SoylentNews

Fnord666 writes:

Researchers say they've discovered an advanced piece of Linux malware that has escaped detection by antivirus products and appears to be actively used in targeted attacks.

HiddenWasp, as the malware has been dubbed, is a fully developed suite of malware that includes a trojan, rootkit, and initial deployment script, researchers at security firm Intezer reported on Wednesday. At the time Intezer's post went live, the VirusTotal malware service indicated Hidden Wasp wasn't detected by any of the 59 antivirus engines it tracks, although some have now begun to flag it. Time stamps in one of the 10 files Intezer analyzed indicated it was created last month. The command and control server that infected computers report to remained operational at the time this article was being prepared.

Some of the evidence analyzed—including code showing that the computers it infects are already compromised by the same attackers—indicated that HiddenWasp is likely a later stage of malware that gets served to targets of interest who have already been infected by an earlier stage. It's not clear how many computers have been infected or how any earlier related stages get installed. With the ability to download and execute code, upload files, and perform a variety of other commands, the purpose of the malware appears to be to remotely control the computers it infects. That's different from most Linux malware, which exists to perform denial of service attacks or mine cryptocurrencies.

[...] Since Wednesday's post went live, AV detection rates have grown, but at the time Ars published this article, the rates still remained low. Depending on the file being analyzed, the rates ranged from two to 13, out of 59 AV engines tracked.

[...] Wednesday's post lists indicators of compromise that people can use to tell if their computers have been infected. One telltale sign: "ld.so" files that don't contain the string "/etc/ld.so.preload." This is the result of the HiddenWasp trojan trying to patch instances of ld.so to enforce the LD_PRELOAD mechanism from arbitrary locations.

Source:
https://arstechnica.com/information-technology/2019/05/advanced-linux-backdoor-found-in-the-wild-escaped-av-detection/

Original Submission

Fnord666 writes:

In 2005, Apple contacted Qualcomm as a potential supplier for modem chips in the first iPhone. Qualcomm's response was unusual: a letter demanding that Apple sign a patent licensing agreement before Qualcomm would even consider supplying chips.

"I'd spent 20 years in the industry, I had never seen a letter like this," said Tony Blevins, Apple's vice president of procurement.

Most suppliers are eager to talk to new customers—especially customers as big and prestigious as Apple. But Qualcomm wasn't like other suppliers; it enjoyed a dominant position in the market for cellular chips. That gave Qualcomm a lot of leverage, and the company wasn't afraid to use it.

[...] Last week, a California federal judge provided the FTC and Apple with sweet vindication. In a scathing 233-page opinion [PDF], Judge Lucy Koh ruled that Qualcomm's aggressive licensing tactics had violated American antitrust law.

[...] "Qualcomm has monopoly power over certain cell phone chips, and they use that monopoly power to charge people too much money," says Charles Duan, a patent expert at the free-market R Street Institute. "Instead of just charging more for the chips themselves, they required people to buy a patent license and overcharged for the patent license."

Now, all of that dominance might be coming to an end. In her ruling, Koh ordered Qualcomm to stop threatening customers with chip cutoffs. Qualcomm must now re-negotiate all of its agreements with customers and license its patents to competitors on reasonable terms. And if Koh's ruling survives the appeals process, it could produce a truly competitive market for wireless chips for the first time in this century.

Source:
https://arstechnica.com/tech-policy/2019/05/how-qualcomm-shook-down-the-cell-phone-industry-for-almost-20-years/

Original Submission

Arthur T Knackerbracket has found the following story:

There are few things better than the smell of freshly baked bread from the oven; this is because molecules in the bread disperse in the heat to reach your nose. In a similar way, the ExoMars rover Rosalind Franklin will "bake" and "sniff" Martian samples in miniature ovens, imaged above, as part of its investigation of the extra-terrestrial world.

Set to land on Mars in 2021, Rosalind Franklin will scout areas of interest and drill up to 2 meters below the surface and report back its findings to scientists on Earth.

Nothing short of a miniature laboratory on wheels, the dirt that Rosalind Franklin collects will pass through different steps in an intricate process allowing for many types of analysis to get the best possible overview of the composition of Mars so far.

The Mars Organic Molecule Analyser, "MOMA," will heat samples to unlock the organic molecules from the Martian dust and transform them into the gas phase. The gas produced will then flow past a receptor that "sniffs" the molecules to learn more about the sample, thanks to its gas chromatograph.

[...] Choosing when and where to take a Martian sample, and choosing which instrument to analyze the sample with, will be a discussion of interplanetary proportions for scientists, but that discussion will need to reach conclusions quickly: the ExoMars rover has 31 tubes to fill and analyze and is designed to work for 218 "sols" or Martian days.

Original Submission

takyon writes:

Uber To Start Banning Passengers With Low Ratings

Uber has unveiled a new policy that enables the company to kick riders with low ratings to the curb.

For years, Uber allowed passengers to rate drivers on a star system, ultimately allowing customers to influence whether drivers can stay behind the wheel. Internal charts from 2014 published by Business Insider showed that drivers with ratings of 4.6 or below were at risk for the boot.

Though drivers could rate passengers, there was no equivalency in consequences. But now Uber's drivers will have a greater say about the behavior of passengers.

"Respect is a two-way street, and so is accountability," Kate Parker, Uber's head of Safety Brand and Initiatives, said in a statement released Tuesday. Parker added, "While we expect only a small number of riders to ultimately be impacted by ratings-based deactivations, it's the right thing to do." The shift will begin in the United States and Canada, the company said.

Also at TechCrunch and CNN.

Original Submission

takyon writes:

PCI-SIG Finalizes PCIe 5.0 Specification: x16 Slots to Reach 64GB/sec

Following the long gap after the release of PCI Express 3.0 in 2010, the PCI Special Interest Group (PCI-SIG) set about a plan to speed up the development and release of successive PCIe standards. Following this plan, in late 2017 the group released PCIe 4.0, which doubled PCIe 3.0's bandwidth. Now less than two years after PCIe 4.0 – and with the first hardware for that standard just landing now – the group is back again with the release of the PCIe 5.0 specification, which once again doubles the amount of bandwidth available over a PCI Express link.

Built on top of the PCIe 4.0 standard, the PCIe 5.0 standard is a relatively straightforward extension of 4.0. The latest standard doubles the transfer rate once again, which now reaches 32 GigaTransfers/second. Which, for practical purposes, means PCIe slots can now reach anywhere between ~4GB/sec for a x1 slot up to ~64GB/sec for a x16 slot. For comparison's sake, 4GB/sec is as much bandwidth as a PCIe 1.0 x16 slot, so over the last decade and a half, the number of lanes required to deliver that kind of bandwidth has been cut to 1/16th the original amount.

Previously:
PCIe 4.0 to be Available This Year, PCIe 5.0 in 2019
Version 0.9 of the PCI Express 5.0 Specification Ratified

Obligatory xkcd

Original Submission

"upstart" writes:

Submitted via IRC for Bytram

James Webb Space Telescope emerges successfully from final thermal vacuum test

NASA's James Webb Space Telescope has successfully cleared another critical testing milestone, taking this ambitious observatory one step closer to its 2021 launch. The spacecraft has gone through its final thermal vacuum test meant to ensure that its hardware will function electronically in the vacuum of space, and withstand the extreme temperature variations it will encounter on its mission.

One half of the Webb observatory, known as the "spacecraft element," completed this testing at the facilities of Northrop Grumman, the mission's lead industrial partner, in Los Angeles. The other half of Webb, which consists of the telescope and science instruments, has already successfully completed its thermal vacuum testing at NASA's Johnson Space Center in Houston prior to delivery at Northrop Grumman last year.

In the most recent major environmental test, technicians and engineers locked the Webb spacecraft element inside a special thermal vacuum chamber. The testing team drained the atmosphere from the room to replicate the vacuum of space, and exposed the Webb spacecraft element to a wide range of hot and cold temperatures, spanning from minus 235 degrees Fahrenheit (minus 148 degrees Celsius) to a sweltering 215 degrees Fahrenheit (102 degrees Celsius). This variation of temperatures ensures the spacecraft will survive the extreme conditions it will actually experience in space.

[...] With the completion of this latest thermal vacuum test, all of Webb's components have been exposed to the varied conditions that they will encounter during launch, and while in orbit a million miles away from Earth.

[...] The next steps will be to join both halves of Webb to form the fully assembled observatory and complete a final round of deployments, testing and evaluation prior to launch. A full deployment of the spacecraft element will verify that Webb is ready to proceed to the launch site.

Explore Further: https://phys.org/news/2017-12-nasa-webb-telescope-emerges-chamber.html

Original Submission

Arthur T Knackerbracket has found the following story:

Every couple of years, the hope surfaces that a simple graphical interface will replace teams of developers. Business people to quickly and easily create beautiful expressions of their ideas and launch them into production seamlessly. A handful of startups in every generation take up this challenge, and they mostly fail.

Why do people keep trying to breathe life into a solution that is so obviously doomed to fail is an interesting question, but a more useful question would be why is it doomed to fail, and what are the alternatives.

The reason why companies keep trying to create canvas driven development tools has 2 components. The first is that as a software engineer, you learn to map out your ideas in some visual representation. These simple flow charts, UML diagrams, or high fidelity mockups then have to be translated to code that a computer can interpret. During the design phase the process feels really smooth, you clarify your thoughts and produce a lot of value in a relatively short amount of time, if only the actual coding could be this frictionless. The second reason is that working with developers can be frustrating. Business people often have to contend with neverending lists of constraints in terms of what the "system" can and cannot do, or constant excuses for why deadlines were not met because of some unforeseen technical difficulty. Surely there has to be a better way. Where these two motivations meet, a business idea is born: "Let's create a tool that makes building software as easy as drawing up a flow diagram!"

Original Submission

martyb writes:

Hawaii Warns Tourists of Parasitic Worm that can Burrow into Human Brains:

Hawaii's health department has released fresh warnings about a parasitic worm that can infest human brains after officials confirmed that three more visitors to the state picked up the infection.

The Centers for Disease Control and Prevention confirmed three new cases in unrelated adults visiting Hawaii Island from the US mainland, the health department announced. The latest known victims—who became infected at different times—bring the state's 2018 case total to 10 and the 2019 total to five.

While there were 17 confirmed cases in 2017, the state counted only two cases total in the prior decade. The new case counts indicate a sustained boom in the parasite's population and spread.

The parasitic worm in these cases is the rat lungworm, aka Angiostrongylus cantonensis. As its common name suggests, the wandering worm primarily takes up residence in rats' lungs, where female worms lay their eggs. Young worms leave the nest early to find their own windy homes, though. Larvae get coughed up into rats' throats then swallowed. The hosting rat eventually poops out the young parasites, which then get gobbled up by feces-feasting snails and slugs (intermediate hosts). When other rodents come along and eat those infected mollusks, the prepubescent parasites migrate to the rats' brains to mature before settling into the lungs and reproducing. The cycle then starts again.

Eww, that sounds gross! So, what happens if I should, by chance, get infected?

[...] In humans, young worms make their way to the brain as they would in a rat. But the rambling invaders rarely survive long enough to make it to their final destination in the lungs. Instead, they usually die somewhere in the central nervous system. In some cases, the infection is symptomless and resolves on its own. In others, the worm meanders around the brain, and its presence, movement, and death in the central nervous system all contribute to symptoms. Those can vary wildly but sometimes include headaches, neck stiffness, tingling or pain, low-grade fever, nausea, and vomiting. In severe cases, the infection can lead to nerve damage, paralysis, coma, and even death.

In short: be sure to clean all produce thoroughly and avoid eating any slugs.

Original Submission

RandomFactor writes:

According to new research published by the American Physical Society in the Journal Physical Review letters, in the coming years it may be possible to test whether the universe is in fact a hologram.

The debate over The Holographic Principle — whether the universe is a flat (two dimensional) projection — is mind bending and still largely theoretical in nature. The holographic principle solves various problems, it can be used to explain quantum gravity and also

has been used to explain cosmic inflation, a pivotal period of time in the early universe where our cosmos expanded at quizzically breakneck speeds.

But an untestable theory, no matter how appealing the math, is ever an itch that needs scratching in science. So how do we do that?

During cosmic inflation, the universe became populated with quantum fluctuations, particles that temporarily appear out of empty space. “The inflationary universe had the right characteristics to make these fluctuations the seed of everything we observe today from the Cosmic Microwave Background, galaxies, stars, planets to cosmologists.”, said the researchers. These quantum fluctuations are what causes the irregular distribution of galaxies in the universe.

Through interactions with scalar fields, these fluctuations create distinct signals that can oscillate. To tell whether the universe is holographic, researchers took a look at the different intricate ways these signals could oscillate. If the signals are underdamped, meaning they move back and forth before reaching a point of equilibrium, then we can’t be living in a hologram. This is because if we’re living in a holographic universe, every signal we see must have a counterpart in a lower dimensional world. An underdamped signal can’t have such a counterpart.

In short, if we detect underdamped signals, we are not living in a holographic universe. And we can look for them:

martyb writes:

Research Confirms Gut-Brain Connection in Autism:

People with autism often suffer from gut problems, but nobody has known why. Researchers have now discovered the same gene mutations – found both in the brain and the gut – could be the cause.

The discovery confirms a gut-brain nervous system link in autism, opening a new direction in the search for potential treatments that could ease behavioural issues associated with autism by targeting the gut.

Chief Investigator Associate Professor Elisa Hill-Yardin, RMIT University, said scientists trying to understand autism have long been looking in the brain, but the links with the gut nervous system have only been recently explored.

“We know the brain and gut share many of the same neurons and now for the first time we’ve confirmed that they also share autism-related gene mutations,” Hill-Yardin said.

“Up to 90% of people with autism suffer from gut issues, which can have a significant impact on daily life for them and their families.

“Our findings suggest these gastrointestinal problems may stem from the same mutations in genes that are responsible for brain and behavioural issues in autism.

“It’s a whole new way of thinking about it - for clinicians, families and researchers - and it broadens our horizons in the search for treatments to improve the quality of life for people with autism.”

Journal Reference:
Suzanne Hosie, et. al.. Gastrointestinal dysfunction in patients and mice expressing the autism‐associated R451C mutation in neuroligin‐3. Autism Research, 2019; DOI: 10.1002/AUR.2127

Original Submission

upstart writes in with a submission, via IRC, for Fnord666:

Flipboard Database Hacks Exposed Users' Account Information:

News aggregator app Flipboard said Tuesday it fell victim to hacks that exposed and possibly allowed users' account information to be copied for about nine months.

The information revealed in the hack includes users' names, Flipboard user names, encrypted passwords and email address, according to Flipboard. No Social Security numbers, credit card information or other financial data was revealed, as the app doesn't collect that information.

"As a precaution, we have reset all users' passwords, even though the passwords were cryptographically protected and not all users' account information was involved," Flipboard said in an FAQ. Users will have to create a new password the next time they try to log in to their account.

Additionally, all digital tokens used to connect to third-party accounts have been replaced or deleted to prevent misuse, the company said.

[...] The company said in April 2018 it had 145 million monthly users.

Original Submission

jas writes:

Cinnamon, the popular desktop environment featured in Linux Mint, makes more sense as a distribution-agnostic package.

[...] Since time immemorial—or, more likely, the late 1990s—the intractable problem of “fragmentation of the Linux desktop” has been debated on the internet. While some contend that the wide variety of competing distributions offers more choice to users, that choice can also be overwhelming—making it too difficult for new users to decide on a distribution, or leading them to choose a distribution that is poorly-built or unsupported, providing a bad first experience.

While these arguments have merit, they ignore a critical problem: The infrastructure and developer attention needed to maintain a distribution is extensive, and difficult to justify. Long-running Linux distributions have stopped operations due to a lack of resources, and it is time for Linux Mint to consider doing the same in order to prevent developer burnout, while transitioning Cinnamon into being a fully platform-agnostic desktop environment.

[...] CERN withdrew from Scientific Linux in 2015, beginning a migration to CentOS, with Fermilab announcing their own migration to CentOS 8 as part of the transition from their own distribution.

[...] Likewise, the Arch-based Antergos distribution announced plans to shut down, as the developers "no longer have enough free time to properly maintain Antergos," and that "continuing to neglect the project would be a huge disservice to the community."

[...] Ultimately, the benefit of Cinnamon can be realized as a truly distribution-agnostic desktop environment. Most of the work is already done: Fedora already has a Cinnamon spin, and can be installed in Debian, OpenSuSE, and Arch (among others). Transitioning Linux Mint development efforts to make Cinnamon an Ubuntu Flavor—adhering more tightly to Ubuntu's infrastructure and release timelines, rather than operating independently and running the risk causing package conflicts—would deduplicate a great deal of work, providing more time to further improve Cinnamon, and ease the strained schedules of Clem and other Linux Mint contributors.

https://www.techrepublic.com/article/scientific-linux-and-antergos-are-shutting-down-its-time-for-linux-mint-to-go/

Original Submission

MrPlow writes:

Submitted via IRC for AndyTheAbsurd

The Kingrow K1 probably isn’t the best smartphone for mobile gaming, watching videos, or framing the perfect photo… because you’d probably want a color display for any of those things, and the Kingrow K1 doesn’t have one.

What it does have is an E Ink display that’s easy to see in direct sunlight and which doesn’t draw a lot of power. Kingrow says the smartphone gets up to 2 days of battery life during normal usage, 7 days if you disable wireless and just use it for reading, and 15 days in standby.

The company unveiled the phone recently, and now it’s up for pre-order for $299 and up through a crowdfunding campaign at Indiegogo.

[...] That $299 price only covers the first 400 orders. After that, the price goes up to $349, and the phone has an estimated shipping date of August, 2019.

Link to their Indiegogo page.

Source: https://liliputing.com/2019/05/kingrow-k1-e-ink-smartphone-hits-indiegogo-for-299-and-up.html

Original Submission

An Anonymous Coward writes:

Laptop infected with six of the most destructive viruses sells for $1.9 million. [ed: Australian Dollars]

You wouldn't ordinarily want to seek out a computer with viruses installed, but that's exactly what the winner of a US$1.345 million auction just did – picking up a laptop crammed with the deadliest malware of our time in return for their cash.

The buyer remains anonymous but we know much more about the laptop, which is actually part of an art project by Chinese digital artist Guo O Dong. The piece is called The Persistence of Chaos.

Dong worked with cybersecurity firm Deep Instinct to load up the laptop with its dangerous code, and it's apparently air gapped, which means it has security measures that prevent it from connecting to any other networks, to stop it from spreading its malware further.

[...] Persistence of Chaos includes ILOVEYOU from 2000, a particularly damaging worm that came attached to an email with an "ILOVEYOU" subject header. It deleted local files when run, and is thought to have caused billions of US dollars' worth of damage before being stopped.

Also at ABC.net.au and Digital Trends.

Original Submission

aristarchus writes:

From Slate

If we had a fair Supreme Court not driven by partisanship in its most political cases, Thursday’s blockbuster revelation in the census case would lead the court to unanimously rule in Department of Commerce v. New York to exclude the controversial citizenship question from the decennial survey. Those newly revealed documents show that the Trump administration’s purpose in putting the citizenship question on the upcoming census was not its stated one to help Hispanic voters under the Voting Rights Act, but rather to create policy that would be “a disadvantage to the Democrats” and “advantageous to Republicans and non-Hispanic Whites.” It’s difficult to produce a greater smoking gun than explicitly saying you are hoping to help the GOP by increasing white voting power. But this revelation, coming from the hard drive of a deceased Republican political operative and made available to Common Cause by his estranged daughter, is ironically more likely to lead the Republican-appointed conservative justices on the Supreme Court to allow the administration to include the question that would help states dilute the power of Hispanic voters.

[...]And here is where Thursday’s revelations fit in. The New York Times reported that the hard drive of the late Republican redistricting guru Thomas B. Hofeller contained documents indicating that the real purpose of including the citizenship question was to allow Republicans to draw new congressional, state, and local legislative districts using equal numbers of eligible voters in each district, not equal numbers of persons, a standard that would greatly reduce the power of Hispanics and Democrats in places like Texas. According to the Times, files on Hofeller’s hard drives, subpoenaed in litigation concerning North Carolina redistricting, show that Hofeller “wrote a study in 2015 concluding that adding a citizenship question to the census would allow Republicans to draft even more extreme gerrymandered maps to stymie Democrats. And months after urging President Trump’s transition team to tack the question onto the census, he wrote the key portion of a draft Justice Department letter claiming the question was needed to enforce the 1965 Voting Rights Act—the rationale the administration later used to justify its decision.”

[...]Thursday’s revelations should be damning. The ACLU is already seeking sanctions in the trial court in the census case for government officials lying about the real reason for including the citizenship question. But instead the revelations may help to prop up a case that should embarrass government lawyers to argue.

Yep.

Original Submission