SoylentNews

Phoenix666 writes:

In today's era of workplace burnout, achieving a simpatico work-life relationship seems practically out of reach. Being tired, ambivalent, stressed, cynical and overextended has become a normal part of a working professional life. The General Social Survey of 2016, a nationwide survey that since 1972 has tracked the attitudes and behaviors of American society, found that 50 percent of respondents are consistently exhausted because of work, compared with 18 percent two decades ago. ... common signs of burnout include:

• Feeling emotionally drained and mentally unwell. Nausea. Being unable to sleep or constantly fighting sicknesses like head colds.
• Feeling alienated by your colleagues and bosses, feeling constantly underappreciated, or feeling ostracized by them.
• Feeling you are not personally achieving your best, or regularly "phoning it in."

"There are a lot of things that can happen when people begin to have this problem at work," Dr. Maslach said. "There are things like absenteeism, turnover, but also things in terms of errors, not being careful about the work they're doing. We see a lot of difficulty with people getting along with each other — angry, aggressive." ... If you're suffering from burnout at work, or if any of those symptoms sound familiar to you, there are a few things you can do now, before you get some time off to recover. (Although you should definitely consider some time off to recover, if you can.)

takyon writes:

Filmmaker Colin Trevorrow will not direct Star Wars: Episode IX:

Star Wars: Episode IX needs a new director. Lucasfilm has announced that Jurassic World filmmaker Colin Trevorrow is leaving the project. [...] Playwright Jack Thorne, best known for Harry Potter and the Cursed Child, was recently hired to do a comprehensive rewrite of the Episode IX script by Trevorrow and his Safety Not Guaranteed co-screenwriter Derek Connolly.

While the nature of the disagreement with Lucasfilm isn't clear, there have been rumblings of discontent for several months. During that time, Trevorrow also suffered withering reviews for his passion project, The Book of Henry, which was a critical and commercial calamity.

Although Lucasfilm's new movies have found immense success at the box office and with audiences and critics, the process of working with directors on the new saga and spin-offs has occasionally been fraught. Chronicle filmmaker Josh Trank was set to direct an unspecified stand-alone movie (believed to be a Boba Fett project) before parting ways amid chaos on the recent Fantastic Four movie. And The LEGO Movie directors Phil Miller and Chris Lord were removed from the young Han Solo film and replaced with veteran Ron Howard amid disputes over the state of that project.

Star Wars IX was planned for release on May 24, 2019. Star Wars: The Last Jedi comes out on December 15, 2017.

Also at The Hollywood Reporter (discussion). Lucasfilm statement.

Safety Not Guaranteed or Steins;Gate?

Original Submission

tonyPick writes:

A rather cool article at BoingBoing on decoding the images on the Voyager golden records from scratch. The records contain "more than 100 images encoded as audio signals" and

Donating their time and expertise to the project, engineers at Colorado Video projected each Voyager slide onto a television camera lens, generating a signal that their machine converted into several seconds of sound per photo. A diagram on the aluminum cover of the Golden Record explains how to play it and decode the images. Four decades later, Ron Barry followed the instructions.

The Voyager Golden Records:

[...] are phonograph records that were included aboard both Voyager spacecraft launched in 1977. The records contain sounds and images selected to portray the diversity of life and culture on Earth, and are intended for any intelligent extraterrestrial life form, or for future humans, who may find them. Those records are considered as a sort of a time capsule.

The article describes the decoding process and also links to a video showing the results of the decode in real time against the original soundtrack.

Original Submission

takyon writes:

http://www.anandtech.com/show/11804/huawei-shows-unannounced-kirin-970-at-ifa-2017-dedicated-neural-processing-unit

The headline that Huawei seems to want to promote is the addition of dedicated neural network silicon inside the Kirin 970, dubbed the Neural Processing Unit (NPU). The sticker performance of the NPU is rated at 1.92 TFLOPs of FP16, which for reference, is about 3x what the Kirin 960's GPU alone can do on paper (~0.6 TFLOPs FP16). Or to put this in practical terms, Huawei says that the NPU is capable of discerning 2005 images per minute from internal testing, compared to 97 images per minute without the NPU – and presumably on the CPU – using the Kirin Thundersoft software (likely a future brand name). Obviously, depending on the implementation and power use, I would expect Huawei to try and leverage the NPU as much as possible in upcoming designs.

Other details for the Kirin 970 show improvements over the Kirin 960. First is the movement to TSMC's 10nm process, from 16FF+. The Kirin 960 launched a few months before the 10nm ramp up for other high-end smartphone SoCs hit the shelves, so Huawei is matching their competitors here. The core configuration is the same as the 960, with four ARM Cortex A73 cores and four ARM Cortex A53 cores, this time clocked at 2.4 GHz and 1.8 GHz respectively. The integrated graphics is the newest Mali G72, announced alongside the A75/A55 processors earlier this year, which will be in an MP12 configuration. Frequency was not listed.

[...] Huawei's final declarations on the NPU state that it is 25x the performance of a CPU with 50x the energy efficiency, and using a new HiAI (Hi-Silicon AI) nomenclature.

I'm waiting for the smartphone that packs in a central processing unit, graphics processing unit, neural processing unit, and quantum processing unit.

Related: Snapdragon 820 SoC's Zeroth Neuromorphic Chip to Block Malware on Smartphones
Intel Announces Movidius Myriad X Vision Processing Unit

Original Submission

takyon writes:

Two companies that supply parts to the likes of Boeing, Airbus, and Lockheed Martin will merge in one of the largest aerospace deals ever:

United Technologies Corp. agreed to buy Rockwell Collins Inc. for about $23 billion, creating an aerospace behemoth that can outfit jetliners and warplanes from tip to tail.

The transaction, one of the biggest in aviation history, creates an aircraft-parts giant better positioned to withstand the squeeze from planemakers Boeing Co. and Airbus SE for pricing discounts and higher output. The resulting company will boast a broad suite of products for commercial aircraft, from Rockwell Collins's touchscreen cockpit displays to jet engines made by the Pratt & Whitney division of United Technologies.

"This is a significant deal for UTC and the aviation industry in general," Hans Weber, president of San Diego-based consultancy Tecop International Inc., said in an email. By buying Rockwell Collins, which delivers avionics systems for the U.S. planemaker's 787, "UTC becomes a critically important supplier to Boeing and will have a strong negotiating position as Boeing is putting price pressure on suppliers."

The deal is $23 billion, or $30 billion including debt. The combined company is expected to have annual sales of $34 billion.

Also at NYT and CNN.

Original Submission

jbernardo writes:

Google is using the boiling frog method to exclude power users and custom ROMS from android.

A new feature in Android 8.0 Oreo, called "Rollback Protection" and included in the "Verified Boot" changes, will prevent a device from booting should it be rolled back to an earlier firmware. The detailed information is here.

As it rejects an image if its "rollback index" is inferior than the one in "tamper evident storage", any attempts to install a previous version of the official, signed ROM will make the device unbootable. Much like iOS (without the rollback grace period) or the extinct Lumias. It is explained in the recommended boot workflow and notes below, together with some other "smart" ideas.

Now, this might seem like a good idea at first, but let's just just imagine this on a PC. It would mean no easy roll back from windows 10 to 7 after a forced installation, and doing that or installing linux would mean a unreasonably complex bootloader unlocking, with all your data wiped. Add safetynet to the mix, and you would also be blocked from watching netflix or accessing your banking sites if you dared to install linux or rollback windows.

To add insult to injury, unlocked devices will stop booting for at least 10 seconds to show some paternalist message on how unlocking is bad for your health - "If the device has a screen and buttons (for example if it's a phone) the warning is to be shown for at least 10 seconds before the boot process continues."

Now, and knowing that most if not all android bootloaders have vulnerabilities/backdoors, how can this be defended, even with the "security/think of the children" approach? This has no advantages other than making it hard for users to install ROMs or to revert to a previous official ROM to restore missing functionality.

Original Submission

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

The personal details of thousands of individuals who submitted job applications to an international security firm were exposed online due to an unprotected storage server set up by a recruiting services provider.

Chris Vickery of cyber resilience firm UpGuard discovered on July 20 an Amazon Web Services (AWS) S3 storage bucket that could be accessed by anyone over the Internet. The server stored more than 9,400 documents, mostly representing resumes of people who had applied for a job at TigerSwan, an international security and global stability firm.

The documents included information such as names, physical addresses, email addresses, phone numbers, driver's license numbers, passport numbers and at least partial social security numbers (SSNs). In many cases, the resumes also provided information on security clearances from U.S. government agencies, including the Department of Defense, the Secret Service, and the Department of Homeland Security. Nearly 300 of the exposed resumes listed the applicant as having a "Top Secret/Sensitive Compartmented Information" clearance.

According to UpGuard, a majority of the individuals whose information was compromised were military veterans, but hundreds of resumes belonged to law enforcement officers who had sought a job at TigerSwan, a company recently described by The Intercept as a "shadowy international mercenary and security firm."

Source: http://www.securityweek.com/details-us-top-secret-clearance-holders-leaked-online

Original Submission

takyon writes:

Uranus's moon Cressida could collide with another moon within the next million years:

The Voyager 2 spacecraft discovered Cressida in 1986. It is just 82 kilometres across, dark in colour and orbits close to Uranus but beyond most of its rings. It belongs to the most tightly packed group of satellites in the solar system, nine moons whose orbits all lie within 18,000 kilometres of one another.

Now, Robert Chancia at the University of Idaho and his colleagues have deduced the small moon's mass – and from it discovered the probable shape of its demise. [...] This link enabled the team to use the ring to deduce the moon's mass, the first time anyone has weighed such a small moon of Uranus. They found that Cressida is about 1/300,000th as massive as Earth's moon and about 86 per cent as dense as water. That's much denser than the small moons of Saturn, which are mostly made of water ice but are porous, making them lighter than ice.

[...] The findings spell trouble for Cressida. The denser Uranus's closely packed moons, the more their gravity tugs at one another, raising the spectre that one will swerve into the wrong lane. "Some of these moons are probably going to crash into each other," says team member Matthew Hedman, also at the University of Idaho. In only about a million years, Cressida will probably strike Desdemona, a moon that orbits just 900 kilometres outside Cressida's path, says the team. A similar fate awaits the moons Cupid and Belinda, which will hit each other.

Also at Science News.

Weighing Uranus' moon Cressida with the η ring

Original Submission

Fnord666 writes:

Android bootloader components from five major chipset vendors are affected by vulnerabilities that break the CoT (Chain of Trust) during the boot-up sequence, opening devices to attacks.

The vulnerabilities came to light during research carried out by a team of nine computer scientists from the University of California, Santa Barbara.

The research team looked into the shadowy world of Android bootloaders, components that are hard to analyze because they are closed-source and tend to lack typical metadata (such as program headers or debugging symbols) that are usually found in normal programs and help reverse engineering and security audits.

Most of the team's work focused on developing a new tool named BootStomp specialized in helping test and analyze bootloaders.

The goal of BootStomp is to automatically identify security vulnerabilities that are related to the (mis)use of attacker-controlled non-volatile memory, trusted by the bootloader's code. In particular, we envision using our system as an automatic system that, given a bootloader as input, outputs a number of alerts that could signal the presence of security vulnerabilities. Then, human analysts can analyze these alerts and quickly determine whether the highlighted functionality indeed constitute a security threat.

By using BootStomp to find problematic areas of the previously obscure bootloader code, and then having the research team look over the findings, experts said they identified seven security flaws, six new and one previously known (CVE-2014-9798). Of the six new flaws, bootloader vendors already acknowledged and confirmed five.

https://www.bleepingcomputer.com/news/security/vulnerabilities-discovered-in-mobile-bootloaders-of-major-vendors/

Original Submission

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

Sci-Hub, which is regularly referred to as the "Pirate Bay of science", faces another setback in a US federal court. After the site's operator failed to respond, the American Chemical Society now requests a default judgment of $4.8 million for alleged copyright infringement. In addition, the publisher wants a broad injunction which would require search engines and ISPs to block the site.

The pirate site, operated by Alexandra Elbakyan, was ordered to pay $15 million in piracy damages to academic publisher Elsevier.

With the ink on this order barely dry, another publisher soon tagged on with a fresh complaint. The American Chemical Society (ACS), a leading source of academic publications in the field of chemistry, also accused Sci-Hub of mass copyright infringement.

[...] "Sci-Hub's unabashed flouting of U.S. Copyright laws merits a strong deterrent. This Court has awarded a copyright holder maximum statutory damages where the defendant's actions were 'clearly willful' and maximum damages were necessary to 'deter similar actors in the future'," they write.

Although the deterrent effect may sound plausible in most cases, another $4.8 million in debt is unlikely to worry Sci-Hub's owner, as she can't pay it off anyway. However, there's also a broad injunction on the table that may be more of a concern.

The requested injunction prohibits Sci-Hub's owner to continue her work on the site. In addition, it also bars a wide range of other service providers from assisting others to access it.

Specifically, it restrains "any Internet search engines, web hosting and Internet service providers, domain name registrars, and domain name registries, to cease facilitating access to any or all domain names and websites through which Defendant Sci-Hub engages in unlawful access to [ACS's works]."

The above suggests that search engines may have to remove the site from their indexes while ISPs could be required to block their users' access to the site as well, which goes quite far.

Source: https://torrentfreak.com/sci-hub-faces-48-million-piracy-damages-and-isp-blocking-170905/

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow1937

Security researchers have found five gaping holes in the firmware running on Arris modems, three of which are hardcoded backdoor accounts.

An attacker could use any of these three accounts to access and take over the device with elevated privileges — even root — install new firmware, and ensnare the modem in a larger botnet.

The vulnerabilities came to light after a review of the Arris firmware carried out by experts from Nomotion Labs.

According to Nomotion, the flaws are found in both the standard Arris firmware, but also in the extra code added on top by OEMs. In their research, experts looked at an Arris modem installed on the network of AT&T.

Researchers said the flaws affect NVG589 and NVG599 modems. Both models aren't available through the Arris website and appear to be discontinued products. Based on Censys and Shodan data, researchers believe there are at least 220,000 of these vulnerable modems connected online.

[...] For owners of said devices, Nomotion has published basic self-mitigation instructions that device owners and ISPs can use to block access to the backdoors and fix some of the flaws. The self-mitigations are available at the end of the Nomotion report.

Source: https://www.bleepingcomputer.com/news/security/three-hardcoded-backdoor-accounts-discovered-in-arris-modems/

Original Submission

c0lo writes:

Australian Brodcasting Corporation reveals that Mario is no longer working as a plumber, according to Nintendo's Japanese site (as translated by kotaku)!

In a recently updated Mario profile, the company's website said "Mario was once a plumber ... but that was a long time ago."

"All around sporty, whether it's tennis or baseball, soccer or car racing, he does everything cool. As a matter of fact, he also seems to have worked as a plumber a long time ago," the website said.

Although the games rarely feature Mario utilising his plumbing skills, the sudden announcement of his retirement has shocked fans and left many feeling betrayed.

"If Mario doesn't work as a plumber, then why is he dressed like one?" several fans asked.

[...] "The game's stage was a construction site, so we made him into basically a carpenter," creator Shigeru Miyamoto, who is also responsible for Donkey Kong and Zelda, said in a 2011 interview.

"[In Super Mario Bros] we brought in Luigi and a lot of the game was played underground so we made him to fit that setting and, we decided he could be a plumber."

"The scenario dictates his role."

The twitterverse is raging:

• Imagine if Mario was your actual plumber though. Come back from making him a cup of tea and find him jumping on your pet tortoise.
• It's Labour Day and Nintendo fires Mario from being a plumber? This is why the working man needs a union.
• In this gig based economy of course he isn't. He drives for Uber now.
• With DACA being repealed, Mario is no longer a plumber and has been deported back to Italy.

Original Submission

Nesh writes:

https://public.wmo.int/en/resources/bulletin/new-edition-of-international-cloud-atlas

The World Meteorological Organization has announced that a new edition of the International Cloud Atlas has been released following three years of hard work. The International Cloud Atlas is the world’s reference for the identification and classification of clouds and other meteorological meteors.

First published over a century ago in 1896, the Atlas has not experienced many updates. There have been numerous fundamental changes in our world since the most recent in 1975/1987 (Volume I/Volume II), including the emergence of the Internet and the invention of cellular phones with cameras. Important advancements in scientific understanding, too, have come about. The time was ripe for a new version.

Today’s high-quality cameras and modern technology can deliver an abundance of excellent photographic examples of clouds and all other meteorological phenomena, providing better images for the Atlas than ever before. This allows us to present more phenomena, and to illustrate variation in their appearance with different locations and viewing conditions.

In an age where the Internet has become a primary resource, the new edition will also give the Cloud Atlas a strong online presence. Without this, many alternative atlases have appeared online. This threatens the global standardization of cloud classification, which is one of the primary reasons for the existence of the International Cloud Atlas.

[...] The new, 2017 edition of the International Cloud Atlas brings this important document into the digital era. It provides professional and amateur observers of clouds and other meteors with an online resource that can be used as a reference, a training tool and a source of stunning images and descriptions. In addition, it updates and strengthens the language used to classify and report cloud and meteor observations, ensuring the consistency and clear communication that is essential to this field.

You can access the 2017 International Cloud Atlas at www.wmocloudatlas.org

Original Submission

takyon writes:

Anonymity continues to die a little every day:

The physical traits predicted from genome sequence data may be sufficient to identify anonymous individuals in the absence of other information, according to a study set to appear in the Proceedings of the National Academy of Sciences this week.

After looking for links between physical phenotypes and whole-genome sequence data for more than 1,000 individuals from a range of ancestral groups, researchers from the US and Singapore took a crack at predicting biometric traits based on genetic data with the help of a newly developed algorithm. In a group of de-identified individuals, they reported, the algorithm made it possible to identify a significant proportion of individuals based on predictions of three-dimensional facial structure, ethnicity, height, weight, and other traits.

"By associating de-identified genomic data with phenotypic measurements of the contributor, this work challenges current conceptions of genomic privacy," senior author Craig Venter, of Human Longevity and the J. Craig Venter Institute, and his co-authors wrote. "It has significant ethical and legal implications on personal privacy, the adequacy of informed consent, the viability and value of de-identification of data, the potential for police profiling, and more."

[...] [Genome] sequences [...] are not currently protected as identifying data under the US Health Insurance Portability and Accountability Act's Safe Harbor method for ensuring anonymous and de-identified patient information.

Also at Bio-IT World, PRNewswire, and San Diego Union Tribune.

Previously: Creating Wanted Posters from DNA Samples

Related: EFF to Supreme Court: The Fourth Amendment Covers DNA Collection
Kuwait Creating Mandatory DNA Database of All Citizens, Residents--and Visitors
Massive DNA Collection Campaign in Xinjiang, China
Routine Whole Genome Sequencing: Not Scary?

Original Submission

tonyPick writes:

Spotted on HackerNews is a link to a paper on Automated Crowdturfing Attacks and Defenses in Online Review Systems:

Malicious crowdsourcing forums are gaining traction as sources of spreading misinformation online, but are limited by the costs of hiring and managing human workers. In this paper, we identify a new class of attacks that leverage deep learning language models (Recurrent Neural Networks or RNNs) to automate the generation of fake online reviews for products and services. Not only are these attacks cheap and therefore more scalable, but they can control rate of content output to eliminate the signature burstiness that makes crowdsourced campaigns easy to detect.

The paper, available from the arXiv link, contains the details of the attack which the paper notes "are largely indistinguishable from real reviews to human readers", and suggests defensive mechanisms based on "statistically detectable variations in the character-level distribution of machine-generated reviews".

Original Submission