SoylentNews

MrPlow writes:

Submitted via IRC for SoyCow1944

An attacker could remotely take full control over a computer system while playing untrusted videos with any version of VLC media player software prior to 3.0.7.

The hack is possible due to two high-risk security flaws (CVE-2019-5439, CVE-2019-12874) that could potentially lead to arbitrary code execution attacks. The company Videolan also addressed many other medium and low-severity security vulnerabilities in its software.

"A remote user can create some specially crafted avi or mkv files that, when loaded by the target user, will trigger a heap buffer overflow (read) in ReadFrame (demux/avi/avi.c), or a double free in zlib_decompress_extra() (demux/mkv/utils.cpp) respectively" reads the security advisory published by the company. "If successful, a malicious third party could trigger either a crash of VLC or an arbitratry code execution with the privileges of the target user."

Source: https://securityaffairs.co/wordpress/87433/breaking-news/vlc-player-flaws.html

Original Submission

Anonymous Coward writes:

When Rules Don't Apply is a 28 minute documentary that explores "no-poach" agreements and how they violate antitrust law. Watch the full film on vimeo for free here. For years, Apple’s Steve Jobs, Google’s Eric Schmidt and other hi-tech CEOs engaged in a conspiracy against their own employees, agreeing not to hire each other’s workers. The secret deal denied career advancement and better pay to the very people who made their companies successful.

Did any Soylentils experience this first-hand? How did things work out for you? How accurate/informative a depiction did you find this documentary?

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow1944

Hackers have stolen call records from over 10 cell providers worldwide as part of a "massive-scale" espionage attempt against at least 20 individuals, TechCrunch reports. The attack has been dubbed "Operation Softcell" by Cybereason, the security research firm that discovered it. It's sophisticated enough that the firm believes there's a "very high probability" it's state-backed.

The target of the attacks are "call detail records," which contain detailed metadata on every call made from an individual's phone, including times, dates, and the cell-based location of the device. The content of calls are not held in these records, but the metadata alone is hugely valuable. If a carrier doesn't realize that its network has been infiltrated, then the hackers could have access to this data in real time, and individuals would have no way of knowing that their data has been compromised. ""They could shut down the network tomorrow""

Although the attackers have penetrated deeply enough into each service provider that "they could shut down the network tomorrow," Cybereason's head of security research, Amit Serper told CNET, their focus seems to be espionage, rather than disruption. The hackers appear to be targeting high profile government and military targets, whose movements and communications will be significantly compromised by the hack.

The attacks were first discovered a year ago, but go back by as many as seven years. The researchers say the attacks are ongoing, and that the hacker's servers are still operational.

Source: https://www.theverge.com/2019/6/25/18744020/operation-softcell-hack-call-detail-records-apt10-cybersecurity-cell-network-providers

Original Submission

McGruber writes:

According to a paywalled (register for three free articles per month) article on Law.com, it is impossible to cast a secret vote using Georgia's electronic voting machines.

In a new motion for a preliminary injunction, attorneys for the Coalition for Good Governance and several plaintiff voters have asked a federal judge in Atlanta to sideline use of the state’s obsolete electronic voting machines after Oct. 1.

The plaintiffs claim that evidence obtained from state and county election officials revealed that a “unique identifier” is attached to each electronic vote cast on the 17-year-old machines. Those unique identifiers could enable “election insiders or malicious intruders” to connect each ballot to the voter who cast it, the motion contends.

The motion contends that state and county election officials have admitted that ballot image reports maintained in their electronic databases and memory cards—when combined with other election records—contain enough information to identify who cast every electronic vote in Georgia. If proven, the practice would violate state and federal constitutional provisions requiring that all voter ballots be secret.

https://www.law.com/dailyreportonline/2019/06/24/new-motion-claims-georgias-electronic-ballots-are-not-secret/

Original Submission

SemperOSS writes:

Another Monday and another BGP (Border Gateway Protocol) misconfiguration causing large parts of the Internet to stop working. More on the cause and effects from the Cloudflare blog How Verizon and a BGP Optimizer Knocked Large Parts of the Internet Offline:

[Monday] at 10:30UTC, the Internet had a small heart attack. A small company in Northern Pennsylvania became a preferred path of many Internet routes through Verizon (AS701), a major Internet transit provider. This was the equivalent of Waze routing an entire freeway down a neighborhood street — resulting in many websites on Cloudflare, and many other providers, to be unavailable from large parts of the Internet. This should never have happened because Verizon should never have forwarded those routes to the rest of the Internet. To understand why, read on.

SoylentNews was also affected — alongside other prominent sites.

Original Submission

takyon writes:

Ubuntu Compromises on 32-Bit App Support

Canonical, the developer of Ubuntu, has backtracked on an earlier announcement that Ubuntu 19.10 will no longer update 32-bit packages and applications, announcing today that Ubuntu 19.10 and 20.04 will support select 32-bit apps.

The news follows Valve and the developers of Wine, an open source compatibility layer for running Windows apps on other operating systems, saying they would stop supporting Ubuntu completely.

[...] In response, Canonical said it will work with select developers of 32-bit apps to ensure these apps continue to work on Ubuntu 19.10 and 20.04. However, these apps may only work under more stringent requirements, such as running them in Ubuntu containers, something that may not appease Steam and Wine developers.

Long-term, Canonical still thinks 32-bit apps need to go, since most are not updated and present a security risk.

Also at Engadget and ZDNet.

Older: Steam is dropping support for Ubuntu, but not Linux entirely
Steam ending support for Ubuntu over 32-bit compatibility

Original Submission

upstart writes:

Submitted via IRC for Bytram

Settling the debate on serotonin's role in sleep: The brain chemical is necessary to get enough sleep

Serotonin is a multipurpose molecule found throughout the brain, playing a role in memory, cognition, and feelings of happiness and other emotions. In particular, researchers have long debated serotonin's role in sleep: Does serotonin promote sleep, or its opposite, wakefulness?

Now, Caltech scientists have found that serotonin is necessary for sleep in zebrafish and mouse models.

A paper describing the research appears online on June 24 in the journal Neuron. The work is a collaboration between the Caltech laboratories of David Prober, professor of biology and affiliated faculty member of the Tianqiao and Chrissy Chen Institute for Neuroscience at Caltech; and Viviana Gradinaru (BS '05), professor of neuroscience and biological engineering, Heritage Medical Research Institute Investigator, and director of the Chen Institute's Center for Molecular and Cellular Neuroscience.

Previous studies on serotonin and sleep have yielded conflicting results. Some research showed that serotonin promotes sleep, but other work showed that serotonin-producing neurons were most active and releasing the chemical during wakefulness.

In order to settle this debate, the Caltech team focused on a region called the raphe nuclei, which has the brain's main population of serotonin-producing (or serotonergic) neurons. The raphe are evolutionarily ancient structures found in the brain stem of a wide range of organisms from fish to humans, and they are responsible for both manufacturing and sending out serotonin to other brain regions.

[...] "The theory is that, in order to sleep, you need to have high sleep pressure and the circadian clock needs to be aligned with the time of day -- nighttime for diurnal creatures like us and daytime for nocturnal animals."

The researchers theorize that the firing of neurons in the raphe and their release of serotonin is a way for the brain to build up sleep pressure. Indeed, they found that zebrafish lacking serotonin as well as mice with ablated raphe show reduced sleep pressure.

While the studies were in animal models, the raphe region and its production of serotonin are similar in human brains. The research can contribute to explanations of some sleep-related side effects of common antidepressant drugs that increase serotonin levels in the brain.

Grigorios Oikonomou, Michael Altermatt, Rong-wei Zhang, Gerard M. Coughlin, Christin Montz, Viviana Gradinaru, David A. Prober. The Serotonergic Raphe Promote Sleep in Zebrafish and Mice. Neuron, 2019; DOI: 10.1016/j.neuron.2019.05.038

Original Submission

James Orme writes:

The ACLU has published a report "on a $3.2 billion industry building a technology known as 'video analytics', which is starting to augment surveillance cameras around the world and has the potential to turn them into just that kind of nightmarish army of unblinking watchers."

Using cutting-edge, deep learning-based AI, the science is moving so fast that early versions of this technology are already starting to enter our lives. Some of our cars now come equipped with dashboard cameras that can sound alarms when a driver starts to look drowsy. Doorbell cameras today can alert us when a person appears on our doorstep. Cashier-less stores use AI-enabled cameras that monitor customers and automatically charge them when they pick items off the shelf.

In the report, we looked at where this technology has been deployed, and what capabilities companies are claiming they can offer. We also reviewed scores of papers by computer vision scientists and other researchers to see what kinds of capabilities are being envisioned and developed. What we found is that the capabilities that computer scientists are pursuing, if applied to surveillance and marketing, would create a world of frighteningly perceptive and insightful computer watchers monitoring our lives.

Source: https://www.aclu.org/blog/privacy-technology/surveillance-technologies/army-robot-surveillance-guards-coming

Original Submission

upstart writes:

Submitted via IRC for Bytram

Prolonged transmission of a resistant bacterial strain in a Northern California hospital

Researchers have used whole genome sequencing (WGS) to demonstrate transmission of a single bacterial strain that possessed a carbapenem-resistance gene in a northern California hospital. The gene armed the bacteria with resistance to carbapenems, a type of antimicrobial drug reserved as a last-line treatment for serious infections. The research is presented on Sunday, June 23rd at ASM Microbe, the annual meeting of the American Society for Microbiology.

Epidemiologists from the local public health department and the California Department of Public Health (CDPH) collaborated with laboratory scientists from the CDPH Microbial Diseases Laboratory (MDL) to characterize the strain and identify potential transmission pathways in combination with epidemiologic information.

The bacterial strain persisted in the hospital for over 3 years, potentially due to transmission from patient to patient combined with lengthy stays in the hospital intensive care unit (ICU). "Our investigation highlights the importance of regular epidemiological and microbiological monitoring of resistant strains in hospitals and the use of the advanced molecular technologies to track their spread," said Varvara Kozyreva, Ph.D. Genotyping Unit Chief, Microbial Diseases Laboratory Program, California Department of Public Health.

"[...] WGS allowed us to understand and demonstrate connections among the patients over a multiple year time period, which would not have been possible using epidemiologic information alone," said Dr. Kozyreva. WGS also showed that this particular bacterial strain's carbapenem-resistance gene appeared to be located on the chromosome. Normally, such resistance genes are located on additional "mobile" DNA pieces called plasmids, that can be transferred between different strains (and even different species) of bacteria.

Original Submission

Solar Activity Forecast for Next Decade Favorable for Exploration

An Anonymous Coward writes:

The last astronauts of the Apollo program were lucky. Not just because they were chosen to fly to the Moon, but because they missed some really bad weather en route. This wasn't a hurricane or heat wave, but space weather – the term for radiation in the solar system, much of which is released by the Sun. In August 1972, right in between the Apollo 16 and Apollo 17 missions, a solar storm occurred sending out dangerous bursts of radiation. On Earth, we're protected by our magnetic field, but out in space, this would have been hazardous for the astronauts.

The ability to forecast these kinds of events is increasingly important as NASA prepares to send the first woman and the next man to the Moon under the Artemis program. Research now underway may have found a reliable new method to predict this solar activity. The Sun's activity rises and falls in an 11-year cycle. The forecast for the next solar cycle says it will be the weakest of the last 200 years. The maximum of this next cycle – measured in terms of sunspot number, a standard measure of solar activity level – could be 30 to 50% lower than the most recent one. The results show that the next cycle will start in 2020 and reach its maximum in 2025.

https://www.nasa.gov/feature/ames/solar-activity-forecast-for-next-decade-favorable-for-exploration

Video of presentation: https://m.youtube.com/watch?v=jP9_4uoEdKg

upstart writes:

Submitted via IRC for Bytram

Calibration method improves scientific research performed with smartphone cameras

Although smartphones and other consumer cameras are increasingly used for scientific applications, it's difficult to compare and combine data from different devices. A new easy-to-use standardized method makes it possible for almost anyone to calibrate these cameras without any specialized equipment, helping amateurs, science students and professional scientists to acquire useful data with any consumer camera.

"The low cost of consumer cameras makes them ideal for projects involving large-scale deployment, autonomous monitoring or citizen science," said Olivier Burggraaff, who led the research team from Leiden University in the Netherlands who developed the calibration method. "Our standardized calibration method will make it easier for anyone to use a consumer camera to do things like measure pollution by detecting aerosol particles in the air."

In The Optical Society (OSA) journal Optics Express, the multi-institutional group of researchers report their new standardized calibration method and database, called SPECTACLE (Standardized Photographic Equipment Calibration Technique And CataLoguE), which can be used for smartphones, digital single-lens reflex cameras and cameras aboard drones. The database allows users to upload calibration data from their cameras for others to use.

"SPECTACLE includes many do-it-yourself (DIY) methods, which we found provided results comparable to professional methods that require high-end laboratory equipment," said Burggraaff.

The standardized calibration method was developed in response to a need that arose as Burggraaff and his Leiden Univ. colleagues were developing citizen science methods to measure optical water quality using a smartphone add-on called iSPEX (Spectropolarimeter for Planetary EXploration), they originally developed to measure air pollution. This add-on allows a smartphone camera to measure extra optical information such as hyperspectral and polarimetric data. SPECTACLE and iSPEX are part of MONOCLE (Multiscale Observation Networks for Optical monitoring of Coastal waters, Lakes and Estuaries), a project funded by the European Commission aimed at creating sustainable solutions for measuring optical water quality.

[...] The researchers plan to apply the SPECTACLE methodology to a much larger number of cameras to fill in the database and get a broader idea of camera properties. This will be done by the researchers as well as anyone who wants to upload their calibration data into the database. They are also continuing to develop the iSPEX smartphone add-on to improve its ability to acquire water and air pollution measurements. This involves advancing its physical design and the algorithms for retrieving scientific results from its data while using the SPECTACLE methods and database to combine data from different smartphones.

Original Submission

aristarchus writes:

Bill Gates calls losing the smartphone market to Android his "greatest mistake"

It is rare to see a company owning up to their mistakes but in a Techcrunch interview published yesterday ex-Microsoft CEO and founder Bill Gates just did, calling losing the smartphone market to Google's Android his "greatest mistake."

I am stifling myself with ecto-ironic beams of death, to avoid commenting on the initial sentence. Help me, Soylentils!

He also owes up to mismanagement – it was a war which Microsoft could have won – Windows Mobile preceded Android by nearly 10 years, but Microsoft never understood the importance of mobile, never gave it adequate resources, was distracted by desktop priorities and was constantly changing direction.

[...] The point of this article is not to replay the past, but to counter this view expressed by those who take Microsoft's current share price as proof that losing mobile was actually a happy accident:

$MSFT, in 3yrs, has climbed from $35 to an all time high of $137 w/ positive Q3FY19 gains in generally every business, incl. Windows.
...but please tell me more abt how Microsoft's downfall will be a consequence of its retreat from Windows Phone, Microsoft Band, & Groove Music. pic.twitter.com/4IOb6ptEJb

— kurtsh (@kurtsh) June 22, 2019

Microsoft's future is in bitcoin. You heard it here first!!

Original Submission

An Anonymous Coward writes:

Ecuador Judge Frees Swedish Programmer Close to Assange; Probe Continues

An Ecuadorean judge on Thursday ordered that a Swedish citizen and personal friend of WikiLeaks founder Julian Assange be freed, two months after he was detained for alleged participation in a hacking attempt on the government.

But Ola Bini, a 36-year-old software developer who has lived in Ecuador for five years, remains under investigation in the case and will be barred from leaving the country, according to the court ruling.

Bini was detained in April at the Quito airport before boarding a flight to Japan, hours after Ecuador withdrew asylum for Assange, who had lived at its London embassy for almost seven years while facing spying charges related to WikLeaks' 2010 publication of secret U.S. diplomatic cables.

Ecuador's Interior Minister Maria Paula Romo had accused him of seeking to destabilise the Andean country's government and compromising its national security. Bini has denied those allegations, but has acknowledged being close to Assange.

Previously: Julian Assange Associate Arrested In Ecuador

Original Submission

upstart writes:

Submitted via IRC for Bytram

It's official. You can get FUCT, US Supremes tell scandalized bureaucrats in rude trademark spat

When Erik Brunetti in 2011 first tried to obtain a trademark for his clothing company FUCT, the US Patent and Trademark Office blocked his application.

The USPTO relied on a portion of the Lanham Act that allows trademarks to be denied if they "[consist of or comprise] immoral, deceptive, or scandalous matter." So Brunetti challenged the decision in court.

On Monday this week, the US Supreme Court in a 6-3 decision affirmed a December 2017 decision by the US Court of Appeals for the Federal Circuit that found the act's trademark limitation violates the US Constitution's First Amendment guarantee of free speech.

Pointing at its own 2017 ruling in Matal v. Tam, which said the USPTO could not deny music group The Slants a trademark just because the term might offend some people, the Supreme Court told the agency in so many words to get FUCT on its registry. "[T]he 'immoral or scandalous' bar is substantially overbroad," the majority opinion, from Justice Elena Kagan, reads. "There are a great many immoral and scandalous ideas in the world (even more than there are swearwords), and the Lanham Act covers them all. It therefore violates the First Amendment."

[...] In the past, trademark applications for beverages "Marijuana Cola" and "Ko Kane," for clothing line "Bong Hits 4 Jesus," were denied for being scandalous. But trademarks have been granted for "FCUK" and "Handjob Nails and Spa."

Also at NYT, Courthouse News Service, NPR, Reuters, National Review, CNN, and Vice.

Previously: Can You Trademark an Offensive Name or Not? US Supreme Court to Decide
Two Unanimous SCOTUS Victories for Free Speech
U.S. Supreme Court Considers Issue of Trademark Protection for Profanity

Original Submission

Fnord666 writes:

https://arstechnica.com/science/2019/06/immerse-yourself-in-a-key-moment-of-apollo-history-courtesy-of-the-bbc/:

With the 50th anniversary of the first Moon landing fast approaching, there's a veritable deluge of programs, events, and media of various forms, all dedicated to recapturing an astonishing moment in humanity's collective history. All of these things face a serious challenge: the Apollo missions have been revisited so many times and from so many angles, it's difficult to say anything truly new.

Go for the obvious points, and you'll face telling a big chunk of your audience things they already knew. Aim for something truly novel, and there's the risk that you'll end up focusing on an aspect that's obscure simply because it's not that interesting or important. These problems are compounded for an audience like Ars', where most of us have spent a bit of time obsessed by the space program, and the hurdles to finding some novelty grow even higher.

The promise of a new angle on a familiar subject was what got me listening to a production by the BBC's World Service entitled 13 Minutes to the Moon. This multi-episode podcast focuses on what's really the key moment in Apollo 11: the final descent and touchdown of the Eagle lander that delivered Armstrong and Aldrin to the Moon's surface.

martyb writes:

Thanks to an article I saw on Ars Technica, I was reminded that the BBC is in the process of producing and releasing a series of downloadable podcasts called 13 Minutes To The Moon which covers people and events which lead up to and included the launch of Apollo 11 — the first manned landing on the moon — on July 20, 1969: