Fear Game-Changers
106 They're Coming for Your Tools: Exploiting Design Flaws for Active Intrusion Prevention
107 Tracking Ransomware End to End
108 Web Cache Deception Attack
109 Well that Escalated Quickly! How Abusing Docker API Led to Remote Code Execution Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers
110 What They're Teaching Kids These Days: Comparing Security Curricula and Accreditations to Industry Needs
111 What's on the Wireless? Automating RF Signal Identification
112 When IoT Attacks: Understanding the Safety Risks Associated with Connected Devices
113 White Hat Privilege: The Legal Landscape for a Cybersecurity Professional Seeking to Safeguard Sensitive Client Data
114 Why Most Cyber Security Training Fails and What We Can Do About it
115 WiFuzz: Detecting and Exploiting Logical Flaws in the Wi-Fi Cryptographic Handshake
116 Wire Me Through Machine Learning
117 WSUSpendu: How to Hang WSUS Clients
118 Zero Days Thousands of Nights: The Life and Times of Zero-Day Vulnerabilities and Their Exploits
Arthur T Knackerbracket has found the following story:
Human beings largely object to income inequality and are willing to correct injustice—unless, of course, it rattles their status quo.
That's the conclusion of a recent study looking at how far people would go to redistribute resources between the haves and have nots. Participants fiercely objected to "when winners become losers and losers become winners," researchers note in the paper, published in the latest issue of Nature Human Behaviour.
Researchers initially recruited Indian, American, and Chinese participants take part in an experimental game they called "the redistribution game." The gist of the game was simple: Participants were given a number of scenarios that would redistribute a fixed sum from a richer person to someone poorer. Participants were told the original standing of wealth was assigned randomly.
In the first scenario, participants had to decide if they wanted to transfer two coins from person A (who already had four coins) to person B (who had one). Researchers note the "transfer would reduce inequality," (as there's less of a gap between them), but person B would end up one coin richer than person A, reversing their status.
In the second version of game, participants were asked whether they'd transfer one coin to person B (where person A ended up with three coins and person B with two coins). Researchers ran a third and fourth scenario that allowed participants to transfer coins from person A to B, where the outcome still left person A with significantly more coins.
-- submitted from IRC