SoylentNews

Arthur T Knackerbracket has found the following story:

Some of the UK's newest and most popular cars are at risk of being stolen in seconds by exploiting weaknesses in keyless entry systems. The systems let drivers open and start their cars without taking their key out of their pocket. A DS 3 Crossback and Audi TT RS were taken in 10 seconds, and a Land Rover Discovery Sport TD4 180 HSE in 30.

What Car? security experts performed the tests using the same specialist technology operated by thieves. They measured the time it took to get into the cars and drive them away.

Car theft rates in England and Wales have reached an eight-year high. In 2018, more than 106,000 vehicles were stolen. And motor theft insurance claim payouts hit their highest level in seven years at the start of 2019.

The Association of British Insurers said claims for January to March were higher than for any quarter since 2012.

It said a rise in keyless car crime was partly to blame, but did not have figures on what proportion of claims were for keyless vehicles.

Previously:
Volkswagen Finally Agrees to Publication Of Vulnerability Paper, After Removal of One Sentence

Original Submission

jas writes:

Networking equipment is one of the last bastions of technology where opaque, proprietary, closed-source hardware continues to thrive. This opacity—combined with networking equipment functioning as the backbone of enterprise computing—creates a fertile breeding ground for fear, uncertainty, and doubt to proliferate. As a result of this, Huawei has spent nearly a decade embattled by accusations of spying for the Chinese government, and since May, a blacklisting.

[...] There's an aphorism named "Linus's Law" which states "Given enough eyeballs, all bugs are shallow." This plausibly applies to Huawei's circumstances: Publishing the full source code to Huawei products is a simplistic—and maximalist—way of dealing with security vulnerabilities and undercut accusations of spying that have plagued Huawei for years.

Opening Huawei products to third-party scrutiny would—at a minimum—surface situations where third-party open-source libraries are not being properly updated, if not allow security researchers the ability to identify vulnerabilities in Huawei-developed code. Such an initiative could also be used to create a shared build platform, making security updates easier to deploy across different device models.

https://www.techrepublic.com/article/huawei-doesnt-see-open-source-as-the-fix-for-spying-accusations-but-they-should/

Original Submission

Arthur T Knackerbracket has found the following story:

Every second counts for stroke patients, as studies show they can lose up to 27 million brain cells per minute. Researchers at The University of Texas Health Science Center at Houston (UTHealth) recently published new findings in Stroke that show patients transported to the hospital by mobile stroke unit instead of standard ambulance received a clot-busting procedure an average of 10 minutes faster, which could potentially save up to 270 million neurons per patient.

In 2014, McGovern Medical School at UTHealth was the first in the nation to launch a mobile stroke unit, a specially equipped ambulance for diagnosing and treating stroke rapidly before hospital arrival.

"The quicker we get stroke victims treatment that will restore blood flow, the more brain tissue we can save," said Alexandra Czap, MD, vascular neurology fellow in the Department of Neurology at McGovern Medical School and first author of the paper. "This study shows that mobile stroke units like ours can be effective in streamlining time to treatment, potentially saving neurological function, and ultimately improving quality of life in stroke patients."

The study looked at data from 161 patients from Houston and two other locations from 2014 to 2018 who underwent intra-arterial thrombectomy after suffering an acute ischemic stroke, the most common kind, which is caused by a blockage in a cerebral artery. The only medical therapy known to treat ischemic stroke, tissue plasminogen activator (tPA), is not always able to clear a large clot. To perform the procedure, also known as endovascular thrombectomy, a vascular neurologist threads a catheter usually through a groin artery up to the blockage, where a small device inserted into the catheter is used to remove the clot.

"This is a hallmark paper because it shows that pre-hospital evaluation and management on a mobile stroke unit can significantly reduce time to endovascular treatment for patients with large artery clots," said Amanda L. Jagolino-Cole, MD, a teleneurologist and assistant professor in the Department of Neurology at McGovern Medical School, who was the senior author of the paper.

Alexandra L. Czap, Et. Al. Emergency Department Door-to-Puncture Time Since 2014. Stroke, 2019; 50 (7): 1774 DOI: 10.1161/STROKEAHA.119.025106

Original Submission

Amazon has increasingly been doing much of the work to bridge the ‘last mile’

FedEx has opted not to renew its ground-shipping contract with Amazon, according to Bloomberg News. It’s the latest move from the shipping company as it works to sever ties with the e-commerce giant, which has increasingly worked to build out its own delivery infrastructure.

FedEx’s contract with Amazon was set to expire at the end of August, and it comes just two months after FedEx announced that it wouldn’t renew Amazon’s FedEx Express contract, which the online retailer used to transport packages by air. This newly ended contract focused on FedEx’s ground deliveries that helped bridge the “last-mile” gap between Amazon’s warehouses and its customers.

The move from FedEx comes as Amazon has increasingly become a competitor for the shipping firm. FedEx has previously said that Amazon isn’t a huge customer for it: the online retailer makes up around 1.3 percent of its total revenue. A FedEx spokesperson told The Verge that “this change is consistent with our strategy to focus on the broader e-commerce market, which the recent announcements related to our FedEx Ground network have us positioned extraordinarily well to do.” Essentially, the shipping business is projected to grow in the coming years, and FedEx isn’t interested in helping Amazon.

[...]FedEx and UPS have also been expanding their delivery services: eachannounced that they would begin delivering packages seven days a week. FedEx has also begun shipping packages faster with a new program called Extra Hours. And earlier this year, it unveiled its own delivery robot, which it’s testing out in its Memphis headquarters.

Original Submission

Arthur T Knackerbracket has found the following story:

Lodgepole pines attacked by mountain pine beetles release volatile chemical compounds to warn related trees of the incoming threat, according to a new University of Alberta study.

[...]The messages from the attacked tree can only be decoded by its closest relatives, not by strangers, said Altaf Hussain, a Ph.D. candidate who led the study.

"This communication between the neighboring related pines allows the healthy trees to prepare for the attack by boosting up their chemical defenses," he added.

[...]"As far as I know, there is no research that shows kinship support through volatile organic chemicals, so it's quite exciting," Hussain explained.

Mountain pine beetles are a serious threat to Canada's forests. Native to British Columbia, the beetles used to play a crucial role in renewing lodgepole pine populations. The warming climate of recent years made the beetle population explode and cross the Rocky Mountains into Alberta.

Because the beetles are capable of killing most species of pines in North America, scientists now anticipate their migration will continue through the boreal forest all the way to the East Coast in coming decades, leaving a trail of economic and ecological devastation.

More information: Altaf Hussain et al. Spatial characteristics of volatile communication in lodgepole pine trees: Evidence of kin recognition and intra-species support, Science of The Total Environment (2019). DOI: 10.1016/j.scitotenv.2019.07.211

Original Submission

"upstart" writes:

Submitted via IRC for SoyCow7671

Uber and Lyft admit they're making city traffic worse

Uber and Lyft may be competitors but as the two major ridesharing companies, they also have a lot in common -- including the challenges they face. To better understand their role in city traffic patterns, the companies jointly sponsored a study to determine their combined vehicle miles traveled (VMT) in six key cities. In a surprising twist, the results got Uber to admit that ridesharing companies, or transportation network companies (TNCs), do in fact contribute to congestion.

"The research shows that despite tremendous growth over the past decade, TNC use still pales in comparison to all other traffic, and although TNCs are likely contributing to an increase in congestion, its scale is dwarfed by that of private cars and commercial traffic," Chris Pangilinan, Uber's Head of Global Policy for Public Transportation, wrote in a blog post.

The study, conducted by Fehr & Peers, looked at Uber and Lyft trips in Boston, Chicago, Los Angeles, San Francisco, Seattle and Washington DC. In San Francisco County, Uber and Lyft were responsible for 13.4 percent of all VMT. In Boston, they accounted for eight percent, and in Washington, DC they represent 7.2 percent of vehicle-miles. Just over half of those miles (54 to 62 percent) were spent actually driving a passenger.

Original Submission

Arthur T Knackerbracket has found the following story:

We receive half of our genes from each biological parent, so there's no avoiding inheriting a blend of characteristics from both. Yet, for single-celled organisms like bacteria that reproduce by splitting into two identical cells, injecting variety into the gene pool isn't so easy. Random mutations add some diversity, but there's a much faster way for bacteria to reshuffle their genes and confer evolutionary advantages like antibiotic resistance or pathogenicity.

Known as horizontal gene transfer, this process permits bacteria to pass pieces of DNA to their peers, in some cases allowing those genes to be integrated into the recipient's genome and passed down to the next generation.

The Grossman lab in the MIT Department of Biology studies one class of mobile DNA, known as integrative and conjugative elements (ICEs). While ICEs contain genes that can be beneficial to the recipient bacterium, there's also a catch—receiving a duplicate copy of an ICE is wasteful, and possibly lethal. The biologists recently uncovered a new system by which one particular ICE, ICEBs1, blocks a donor bacterium from delivering a second, potentially deadly copy.

"Understanding how these elements function and how they're regulated will allow us to determine what drives microbial evolution," says Alan Grossman, department head and senior author on the study. "These findings not only provide insight into how bacteria block unwanted genetic transfer, but also how we might eventually engineer this system to our own advantage."

An Anonymous Coward writes:

https://www.ifixit.com/News/apple-is-locking-batteries-to-iphones-now

By activating a dormant software lock on their newest iPhones, Apple is effectively announcing a drastic new policy: only Apple batteries can go in iPhones, and only they can install them.

If you replace the battery in the newest iPhones, a message indicating you need to service your battery appears in Settings > Battery, next to Battery Health. The "Service" message is normally an indication that the battery is degraded and needs to be replaced. The message still shows up when you put in a brand new battery, however. Here's the bigger problem: our lab tests confirmed that even when you swap in a genuine Apple battery, the phone will still display the "Service" message.

It's not a bug; it's a feature Apple wants. Unless an Apple Genius or an Apple Authorized Service Provider authenticates a battery to the phone, that phone will never show its battery health and always report a vague, ominous problem.

Original Submission

canopic jug writes:

IBM researcher Charles Henderson has written a blog post about shipping a 3G-enabled single board computer to companies to scan and infiltrate their insecure wireless networks from inside the physical premises. This attack method works when companies fail to adopt the zero-trust networking model hammered out already during the 1980s and mistakenly assume that anything connecting inside the network is safe. Henderson makes some recommendations while appearing to avoid addressing the fundamental problem.

The warship device X-Force Red uses in their pentesting engagements is a disposable, lightweight, low-cost (<$100) and low-power single-board computer (SBC) that can run on a basic cell phone battery and has a 3G-enabled modem. "SBCs have some inherent limitations, such as the high amount of power they consume to operate, so we applied some clever hacks to turn them into low-power gadgets when active and power them off completely when dormant. Using an IoT modem, we were also able to keep these devices connected while in transit and communicate with them every time they powered on," Henderson explained. Once at the destination - a target's front door, mailroom or loading dock - the device can be activated and remotely controlled by the pentesters/attackers. It can listen for handshake packets and transmit the captured hasheds to their servers, where they can crack the preshared key and effectively discover the Wi-Fi network's password. It can also be used to launch a deauthentication and an "evil twin" attack, tricking users into joining the attackers' decoy network and unknowingly share login credentials. "Once we broke in via the Wi-Fi access, we could then seek to pivot by exploiting existing vulnerabilities to compromise a system, like an employee's device, and establish a persistent foothold in the network. With this ability to get back into a compromised network, attackers can move through it, steal sensitive employee data, exfiltrate corporate data or harvest user credentials," Henderson pointed out.

His post is also summarized without the paywall at:
Help Net Security : Warshipping: Attackers can access corporate networks through the mailroom

Original Submission

An Anonymous Coward writes:

https://www.linuxjournal.com/content/linux-journal-ceases-publication-awkward-goodbye

IMPORTANT NOTICE FROM LINUX JOURNAL, LLC:
On August 7, 2019, Linux Journal shut its doors for good. All staff were laid off and the company is left with no operating funds to continue in any capacity. The website will continue to stay up for the next few weeks, hopefully longer for archival purposes if we can make it happen.
–Linux Journal, LLC

Final Letter from the Editor: The Awkward Goodbye

by Kyle Rankin

Have you ever met up with a friend at a restaurant for dinner, then after dinner you both step out to the street and say a proper goodbye, only when you leave, you find out that you both are walking in the same direction? So now, you get to walk together awkwardly until the true point where you part, and then you have another, second goodbye, that's much more awkward.

That's basically this post.

Original Submission

takyon writes:

Xiaomi and Samsung Tease Upcoming Smartphone with 108MP Image Sensor

Xiaomi actually made two announcements today. The first is that it will be using Samsung's ISOCELL GW1 64MP image sensor in an upcoming Redmi phone. That, in and of itself, is a big deal. The GW1 uses "tetracell" technology (read: a quad-bayer array) to shoot 16MP images in low light, but thanks to a "remosaic" algorithm, it can still spit out full-resolution 64MP images in bright conditions. It's the highest resolution smartphone image sensor available... for now.

That's because this announcement was overshadowed by the news that Xiaomi and Samsung have teamed up on an even higher resolution "100MP" camera...

[...] The teaser says "100MP" but claims a total resolution of 12032 by 9024, which comes out to just over 108MP when you do the math. Following in the GW1's footsteps, we would guess that this, too, uses a quad-bayer array to produce 27MP images in normal shooting conditions, relying on the same remosaic algorithm to reconstruct full-res 108MP files when there's enough of light to go around.

Original Submission

takyon writes:

Small satellite launcher Rocket Lab unveils plans to recover its rockets midair with helicopters

Small satellite launcher Rocket Lab is following in the footsteps of rocket behemoth SpaceX with plans to make its rockets reusable. But Rocket Lab won't be landing its vehicles in the same fashion as SpaceX's Falcon 9. Instead, the company plans to catch its rockets in mid-air with a helicopter after they've fallen back to Earth.

Rocket Lab announced these plans today at the Small Satellite Conference in Utah. The company says the goal is to increase the frequency of launches of its primary rocket, called the Electron. By saving the vehicles when they return to Earth, Rocket Lab hopes to turn them around and re-launch them again as soon as possible. And that shouldn't be too difficult since some of the vehicle's machinery runs on electric batteries.

[...] To recover its rockets, Rocket Lab envisions a complicated system involving ships, helicopters, and parachutes. After launch, the Electron rocket will ascend and break apart in space, with the upper portion of the rocket continuing deeper into orbit and the lower portion falling back to the planet. That bottom portion of the rocket will reenter Earth's atmosphere — hopefully intact — and then deploy a parachute to slow its fall. In the meantime, a helicopter will take off from a ship and attempt to snag the rocket's parachute in the sky. The helicopter will then deposit the rocket back at the ship.

Original Submission

takyon writes:

And Now, a Bicycle Built for None (archive)

As corporate giants like Ford, G.M. and Waymo struggle to get their self-driving cars on the road, a team of researchers in China is rethinking autonomous transportation using a souped-up bicycle.

This bike can roll over a bump on its own, staying perfectly upright. When the man walking just behind it says "left," it turns left, angling back in the direction it came.

It also has eyes: It can follow someone jogging several yards ahead, turning each time the person turns. And if it encounters an obstacle, it can swerve to the side, keeping its balance and continuing its pursuit.

It is not the first-ever autonomous bicycle (Cornell University has a project underway) or, probably, the future of transportation, although it could find a niche in a future world swarming with package-delivery vehicles, drones and robots. (There are even weirder ideas out there.) Nonetheless, the Chinese researchers who built the bike believe it demonstrates the future of computer hardware. It navigates the world with help from what is called a neuromorphic chip, modeled after the human brain.

Towards artificial general intelligence with hybrid Tianjic chip architecture (DOI: 10.1038/s41586-019-1424-8) (DX)

Original Submission

takyon writes:

AMD Rome Second Generation EPYC Review: 2x 64-core Benchmarked

From the conclusion:

Due to bad luck and timing issues we have not been able to test the latest Intel and AMD servers CPU in our most demanding workloads. However, the metrics we were able to perform shows that AMD is offering a product that pushes out Intel for performance and steals the show for performance-per-dollar.

For those with little time: at the high end with socketed x86 CPUs, AMD offers you up to 50 to 100% higher performance while offering at a 40% lower price. Unless you go for the low end server CPUs, there is no contest: AMD offers much better performance for a much lower price than Intel, with more memory channels and over 2x the number of PCIe lanes. These are also PCIe 4.0 lanes. What if you want to [have] more than 2 TB of RAM in your dual socket server? The discount in favor of AMD just became 50%.

[...] So has AMD done the unthinkable? Beaten Intel by such a large margin that there is no contest? For now, based on our preliminary testing, that is the case. The launch of AMD's second generation EPYC processors is nothing short of historic, beating the competition by a large margin in almost every metric: performance, performance per watt and performance per dollar.

Analysts in the industry have stated that AMD expects to double their share in the server market by Q2 2020, and there is every reason to believe that AMD will succeed. The AMD EPYC is an extremely attractive server platform with an unbeatable performance per dollar ratio.

Intel's most likely immediate defense will be lowering their prices for a select number of important customers, which won't be made public. The company is also likely to showcase its 56-core Xeon Platinum 9200 series processors, which aren't socketed and only available from a limited number of vendors, and are listed without pricing so there's no firm determination on the value of those processors. Ultimately, if Intel wanted a core-for-core comparison here, we would have expected them to reach out and offer a Xeon 9200 system to test. That didn't happen. But keep an eye out on Intel's messaging in the next few months.

See also: AMD Unveils 7nm EPYC Rome Processors, up to 64 Cores and 128 Threads for $6,950
AMD EPYC Rome SKU List and Block Diagram Posted
AMD lands Google, Twitter as customers with newest server chip

Original Submission

Arthur T Knackerbracket has found the following story:

Technology to measure the flow of subatomic particles known as antineutrinos from nuclear reactors could allow continuous remote monitoring designed to detect fueling changes that might indicate the diversion of nuclear materials. The monitoring could be done from outside the reactor vessel, and the technology may be sensitive enough to detect substitution of a single fuel assembly.

The technique, which could be used with existing pressurized water reactors as well as future designs expected to require less frequent refueling, could supplement other monitoring techniques, including the presence of human inspectors. The potential utility of the above-ground antineutrino monitoring technique for current and future reactors was confirmed through extensive simulations done by researchers at the Georgia Institute of Technology.

"Antineutrino detectors offer a solution for continuous, real-time verification of what is going on within a nuclear reactor without actually having to be in the reactor core," said Anna Erickson, associate professor in Georgia Tech's George W. Woodruff School of Mechanical Engineering. "You cannot shield antineutrinos, so if the state running a reactor decides to use it for nefarious purposes, they can't prevent us from seeing that there was a change in reactor operations."

Employing antineutrino detectors to safeguard future nuclear reactors from diversions (open, DOI: 10.1038/s41467-019-11434-z) (DX)

Original Submission