SoylentNews

canopic jug writes:

Every few years, bugs known to affect all known version of Microsoft Windows turn up calling into question many claims from the lobbying giant regarding their software branch. The Inquirer is one of many sites reporting on recently leaked NSA tools which can target all versions of Windows from the past two decades. Althougth the emphasis in the article titles is on NSA, the exploits only make use of widely known holes in Microsoft systems which Microsoft often tells NSA about long before issuing an attempt at a patch. Their collaboration goes back for years, and even long before it was the first to join the NSA in kicking off the Prism program.

Researcher Sean Dillon from cybersecurity firm RiskSense tweaked the source code of three nicked NSA exploits - EternalSynergy, EternalChampion and EternalRomance - to work against Windows versions dating back as far as Windows 2000.

Windows machines taken over through these exploits are part of a large black market industry where compromised machines are bought, sold, traded, and fought over for the purposes of producing spam, launching distributed denial of service attacks, spreading further malware, ad click spoofing, manipulating polls and games, and many more illegal activities.

Source : https://www.theinquirer.net/inquirer/news/3026129/leaked-nsa-hacking-tools-can-target-all-windows-versions-from-the-past-two-decades

Original Submission

Runaway1956 writes:

Let's use Darpa's fact sheet as our main source - https://www.darpa.mil/program/anti-submarine-warfare-continuous-trail-unmanned-vessel

The Anti-Submarine Warfare (ASW) Continuous Trail Unmanned Vessel (ACTUV) is developing an unmanned vessel optimized to robustly track quiet diesel electric submarines. The program is structured around three primary goals:

        Explore the performance potential of a surface platform conceived from concept to field demonstration under the premise that a human is never intended to step aboard at any point in its operating cycle. As a result, a new design paradigm emerges with reduced constraints on conventional naval architecture elements such as layout, accessibility, crew support systems, and reserve buoyancy. The objective is to generate a vessel design that exceeds state-of-the art platform performance to provide propulsive overmatch against diesel electric submarines at a fraction of their size and cost.
        Advance unmanned maritime system autonomy to enable independently deploying systems capable of missions spanning thousands of kilometers of range and months of endurance under a sparse remote supervisory control model. This includes autonomous compliance with maritime laws and conventions for safe navigation, autonomous system management for operational reliability, and autonomous interactions with an intelligent adversary.
        Demonstrate the capability of the ACTUV system to use its unique characteristics to employ non-conventional sensor technologies that achieve robust continuous track of the quietest submarine targets over their entire operating envelope.

While the ACTUV program is focused on demonstrating the ASW tracking capability in this configuration, the core platform and autonomy technologies are broadly extendable to underpin a wide range of missions and configurations for future unmanned naval vessels.

Several photos here, including a single shot of an interior passageway - http://www.businessinsider.com/sea-hunter-us-navy-actuv-darpa-2018-2/#it-can-also-operate-by-itself-over-a-long-distance-without-refueling-this-vessel-can-go-from-california-to-hawaii-and-back-dejaco-said-12

Arguably, the best write up here - https://www.digitaltrends.com/cool-tech/darpa-officially-christens-the-actuv-in-portland/

Official DARPA video on Youtube - https://youtu.be/gvzmxZkAbUM

At the time of submission, wikipedia hasn't been updated to reflect the transfer of the ship from DARPA to the Navy - https://en.wikipedia.org/wiki/Sea_Hunter

Original Submission

Fnord666 writes:

SpaceX pulled off quite the feat today when it launched the Falcon Heavy rocket. What's more, it landed the two flanking boosters in perfect synchronized formation. But the fate of the core booster was unclear; now it appears that the center booster, which was supposed to land on a drone ship, was lost.

Elon Musk said on a conference call with reporters that the launch "seems to have gone as well as one could have hoped with the exception of center core. The center core obviously didn't land on the drone ship" and he said that "we're looking at the issue."

Source: Engadget

martyb writes:

Elon has stated during the post launch Press Conference (aired live by ABC https://www.youtube.com/watch?v=cygUnhAGdWc ) that the center core ran out of TEA-TEB ignition fluids. These are used to restart the Merlin 1D engines in flight. The central engine relit, but the outer two failed to reignite. The resultant loss of thrust cause the center core to hit the water at 300mph/500kph and explode. Elon reports two drone ship thrusters on OCISLY were damaged or destroyed.

Source: Reddit.

TEA-TEB is a reference to triethylaluminium-triethylborane.

takyon: Instead of becoming an Earth-Mars cycler, it appears that the car has overshot its intended orbit and will reach far into the asteroid belt:

Elon Musk's Tesla Roadster, which launched on top of SpaceX's Falcon Heavy earlier today, is going farther out into the Solar System than originally planned. The car was supposed to be put on a path around the Sun that would take the vehicle out to the distance of Mars' orbit. But the rocket carrying the car seems to have overshot that trajectory and has put the Tesla in an orbit that extends out into the asteroid belt between Mars and Jupiter. [...] SpaceX CEO Musk tweeted out a map of the Roadster's final orbit after the burn, showing just how far out the car will travel. And it looks like it's going so far into the asteroid belt that it will get relatively close to the orbit of the dwarf planet Ceres.

Previously: Falcon Heavy Maiden Launch Successful (Mostly)

Original Submission

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

Ampere, a new chip company run by former Intel president Renee James, came out of stealth today with a brand-new highly efficient Arm-based server chip targeted at hyperscale data centers.

The company's first chip is a custom core Armv8-A 64-bit server operating at up to 3.3 GHz with 1TB of memory at a power envelope of 125 watts. Although James was not ready to share pricing, she promised that the chip would offer unsurpassed price/performance that would exceed any high performance computing chip out there.

The company has a couple of other products in the works as well, which it will unveil in the future.

Source: TechCrunch

Original Submission

takyon writes:

UK 'could adopt Norway recycling system'

A Scandinavian system for recycling bottles is thought likely to be adopted in the UK. Advisers to government say the schemes have massively reduced plastic litter in the environment and seas. And a ministerial delegation has been to Norway to see if the UK should copy an industry-led scheme that recycles 98% of bottles. In the UK, figures show that only around half of all plastic bottles get recycled.

Norway claims to offer the most cost-efficient way of tackling plastic litter. The Norwegian government decided the best method would be to put a tax on every bottle that's not recycled - then leave the operating details of the scheme up to business.

It works like this: the consumer pays a deposit on every bottle, from 10p to 25p depending on size. They return it empty and post it into a machine which reads the barcode and produces a coupon for the deposit. If the careless consumer has left liquid in the bottle, the machine eats it anyway - but hands the deposit to the shopkeeper who'll need to empty the bottle.

Similar schemes are in operation in other Nordic nations, Germany, and some states in the US and Canada.

Original Submission

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

As if there aren't enough ways to attack a WordPress site, an Israeli researcher has published details of how almost anyone can launch a denial of service (DoS) attack against almost any WordPress with just one computer. That, he suggests, is almost 30% of all websites on the internet.

The attack uses the vulnerability associated with CVE-2018-6389. The CVE database, at the time of writing, has no details, marking it only as 'reserved' for future use. Details, however, can be found in a Barak Tawily blog post published Monday. It is an abuse of the WordPress load-scripts.php function, which exists to allow administrators/web designers to improve website performance by combining multiple JavaScript files into a single request at the server end.

[...] Tawily goes on to show that mitigation isn't really that difficult if you know what to do (which many WordPress users do not). He "forked WordPress project and patched it so no one but authenticated users can access the load-*.php files, without actually harming the wp-login.php file functionality." He goes further to provide a bash script that modifies the relevant files to mitigate the vulnerability.

Source: http://www.securityweek.com/one-computer-can-knock-almost-any-wordpress-site-offline

Original Submission

takyon writes:

Pocket-Size Nanopore Device Sequences Entire Human Genome

Researchers have assembled the entire human genome using a nanopore sequencer, according to a study published today (January 29) in Nature Biotechnology [open, DOI: 10.1038/nbt.4060] [DX]. Using a pocket-size device, dubbed MinION, the team was able to fill 12 gaps in the sequenced human genome by achieving reads of DNA sequences nearly one million bases in length—the longest to date.

Also at BBC.

Nanopore sequencing and assembly of a human genome with ultra-long reads (linked above)

We report the sequencing and assembly of a reference genome for the human GM12878 Utah/Ceph cell line using the MinION (Oxford Nanopore Technologies) nanopore sequencer. 91.2 Gb of sequence data, representing ∼30× theoretical coverage, were produced. Reference-based alignment enabled detection of large structural variants and epigenetic modifications. De novo assembly of nanopore reads alone yielded a contiguous assembly (NG50 ∼3 Mb). We developed a protocol to generate ultra-long reads (N50 > 100 kb, read lengths up to 882 kb). Incorporating an additional 5× coverage of these ultra-long reads more than doubled the assembly contiguity (NG50 ∼6.4 Mb). The final assembled genome was 2,867 million bases in size, covering 85.8% of the reference. Assembly accuracy, after incorporating complementary short-read sequencing data, exceeded 99.8%. Ultra-long reads enabled assembly and phasing of the 4-Mb major histocompatibility complex (MHC) locus in its entirety, measurement of telomere repeat length, and closure of gaps in the reference human genome assembly GRCh38.

Previously: The MinION - Genome Sequencing in a Handheld Device
A MARC in the Silicon: Sequencing E. coli with the MinION
Update: Sequencing That Stimulates the Sensors, and MinION Q&A Responses

Related: 3D Genome Assembly Could Create a Human Reference Genome for Under $10,000

Original Submission

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

Spending too much time in dimly lit rooms and offices may actually change the brain's structure and hurt one's ability to remember and learn, indicates groundbreaking research by Michigan State University neuroscientists.

A new study reveals exposure to dim light might impact memory and learning. Researchers report rodents exposed to dim lighting lost 30 percent of hippocampal capacity and performed poorly on spatial tasks they had previously experienced.

The researchers studied the brains of Nile grass rats (which, like humans, are diurnal and sleep at night) after exposing them to dim and bright light for four weeks. The rodents exposed to dim light lost about 30 percent of capacity in the hippocampus, a critical brain region for learning and memory, and performed poorly on a spatial task they had trained on previously.

The rats exposed to bright light, on the other hand, showed significant improvement on the spatial task. Further, when the rodents that had been exposed to dim light were then exposed to bright light for four weeks (after a month-long break), their brain capacity – and performance on the task – recovered fully.

The study, funded by the National Institutes of Health, is the first to show that changes in environmental light, in a range normally experienced by humans, leads to structural changes in the brain. Americans, on average, spend about 90 percent of their time indoors, according to the Environmental Protection Agency.

Source: http://neurosciencenews.com/dim-light-dumber-8433/

Original Submission

takyon writes:

"Biohackers" are growing bolder with their self-experimentation:

Aaron Traywick, 28, who leads biotech firm Ascendance Biomedical, used an experimental herpes treatment that did not go through the typical route of clinical trials to test its safety. Instead of being developed by research scientists in laboratories, it was created by a biohacker named Andreas Stuermer, who "holds a masters degree and is a bioentrepreneur and science lover," according to a conference bio. This is typical of the Ascendance approach. The company believes that FDA regulations for developing treatments are too slow and that having biohackers do the research and experiment on themselves can speed up the process to everyone's benefit. In the past, the company's plans have included trying to reverse menopause, a method that is now actually in clinical trials.

"We prefer to do everything before a live audience so you can hold us accountable in the days to come as we collect the data to prove whether or not this works," Traywick said before last night's spectacle. And, he added, "if we succeed with herpes in even the most minor ways, we can move forward immediately with cancer."

Despite specifying that he wanted "technical questions," someone in the audience asked whether Ascendance had received ethical permission for the experiment. Traywick said he didn't. Technically, everything has been officially labeled "not for human consumption," he said.

Also at The Scientist.

Related: Gene Therapy to Kill Cancer Moves a Step Closer to Market
Biohackers Disregard FDA Warning on DIY Gene Therapy

Original Submission

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

Researchers from Fidelis Cybersecurity have discovered a new method of abusing the X.509 public key certificates standard for covert channel data exchange following initial system compromise.

The standard is used in both Transport Layer Security (TLS) and Secure Sockets Layer (SSL) cryptographic Internet protocol implementations, but the manner in which the certificates are exchanged can be abused to hijack them for command and control (C&C) communication, the researchers say.

The X.509 extensions can be used for covert channel data transfer to bypass network protection methods that do not inspect certificate values, the researchers say. To date, no confirmed cases of this technique being abused have been observed, but the widespread use of certificates could put many organizations at risk, Fidelis researchers argue.

To demonstrate their theory, Fidelis Cybersecurity revealed a custom-built framework that serves as proof of concept. However, the researchers point out that detection is possible and that the community can implement protections to identify possible abuse of the covert channel data transfer mechanism.

Source: http://www.securityweek.com/tls-abusing-covert-data-channel-bypasses-network-defenses

Original Submission

takyon writes:

Telegram iOS app removed from App Store last week due to child pornography

The encrypted messaging app Telegram was mysteriously removed from Apple's App Store last week for a number of hours. At the time, little was known about the reason why, except that it had to do with "inappropriate content." According to a 9to5Mac report, Apple removed Telegram after the app was found serving up child pornography to users.

A verified email from Phil Schiller details that Apple was alerted to child pornography in the Telegram app, immediately verified the existence of the content, and removed the app from its online stores. Apple then notified Telegram and the authorities, including the National Center for Missing and Exploited Children. Telegram apps were only allowed to be restored to the App Store after Telegram removed the inappropriate content and reportedly banned the users who posted it.

[...] Since Telegram is a messaging app with end-to-end encryption, it's unlikely that the content in question originated from direct messages between users. It's possible that the child pornography came from a Telegram plugin, but neither Apple nor Telegram has revealed the source of the inappropriate content.

Telegram is an instant messaging service with at least 100 million monthly active users.

Also at The Verge and Apple Insider.

Related: Former Whatsapp Users Bring Telegram to its Knees
Hackers Compromised Telegram Accounts, Identified 15 Million Users' Phone Numbers
Open Source Remote Access Trojan Targets Telegram Users
Russia Targets Telegram App After St Petersburg Bombing

Original Submission

takyon writes:

Windows 10 S is going to become a "mode" rather than a separate "version" of Windows. And it should be able to be disabled for free:

With the next big update to Windows 10, version 1803, Microsoft is making some big changes to how it sells the software to OEMs. The biggest casualty? Windows 10 S—the restricted version of Windows that can only run apps from the Store—is going away.

Currently, Windows 10 S is a unique edition of Windows 10. It's based on Windows 10 Pro; Windows 10 Pro has various facilities that enable system administrators to restrict which software can be run, and Windows 10 S is essentially a preconfigured version of those facilities. In addition to locking out arbitrary downloaded programs, it also prevents the use of certain built-in Windows features such as the command-line, PowerShell, and Windows Subsystem for Linux.

For those who can't abide by the constraints that S imposes, you can upgrade 10 S to the full 10 Pro. This upgrade is a one-shot deal: there's no way of re-enabling the S limitations after upgrading to Pro. It's also a paid upgrade: while Microsoft offered it as a free upgrade for a limited time for its Surface Laptop, the regular price is $49.

[...] Brad Sams of Thurrott.com writes that, for Windows 10 version 1803 (codenamed "Redstone 4"), this is changing. According to leaked documents provided to Microsoft's partners, with version 1803, Windows 10 S will be a mode of Windows 10 Home, Windows 10 Education, and Windows 10 Pro, rather than a distinct version. Switching Windows 10 Home S and Windows 10 Education S to regular Windows 10 Home and Windows 10 Education will be free; switching from Pro S to Pro will continue to cost $49.

Can Windows 10 Pro S be downgraded/upgraded to Windows 10 Home?

Original Submission

takyon writes:

Pug owners putting down their dogs due to common gait problems

Pugs, along with British and French bulldogs, already suffer from breathing difficulties due to their airways being obstructed. A team of Swedish researchers asked 550 owners of pugs whether their dogs had any gait problems, such as inability to jump, and abnormal wearing of the nails and the skin on their paws, and if so, how long these had been going on.

They were also asked about their dog's general health, and encouraged to send in video footage of their pet walking slowly back and forth on a leash, including a side view.

A prevalence of gait problems was found in just under 31 per cent of the dogs. On average, pugs were 2 years old when the gait abnormality first started, with front leg problems tending to show up earlier than problems with the back legs. But gait abnormalities were strongly associated with older age.

They were also associated with breathing problems and excessive scratching around the neck, ears and head. And pugs with abnormal gait were more likely to have incontinence issues.

Some 47 owners said their dogs had been put down with abnormal gait the single most frequently cited cause.

High prevalence of gait abnormalities in pugs (open, DOI: 10.1136/vr.104510) (DX)

Original Submission

MrPlow writes:

Submitted via IRC for TheMightyBuzzard

A convincing clone of the popular social news aggregation and discussion site Reddit has been spotted on the reddit.co domain. The author is obviously counting on users not to spot it for what it is: a site meant to harvest users' username and password.

That "m" in ".com" is as important as the second "l" in "Alzheimer's Clock".

Source: https://www.helpnetsecurity.com/2018/02/06/reddit-phishing/

Original Submission

takyon writes:

France bans smartphone use in cars even when you pull over

Road deaths have been on the rise lately in France and with nothing much else to pin it on, authorities are going after scofflaw drivers who text or call. It's now illegal to hold your phone on public roads even when you're pulled over to the side of the road, whether you're blocking traffic or not, Le Figaro reports. The high court ruling means that taking what some consider to be a safe step -- pulling over to talk on the phone -- could still result in points and a fine of 135 euros.

Rather create a new law, the ruling has clarified exactly what it means to be "circulating in traffic." Now, it's not enough to pull over and cut the motor in order to use your phone; you have to be parked in a designated spot. When you've had an accident or breakdown, however, you are allowed to call or text.

Original Submission