SoylentNews

MrPlow writes:

Submitted via IRC for SoyCow3941

Attackers are experimenting with a new method of avoiding some DDoS mitigation solutions by employing the Universal Plug and Play (UPnP) protocol to mask the source port of network packets sent during the DDoS flood.

In a report published on Monday, DDoS mitigation firm Imperva says it observed at least two DDoS attacks employing this technique.

By masking the origin port of incoming network packets, Imperva says that older DDoS mitigation systems that rely on reading this info to block attacks will need to be updated to more complex solutions that rely on deep packet inspection (DPI), a more costly and slower solution.

Source: https://www.bleepingcomputer.com/news/security/ddos-attacks-leverage-upnp-protocol-to-avoid-mitigation/

Related: New DDoS Attack Method Demands a Fresh Approach to Amplification Assault Mitigation

Original Submission

MrPlow writes:

Submitted via IRC for Runaway1956

Amsterdam unveiled far-reaching plans on Wednesday to rein in tourism, reflecting the dissatisfaction of many residents who feel the city's historic center has been overrun.

The leading Green-Left and other parties negotiating a new municipal government after March elections vowed to return "Balance to the City", in a document of that name seen by Reuters.

"The positive sides of tourism such as employment and city revenues are being more and more overshadowed by the negative consequences" including trash and noise pollution, the document said.

Changes the document outlines include curtailing "amusement transportation" such as multi-person "beer bikes"; cracking down on alcohol use in boats on the canals; further restricting AirBnB and other home rentals; and a large tax hike.

The plans announced on Wednesday also include creating an inventory of all commercial beds in the city to try to cap various sectors such as those on cruise ships and in hotels.

"I'm very happy that the city is now finally taking action, because residents have been asking for it for a very long time," said Bert Nap of neighborhood organization d'Oude Binnenstad, in the historic center.

"What I'm worried about is that this package of measures is so drastic that there will be a lot of lawsuits and political resistance, which will cost a lot of time."

Source: http://www.oann.com/bye-bye-beer-bike-amsterdam-determined-to-tame-tourism/

Original Submission

realDonaldTrump recently submitted a story which became:

Veteran spy Gina Haspel will become the first female director of the CIA after six Democrats joined Republicans in a Senate confirmation vote that overrode concerns about her role in the spy agency's harsh interrogation program after 9/11.

Thursday's 54-45 vote split both parties, and the margin was the closest for a CIA nominee in the nearly seven decades that a nod from the Senate has been required. Haspel, who has spent nearly all of her 33-year CIA career in undercover positions, is the first career operations officer to be confirmed since William Colby in 1973.

Haspel, 61, is a native of Kentucky but grew up around the world as the daughter of an Air Force serviceman. She worked in Africa, Europe and classified locations around the globe and was tapped as deputy director of the CIA last year.

Source: Fox News

Also at the New York Times, CNN[warning: autoplay video], and Vox among others.

Original Submission

takyon writes:

Elon Musk pitches 150 MPH rides in Boring Company tunnels for $1

Earlier in the evening Musk retweeted an LA Metro tweet that said it's coordinating with The Boring Company on its test and said the two will be "partners" going forward. Much of what Musk discussed about how his concept in-city Loop would work has been answered in concept videos and the company's FAQ, but he specifically said that the plan is for rides that cost a $1, and carry up to 16 passengers through hundreds of tunnels to those small, parking space-size tunnels located throughout a city.

The big problem is digging those tunnels to start with, and while part of the session included video of a speedy test run through the tunnel Musk has already dug on SpaceX property, the plan is to pick up the pace. Davis said Musk has challenged his team to match the digging pace of a snail (0.03 MPH), and get up to 1/10th of the average walking speed of a human at about 0.3 MPH -- compared to its current top speed of about 0.003 MPH.

Previously: Elon Musk Wants to be Boring
Elon Musk's Boring Tunnel Near Los Angeles

Original Submission

Arthur T Knackerbracket has found the following story:

If you’re ever stranded on a deserted island, knowing how to run the process of decentralized consensus — or in other words, operate a very simple blockchain by hand — can prove to be very useful. All you need is some fellow survivors, this post, a pen and a few pieces of paper.

If you’re not certain this skill is useful for your survival, be sure to read my last post on how blockchain can vastly improve island life.

Let’s go back to that original story and go through the process with our fearless heroes, who just crashed on a deserted island somewhere in the South Pacific — Hugo, Sawyer, Kate and Jack.

A short recap: the gang is trying to implement IslandCoin, a revolutionary new currency that will bring an end to the island’s crippled barter economy. The gang has agreed it’s fair if each of them starts with 100 coins. Since they don’t have metal to mint actual coins, they’ll have to make do with a few pieces of paper. Riddled with trust issues, the gang hasn’t been able to agree on one person to keep track of balances. Their only option is to maintain the balances together.

We’ll start with what is probably the simplest blockchain implementation for our island use case. In future posts we can explore other implementations and tie them to concepts like Proof of Work and Proof of Stake — this will help us see their benefits and drawbacks. But for now, let’s start as simple as it gets.

What are we trying to achieve? It’s very simple actually — all we’re trying to do is maintain a simple table of balances on a piece of paper. This table will show how many coins each of our heroes has. The trick is, because we can’t have one piece of paper that holds the only source of truth — we’re going to have to keep things equal and let each of the gang maintain their own version — this is the decentralized part. And naturally, we’re also going to hope that all 4 pieces of paper eventually show the same thing — this is the consensus part.

Original Submission

Arthur T Knackerbracket has found the following story:

Hundreds of genes influence how tall a person is, but most make an imperceptible difference—perhaps a millimeter, for example. Now, a group studying the genetics of Peruvians, one of the world's shortest populations, has turned up a gene variant that cuts a person's height by more than 2 centimeters, on average. "It's amazing that they saw such a change," says Emma Farley, a genomicist at the University of California, San Diego. "It's quite a large effect."

Geneticists have diligently pursued genes for height; a 2014 analysis called GIANT examined 250,000 people. "That you can still pull out new players is very exciting," says Elaine Ostrander, a geneticist at the National Human Genome Research Institute in Bethesda, Maryland. "It speaks to the value of looking at isolated populations." So far, the gene variant is not known outside Peru, where the demands of living at high altitude may have driven its evolution, but it could offer clues about how other mutations influence height.

Postdoc Samira Asgari and Soumya Raychaudhuri's team, all at Harvard Medical School in Boston, originally wanted to know how a person's DNA influences the severity of tuberculosis. Together with epidemiologist Megan Murray's team at Partners in Health in Lima, they collected genetic information from 4002 residents there, along with other data including height. Peruvians are among the shortest people in the world, with men averaging 165 centimeters and women reaching about 153 centimeters—in both cases about 10 centimeters shorter than average people in the United States and 15 centimeters shorter than the Dutch, generally regarded as among the world's tallest people. So the team decided to search the DNA data for genetic factors underlying this short stature.

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow3941

An unidentified hacker group appears to have accidentally exposed two fully-working zero-days when they've uploaded a weaponized PDF file to a public malware scanning engine.

The zero-days where[sic] spotted by security researchers from Slovak antivirus vendor ESET, who reported the issues to Adobe and Microsoft, which in turn, had them patched within two months.

Anton Cherepanov, the ESET researcher who spotted the zero-days hidden inside the sea of malware samples, believes he caught the zero-days while the mysterious hacker(s) were still working on fine-tuning their exploits.

"The sample does not contain a final payload, which may suggest that it was caught during its early development stages," Cherepanov said.

The two zero-days are CVE-2018-4990, affecting Adobe's Acrobat/Reader PDF viewer, and CVE-2018-8120, affecting the Win32k component of Windows.

Source: https://www.bleepingcomputer.com/news/security/shadowy-hackers-accidentally-reveal-two-zero-days-to-security-researchers/

Original Submission

Arthur T Knackerbracket has found the following story:

An international team of astronomers have discovered an unusual laser emission that suggests the presence of a double star system hidden at the heart of the "spectacular" Ant Nebula.

The extremely rare phenomenon is connected to the death of a star and was discovered in observations made by European Space Agency's (ESA) Herschel space observatory.

When low- to middleweight stars like our Sun approach the end of their lives they eventually become dense, white dwarf stars. In the process, they cast off their outer layers of gas and dust into space, creating a kaleidoscope of intricate patterns known as a planetary nebula. Our Sun is expected to one day form such a planetary nebula.

A nebula is an interstellar cloud of dust, hydrogen, helium and other ionized gases. The Ant Nebula earns its nickname from the twin lobes that resemble the head and body of an ant.

The recent Herschel observations have shown that the dramatic demise of the central star in the core of the Ant Nebula is even more theatrical than implied by its colourful appearance in visible images -- such as those taken by the NASA/ESA Hubble Space Telescope.

The new data shows that the Ant Nebula also beams intense laser emission from its core. Lasers are well-known down on earth in everyday life, from special visual effects in music concerts to health care and communications. In space, laser emission is detected at very different wavelengths and only under certain conditions. Only a few of these infrared space lasers are known.

By coincidence, astronomer Donald Menzel who first observed and classified this particular planetary nebula in the 1920s (it is officially known as Menzel 3 after him) was also one of the first to suggest that in certain conditions natural 'light amplification by stimulated emission of radiation' -- from which the acronym 'laser' derives -- could occur in nebulae in space. This was well before the discovery of lasers in laboratories.

Original Submission

takyon writes:

Google's Selfish Ledger is an unsettling vision of Silicon Valley social engineering

Google has built a multibillion-dollar business out of knowing everything about its users. Now, a video produced within Google and obtained by The Verge offers a stunningly ambitious and unsettling look at how some at the company envision using that information in the future.

The video was made in late 2016 by Nick Foster, the head of design at X (formerly Google X) and a co-founder of the Near Future Laboratory. The video, shared internally within Google, imagines a future of total data collection, where Google helps nudge users into alignment with their goals, custom-prints personalized devices to collect more data, and even guides the behavior of entire populations to solve global problems like poverty and disease.

When reached for comment on the video, an X spokesperson provided the following statement to The Verge:

"We understand if this is disturbing -- it is designed to be. This is a thought-experiment by the Design team from years ago that uses a technique known as 'speculative design' to explore uncomfortable ideas and concepts in order to provoke discussion and debate. It's not related to any current or future products."

7m53s explainer video. The Selfish Ledger is embedded on The Verge or can be found elsewhere. Also at Business Insider.

See also: Philip Bloom is Angry at Google for Using His Work in an Internal Video

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow0245

A data set of more than 3 million Facebook users and a variety of their personal details collected by Cambridge researchers was available for anyone to download for some four years, New Scientist reports. It's likely only one of many places where such huge sets of personal data collected during a period of permissive Facebook access terms have been obtainable.

The data were collected as part of a personality test, myPersonality, which, according to its own wiki (now taken down), was operational from 2007 to 2012, but new data was added as late as August of 2016. It started as a side project by the Cambridge Psychometrics Centre's David Stillwell (now deputy director there), but graduated to a more organized research effort later. The project "has close academic links," the site explains, "however, it is a standalone business." (Presumably for liability purposes; the group never charged for access to the data.)

Though "Cambridge" is in the name, there's no real connection to Cambridge Analytica, just a very tenuous one through Aleksandr Kogan, which is explained below.

Source: https://techcrunch.com/2018/05/14/anyone-could-download-cambridge-researchers-4-million-user-facebook-dataset-for-years/

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow3941

A hacker has provided Motherboard with the login details for a company that buys phone location data from major telecom companies and then sells it to law enforcement.

A hacker has broken into the servers of Securus, a company that allows law enforcement to easily track nearly any phone across the country, and which a US Senator has exhorted federal authorities to investigate. The hacker has provided some of the stolen data to Motherboard, including usernames and poorly secured passwords for thousands of Securus' law enforcement customers.

Although it's not clear how many of these customers are using Securus's phone geolocation service, the news still signals the incredibly lax security of a company that is granting law enforcement exceptional power to surveill individuals.

"Location aggregators are—from the point of view of adversarial intelligence agencies—one of the juiciest hacking targets imaginable," Thomas Rid, a professor of strategic studies at Johns Hopkins University, told Motherboard in an online chat.

Last week, the New York Times reported that Securus obtains phone location data from major telcos, such as AT&T, Sprint, T-Mobile, and Verizon, and then makes this available to its customers. The system by which Securus obtains the data is typically used by marketers, but Securus provides a product for law enforcement to track phones in the US nationwide with little legal oversight, the report adds. In one case, a former sheriff of Mississippi County, Mo., used the Securus service to track other law enforcement official's phones, according to court records.

Source: https://motherboard.vice.com/en_us/article/gykgv9/securus-phone-tracking-company-hacked

Original Submission

Arthur T Knackerbracket has found the following story:

Centuries ago, a ship sank in the Java Sea off the coast of Indonesia. The wooden hull disintegrated over time, leaving only a treasure trove of cargo. The ship had been carrying thousands of ceramics and luxury goods for trade, and they remained on the ocean floor until the 1980s when the wreck was discovered by fishermen. In the years since, archaeologists have been studying artifacts retrieved from the shipwreck to piece together where the ship was from and when it departed. The equivalent of a "Made in China" label on a piece of pottery helped archaeologists reevaluate when the ship went down and how it fits in with China's history.

"Initial investigations in the 1990s dated the shipwreck to the mid- to late 13th century, but we've found evidence that it's probably a century older than that," says Lisa Niziolek, an archaeologist at the Field Museum in Chicago and lead author of the study in the Journal of Archaeological Science: Reports. "Eight hundred years ago, someone put a label on these ceramics that essentially says 'Made in China' -- because of the particular place mentioned, we're able to date this shipwreck better."

An Anonymous Coward writes:

As reported here, uBlock added a user tracking feature. Well, after news spread on Reddit, uBlock on Firefox has been reverted to the almost three year old version by the Firefox team, as can be seen here and on Mozilla.org (note version on left sidebar is now Version 0.9.5.0.1-let-fixed Last updated 3 years ago (Oct 31, 2015)).

Original Submission

MrPlow writes:

Submitted via IRC for Bytram

For some people, particularly those who are elderly, even a light touch of the skin or contact with clothing can lead to unbearable itching. What's worse, anti-itch treatments, including hydrocortisone, don't provide much relief for this type of itching.

Now, researchers at Washington University School of Medicine in St Louis have discovered, in mice, why a touch can cause such severe itching and, in the process, identified some possible therapeutic targets.

Their research, published May 4 in the journal Science, indicates that itching caused by touch is directly related to the number of touch receptors embedded in the skin. The fewer the receptors, the more likely it is that touching will induce itching.

Source: https://medicine.wustl.edu/news/when-light-touches-of-the-skin-cause-itching/

Jing Feng, Jialie Luo, Pu Yang, Junhui Du, Brian S. Kim, Hongzhen Hu. Piezo2 channel–Merkel cell signaling modulates the conversion of touch to itch. Science, 2018; 360 (6388): 530 DOI: 10.1126/science.aar5703

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow0245

Vesper Technologies, a new microphone technology developer, has raised $23 million from some of the biggest names in audio technology to finance the commercialization of its piezoelectric microphones.

As audio technology and voice controlled devices become more ubiquitous, manufacturers are hoping to turn to higher performance MEMS (micro-electro mechanical systems) microphones that use acoustic sensors made on semiconductor production lines using silicon wafers.

The technology allows for far smaller microphones that are incredibly sensitive, but the mics themselves typically don't withstand the wear and tear of harsh environments all that well. Enter Vesper. It's piezoelectric microphone technology received a full-throated endorsement from Amazon last year (after the company invested through its Alexa Fund).

Source: https://techcrunch.com/2018/05/15/vespers-new-microphone-technology-attracts-millions-from-the-biggest-names-in-sound-technology/

Original Submission