SoylentNews

upstart writes:

Submitted via IRC for AnonymousCoward

Vector's CEO departs, rocket company pausing its operations [Updated]

Saturday a.m. Update: Multiple former employees of the rocket company Vector in both California and Arizona have told Ars they were let go on Friday. Late Friday night, the company issued the following statement:

"In response to a major change in financing, Vector has had to pause its operations. A core team is now evaluating options to complete the development of the company's Vector R small launch vehicle while also supporting the Air Force and other government agencies on programs such as the recent ASLON-45 award."

Original post: Vector, a micro-launch company founded in 2016 to build small rockets for payloads of up to 60kg, may be in financial trouble, multiple industry sources told Ars on Friday. A spokeswoman for Vector did not comment on that. However, she did confirm the company has parted ways with its chief executive: "Jim Cantrell is no longer with Vector effective today. John Garvey has assumed the role of CEO."

The company has been working on developing its Vector-R vehicle and trying to prepare it for a suborbital flight this summer. In an interview in April, Cantrell told Ars that he hoped to fly an upgraded version, Vector-R B1003, on an orbital flight from the Pacific Spaceport Complex in Alaska before the end of this year. The financial difficulties have reportedly arisen just after Vector received some good news in the form of a launch contract from the US Air Force.

[...] The current setback comes as other companies are also racing to develop smallsat launchers—although few were quite as small as the Vector-R, which was powered by three LP-1 engines that produced a thrust of about 20,000 pounds and appeared to have a viable niche. It is widely expected that the dozens of competitors seeking to develop smaller rockets will see a funding crunch as some make it to the launch pad, and others do not.

Of these new space companies, only one, Rocket Lab, has successfully begun commercial operations. During a recent interview with Ars, Rocket Lab founder Peter Beck said there just weren't enough small satellites to go around to sustain more than a handful of small rocket companies.

Original Submission

upstart writes:

Submitted via IRC for AnonymousCoward

Robocall blocking apps caught sending your data without permission – TechCrunch

Robocall-blocking apps promise to rid your life of spoofed and spam phone calls. But are they as trustworthy as they claim to be?

One security researcher said many of these apps can violate your privacy as soon as they are opened.

Dan Hastings, a senior security consultant at cybersecurity firm NCC Group, analyzed some of the most popular robocall-blocking apps — including TrapCall, Truecaller and Hiya — and found egregious privacy violations.

[...] many of these apps, said Hastings, send user or device data to third-party data analytics companies — often to monetize your information — without your explicit consent, instead burying the details in their privacy policies.

One app, TrapCall, sent users’ phone numbers to a third-party analytics firm, AppsFlyer, without telling users — neither in the app nor in the privacy policy.

He also found Truecaller and Hiya uploaded device data — device type, model and software version, among other things — before a user could accept their privacy policies. Those apps, said Hastings, violate Apple’s app guidelines on data use and sharing, which mandate that app makers first obtain permission before using or sending data to third-parties.

Many of the other apps aren’t much better. Several other apps that Hastings tested immediately sent some data to Facebook as soon as the app loaded.

Original Submission

An Anonymous Coward writes:

link: https://disruptive.asia/huawei-tests-smartphone-equipped-with-hongmeng-os/

Huawei Technologies Co Ltd is testing a smartphone equipped with Hongmeng, the company's self-developed operating system, which could potentially go on sale by the end of this year, Chinese state-media outlet Global Times reported.

[...] Huawei executives have previously described Hongmeng as an operating system designed for IOT (internet-of-things) products. Last month the company said the first major devices powered by Hongmeng would be its upcoming line of Honor-brand smart TVs.

Original Submission

Arthur T Knackerbracket has found the following story:

Make way for another antitrust investigation into big tech. Step forward Russia's Federal Antimonopoly Service (FAS), which has opened an official probe of Apple — following a complaint lodged in March by security company Kaspersky Labs.

Kaspersky's complaint to FAS followed a change in Apple's policy towards a parental control app it offers, called Kaspersky Safe Kids. Discussing the complaint in a blog post the security firm says Apple contacted it in 2017 to inform it that the use of configuration profiles is against App Store policy, even though the app had been on Apple's store for nearly three years without it raising any objections.

Apple told Kaspersky to remove configuration profiles from the app — which it says would require it to remove two key features that makes it useful to parents: Namely, app control and Safari browser blocking.

It also points out that the timing of Apple's objection followed Apple announcing its Screen Time feature, in iOS 12 — which allows iOS users to monitor the amount of time they spend using certain apps or on certain websites and set time restrictions. Kaspersky argues Screen Time is "essentially Apple's own app for parental control" — hence raising concerns about the potential for Apple to exert unfair market power over the store it also operates by restricting competition.

We've reached out to Apple for comment on the FAS investigation. The company referred Reuters to a statement it made in April about its policy towards parental control apps, following other complaints.

In the statement Apple says it removed several such apps from the App Store because they "put users' privacy and security at risk" — calling out the use of what it described as "a highly invasive technology called Mobile Device Management" (MDM).

But Kaspersky claims its app does not, and never did, use MDM.

Also at CNet

Original Submission

upstart writes:

Submitted via IRC for AnonymousCoward

Driver Disaster: Over 40 Signed Drivers Can't Pass Security Muster

An insecure driver can be just what a hacker needs to get its foot in the door to a Windows environment. Compromised drivers are at the heart of massive security headaches ranging from recent Slingshot APT campaigns and LoJax malware. That’s why researchers at Eclypsium are sounding the alarm over what it sees as a dire security problem of insecure drivers digitally signed by reputable firms such as Microsoft.

At a session here at DEF CON on Saturday, Eclypsium’s principal researcher Mickey Shkatov was joined by researcher Jesse Michael and both shed light on research that showed that the problem of insecure drivers is widespread, affecting more than 40 drivers from at least 20 different vendors – all drivers being certified by Microsoft.

“These vulnerabilities allow the driver to act as a proxy to perform highly privileged access to the hardware resources and move an attacker from user mode to OS kernel mode,” researchers noted. They added that the vulnerabilities are widespread, impacting major BIOS vendors, as well as hardware sold by ASUS, Toshiba, NVIDIA and Huawei.

Researchers said they first pinpointed the issue in April when they culled 40 insecure drivers representing 20 vendors. They then gave offending companies a 90-day window to mitigate the issues. All 40 drivers are unique and 64-bit and signed by two separate vendors, researchers said.

“Some of the most dangerous [insecure driver attack scenarios] are arbitrary read/write of kernel memory, arbitrary read/write of model specific registers (MSRs), and arbitrary read and write of physical memory as these can all be used to achieve arbitrary code execution within the Windows kernel,” researchers told Threatpost.

Shkatov added that arbitrary hardware access via an insecure driver can allow malicious modification of firmware components, resulting in persistent subversion of existing Windows AV protection. Such was the case in March when Huawei MateBook systems included a rogue driver that let unprivileged users create processes with superuser privileges.

Original Submission

"upstart" writes:

Submitted via IRC for Bytram

With nowhere to hide from rising seas, Boston prepares for a wetter future

Boston dodged a disaster in 2012. After Hurricane Sandy devastated parts of New Jersey and New York, the superstorm hit Boston near low tide, causing minimal damage. If Sandy had arrived four hours earlier, many Bostonians would have been ankle to hip deep in seawater.

Across the globe, sea levels are rising, delivering bigger storm surges and higher tides to coastal cities. In Boston, the most persistent reminder comes in the form of regular "nuisance" flooding — when seawater spills onto roads and sidewalks during high tides. Those nuisance events are harbingers of a wetter future, when extreme high tides are predicted to become a daily occurrence.

"The East Coast has been riding a post-Sandy mentality of preparing and responding before the next big one," says Robert Freudenberg, an environmental planner at the Regional Plan Association, an urban research and advocacy firm based in New York City. But a more enduring kind of threat looms. "Sea level rise is the flooding that doesn't go away," he says. "Not that far in the future, some of our most developed places may be permanently inundated."

And Boston, for one, is not waiting to get disastrously wet to act. In the seven years since Hurricane Sandy's close call, the city-run Climate Ready Boston initiative has devised a comprehensive, science-driven master plan to protect infrastructure, property and people from the increasingly inevitable future of storm surges and rising seas. The famously feisty city intends to be ready for the next Sandy as well as the nuisance tides that promise to become the new normal, while other U.S. coastal cities are trying to keep up.

Original Submission

Arthur T Knackerbracket has found the following story:

Materials science and engineering researchers at the University of Wisconsin-Madison have demonstrated that the rules of metal-bending aren't so hard and fast after all. They described their findings Aug. 9 in the journal Nature Communications.

Their surprising discovery not only upends previous notions about how metals deform, but could help guide the creation of stronger, more durable materials.

"This creates new opportunities for materials design," says Izabela Szlufarska, a professor of materials science and engineering at UW-Madison. "It adds another parameter we can control to enable strength and ductility."

Ductility is the ability of a metal to bend. Most approaches to increase a metal's strength do so at the expense of flexibility—and as metals become more resistant to bending, they're more likely to crack under pressure.

However, the researchers' new mechanism for bending might allow engineers to strengthen a material without running the risk of fractures.

It's an advance that holds particular interest for the United States Army, which has an urgent need for strong and durable materials in order to keep troops safe in combat zones.

"Professor Szlufarska has opened up an entirely new area for exploration for structural materials processing and design," said Michael Bakas, synthesis and processing program manager at Army Research Office in the U.S. Army Combat Capabilities Development Command Army Research Laboratory. "By making such a high-impact discovery, Professor Szlufarska has potentially laid the technical foundation for the development of a new generation of advanced structural materials that could eventually be employed in future Army equipment and vehicles."

Original Submission

Arthur T Knackerbracket has found the following story:

At this year's r00tz asylum, kids will learn how disinformation campaigns use bots to spread chaos on social media.

But the organizers behind the r00tz Asylum, Defcon's kid-friendly event, say there's no cause for alarm. 

The goal isn't to launch a new flurry of hoaxes and chaos on social media for the 2020 US presidential election. It's to teach the next generation of voters about how easily fraud erupts social media and to break down the tools foreign actors use to spread disinformation, r00tz co-founder Nico Sell said. 

"The kids are now really interested and want a way to engage," Sell said at this week's Defcon hacking conference in Las Vegas. "They hear a lot about fake news out there -- these are things that we want to show them, the exact mechanics of how things really work." 

This is the second year that the r00tz Asylum's challenge will be focused on politics, after kid hackers at Defcon 2018 learned how to hack into websites simulating state election results. 

This year's challenge is split up into two parts. First, the Voting Village will be teaching kids how to hack simulated campaign finance websites and alter documents. Then the Artificial Intelligence Village will be working with the kids to create a disinformation campaign to spread those forged documents on a simulated social network. 

"This is entirely closed course. Nothing, including the bots that the kids write, will be touching anything on the open internet," Win Suen, the AI Village's challenge leader, said.

[...] Each team will be allowed to have three bots. Participants will then be able to see the results changing in real-time on a large screen, as if it were a real disinformation campaign. 

While the challenge is a scaled-down version of how disinformation spreads, the organizers believe the lessons are just as important. 

"What we're doing is somewhat analogous to kiddie go-karts," Suen said. "Everything is done on a closed course, with extra safety features and adult supervision. The course is also a lot easier and more controlled than anything a driver encounters in the real world, but hopefully kids have fun and learn something too." 

Original Submission

Arthur T Knackerbracket has found the following story:

Top FBI officials informed congressional lawmakers this week that they have been unable to access the smartphone of the suspected gunman in the Dayton, Ohio, mass shooting, two sources told The Hill.

In a briefing about the weekend shootings in Dayton and El Paso, Texas, FBI Deputy Director David Bowdich told House Democrats that the agency is in possession of what’s believed to be Connor Betts’s primary phone but can’t open it because it requires a passcode, according to the two sources who took part in Wednesday's briefing.

[...] During the conference call with lawmakers, Bowdich said the FBI “can’t unlock” the device. If Betts was using a six- to eight-digit PIN, it could be months or even years before the FBI can crack the password, Bowdich said.

“We don’t know when we are going to get into the phone,” he told lawmakers, according to a source on the call, one of several FBI briefings this week involving members of Congress from both parties.

The FBI did not immediately respond to a request for comment.

[...] After a 2015 mass shooting left 14 people dead in San Bernardino, Calif., the FBI mounted a public campaign to pressure Apple into creating software that would give law enforcement access to one of the shooter’s phones. The Department of Justice asked a federal court in California to compel the iPhone maker into building a backdoor into the device.

Before the court could rule on the DOJ’s motion, the FBI announced it had managed to gain access into the phone with the help of an outside contractor, heading off what might have been a landmark battle with Silicon Valley over civil liberties.

Original Submission

Arthur T Knackerbracket has found the following story:

One of Ajit Pai's attempts to eliminate regulation of 5G deployment has been overturned by federal judges.

The Federal Communications Commission last year approved an order that "exempted most small cell construction from two kinds of previously required review: historic-preservation review under the National Historic Preservation Act (NHPA) and environmental review under the National Environmental Policy Act (NEPA)," federal judges said in their decision partially overturning the order.

The FCC claimed its deregulation of small cells was necessary to spur deployment of 5G wireless networks. But the commission was sued by the United Keetoowah Band of Cherokee Indians in Oklahoma, the Blackfeet Tribe, and the Natural Resources Defense Council (NRDC). The FCC order was of particular interest to tribal groups because it affected construction on "sites of religious and cultural importance to federally recognized Indian Tribes," the judges noted. "The Order also effectively reduced Tribes' role in reviewing proposed construction of macrocell towers and other wireless facilities that remain subject to cultural and environmental review."

The FCC's opponents argued that the elimination of historic-preservation and environmental review was arbitrary and capricious, that it violated both the NHPA and NEPA, and that the changes to tribes' role in reviewing construction was arbitrary and capricious. A three-judge panel of the US Court of Appeals for the District of Columbia Circuit issued its unanimous ruling today.

Judges wrote that Pai's order "does not justify the Commission's determination that it was not in the public interest to require review of small cell deployments. In particular, the Commission failed to justify its confidence that small cell deployments pose little to no cognizable religious, cultural, or environmental risk, particularly given the vast number of proposed deployments and the reality that the Order will principally affect small cells that require new construction."

The FCC also failed to "adequately address possible harms of deregulation and benefits of environmental and historic-preservation review," which means the commission's "deregulation of small cells is thus arbitrary and capricious," judges concluded.

The judges did not vacate the FCC order in its entirety, and they remanded some remaining issues back to the commission.

Original Submission

Arthur T Knackerbracket has found the following story:

Uber is freezing hiring for software engineers and product managers across its US and Canadian workforce, the company acknowledged to Bloomberg on Friday. The shift was reported by Yahoo earlier in the day. The freeze does not apply to Uber's autonomous vehicle and freight shipping divisions.

The news comes a day after Uber reported second quarter operating losses of $5.4 billion—a new record for the company. That figure exaggerates Uber's quarterly burn rate because it includes more than $4 billion in one-time charges related to Uber's initial public offering. Still, excluding IPO-related charges still leaves around $1.2 billion in operating losses, worse than the $1 billion the firm lost in the first quarter.

Uber recently laid off 400 marketing workers. According to Yahoo, Uber employees are worried that this could be a prelude to broader cuts as the company's struggles to stem its losses.

Original Submission

takyon writes:

Russia explosion: Five confirmed dead in rocket blast

Five people were killed and three injured following a rocket explosion on an Arctic naval test range in Russia on Thursday, state nuclear company Rosatom confirmed. Rosatom said the accident occurred during tests on a liquid propellant rocket engine. The three injured staff members suffered serious burns in the accident. Authorities had previously said that two people died and six were injured in the blast at the site in Nyonoksa.

The company told Russian media that its engineering and technical team had been working on the "isotope power source" for the propulsion system. The Nyonoksa site carries out tests for virtually every missile system used by the Russian navy, including sea-launched intercontinental ballistic missiles, cruise missiles and anti-aircraft missiles.

Authorities in Severodvinsk, 47km (29 miles) east of Nyonoksa said that radiation levels shortly after the blast were higher than normal for about 40 minutes but returned to normal. Locals have rushed to buy medical iodine, with pharmacies' stocks of iodine reported to be running out in the cities of Arkhangelsk and Severodvinsk. The rush for iodine was reported earlier by a news website for the Arkhangelsk region, 29.ru.

Also at The Guardian, NBC, and CNN.

See also: U.S.-Based Experts Suspect Russia Blast Involved Nuclear-Powered Missile

Update: Russia Confirms Radioactive Materials Were Involved in Deadly Blast

In a statement released at 1 a.m. Saturday, Russia's nuclear energy company, Rosatom, said five employees had died, in addition to the two military personnel previously confirmed dead, as a result of a test on Thursday morning involving "isotopic sources of fuel on a liquid propulsion unit."

Original Submission

Arthur T Knackerbracket has found the following story:

The Gulf Stream, the warm current that brings the east coast of Florida the mixed blessings of abundant swordfish, mild winters and stronger hurricanes, may be weakening because of climate change.

Visible from the air as a ribbon of cobalt blue water a few miles off the coast, the Gulf Stream forms part of a clockwise system of currents that transports warm water from the tropics up the east coast and across the Atlantic to northwestern Europe. In the frigid climate near Greenland, the water cools, sinks and flows south again, rolling through the deep ocean toward the tropics.

This marine circulatory system has reached its weakest point in 1,600 years, recent studies show, having lost about 15% of its strength since the mid-20th century. Scientists disagree on whether climate change or natural cycles account for the slowdown. But a consensus has emerged that climate change will lead to a slower Gulf Stream system in the future, as melting ice sheets in Greenland disrupt the system with discharges of cold fresh water.

A weaker Gulf Stream would mean higher sea levels for Florida's east coast. It could lead to colder winters in northern Europe (one reason many scientists prefer the term climate change to global warming). And it could mean that a lot of the heat that would have gone to Europe would stay along the U.S. east coast and in Florida.

"If you slow down the sinking of water in the North Atlantic, that means you have a pileup of waters along the eastern seaboard of the United States and the Gulf of Mexico," said Brenda Ekwurzel, director of climate science for the Union of Concerned Scientists, an environmental group. "That means that you have increased regional sea level rise just from that ocean circulation change. So that's not good for New York City, Norfolk or along Florida."

-- submitted from IRC

Original Submission

barbara hudson writes:

Things finally came to a head on slashdot last night, and now anonymous posts are banned. No more anonymous nazi ASCII art, no anonymous racism, and no APK. More in this journal entry [Ed's Comment: And lots of interesting comments too ...].

It's one way to combat anonymous hate speech and forum spam.

[Editor (JR) We've looked at the site but we cannot find an announcement that anonymous posts are actually banned; it might simply be a case that the software is not working correctly, although it would seem to be an unlikely cause. Does anyone in our community have any additional information to categorically prove or disprove that anonymous comments are disabled?

Furthermore, as there are many more comments in the journal entry than there are here, I would recommend making any new comments on BarbaraHudson's journal entry rather than splitting the discussion into two.]

Original Submission

upstart writes:

Submitted via IRC for takyon

Squad, the 'anti-bro startup,' is creating a safe space for teenage girls online – TechCrunch

Squad, an app that allows you to video chat and share your phone screen with a friend in real time, has tapped into a demographic clamoring for a safe space to gather online. Without any marketing, the startup has collected 450,000 registered users in eight months, 70% of which are teenage girls. So far this year, users have clocked in 1 million hours inside Squad calls.

“Completely accidentally we’ve developed this global audience of users and it’s girls all over the world,” Squad co-founder and chief executive officer Esther Crawford tells TechCrunch. “In India, it’s girls. In Saudi Arabia, it’s girls. In the U.S., it’s girls. Even without us localizing it, girls all over the world are finding it.”

“We want to be a place where girls can come and hang out,” – Squad co-founder and CEO Esther Crawford.

Crawford describes Squad, which she’s built alongside her co-founder and chief technology officer Ethan Sutin, as the “anti-bro startup.” Not only because it’s led by a woman and boasts a cap table that’s 30% women and 30% people of color, but because she’s completely rewriting the consumer social startup playbook.

“We are trying to learn from the best in what they did but get rid of the shit,” Crawford said, referring to Snap, WhatsApp, Twitch and others. Twitch, a live-streaming platform for gamers, has become a social gathering place for Gen Z, she explains, but like many other communities on the internet, it’s failed its female users.

Original Submission