SoylentNews

takyon writes:

Ford says it is using Microsoft's HoloLens augmented reality headset to help design cars, alongside clay models:

Microsoft's HoloLens headset has been slowly pivoting towards commercial markets over the past year. NASA, Volvo, Lowe's, Audi, and Volkswagen are all testing HoloLens for various reasons, and now Ford is expanding its use of Microsoft's headsets after an initial pilot phase. Ford is using HoloLens to let designers quickly model out changes to cars, trucks, and SUVs. This allows designers to see the changes on top of an existing physical vehicle, instead of the traditional clay model approach to car design.

Ford is still using clay models, but the HoloLens can be used to augment additional 3D models without having to build every single design prototype with clay.

Also at CNBC and Engadget.

Original Submission

takyon writes:

Equifax's Twitter account linked to a website created by a software engineer imitating the real breach info site:

People create fake versions of big companies' websites all the time, usually for phishing purposes. But the companies do not usually link to them by mistake.

Equifax, however, did just that after Nick Sweeting, a software engineer, created an imitation of equifaxsecurity2017.com, Equifax's page about the security breach that may have exposed 143 million Americans' personal information. Several posts from the company's Twitter account directed consumers to Mr. Sweeting's version, securityequifax2017.com. They were deleted after the mistake was publicized.

By Wednesday evening, the Chrome, Firefox and Safari browsers had blacklisted Mr. Sweeting's site, and he took it down. By that time, he said, it had received about 200,000 hits.

Fortunately for the people who clicked, Mr. Sweeting's website was upfront about what it was. The layout was the same as the real version, complete with an identical prompt at the top: "To enroll in complimentary identity theft protection and credit file monitoring, click here." But a headline in large text differed: "Cybersecurity Incident & Important Consumer Information Which is Totally Fake, Why Did Equifax Use A Domain That's So Easily Impersonated By Phishing Sites?"

Also at The Verge.

Previously: Equifax Data Breach Could Affect 143 Million Americans [Updated]
Are You an Equifax Breach Victim? You Could Give Up Right to Sue to Find Out
Outrage Builds after Equifax Executives Banked $2 Million Following Data Breach
Equifax CIO, CSO "Retire" in Wake of Huge Security Breach

Original Submission

tonyPick writes:

Spotted at HackerNews is a link to Alexey Kljatov's blog on snowflake macro photography.

The HN thread links to this 2013 posting on the equipment used in the setup:

Some people think that snowflake photography is a complex matter, and requires expensive equipment, but in fact it can be inexpensive, very interesting and quite easy, after some practice.

Currently, i use low cost variation of well-known lens reversal macro technique: compact camera Canon Powershot A650is at maximum optical zoom (6x) shoots through lens Helios 44M-5 (taken from old film camera Zenit, made in USSR), reversely mounted in front of built-in camera optics. Compared to Canon A650 standard macro mode, this simple setup achieves much better magnification and details, lesser chromatic aberrations and blurring at image corners, but also very shallow depth of field.

I capture every snowflake as short series of identical photos (usually 8-10, for most interesting and beautiful crystals - 16 shots and more), and average it (after aligning, for every resulting pixel take arithmetical mean of corresponding pixels from all shots of series) at very first stage of processing workflow. Averaging technique dramatically reduces noise and reveals thin and subtle details and color transitions, which almost unseen in every single shot from series, because they masked by noise.

The Original HN Thread is here and also contains a link to Alexey's Flickr page with more of the results.

Original Submission

MrPlow writes:

Submitted via IRC for Fnord666_

Think it was impressive when a Tesla club drove a Model S nearly 670 miles? It has nothing on what Proterra just managed. The startup just drove a Catalyst E2 Max electric bus a whopping 1,101.2 miles on a single charge. That's the furthest any EV has managed before recharging, and well past the 1,013.8 miles driven by the previous record-holder, a one-seat experimental car nicknamed "Boozer." It's not hard to see how Proterra managed the feat when you know about the technology, but this still bodes well for eco-friendly public transportation.

Source: https://www.engadget.com/2017/09/19/electric-bus-travels-record-1101-miles-on-one-charge/

Original Submission

-- OriginalOwner_ writes:

At 9PM ET September 20, ABC News reported

The island of Puerto Rico has been "destroyed" after Hurricane Maria made landfall there as a Category 4 storm Wednesday morning, according to emergency officials.

Puerto Rico's office of emergency management confirmed that 100 percent of the U.S. territory had lost power, noting that anyone with electricity was using a generator.

Multiple transmission lines sustained damage from the storm, said Ricardo Ramos, director of the Puerto Rico Electric Power Authority. Ramos said he hopes to begin launching helicopters by this weekends to begin inspecting the transmission lines.

Telecommunications throughout the island have "collapsed", Abner Gomez Cortes, executive director of Puerto Rico's office of emergency management and disaster administration agency, told ABC News.

[...] Cortes described Maria as an unprecedented storm, adding that the island had not seen a storm of that strength since 1928.

[...] Puerto Rico was still experiencing tropical-storm force winds Wednesday afternoon, forcing emergency services and search and rescue teams to wait before heading out to assess the damage, Cortes said.

More than 12,000 people are currently in shelters, and hospitals are now running on generators, Cortes said. Two hospitals--one in Caguas and one in Bayamon--have been damaged.

No deaths have been reported so far, but catastrophic flooding is currently taking place on the island. Multiple rain gauges have reported between 18 and 24 inches of rain, with some approaching the 30-inch mark over the last 24 hours.

Flooding is the danger "that will take lives", Cortes said, advising residents not to venture out of their homes until Thursday because "it is not safe to go out and observe".

[...] As of 8 p.m. ET, Maria had weakened to a Category 2 hurricane with maximum sustained wind of 110 mph, according to the National Hurricane Center.

[...] Some strengthening is possible now that the storm is back over the ocean, so Maria has potential to become a Category 3 hurricane again.

National Hurricane Center graphics for Maria.
Map of Caribbean Islands.

At 15:20 UTC, Mashable reported

Clips shot in the [cities] of Farjado, San Juan, and Guyama show buildings experiencing extreme structural damage. Doors are being ripped right off their hinges, and windows, walls, and roofs of homes, restaurants, and hotels are being stripped away by the storm's incredible power.

Original Submission

takyon writes:

Saudia Arabia will lift a 2013 ban on Internet calling services:

Saudi Arabia will lift a ban on internet phone calls, a government spokesman said, part of efforts to attract more business to the country. All online voice and video call services such as Microsoft's Skype and Facebook's WhatsApp that satisfy regulatory requirements will become accessible at midnight (2100 GMT), Adel Abu Hameed, spokesman for the telecoms regulator CITC said on Twitter on Wednesday.

The policy reversal represents part of the Saudi government's broad reforms to diversify the economy partly in response to low oil prices, which have hit the country's finances. "Digital transformation is one of the key kick-starters for the Saudi economy, as it will incentivise the growth of internet-based businesses, especially in the media and entertainment industries," a statement from the information ministry said. "Access to VoIP (voice over internet protocol) will reduce operational costs and spur digital entrepreneurship – that's why it is such an important step in the Kingdom's internet regulation," it said.

Perhaps they found the backdoors.

Also at TechCrunch.

Original Submission

janrinok writes:

Arthur T Knackerbracket has found the following story:

Depending on where you rest your hat, the words "AR battle" could mean some very different things. You might still be hankering to have your Pikachu rain down lightning on a friends' Squirtle in Pokemon Go, or, if you're recovering from the iPhone X launch, be wondering when you'll be able to send your mini troops into a tabletop augmented reality warzone in Directive Games' The Machines.

But if you're among the thousands in attendance at the Defence and Security Equipment International 2017 (DSEI) conference at London's Excel Centre, those battles and warzones in question become altogether more real. As, while the consumer world waits patiently for the giants of Cupertino to lift the covers off the rumored Apple AR glasses, the military has been dabbling in augmented reality interfaces for years.

The transparent nature of AR glasses lets the wearer maintain situational and environmental awareness.

What was once the reserve of fighter pilots, the advances of Moore's Law means that impressive heads-up display units will soon be standard issue for regular ground troops. Through the use of wearable glasses and headsets, key data points will be overlaid onto a battlefield – everything from mapping information to mission parameters to markers defining the movements of allied troops and enemy forces.

Topographical data can be relayed to a troop along with video feeds from remote overhead drones or fellow forces elsewhere on the field. All the while, the transparent nature of AR glasses (as opposed to the all-encompassing view of a virtual reality headset) lets the wearer maintain situational and environmental awareness. The potential chaos of what's going on around a soldier can still be seen and actioned upon.

MrPlow writes:

Submitted via IRC for SoyCow1937

There's a bug in the widely used Apache Web Server that causes servers to leak pieces of arbitrary memory in a way that could expose passwords or other secrets, a freelance journalist has disclosed.

The vulnerability can be triggered by querying a server with what's known as an OPTIONS request. Like the better-known GET and POST requests, OPTIONS is a type of HTTP method that allows users to determine which HTTP requests are supported by the server. Normally, a server will respond with GET, POST, OPTIONS, and any other supported methods. Under certain conditions, however, responses from Apache Web Server include the data stored in computer memory. Patches are available here and here.

[...] Optionsbleed, by contrast [to Heartbleed], doesn't pose as big a threat, but its effects can still be damaging. The risk is highest for server hosts that allow more than one customer to share a single machine. That's because Optionsbleed allows customers to exploit the flaw in a way that exposes secret data from other customers' hosts on the same system. On the Internet at large, the threat is less serious.

[...] Interestingly, the bug was first identified in 2014. Why it's only now being patched is unclear.

Source: https://arstechnica.com/information-technology/2017/09/apache-bug-leaks-contents-of-server-memory-for-all-to-see-patch-now/

[Note: I checked with TheMightyBuzzard, and was informed that, though SoylentNews does run Apache, our systems are configured in such a way as to not expose OPTIONS. In other words, it is believed that we are not susceptible. --martyb]

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow5743

Ed Foudil, a web developer and security researcher, has submitted a draft to the IETF — Internet Engineering Task Force — seeking the standardization of security.txt, a file that webmasters can host on their domain root and describe the site's security policies.

The file is akin to robots.txt, a standard used by websites to communicate and define policies for web and search engine crawlers.

The distinction between security.txt and robots.txt is that security.txt will be used to communicate a company's security practices only, and is likely to be read by humans, rather than automated scanners.

For example, if a security researcher finds a security vulnerability on a website, he can access the site's security.txt file for information on how to contact the company and securely report the issue.

[...] This is when Foudil put together a first version of the security.txt specification that he later published on GitHub. Early feedback from the IT security industry convinced the researcher to go on.

"When x0rz [well-known security researcher] tweeted about my proposal I realized that this was something people really wanted and that it was time to start writing up an RFC draft," Foudil said.

[...] Right now, security.txt is at the status of Internet Draft, which is the first IETF regulatory step in a three-stage process that also includes RFC (Request For Comment) and official Internet Standards.

"Once security.txt becomes an RFC the focus will shift to spreading the word and encouraging companies to setup a security.txt file," Foudil told Bleeping Computer.

"Several bug bounty platforms have already offered to help out with this step and hopefully if some of the big companies have a security.txt this will set a good example that could convince others to follow suit."

Source: https://www.bleepingcomputer.com/news/security/security-txt-standard-proposed-similar-to-robots-txt/

Original Submission

-- OriginalOwner_ writes:

Common Dreams reports

Thanks to a hiring freeze, budget cuts, and the exorbitant travel needs of Trump's cabinet, Environmental Protection Agency (EPA) agents are being forced to ditch climate crime investigations in order to serve as personal bodyguards for EPA administrator Scott Pruitt, resulting in what one critic called an "evaporation of criminal enforcement".

"The EPA head has traditionally had one of the smallest security details among cabinet members," the Washington Post reported [September 19]. But Pruitt's expansive security team--which cost taxpayers over $830,000 in his first three months as EPA chief--has shattered all precedent.

"This never happened with prior administrators", Michael Hubbard, former head of the EPA Criminal Investigation Division's Boston office.

Pruitt's 24/7, 18-member security detail "demands triple the manpower of his predecessors" and is forcing "officials to rotate in special agents from around the country who otherwise would be investigating environmental crimes", the Post's Juliet Eilperin and Brady Dennis noted.

These officials "signed on to work on complex environmental cases, not to be an executive protection detail", Hubbard observed. "It's not only not what they want to do, it's not what they were trained and paid to do."

The impact of this transfer of resources can already be seen in the rapidly falling number of new cases opened by the EPA's Criminal Investigation Division. Eilperin and Dennis note that the "current fiscal year is on pace to open just 120 new cases...down sharply from the 170 initiated last year".

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow5743

During last year's WWDC in June 2016, Apple noted it would be adopting some degree of differential privacy methods to ensure privacy while the company mined user data on iOS and Mac OS. In short, the technique adds noise to data that scrambles it enough to prevent it from becoming identifiable -- though the company made clear at the time that its data collection process was opt-in. Over a year later, a study claims that Apple's methods fall short of the digital privacy community's expectations for how much a user's data is kept private.

As they reveal in their study (PDF), researchers from the University of Southern California, Indiana University and China's Tsinghua University evaluated how Apple injects static into users' identifiable info, from messages to your internet history, to baffle anyone looking at the data, from the government to Apple's own staff. The metric for measuring a setup's differential privacy effectiveness is called a "privacy loss parameter" or, as a variable, "epsilon." In this case, the researchers discovered that Apple's epsilon on MacOS allowed a lot more personal data to be identifiable than digital privacy theorists are comfortable with, and iOS 10 permits even more.

Apple has refuted the study's findings, especially on its alleged ability to link data to particular users.

Source: https://www.engadget.com/2017/09/15/study-says-apple-data-mining-safeguards-dont-protect-privacy-en/

Original Submission

DeathMonkey submitted:

If you had big plans this weekend, David Meade regrets to inform you that the world will be ending Saturday.

Meade, a Christian numerologist and self-described "researcher," says Sept. 23 is foretold in the Bible's Book of Revelation as the day a series of catastrophic events will begin, and as a result, "a major part of the world will not be the same," the Washington Post reports.

The Bible prophecies a woman "clothed with the sun" and a "crown of 12 stars" giving birth to a boy who will "rule all the nations" while she fights off a seven-headed dragon. The woman, Meade says, is the constellation Virgo, which on Saturday will be positioned under nine stars and three planets, per Popular Mechanics.

The baby boy will be the planet Jupiter, which will be moving out of Virgo on that night.

According to Meade, who says he studied astronomy at an unspecified university in Kentucky, the great change in our world will be the result of the arrival of Nibiru, a planet famous in conspiracy circles but which astronomers say doesn't exist.

http://wnep.com/2017/09/20/researcher-says-this-saturday-will-be-the-end-of-the-world/
https://www.washingtonpost.com/news/acts-of-faith/wp/2017/09/17/the-world-as-we-know-it-is-about-to-end-again-if-you-believe-this-biblical-doomsday-claim/ (soft paywalled)

Original Submission

frojack writes:

Android Central and many others are reporting that HTC has issued a Trading Halt pending a Major Announcement order to the markets.

The reason:

Google is expected to buy HTC's smartphone business altogether, taking on its research and development, manufacturing, distribution and supplier ties. HTC will continue to operate its other business units, but it isn't yet clear what would come of its HTC-branded phones.

It has been rumored that HTC was in the "final stage of negotiation with Google" for selling off its smartphone business, and it looks like things are coming to a head.

Google needs handsets to support its Pixel line of phones for Project Fi demands and has only been partly successful in filling these needs by contracting with manufacturers for the custom phones needed to support the multi-carrier Fi phones. HTC is currently manufacturing the Pixel line of phones for Google.

HTC has made outstanding phones that suffered from poor marketing, and has never garnered a significant market share.

See also https://www.bloomberg.com/news/articles/2017-09-20/google-is-said-close-to-buying-htc-assets-to-bolster-hardware (Warning Auto-play Video) where Bloomberg's analysts points out:

A more Apple-like approach to smartphone production would also allow Google to steer Android in its preferred direction. The tech giant has struggled to get handset makers and carriers to ship Android devices with new, secure software. The Pixel was designed, in part, to prompt other Android phone makers to follow on the latest Google bells and whistles. Still, some Android partners are moving ahead with competing software efforts -- Huawei Technologies Co. linked up with Amazon's assistant, and Samsung Electronics Co. is building its own.

Original Submission

takyon writes:

The major feature of the third iteration of the Apple Watch, LTE cellular connectivity, can fail due to a bug involving Wi-Fi. This problem has been reflected in reviews of the device:

The new Apple Watch is mostly an iterative update over its predecessor, but for one major feature: LTE. The addition of cellular connectivity has been touted as everything from "nice" to "game changing," but reviewers appear to have early issues in testing. I didn't run into any in my own testing, but the Verge reported some big hiccups connecting to the cellular network on the device.

An Apple spokeswoman confirmed the problem with TechCrunch, stating, "We have discovered that when Apple Watch Series 3 joins unauthenticated Wi-Fi networks without connectivity, it may at times prevent the watch from using cellular. We are investigating a fix for a future software release."

The LTE also does not work if you take the device to another country.

Also at The Verge, Fox Business (WSJ/Dow Jones reprint), and Fortune.

Original Submission

'I Was Just Doing My Job': Soviet Officer Who Averted Nuclear War Dies at Age 77

Phoenix666 writes:

A Soviet officer who prevented a nuclear crisis between the US and the USSR and possible World War III in the 1980s has quietly passed away. He was 77. In 2010 RT spoke to Stanislav Petrov, who never considered himself a hero. We look at the life of the man who saved the world.

A decision that Soviet lieutenant colonel Stanislav Petrov once took went down in history as one that stopped the Cold War from turning into nuclear Armageddon, largely thanks to Karl Schumacher, a political activist from Germany who helped the news of his heroism first reach a western audience nearly two decades ago.

On September 7, Schumacher, who kept in touch with Petrov in the intervening years, phoned him to wish him a happy birthday, but instead learned from Petrov's son, Dmitry, that the retired officer had died on May 19 in his home in a small town near Moscow.

On September 26, 1983, Stanislav Petrov was on duty in charge of an early warning radar system in a bunker near Moscow, when just past midnight he saw the radar screen showing a single missile inbound from the United States and headed toward the Soviet Union.

"When I first saw the alert message, I got up from my chair. All my subordinates were confused, so I started shouting orders at them to avoid panic. I knew my decision would have a lot of consequences," Petrov recalled of that fateful night in an interview with RT in 2010.
...
It was later revealed that what the Soviet satellites took for missiles launch was sunlight reflected from clouds.

Many of us feel that one person can't make a real difference in the world. Stanislov Petrov did.

R.I.P. Stanislav Petrov, the man who saved the world

fritsd writes:

The Guardian and other news sources report, that Soviet Colonel Stanislav Petrov has died, age 77.

Petrov has become (not very) famous, because in 1983 his quick decision making averted a possible nuclear war.

I think that we, humans, are bad at recognizing significant events that led to everything continuing as normal..

Original Submission #1  Original Submission #2