SoylentNews

Arthur T Knackerbracket has found the following story:

More than 115,000 websites—many run by major universities, government organizations, and media companies—remained wide open to hacker takeovers because they hadn’t installed critical patches released 10 weeks ago, security researcher Troy Mursch said Monday. A separate researcher reported on Tuesday that many of the sites were already compromised and were being used to surreptitiously mine cryptocurrencies or push malware on unsuspecting visitors.

Infected pages included those belonging to the University of Southern California, Computer World’s Brazil site, and the Arkansas Judiciary’s Courts and Community Initiative, which were causing visitors’ computers to run resource-intensive code that mines cryptocurrency, Jérôme Segura, lead malware intelligence analyst at antivirus provider Malwarebytes, told Ars.

Segura said a Harvard University page that earlier was also infected with mining malware had since been defaced, presumably by a different party. Meanwhile, a Western Michigan University page that earlier was infected with code that pushed a malicious browser extension was later repaired. Segura reported his findings Tuesday and has indexed more than 900 infected sites here.

The lack of patching and the site takeovers that makes possible come after Drupal maintainers released an update in March that allowed hackers to remotely execute code of their choice. The severity of the vulnerability patched, combined with the ease in exploiting it, quickly earned the flaw the nickname Drupalgeddon2, a throwback to a similar 2014 Drupal vulnerability that came under mass exploit within hours of a patch being released. Drupal maintainers patched a separate code-execution vulnerability in April. The March and April vulnerability disclosures came with proof-of-concept exploits that provided a blueprint for malicious hackers to use. Almost immediately after the release of the April patch, the underlying vulnerability came under attack, but it so far has proven harder to successfully exploit.

Original Submission

aristarchus writes:

Review of a couple of recent publications, in The Boston Review

People are gullible. Humans can be duped by liars and conned by frauds; manipulated by rhetoric and beguiled by self-regard; browbeaten, cajoled, seduced, intimidated, flattered, wheedled, inveigled, and ensnared. In this respect, humans are unique in the animal kingdom.

Aristotle emphasizes another characteristic. Humans alone, he tells us, have logos: reason. Man, according to the Stoics, is zoön logikon, the reasoning animal. But on reflection, the first set of characteristics arises from the second. It is only because we reason and think and use language that we can be hoodwinked.

We'll get to the quantum mechanics in a bit.

The two books under consideration here bring the paradox home, each in its own way. Adam Becker's What Is Real? chronicles the tragic side of a crowning achievement of reason, quantum physics. The documentarian Errol Morris gives us The Ashtray, a semi-autobiographical tale of the supremely influential The Structure of Scientific Revolutions (1962) by Thomas S. Kuhn. Both are spellbinding intellectual adventures into the limits, fragility, and infirmity of human reason. Becker covers the sweep of history, from the 1925 birth of the "new" quantum physics up through the present day.

So, verifiable, experimental, experienced proof?

-- OriginalOwner_ writes:

Marion Nestle, PhD, Professor of Nutrition, Food Studies, and Public Health, Emerita reports via Food Politics

The FDA has concluded its "consultation process" on Golden Rice. This, you may recall, is rice bioengineered to contain genes for beta-carotene, a precursor of vitamin A.

The FDA's letter to IRRI concluding the consultation [PDF] includes this statement:

Although GR2E ["Golden"] rice is not intended for human or animal food uses in the United States, when present, it would be a producer's or distributer's [sic] responsibility to ensure that labeling of human and animal foods marketed in the United States, meets applicable legal requirements. Although the concentration of ß-carotene in GR2E rice is too low to warrant a nutrient content claim, the ß-carotene in GR2E rice results in grain that is yellow-golden in color.

The FDA's analysis of the science [PDF] concludes that this rice Is unlikely to be toxic or allergenic. It also concludes that although the rice contains higher amounts of ß-carotene than non-modified rice, people in the U.S. are unlikely to eat much of it and in any case the amounts would decline due to storage, processing, and cooking.

In any case, the amounts are not high enough to merit a nutrient-content claim.

This rice has long been promoted as a means to solve problems of vitamin A deficiency in the developing world. Will it? We are still waiting to find out.

NotSanguine writes:

The U.S. Centers For Disease Control And Prevention (CDC) released a new Vital Signs report on Thursday, 7 June, 2018.

In the press release about the new report, the CDC states that:

Suicide rates have been rising in nearly every state, according to the latest Vital Signs report by the Centers for Disease Control and Prevention (CDC). In 2016, nearly 45,000 Americans age 10 or older died by suicide. Suicide is the 10th leading cause of death and is one of just three leading causes that are on the rise.
[...]
Researchers found that more than half of people who died by suicide did not have a known diagnosed mental health condition at the time of death. Relationship problems or loss, substance misuse; physical health problems; and job, money, legal or housing stress often contributed to risk for suicide. Firearms were the most common method of suicide used by those with and without a known diagnosed mental health condition.

Are any Soylentils contemplating suicide? Do you know anyone who has attempted or succeeded in taking their own life? Why do you think suicide rates are on the rise?

Original Submission

Arthur T Knackerbracket has found the following story:

Underground cybercrime marketplaces are in decline because cybercrooks have begun switching to chat channels to trade illegal goods, according to a new report.

The climate of fear and mistrust following the AlphaBay and Hansa takedowns in July 2017 has resulted in crims switching tactics and using less convenient decentralized platforms, such as Telegram, according to research from Digital Shadows.

The paper, titled "Seize and Desist", claimed the cybercriminal community has instead fallen back on alternative ways to conduct transactions across decentralized markets and messaging networks such as Telegram.

Alongside this, digi crooks have adapted their processes to increase the security, reliability, and trust of existing sites. These trends predate the AlphaBay and Hansa takedowns, but have become more acute as the marketplace model continues to struggle.

AlphaBay was a big player in the underground market - particularly for English-language speakers - and its demise left a gap. No single marketplace has risen to the top. Mistrust and fear are rife, and, alongside hidden financial costs associated establishing a new market, this has prevented a new one from flourishing, the infosec firm said.

Telegram in particular is proving increasingly popular as an alternative. Digital Shadows said that over the last six months, its analyst teams detected over 5,000 Telegram links shared across criminal forums and dark websites, of which 1,667 were invite links to new groups. These covered a range of services, including cashing out, carding and crypto currency fraud.

Original Submission

Thexalon writes:

NASA's Curiosity rover has discovered ancient organic molecules on Mars. That plus the methane is strongly suggesting that life may have existed on Mars back when liquid water existed on the surface.

NASA's Curiosity rover has found new evidence preserved in rocks on Mars that suggests the planet could have supported ancient life, as well as new evidence in the Martian atmosphere that relates to the search for current life on the Red Planet. While not necessarily evidence of life itself, these findings are a good sign for future missions exploring the planet's surface and subsurface.

The new findings – "tough" organic molecules in three-billion-year-old sedimentary rocks near the surface, as well as seasonal variations in the levels of methane in the atmosphere – appear in the June 8 edition of the journal Science.

Organic molecules contain carbon and hydrogen, and also may include oxygen, nitrogen and other elements. While commonly associated with life, organic molecules also can be created by non-biological processes and are not necessarily indicators of life.

"With these new findings, Mars is telling us to stay the course and keep searching for evidence of life," said Thomas Zurbuchen, associate administrator for the Science Mission Directorate at NASA Headquarters, in Washington. "I'm confident that our ongoing and planned missions will unlock even more breathtaking discoveries on the Red Planet."

Original Submission

takyon writes:

Amazon has essentially combined its Fire TV product line with an Echo Dot, and given it a cube shape:

The new media streamer first leaked after a report from AFTVNews last September. Amazon later confirmed that it was working on a device called the Fire TV Cube, but didn't reveal any details aside from that.

It turns out the original leak was spot on. The Fire TV Cube is best described as a shiny, cube-shaped version of the 4K- and HDR-compatible Fire TV box Amazon launched last year with an Echo Dot smart speaker built into it and IR blasters tacked on.

The device will be available for preorder on Thursday and formally go on sale on June 21. It'll cost $120, though Amazon is running a promotion in which users of its Prime service can buy the box for $90 this Thursday and Friday. The existing 4K Fire TV box costs $70.

Amazon Fire TV Cube retains the same quad-core ARM Cortex-A53, Mali 450 MP3 GPU, and 2 GB RAM as its smaller predecessor, but doubles storage to 16 GB.

Original Submission

Arthur T Knackerbracket has found the following story:

A lost world in a former empire in Europe has been brought to life thanks to University of Bristol researchers who used artificial intelligence (AI) techniques to analyse 47,000 multilingual pages from newspapers dating back to 1873.

The study, published in Historical Methods, aimed to discover whether historical changes could be detected from the collective content of local newspapers from the Princely County of Gorizia and Gradisca. The findings reveal a series of political and cultural events which took place in a forgotten corner of the Austrian Empire that is now divided between Italy and Slovenia, some of which were unknown, until now.

A team of computer scientists and a historian digitised microfilms of old multilingual newspapers from the County between 1873 to 1914. The images were then converted to text. The patterns that emerged from the automated analysis of 47,000 pages revealed the individual stories of thousands of people, but also the collective trends of a population in the years leading up to WW1 and the final years of that Empire.

Professor Cristianini, Professor of Artificial Intelligence and lead author of the study, said: "Importantly, we get a glimpse in the last years of a world heading towards a new chapter in its history and during a period that transformed it beyond recognition. We see new technologies, new ideas, new economic opportunities, new cultural challenges and problems."

The findings highlight how the war transformed the city and its county into something entirely different. The front lines crossed through the city itself and the urban population was largely relocated. The annexation of the city by Italy was quickly followed by twenty years of fascism, another war, and finally the iron curtain that ran right through the County itself, partly separating the city centre and some of its neighbourhoods.

Original Submission

MrPlow writes:

Submitted via IRC for mechanicjay

We have already seen both proof-of-concept and in-the-wild demonstrations of attacks targeting system firmware such as SMM rootkits, device firmware replacement, and even usurping firmware-based features for malware. As part of our ongoing security research efforts, we recently reviewed various Supermicro systems and discovered serious firmware vulnerabilities. Such issues affect many models and have persisted for many years, which could be problematic since these systems are commonly used as data center servers. As other researchers have shown, Supermicro is not alone. Security vulnerabilities in firmware continue to be discovered regularly. Unfortunately, malicious activity at the firmware and hardware level is invisible to most detection and response mechanisms in use today, leaving many critical systems exposed to attacks that target this area.

These vulnerabilities are easily exploitable and provide malware with the same impact as having physical access to the kind of system that is usually stored in a secure data center. A physical attacker who can open the case could simply attach a hardware programmer to bypass protections. Using the attacks we have discovered, it is possible to scale powerful malware much more effectively through malicious software instead of physical access.

Source: Firmware Vulnerabilities in Supermicro Systems

Original Submission

ekimnosnews writes:

Scientists at the MIT (Massachusetts Institute of Technology) trained an artificial intelligence algorithm dubbed "Norman" to become a psychopath by only exposing it to macabre Reddit images of gruesome deaths and violence, according to a new study.

Nicknamed Norman after Anthony Perkins' character in Alfred Hitchcock's 1960 film Psycho, the artificial intelligence was fed only a continuous stream of violent images from various pernicious subreddits before being tested with Rorschach inkblot tests. The imagery detected by Norman produced spooky interpretations of electrocutions and speeding car deaths where a standard AI would only see umbrellas and wedding cakes.

https://news.avclub.com/mit-scientists-created-a-psychopath-ai-by-feeding-it-1826623094

Original Submission

martyb writes:

Just three days ago, I asked for the community's help to raise funds for continuing operations. Incoming funds were trending upwards — but way too slowly — and it was clear we were going to come up short. I was genuinely worried about our ability to continue as a going concern.

My fears were, apparently, unwarranted... over those three days we received 49 subscriptions totaling approximately $1534.74 which led us to exceed our base goal of $3000.00 for the first half of the year!

THANK-YOU!!

Of these 49 subscriptions, the vast majority were for $20.00 (36 of these), but we also had 3@$40.00, 1@$50, and (drum roll please) 3@$200.00! And for those who subscribed at other amounts, I also thank you. I've had times in my life when my finances did not allow me to help others as I'd wished. Every bit helps!

Let me interrupt the funding-focus for a moment to call attention to a notable accomplishment among our staff: Our Editor in Chief, janrinok (aka JR), just passed 4,000 stories posted to the site! There was a long stretch about a year or so into SoylentNews' existence when JR and LaminatorX (aka LamX) handled pretty much *all* of the story duties on the site. During that period, story submissions were rare and often little more than a bare link to a story of interest. So they'd tag-team finding stories on the web, making submissions, posting stories, and reviewing same. Were it not for their extended and heroic efforts, there would have been a period of months with almost no stories for us to read. LamX left us a couple years ago (would love to have ya back!) But JR has stuck with us, and we are forever indebted to him for his generous contributions of time, expertise, and guidance. Please join me in congratulating JR for reaching this amazing milestone!

Many thanks, too, for the feedback in the comments to the earlier story — I read every one of them — but am in severe crunch mode at work and lacked the spare time to respond individually as I would have liked. I'll respond to a couple items here.

There was a suggestion to set up a "war chest" from which we could draw off interest to support continuing operations among other things. I don't anticipate we will have $100K in the bank any time soon (one of the suggestions), but having a rainy-day fund "just in case" does seem prudent to me. In light of that, you may have noticed in the "Site News" slashbox there are now two goals listed: a base goal and a stretch goal.

So how much should the stretch goal be for?

takyon writes:

Dr. Georg von Tiesenhausen, last of German rocket team, dies in Alabama

Dr. Georg von Tiesenhausen, the last of the German rocket scientists who was part of Dr. Wernher von Braun's moon rocket team, died at his Huntsville residence Sunday night, people close to the rocket team confirm. He was 104.

Von Tiesenhausen - Von T as he was known to the Germans - was a legend in rocketry. When the U.S. Space & Rocket Center in Huntsville gave von Tiesenhausen a lifetime achievement award in 2011, Neil Armstrong made a rare public appearance to present it. Von Tiesenhausen taught Space Campers for years after retiring from NASA.

[...] Von Tiesenhausen was not among the original Germans who came to Huntsville with von Braun in 1950 in the first wave of what was called Operation Paperclip.

But he had been with von Braun during World War II and was with von Braun's team when it launched the first U.S. satellite and the first U.S. astronauts.

Georg von Tiesenhausen and Operation Paperclip:

Operation Paperclip was a secret program of the Joint Intelligence Objectives Agency (JIOA) largely carried out by Special Agents of Army CIC, in which more than 1,600 German scientists, engineers, and technicians, such as Wernher von Braun and his V-2 rocket team, were recruited in post-Nazi Germany and taken to the U.S. for government employment, primarily between 1945 and 1959.

[...] In November 1945, Operation Overcast was renamed Operation Paperclip by Ordnance Corps (United States Army) officers, who would attach a paperclip to the folders of those rocket experts whom they wished to employ in America.

Also at WHNT 19.

Original Submission

takyon writes:

NASA has extended the Juno mission for 3 more years. It was previously scheduled to deorbit and collide with Jupiter in July 2018. JunoCam is expected to fail before the end of the mission due to radiation damage:

NASA has officially announced that its $1 billion Juno mission is getting a critical life extension to study planet Jupiter. Instead of being crashed into the planet's cloud tops next month, Juno will fly until at least July 2021, according to a press release issued on Thursday by the Southwest Research Institute, which operates the pinwheel-shaped, tennis-court-size robot.

Business Insider reported on Monday that Juno's mission would be extended. The probe has orbited Jupiter since July 2015, but engine trouble forced scientists to collect data about four times more slowly than they'd originally hoped. "Juno needs more time to gather our planned scientific measurements," Scott Bolton, the Juno mission's leader and a planetary scientist at the SwRI, told Gizmodo on Tuesday.

See also: The Mystery of Insane Lightning Storms on Jupiter Has Finally Been Solved

Prevalent lightning sferics at 600 megahertz near Jupiter's poles (DOI: 10.1038/s41586-018-0156-5) (DX)

Discovery of rapid whistlers close to Jupiter implying lightning rates similar to those on Earth (DOI: 10.1038/s41550-018-0442-z) (DX)

Related: JunoCam Works, First New Images From Jupiter Sent Back
Juno Captures Best Ever Images of Jupiter's Great Red Spot
Jupiter's Auroras Powered by Particles from Io
Depth of Jupiter's Great Red Spot Studied, and Two New Radiation Zones Found
Great Storms of Jupiter and Neptune Are Disappearing

Original Submission

-- OriginalOwner_ writes:

The Center for American Progress reports

The Teamsters union represents the 280,000 UPS employees who voted overwhelmingly in favor of going on strike[paywall] if a deal is not reached before the current labor contract expires on August 1. More than 90 percent voted for a strike.

Issuing a strike authorization vote does not necessarily mean UPS workers will order a work stoppage, but it does give the union leverage over management to win their negotiations.

[...] Since UPS began offering regular Saturday delivery service just a year ago, [demands on its labor force] have increased. While the company hasn't announced plans for Sunday service, the union claims UPS has made several proposals to expand weekend deliveries.

[...] The shipments [which] UPS transports comprise an estimated 6 percent of the United States GDP. A labor strike among the company's workers would have a sizable effect on the economy and would be the largest U.S. labor strike in decades. Three bargaining sessions ago, in 1997, UPS workers went on strike for 16 days, and there were 180,000 Teamsters at UPS at that time. There hasn't been a bigger strike since.

Coverage by the World Socialist Web Site is skeptical about the union's efforts and what will be the outcome. Not surprisingly, that article closes with:

There is no progressive answer to the continual lowering of living standards outside of the transformation of industry, communications, and transportation monopolies into publicly owned utilities under the democratic control of the working class.

Also covered at Fortune in UPS Has 260,000 Union Workers and They've Just Authorized a Strike:

The labor talks are proceeding amid discussions on pay and work schedules, as UPS looks to increase warehouse automation to keep up with surging demand from e-commerce shipments. The union has proposed increasing the part-time starting wage as well as improving the overall pay structure, according to a statement on its website. It's also pushing the courier to increase contributions to health and welfare and pension funds.

A previous "big" thing (39,000 workers): Largest Labor Action in 5 Years Slated for Wednesday, April 13 Against Verizon

Original Submission

canopic jug writes:

Cleb Chen over at Private Internet Access' blog, Privacy News Online, writes that Apple apparently saves years of its users' browsing history if you have selected "sync browser tabs" in Safari. This web browser history is saved on their servers and does not disappear from them when you click "Clear internet history". Apparently this happens if you consent to sharing browser bookmarks and tabs between Apple devices. Denis Bosnic, who filed a GDPR request for his data from Apple, recently brought this problem to light and was shocked to find detailed logs of his web history showing URL and timestamp of visit. There is no explicit notice of this harvesting when setting up that feature in Apple Safari.

Original Submission

takyon writes:

Mozilla's effort to crowdsource datasets for voice recognition applications such as digital assistants has expanded to include 3 more languages, and soon many others:

Mozilla launched the first fruits of its Common Voice datasets in English back in November, a collection that contained some 500 hours of speech and constituted 400,000 recordings from 20,000 individuals. Today, Mozilla officially kick starts the process of collecting voice data for three more languages — French, German, and — a little randomly — Welsh. Another 40 tongues are currently being prepped for the data collection process, with the likes of Brazilian Portuguese, Chinese (Taiwan), Indonesian, Polish, and Dutch already halfway toward being ready to start crowdsourcing voice data.

[...] "We believe these interfaces shouldn't be controlled by a few companies as gatekeepers to voice-enabled services, and we want users to be understood consistently, in their own languages and accents," said Mozilla's chief innovation officer, Katharina Borchert, in a blog post.

The Common Voice project serves a purpose similar to that of other open-license projects that have emerged to counter privately owned platforms. OpenStreetMap is a good example of a similarly crowdsourced project that gives developers open and freely usable maps of the world, without the costs or restrictions of rival services such as Google Maps.

Original Submission