SoylentNews

takyon writes:

Jakarta Is Crowded And Sinking, So Indonesia Is Moving Its Capital To Borneo

Indonesian President Joko Widodo says his country will create a new capital city on the island of Borneo, revealing new details about his plan to move the central government out of Jakarta. The capital's current location faces a number of problems, including the fact that it's sinking.

Widodo's announcement Monday comes months after he said he wanted to move the capital, seeking a place that can offer a break from Jakarta's environmental challenges as well as its relentlessly gridlocked traffic.

While rising seawater levels from climate change are a widespread concern for island and coastal areas worldwide, experts say Jakarta has played a central role in its own predicament. "Jakarta's problems are largely man-made," NPR's Merrit Kennedy reported earlier this year. "The area's large population has extracted so much groundwater that it has impacted the ground levels, and many surface water resources are polluted."

Jakarta has a population of around 10 million, with 20 million more in the greater metropolitan area.

Also at NYT and CNN.

Original Submission

[Update 20190827_002701 UTC: According to Elon Musk on Twitter:

Igniters need to be inspected. We will try again tomorrow same time.

In another tweet he explained:

Raptor uses dual redundant torch igniters. Better long-term, but more finicky in development.

See also: updated stories at Ars Technica and CNET.

Original story follows. --martyb]

Starhopper test live at https://www.youtube.com/watch?v=Jhjyz183poo

See also: SpaceX's Starhopper cleared by FAA for second and final flight test as locals urged to exit homes
LIVESTREAM: SpaceX Starhopper 150 meter test flight in Boca Chica, TX

upstart writes:

Submitted via IRC for Bytram

How SpaceX plans to move Starship from Cocoa site to Kennedy Space Center

Starship will enter Kennedy Space Center by water next to the Vehicle Assembly Building and Launchpad 39A, according to a recently-released NASA environmental impact report.

That so-called "turn basin" is where other large rocket components have arrived at KSC by barge, including the Space Shuttle's external fuel tanks that were built in Louisiana. At 180 feet in height, Starship will be slightly taller and wider than the shuttle's orange fuel tanks.

SpaceX has not disclosed what type of flight tests the Starship prototype will undergo once it arrives at Kennedy Space Center.

Original Submission

upstart writes:

Submitted via IRC for AndyTheAbsurd

India Develops the World's First Iron-ion Battery

A research team from India's IIT (Institute of Technology) Madras has officially developed the world's first iron-ion battery, which promises a low-cost stable alternative to the existing mainstream lithium-ion battery.

[...] Compared to the traditional lithium ion batteries, the newly developed batteries from IIT are much more cost effective, and features slightly better storage capacity and stability. The iron-ion batteries are also much more safe to use, due to the inability of iron to produce dendrites, which prevents a short circuit from happening when the electricity is discharged, according to the research team's findings.

[...] Despite having some noticeable advantages over lithium ion batteries, the newly developed iron ion batteries will still need to undergo further optimization and testing, as the research team's findings have showed that it is only capable of 150 cycles of charging and discharging for the time being. At the present stage, the energy density of the battery is also only able to reach around 220 Wh/kilo, which is only around 55-60% of the 350 Wh/kilo of energy density for lithium-ion battery.

Still requires vanadium, a relatively rare element, but it's six times as common as lithium

Also at IIT and Popular Mechanics.

Original Submission

Arthur T Knackerbracket has found the following story:

A French security researcher has found a critical vulnerability in the blockchain-based voting system Russian officials plan to use next month for the 2019 Moscow City Duma election.

Pierrick Gaudry, an academic at Lorraine University and a researcher for INRIA, the French research institute for digital sciences, found that he could compute the voting system's private keys based on its public keys. This private keys are used together with the public keys to encrypt user votes cast in the election.

Gaudry blamed the issue on Russian officials using a variant of the ElGamal encryption scheme that used encryption key sizes that were too small to be secure. This meant that modern computers could break the encryption scheme within minutes.

"It can be broken in about 20 minutes using a standard personal computer, and using only free software that is publicly available," Gaudry said in a report published earlier this month.

"Once these [private keys] are known, any encrypted data can be decrypted as quickly as they are created," he added.

The block-chain based electronic voting system of Moscow's parliament is basically insecure, like in, totally broken. https://t.co/EafAAYXkpB pic.twitter.com/ISNcuPDvFu

— Lukasz Olejnik (@lukOlejnik)

What an attacker can do with these encryption keys is currently unknown, since the voting system's protocols weren't yet available in English, so Gaudry couldn't investigate further.

An Anonymous Coward writes:

From MLive, Months after dire warnings, Flint spills 2 million gallons of raw sewage into river:

The city dumped an estimated 2 million gallons of untreated sewage into the Flint River Sunday, Aug. 18, just months after officials warned wastewater infrastructure was fast approaching a "critical point."

A partial report filed by the city with the state Department of Environment, Great Lakes and Energy on Tuesday, Aug. 20, says a "flash flood event" overflowed primary settling tanks at the city's wastewater treatment plant on Beecher Road, sending raw waste onto the ground and into a storm sewer drain that discharges directly to the river....

Earlier this year, the city sought a waiver from the Genesee County Health Department, requesting that it be allowed to skip testing river water for bacteria after sewage spills in cases in which the discharge comes from its retention basin.

takyon writes:

Baidu overtakes Google in global smart speaker market

Chinese search giant Baidu is now the world's second biggest vendor of smart speakers, according to a new report from Canalys. The research firm says Baidu overtook Google to capture 17.3 percent of the global market with 4.5 million shipments in the second quarter of 2019, representing staggering year-on-year growth of 3,700 percent. Amazon remains the overall leader with more than 25 percent share of the market and 6.6 million shipments.

Baidu's AI speakers run on an AI platform called DuerOS. The company initially targeted the high end of the market with the Teenage Engineering-designed Raven H speaker, but that product apparently sold poorly. More recently, Baidu has pushed sales of much less expensive models, with the basic Xiaodu speaker selling for as low as 89 yuan (~$12). Baidu overtook previous domestic leader Alibaba in the first quarter of this year in China, according to Canalys.

But the company has faced some trouble lately:

Baidu has lost over $60 billion in value since its peak — now earnings are expected to fall further
TikTok's Parent Pushes Into Search Business in Threat to Baidu
Baidu is facing an unlikely challenger in China's search market — TikTok owner ByteDance
Baidu: 'China's Google' Is Not Done Yet

Related: Baidu Launches 'AI-powered Digital Assistant' Duer to Take On Google Now, Siri
Amazon Dominates Voice-Controlled Speaker Market
Alibaba Challenges Google, Amazon With New Echo-Like Device
Baidu, "China's Google", Shows First Loss
Google Will Give 100,000 Home Minis to People With Paralysis

Original Submission

upstart writes:

Submitted via IRC for SoyCow1984

Alarm System Defeated By $2 Wireless Dongle, Nobody Surprised

The item in question is the SimpliSafe alarm system, a fully wireless, install-it-yourself system available online and from various big-box retailers. We’ve covered the system’s deeply flawed security model before, whereby SDRs can be used to execute a low-effort replay attack. As simple as that exploit is, it looks positively elegant next to [LockPickingLawyer]’s brute-force attack, which uses a $2 RF remote as a jammer for the 433-MHz wireless signal between sensors and the base unit.

With the remote in close proximity to the system, he demonstrates how easy it would be to open a door or window and enter a property guarded by SimpliSafe without leaving a trace. Yes, a little remote probably won’t jam the system from a distance, but a cheap programmable dual-band transceiver like those offered by Baofeng would certainly do the trick. Not being a licensed amateur operator, [LockPickingLawyer] didn’t test this, but we doubt thieves would have the respect for the law that an officer of the court does.

Original Submission

upstart writes:

Submitted via IRC for SoyCow3196

Relying on bug bounties 'not appropriate risk management': Katie Moussouris

If you expect a bug bounty to find and fix your organisation's hidden cybersecurity problems, you're wrong. To steal a line from the late John Clarke, you're a fool to yourself and a burden to others.

Bug bounties are certainly sexy. You'll look like you're engaging with the wider cybersecurity community, and you'll get great media coverage when a hacker strikes it rich.

There's also the belief that if your organisation doesn't pay to know about the bugs, then organised criminals and nation-states will.

But the reality? You may well be paying out big bucks to find generic, easy-to-find vulnerabilities, according to Katie Moussouris, founder and chief executive officer of Luta Security.

"Not all bugs are created equal," she told the Gartner Security and Risk Management Summit in Sydney on Monday.

The vast majority of bugs found via bug bounty programs are cross-site scripting [XSS] bugs, a known class of bugs that are easy to detect, and easy to fix.

"Why would organised crime or nation-states pay for simple classes of bugs that they can find themselves? They're not going to pay some random researcher to tell them about cross-site scripting bugs," Moussouris said.

"You should be finding those bugs easily yourselves too."

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow2718

According to TechCrunch, security researcher Mossab Hussein of Dubai-based SpiderSilk found that a database on a MoviePass subdomain containing some 161 million records was left exposed to the wider internet. Contained in said database were an estimated 58,000 records containing information on MoviePass customer cards, which are used to store cash balances, TechCrunch wrote:

These MoviePass customer cards are like normal debit cards: they're issued by Mastercard and store a cash balance, which users who sign up to the subscription service can use to pay to watch a catalog of movies. For a monthly subscription fee, MoviePass uses the debit card to load the full cost of the movie, which the customer then uses to pay for the movie at the cinema.

We reviewed a sample of 1,000 records and removed the duplicates. A little over half contained unique MoviePass debit card numbers. Each customer card record had the MoviePass debit card number and its expiry date, the card's balance and when it was activated... The database had more than 58,000 records containing card data—and was growing by the minute

Source: https://gizmodo.com/moviepass-apparently-left-58-000-customer-records-expos-1837427168

Original Submission

upstart writes:

Submitted via IRC for SoyCow3196

Lab-on-a-chip drives search for new drugs to prevent blood clots

A tiny lab the size of a postage stamp could be the next big thing in the search for safer anti-clotting drugs to prevent heart attacks and strokes.

The effectiveness of current anti-clotting medication can be limited due to the risk of complications, driving a need for alternatives that can both prevent the formation of blood clots and reduce the risk of excessive and life-threatening bleeding.

The new biocompatible lab-on-a-chip, detailed in a paper published recently in the journal Analytical Chemistry, could help accelerate the discovery and development of new anti-clotting therapies.

The technology has been developed by a team of biochemists and engineers led by RMIT University and the Haematology Micro-platforms group at the Australian Centre for Blood Diseases (ACBD) in Melbourne, Australia.

It effectively shrinks a medical pathology laboratory onto a small chip, with automated processes that can achieve in a few minutes what could take days in a full-sized lab.

The new device is designed specifically to work with the complex and sensitive biology of blood, featuring a unique system of micropumps and analysis tools for testing the effect of chemical compounds on how the blood clots.

Crispin Szydzik, et. al. Active Micropump-Mixer for Rapid Antiplatelet Drug Screening in Whole Blood. Analytical Chemistry, 2019; 91 (16): 10830 DOI: 10.1021/acs.analchem.9b02486

Original Submission

Arthur T Knackerbracket has found the following story:

Prevailing economic research anticipates the burden of climate change falling on hot or poor nations. Some predict that cooler or wealthier economies will be unaffected or even see benefits from higher temperatures.

However, a new study co-authored by researchers from the University of Cambridge suggests that virtually all countries—whether rich or poor, hot or cold—will suffer economically by 2100 if the current trajectory of carbon emissions is maintained.

In fact, the research published today by the National Bureau of Economic Research suggests that—on average—richer, colder countries would lose as much income to climate change as poorer, hotter nations.

Under a "business as usual" emissions scenario, average global temperatures are projected to rise over four degrees Celsius by the end of the century. This would cause the United States to lose 10.5% of its GDP by 2100—a substantial economic hit, say researchers.

Canada, which some claim will benefit economically from temperature increase, would lose over 13% of its income by 2100. The research shows that keeping to the Paris Agreement limits the losses of both North American nations to under 2% of GDP.

Researchers say that 7% of global GDP is likely to vanish by the end of the century unless "action is taken". Japan, India and New Zealand lose 10% of their income. Switzerland is likely to have an economy that is 12% smaller by 2100. Russia would be shorn of 9% of its GDP, with the UK down by 4%.

Original Submission

MrPlow writes:

Submitted via IRC for SoyCow2718

Texas is currently fighting an unprecedented wave of ransomware attacks that has targeted local government entities in the state, with at least 23 impacted by the attacks.

Details are at a minimum at the moment as the Department of Information Resources (DIR) leads the response and investigation into the attacks. Texas released a brief notification advising affected local jurisdictions to call the state's Division of Emergency Management for assistance.

The attacks started in the morning of August 16 and based on the collected evidence appear to have been conducted by a single threat actor.

The number of confirmed victims is 23 and the department believes that this is how many entities were "actually or potentially impacted;" all of them have been notified.

The origin of this attack is currently unknown, but is being investigated by local Texas authorities such as the DIR, Texas Division of Emergency Management, and Texas Military Department.

Also involved in the investigation are federal agencies such as the Department of Homeland Security, Federal Bureau of Investigation – Cyber, and Federal Emergency Management Agency (FEMA).

In its original statement released late Friday, DIR says that while investigations into the origins of the attack are ongoing, their main priority is to assist in the response and recovery of affected entities.

Source: https://www.bleepingcomputer.com/news/security/coordinated-ransomware-attack-in-texas-hits-23-local-governments/

Original Submission

upstart writes for SoyCow3196:

Microsoft Chrom... Edge hits beta as new browser prepped for biz testing

Microsoft has rolled out the first beta version of its Chromium-based Edge web browser.

The pace of development has been quick: Microsoft signalled its intent to rebuild Edge using the Google-sponsored Chromium browser engine in December 2018. In April 2019 preview versions were released, including a Dev channel updated weekly, and a Canary channel updated daily. By May, a download for Mac was added and in June a preview for Windows 7 and 8.

Now the Edge Beta channel has gone live, described by Microsoft Windows Experiences corporate veep Joe Belfiore as "the third and final preview channel which will come online before launch". The Beta release will be updated around every six weeks until general availability.

When will Edge Chromium be generally available? Microsoft insists that it is not date-driven but indicated the team would be pleased with a stable release early in 2020.

[Ed: You can download the preview versions of Chromiedge for Windows 7–10 and OSX here. There's no Linux version at the moment, but it runs in Wine 4.14 staging. The tab bar is chopped off at the top and it doesn't seem to like SoylentNews. —chromas]

Original Submission

Chocolate writes:

Last year Australians were told to jump on to the New Payments Platform (NPP) to use PayID for faster transactions which would be safe, secure and instant. Now banks are urgently warning customers that the New Payments Platform has been breached resulting in millions of user's banking details being exposed. Westpac bank has warned of SMS phishing attempts from hackers. So far other than the release of customer information the impact has been minimal.

Original Submission

upstart writes:

Submitted via IRC for SoyCow1984

Amazon will no longer use drivers' tips to cover their base pay

Amazon has pledged to be more transparent and to tell its its Flex delivery drivers how much they actually earn, according to an email sent to contractors as seen by the LA Times. Perhaps more importantly, the e-commerce giant will no longer dip into drivers' tips to cover their base pay. LA Times reported earlier this year that the company used drivers' supplemental earnings to fulfill the $18-to-$25-per-hour base pay they're guaranteed.

The delivery drivers weren't aware of the practice due to the lack of transparency. They weren't told how much of the money they get came from tips, so some of them had to experiment by ordering items themselves to figure out what was going on. Going forward, based on Amazon's email, the company will start sending them a fare breakdown for their shift, showing how much their base pay is and how much tips they got.

"While earnings vary by region and block, with the change to Amazon's minimum contribution, we expect nationwide average earnings for these blocks to increase to more than $27 per hour," the email reportedly read.

This is similar to DoorDash, who was recently called out for using driver's tips to fulfill the minimum wage that the company guaranteed.

Original Submission