SoylentNews

canopic jug writes:

The Inquirer writes about research carried out by Google and the University of California which found over than 1.9 billion usernames and passwords available on the black market, many of which provide access to active Google accounts.

The researchers used Google's proprietary data to see whether or not stolen passwords could be used to gain access to user accounts, and found that an estimated 25 per cent of the stolen credentials can successfully be used by cyber crooks to gain access to functioning Google accounts.

Source:
Google: 25 per cent of black market passwords can access accounts
Data breaches, phishing, or malware? Understanding the risks of stolen credentials

Original Submission

takyon writes:

Skyrim, a game in the Elder Scrolls series first released in 2011, is now available for the Nintendo Switch, and has a VR version for PC and PlayStation 4 as well:

How Bethesda was able to fit Skyrim on the Switch

"While docked, Skyrim operates at a native 1600 x 900, while playing in mobile mode shows us the first sign of compromise," Digital Foundry said. "When we looked at the Switch port at Gamescom, everything indicated a native 720p resolution, but the final code reveals more: a fairly basic form of resolution scaling designed to sustain smooth performance. Under load, resolution drops back suddenly to 896 x 720 — 70 per cent of the native pixel count."

'Skyrim VR' makes the 6-year-old game feel fresh again

Having played through Skyrim from start to finish more than once, and having drudged through the opening act more times than I care to remember, I was skeptical that what amounted to a gimmick would be enough to draw me back into the snow-capped region that I'd already seen every inch of. But within moments, I was captivated.

How Bethesda brought The Elder Scrolls V: Skyrim to VR

The Elder Scrolls V: Skyrim VR is available now for PSVR and PC. With hundreds of hours of gameplay between the core campaign, side content, and three expansions players will be able to lose themselves once again in the frosted wastelands of Skyrim.

The world of Skyrim is thrilling and flawed in VR

Other small annoyances abounded in my brief time with Skyrim VR so far. The interface seems imperfectly tuned for the new VR perspective; in-game books and menus are presented with big, readable text, but pop-up warnings and notifications like a stamina bar appear too small and out-of-the-way to be very useful. Navigating menus means holding a button and flicking in the direction you want to move, a usable but imprecise method of navigation. Picking up loose items, meanwhile, requires pointing directly at them and tapping a button, a process that gets annoying after constant repetition. This also makes it extremely awkward to play while sitting, as your legs often end up getting in the way of items on the ground.

Original Submission

stretch611 writes:

NPR Reports: One of the founding members of AC/DC, among the best-selling bands in recorded music history, died Saturday. Guitarist and songwriter Malcolm Young was 64 years old. Young's family, which announced his death in a statement, noted that he had suffered from dementia for several years. The place of his death was not shared, though the statement mentioned that he "passed away peacefully with his family by his bedside."

Also at:

• Reuters
• Chicago Tribune
• IBT
• Rolling Stone
• Washington Post
• New York Times

Original Submission

xpda writes:

President Trump has been accused of deliberately obstructing research on global warming after it emerged that a critically important technique for investigating polar sea-ice extent and concentration is being blocked.

A key polar satellite used to measure the arctic ice cap failed a few days ago, leaving the US with only three others, and those have lived well beyond their shelf lives. Scientists say there is no chance a new one can be launched until 2023 or later. None of the current satellites will still be in operation then. This will put an end to nearly 40 years of uninterrupted data on polar ice.

It seems like there would be a backup satellite, right? In fact, there was a backup satellite ready to go. Then the Trump Administration destroyed it earlier this year, by order of the US Congress. They said the storage costs were too high.

Original Submission

takyon writes:

Zimbabwe awaits news on Mugabe's future

Zimbabweans are waiting to see what steps the military will take next after seizing control of the country. President Robert Mugabe is said to be under house arrest but the whereabouts of his wife Grace, who was bidding to succeed him as president, are unknown.

South African ministers have been in the capital Harare meeting the army and political parties. The Southern African Development Community (SADC) regional bloc will hold emergency talks on Thursday.

President Mugabe, 93, has been in control of Zimbabwe since it gained independence from Britain in 1980. But the power struggle over who might succeed him, between Mrs Mugabe and her rival former vice-president Emmerson Mnangagwa, has split the ruling Zanu-PF party in recent months.

More about Zimbabwe and former President Robert Mugabe.

Here is your emoji: 🇿🇼. Use it well.

CNN: Zimbabwe: Talks underway to form transitional government, source says
NYT editorial: For Zimbabwe, a Coup Isn't the Answer

Extras from BBC: Zimbabwe: Did Robert Mugabe finally go too far? - BBC News
Zimbabwe latest: How can you tell if a coup is happening?

Update: 'Mugabe Must Go': Thousands in Zimbabwe Rally Against Leader
Zimbabwe: Zanu-PF leaders meeting to decide Mugabe future
Pressure weighs on Mugabe to quit after mass protests

Update 2: Zanu-PF has removed Mugabe as party leader, and he may be impeached if he does not resign the Presidency by Monday.

Original Submission

stretch611 writes:

The Recorder reports on efforts to weaken Section 230 of the Communications Decency Act:

[...] §230 has proven to be one of the most valuable tools for protecting freedom of expression and innovation on the Internet. In the past two decades, we've (EFF) filed well over 20 legal briefs in support of §230, probably more than on any other issue, in response to attempts to undermine or sneak around the statute. Thankfully, most of these attempts were unsuccessful.

[...] The first wave of attacks on §230's protections came from plaintiffs who tried to plead around §230 in an attempt to force intermediaries to take down online speech they didn't like.

[...] The second wave of attacks came from plaintiffs trying to deny §230 protection to ordinary users who reposted content authored by others

[...] Another wave of attacks, also in the mid-2000s, came as plaintiffs tried to use the Fair Housing Act to hold intermediaries responsible when users posted housing advertisements that violated the law.

[...] We are now squarely in the middle of a fourth wave of attack—efforts to hold intermediaries responsible for extremist or illegal online content. The goal, again, seems to be forcing intermediaries to actively screen users and censor speech. Many of these efforts are motivated by noble intentions, and the speech at issue is often horrible, but these efforts also risk devastating the Internet as we know it.

Fnord666 writes:

An anti-piracy alliance supported by many major US and UK movie studios, broadcasters and content providers has dealt a blow to the third-party Kodi add-on scene after it successfully forced a number of popular piracy-linked streaming tools offline. In what appears to be a coordinated crackdown, developers including jsergio123 and The_Alpha, who are responsible for the development and hosting of add-ons like urlresolver, metahandler, Bennu, DeathStreams and Sportie, confirmed that they will no longer maintain their Kodi creations and have immediately shut them down.

[...] The crackdown suggests the MPA/MPAA-led Alliance for Creativity and Entertainment has a thorough understanding of how owners of so-called "Kodi boxes" are able to stream TV shows and films illegally. While Colossus merely hosts the tools, urlresolver and metahandler did much of the heavy lifting for streamers. Their job was to scrape video hosting sites for relevant streaming links and serve them up for tools like Covenant inside Kodi. Streamers will find it very difficult to find working video streams of their favorite content without them, but they could reappear via a new host in the future.

Source: Hollywood strikes back against illegal streaming Kodi add-ons

Additional info at TorrentFreak and TVAddons.

Original Submission

aristarchus writes:

Facebook has a fake news problem. Google has an evil unicorn problem.

"Evil unicorns" — a term some Google engineers once coined, according to a former executive — are unverified posts on obscure topics, full of lies. They pop up from time to time on the web and find their way into Google's search results. In an ideal world, Google's search algorithm should force these fake, pernicious creatures so low in search results that they are buried deep in the web where few can find them.

Here's the problem: These unicorns — no, they've got nothing to do with highly valued startups — are designed to surface in a void. And after a breaking news event, like a mass shooting, there's scant verified information for Google's engine to promote. As Jonathan Swift once wrote, falsehood flies, and the truth comes limping after it.

[...] After the Oct. 1 Las Vegas shooting, several accounts seemed to coordinate an effort to smear Geary Danley, a man misidentified as the shooter, with false claims about his political ties. There were no existing web pages or videos broadcasting that Danley was innocent, and in the absence of verified information, Google's algorithms rewarded the lies, placing inaccurate tweets, videos and posts at the top of search results. A month later, when Devin Patrick Kelley shot and killed 26 people in Sutherland Springs, Texas, YouTube videos and tweets mislabeled him as "antifa," a term for radical, anti-fascist protesters. This was not true, yet Google displayed these posts prominently.

[...] This is a familiar headache for the company. For years, Google fought and won a similar battle with spammers, content farms and so-called search engine optimization experts over which web pages should be shown at the top of search results. But these latest web manipulators are causing greater havoc by targeting a slightly different part of Google — its real-time news and video results.

Source: Inside Google's Struggle to Filter Lies from Breaking News

Original Submission

Keystone Pipeline leaks 210,000 gallons of oil in South Dakota

An Anonymous Coward writes:

Keystone Pipeline leaks 210,000 gallons of oil in South Dakota

"A total of 210,000 gallons of oil leaked Thursday (Nov 16, 2017) from the Keystone Pipeline in South Dakota, the pipeline's operator, TransCanada, said.

Crews shut down the pipeline Thursday morning, and officials are investigating the cause of the leak, which occurred about three miles southeast of the town of Amherst, said Brian Walsh, a spokesman for the state's Department of Environment and Natural Resources.

This is the largest Keystone oil spill to date in South Dakota, Walsh said. The leak comes just days before Nebraska officials announce a decision on whether the proposed Keystone XL Pipeline, a sister project, can move forward."

Keystone pipeline - major leak/spill

Elsewhere there are notes of smaller spills in the same pipeline--this AC submitter is wondering about the long term use of a pipeline that is leaking when it's nearly brand new. Doesn't sound good for the long term.

PBS has a followup article from today (Saturday), 'We need to know' more about Keystone oil pipeline leak, tribal chairman says

The leak comes as the debate over the proposed path of the Keystone XL pipeline rages on. Nebraska's Public Service Commission is scheduled to announce its decision Monday on whether to permit TransCanada to build Keystone XL along its proposed route in the state, the Omaha World-Herald reported. A spokeswoman for the commission told the AP that the board's members will only use information provided during public hearings and official public comments in order to make their decision.

Related:
US District Court: Approval of Dakota Access Pipeline Violated the Law
Dakota Access Pipeline Suffers Oil Leak Even Before Becoming Operational
Company Behind Dakota Access Oil Pipeline Sues Greenpeace

Original Submission #1  Original Submission #2 

takyon writes:

The solar system's first "interstellar interloper" has been named 1I/ʻOumuamua. It is the first known "hyperbolic asteroid" from outside the solar system:

The first known asteroid to visit our Solar System from interstellar space has been given a name. Scientists who have studied its speed and trajectory believe it originated in a planetary system around another star.

The interstellar interloper will now be referred to as 'Oumuamua, which means "a messenger from afar arriving first" in Hawaiian. The name reflects the object's discovery by a Hawaii-based astronomer using an observatory on Maui. It was discovered on 19 October this year by Rob Weryk, a postdoctoral researcher at the University of Hawaii Institute for Astronomy.

[...] Scientists who have made observations of 'Oumuamua, say that despite its exotic origins, the asteroid is familiar in appearance. In a paper submitted to Astrophysical Journal Letters, they argue that its size, rotation, and reddish colour are similar to those of asteroids in our Solar System. Measuring about 180m by 30m, it resembles a chunky cigar.

"The most remarkable thing about ['Oumuamua'] is that, except for its shape, how familiar and physically unremarkable it is," said co-author Jayadev Rajagopal from the US National Optical Astronomy Observatory (NOAO).

Also at the National Optical Astronomy Observatory and Scientific American.

Previously: Possible Interstellar Asteroid/Comet Enters Solar System

Original Submission

FatPhil writes:

Atlas, the hulking humanoid robot from Boston Dynamics, now does backflips.

To be clear: Humanoids aren't supposed to be able to do this. It's extremely difficult to make a bipedal robot that can move effectively, much less kick off a tumbling routine. The beauty of four-legged robots is that they balance easily, both at rest and as they're moving, but bipeds like Atlas have to balance a bulky upper body on just two legs. Accordingly, you could argue that roboticists can better spend their time on non-human forms that are easier to master.

But there's a case to be made for Atlas and the other bipeds like Cassie (which walks more like a bird than a human). We live in a world built for humans, so there may be situations where you want to deploy a robot that works like a human. If you have to explore a contaminated nuclear facility, for instance, you'll want something that can climb stairs and ladders, and turn valves. So a humanoid may be the way to go.

Source: https://techxplore.com/news/2017-11-atlas-robot-backflip.html

Also: https://www.wired.com/story/atlas-robot-does-backflips-now/

takyon: Don't forget the new SpotMini as seen at The Verge, Quartz, and Popular Mechanics. Even Ethanol-fueled couldn't stop it.

Original Submission #1   Original Submission #2

canopic jug writes:

The Freedom to Tinker has a post on using Javascript to facilitate the exfiltration of personal data by session-replay scripts.

You may know that most websites have third-party analytics scripts that record which pages you visit and the searches you make. But lately, more and more sites use "session replay" scripts. These scripts record your keystrokes, mouse movements, and scrolling behavior, along with the entire contents of the pages you visit, and send them to third-party servers. Unlike typical analytics services that provide aggregate statistics, these scripts are intended for the recording and playback of individual browsing sessions, as if someone is looking over your shoulder.

The stated purpose of this data collection includes gathering insights into how users interact with websites and discovering broken or confusing pages. However the extent of data collected by these services far exceeds user expectations [1]; text typed into forms is collected before the user submits the form, and precise mouse movements are saved, all without any visual indication to the user. This data can't reasonably be expected to be kept anonymous. In fact, some companies allow publishers to explicitly link recordings to a user's real identity.

Though the post refers to scripts added by the web server intentionally, if third party, such an ISP, competiting company, or government agency, is in control of a certificate already loaded into a target's browser, either overtly or covertly, a Man-in-the-Middle attack is trivial with SSL/TLS and exfiltration scripts can be sent as payload. If you want to see the latency burden that even ostensibly well-behaved scripts cause, press ctrl-shift-i in the browser, select "network" and then reload the page.

Original Submission

Phoenix666 writes:

Some of the fastest growing financial technology firms in Wales are at risk of being held back by skills shortages, a leading specialist lawyer has warned.

Cerian Jones said so-called fintech companies have told her they are "chasing fish in the same small pool".

She said those firms not actually trying to fill a recruitment gap "are trying to retain staff so they don't go elsewhere".

Cardiff is facing competition from London and Bristol among other cities.

Ms Jones, a patents attorney and partner at UDL in Cardiff, said: "When I talk to software companies about what their biggest challenge is, nine times out of 10 it's recruitment.

"These are very skilled positions, needing skilled graduates with the right coding and development skills."

She said there was a lure of working in London and firms in south Wales were having to be creative in trying to entice people "in a candidates' market".

Some were finding it difficult, even when offering £60,000 salaries.

There you have it. You can code to make banks richer. In Cardiff.

Original Submission

takyon writes:

Plastics found in stomachs of deepest sea creatures

Animals from the deepest places on Earth have been found with plastic in their stomachs, confirming fears that manmade fibres have contaminated the most remote places on the planet.

The study, led by academics at Newcastle University, found animals from trenches across the Pacific Ocean were contaminated with fibres that probably originated from plastic bottles, packaging and synthetic clothes.

Dr Alan Jamieson, who led the study, said the findings were startling and proved that nowhere on the planet was free from plastics pollution. "There is now no doubt that plastics pollution is so pervasive that nowhere – no matter how remote – is immune," he said.

Evidence of the scale of plastic pollution has been growing in recent months. Earlier this year scientists found plastic in 83% of global tapwater samples, while other studies have found plastic in rock salt and fish. Humans have produced an estimated 8.3bn tonnes of plastic since the 1950s and scientists said it risked near permanent contamination of the planet.

Also at Newcastle University.

Original Submission

Fnord666 writes:

WHEN AMAZON LAUNCHED[sic] its Amazon Key service last month, it also offered a remedy for anyone—realistically, most people—who might be creeped out that the service gives random strangers unfettered access to your home. That security antidote? An internet-enabled camera called Cloud Cam, designed to sit opposite your door and reassuringly record every Amazon Key delivery.

But now security researchers have demonstrated that with a simple program run from any computer in Wi-Fi range, that camera can be not only disabled but frozen. A viewer watching its live or recorded stream sees only a closed door, even as their actual door is opened and someone slips inside. That attack would potentially enable rogue delivery people to stealthily steal from Amazon customers, or otherwise invade their inner sanctum.

Source: https://www.wired.com/story/amazon-key-flaw-let-deliverymen-disable-your-camera/

Previously: Walmart Wants to Deliver Groceries Directly Into Your Fridge
Amazon Wants to Deliver Purchases into Your Home

Original Submission