SoylentNews

takyon writes:

Firefox is enabling DNS-over-HTTPS (DoH) for some users starting this month, and it will use Cloudflare by default:

DoH (IETF RFC8484) allows Firefox to send DNS requests as normal-looking HTTPS traffic to special DoH-compatible DNS servers (called DoH resolvers). Basically, it hides DNS requests inside the normal deluge of HTTPS data. [DoH doesn't encrypt DNS requests. That's a different protocol, namely DNS-over-TLS, aka DoT].

By default, Firefox ships with support for relaying encrypted DoH requests via Cloudflare's DoH resolver, but users can change it to any DoH resolver they want [see here].

When DoH support is enabled in Firefox, the browser will ignore DNS settings set in the operating system, and use the browser-set DoH resolver. By moving DNS server settings from the OS to the browser level, and by encrypting the DNS traffic, DoH effectively hides DNS traffic from internet service providers (ISPs), local parental control software, antivirus software, enterprise firewalls and traffic filters, and about any other third-party that tries to intercept and sniff a user's traffic.

Firefox Plans Controversial New Encryption Setting For Millions, And Update Starts This Month

A presentation from BT on the "Potential ISP Challenges with DNS over HTTPS" earlier this year warned that DoH will reduce the ability to derive cybersecurity intelligence from malware activity and DNS insight, open new attack opportunities to hackers, and result in an inability to [fulfill] government mandated regulation or court orders as potential concerns. And so the change will foster serious debate. [...] The U.S. is first, but the rest of the world will follow. A spokesperson for the U.K. Internet Services Providers' Association told me that "the debate on DNS over HTTPS (DoH) is evidently a topic that polarizes opinion. However, our position is clear. ISPA believes that bringing in DoH by default would be harmful for online safety, cyber security and consumer choice."

DNS-over-HTTPS is the next default protection coming to Firefox

Mozilla will be rolling out DoH in what it calls "fallback mode" later this month. This means that if domain name look-ups using DoH fail, Firefox will revert back to using the default operating system DNS. Similarly, if Firefox detects that parental controls or enterprise policies are in effect, Firefox will disable DoH.

Original Submission

RandomFactor writes:

#wikipediadown

This Friday,

[t]he online encyclopedia [Wikipedia] was forced offline for several hours across Europe and the Middle East, and the site battled the attack to restore service. The Wikimedia Foundation -- the organization behind the site -- condemned the attack saying it wanted to protect the "fundamental right" for people to be able to "freely access and share information".

The actors behind the attack are not known (or not yet disclosed), however it was noted that there are several countries in the region which are "eager to censor the site."

The full text of the Wikimedia Foundation's statement about the attacks can be found here

Maps of the areas affected by the outage are available here and here

Original Submission

Arthur T Knackerbracket has found the following story:

In 2017, researchers reported a dramatic loss of insects in Germany’s nature reserves: 76% less biomass over 3 decades. Spurred by wide public concern about the findings, the federal government announced on 4 September a €100 million “action plan for insect protection,”^[pdf] which includes at least €25 million a year for research and monitoring of insect populations.

“This takes several steps in the right direction,” says Lars Krogmann, an entomologist at the State Museum of Natural History in Stuttgart, Germany, who with colleagues last year published a nine-point plan with recommendations^[pdf] for reversing insect population declines.

The government plan includes some of those recommendations, such as protecting insect habitats like meadows and hedges.

[...] The plan also promises to phase out all use of glyphosate, the world’s most common weed killer, by December 2023.

Original Submission

An Anonymous Coward writes:

How low can copyright law go? Much further if the current lawsuits being flung around are any indication. Ed Sheeran is taking a hiatus to deal with a copyright claim from Sam Chokri against his song Shape Of You. The suit accuses Sheeran of stealing the Chorus from the song Oh Why after Chokri voluntarily submitted it to Sheeran's management. The resemblance between the tracks is said to be 'very slight', but this is not the first time Sheeran has been challenged in this matter, with the previous accusation being resolved by adding songwriting credits for parts borrowed from TLC's No Scrubs. Sam Smith caved in to Tom Petty's claim that his song Stay with me was in some way related to I Want Back Down, which must take a musician to spot, while Katy Perry lost a suit filed by a Christian hip hop artist who claimed that her song Dark Horse infringed on Joyful Noise due to that they both have "a slightly similar sharp stabbing synth and a basic trap beat" which resulted in Petty's lawyer commenting that “they’re trying to own basic building blocks of music, the alphabet of music that should be available to everyone.” With these big names being taken down by claims of similarity of the "feel" of the music this may be the beginning of the end of the music industry shooting itself in the foot.

Money better spent on hookers and blow.

See also, the short story Melancholy Elephants by Spider Robinson.

Original Submission

Arthur T Knackerbracket has found the following story:

Pulsars in binary systems are affected by relativistic effects, causing the spin axes of each pulsar to change their direction with time. A research team led by Gregory Desvignes from the Max Planck Institute for Radio Astronomy in Bonn, Germany, has used radio observations of the source PSR J1906+0746 to reconstruct the polarised emission over the pulsar's magnetic pole and to predict the disappearance of the detectable emission by 2028. Observations of this system confirm the validity of a 50-year old model that relates the pulsar's radiation to its geometry. The researchers are also able to precisely measure the rate of change in spin direction and find an excellent agreement with the predictions of Einstein's general theory of relativity.

The experiment is the most challenging test to date of this important effect of relativistic spin precession for strongly self-gravitating bodies. Moreover, the reconstructed radio beam shape has implications for the population of neutron stars and the expected rate of neutron star mergers as observed by gravitational wave detectors such as LIGO.

Pulsars are fast-spinning neutron stars that concentrate 40 percent more mass than the Sun—or more! – into a small sphere of only about 20 km diameter. They have extremely strong magnetic fields and emit a beam of radio waves along their magnetic axes above each of their opposite magnetic poles. Due to their stable rotation, a lighthouse effect produces pulsed signals that arrive on Earth with the accuracy of an atomic clock. The large mass, the compactness of the source, and the clock-like properties allows astronomers to use them as laboratories to test Einstein's general theory of relativity.

Arthur T Knackerbracket has found the following story:

Unlike most people, the children of a Thailand tribe see with total clarity beneath the waves – how do they do it, and might their talent be learned?

Deep in the island archipelagos on the Andaman Sea, and along the west coast of Thailand live small tribes called the Moken people, also known as sea-nomads. Their children spend much of their day in the sea, diving for food. They are uniquely adapted to this job – because they can see underwater. And it turns out that with a little practice, their unique vision might be accessible to any young person.

In 1999, Anna Gislen at the University of Lund, in Sweden was investigating different aspects of vision, when a colleague suggested that she might be interested in studying the unique characteristics of the Moken tribe. “I’d been sitting in a dark lab for three months, so I thought, ‘yeah, why not go to Asia instead’,” says Gislen.

Gislen and her six-year old daughter travelled to Thailand and integrated themselves within the Moken communities, who mostly lived on houses sat upon poles. When the tide came in, the Moken children splashed around in the water, diving down to pick up food that lay metres below what Gislen or her daughter could see. “They had their eyes wide open, fishing for clams, shells and sea cucumbers, with no problem at all,” she says.

Gislen set up an experiment to test just how good the children’s underwater vision really was. The kids were excited about joining in, says Gislen, “they thought it was just a fun game.”

The kids had to dive underwater and place their heads onto a panel. From there they could see a card displaying either vertical or horizontal lines. Once they had stared at the card, they came back to the surface to report which direction the lines travelled. Each time they dived down, the lines would get thinner, making the task harder. It turned out that the Moken children were able to see twice as well as European children who performed the same experiment at a later date.

takyon writes:

Too Hot to Last? Investigating Intel's Claims About Ryzen Reliability

AMD's Ryzen 3000-Series processors landed two months ago, bringing with them an incredible increase in real-world performance and upsetting the pricing paradigm with an impressive increase in performance-per-dollar, but the launch has been marred by reports that many users aren't receiving the rated boost speeds. AMD announced this week that it had identified an issue with its firmware that reduces performance in some situations and that it would update the community on an incoming fix on September 10.

As we often see in marketing, Intel has chosen to attack during AMD's perceived time of weakness. At the IFA tradeshow this week, Intel presented a slide deck to members of the press that includes information from a recent survey conducted by YouTuber Der8auer in which a surprising number of respondents reported they have been unable to reach the rated boost frequencies with their Ryzen 3000 processors.

Interestingly, Intel then drove further on the issue, citing a report that claims reliability is behind AMD's apparent, but not proven, reasons for reducing its chips' frequencies.

We were already investigating the claims Intel cited in regards to the relationship between Ryzen's clock frequencies and longevity, and we had secured comment from AMD before its admission that there was an issue with its firmware. Today we'll present some of the testing we conducted to investigate those claims.

Also at CRN.

Previously: Survey Says Many Ryzen 3900X CPUs Can't Hit Rated Boost Clock Speeds, BIOS Fix on Sept. 10th

Original Submission

Arthur T Knackerbracket has found the following story:

Four major automakers that recently reached an agreement with the state of California to hold to certain emissions standards over the next decade are now the target of a federal antitrust investigation.

Ford, Honda, BMW, and Volkswagen confirmed to media they have been contacted about the probe, which was first reported by The Wall Street Journal.

"Honda will work cooperatively with the Department of Justice with regard to the recent emissions agreement reached between the State of California and various automotive manufacturers, including Honda," the company said. BMW and Ford also confirmed receiving a letter from the DOJ, and Volkswagen said it is in "regular contact" with US authorities.

The companies reached an agreement with the California Air Resource Board (CARB) in July to produce cars for the US market that exceed national level-fuel efficiency standards. Under the terms of the deal, the automakers will improve their overall fleets' average fuel efficiency by 3.7% per year, starting with the 2022 model year. The plan also includes certain incentives to promote a transition to widespread manufacture and adoption of electric vehicles.

takyon writes:

Unsolicited nudes detected and deleted by AI

Software that can detect and delete unsolicited penis pictures sent via private messages on Twitter is being developed by researchers in Seattle. The project was started after developer Kelsey Bressler was sent an unsolicited nude photo by a man. She is now helping a friend refine an artificial intelligence system that can detect the unwanted penis pictures and delete them before they are ever seen.

She said social networks could do more to protect users from cyber-flashing. "When you receive a photo unsolicited it feels disrespectful and violating," Ms Bressler told the BBC. "It's the virtual equivalent of flashing someone in the street. You're not giving them a chance to consent, you are forcing the image on them, and that is never OK."

To test and train the artificial intelligence system, Ms Bressler and her team set up a Twitter inbox where men were invited to "send nudes for science". So many volunteered their nude photos that the team has had to close the inbox.

Related: "Deep Nude" App Removed By Developers After Brouhaha
GitHub Censors "Sexually Obscene" DeepNude Code

Original Submission

Arthur T Knackerbracket has found the following story:

[Google] rolled out security patches for the Android mobile operating system but did not include the fix for at least one bug that enables increasing permissions to kernel level.

Security flaws that enable privilege escalation can be exploited from a position with limited access to one with elevated access to critical files on the system. In order to utilize this, an attacker should have already compromised the device but have their actions restricted by insufficient permissions.

The Android Security Bulletin for September includes fixes for a couple of critical vulnerabilities in the media framework and a load of high-severity bugs. But vulnerability reported today is not on the list.

The vulnerability exists in the driver for the Video For Linux 2 (V4L2) interface used for video recording. It is estimated as a high-severity zero-day so it does not have an identification number yet.

"The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this to escalate privileges in the context of the kernel."

upstart writes:

Submitted via IRC for Bytram

Johns Hopkins launches center for psychedelic research

A group of private donors has given $17 million to start the Center for Psychedelic and Consciousness Research at Johns Hopkins Medicine, making it what's believed to be the first such research center in the U.S. and the largest research center of its kind in the world.

Psychedelics are a class of drugs that produce unique and profound changes of consciousness over the course of several hours. The Center for Psychedelic and Consciousness Research will focus on how psychedelics affect behavior, brain function, learning and memory, the brain's biology, and mood.

"The center's establishment reflects a new era of research in therapeutics and the mind through studying this unique and remarkable class of pharmacological compounds." Roland GriffithsDirector, Center for Psychedelic and Consciousness Research

"The center's establishment reflects a new era of research in therapeutics and the mind through studying this unique and remarkable class of pharmacological compounds," says Roland Griffiths, the center's director and professor of behavioral biology in the Department of Psychiatry and Behavioral Sciences and the Department of Neuroscience at the Johns Hopkins University School of Medicine. "In addition to studies on new therapeutics, we plan to investigate creativity and well-being in healthy volunteers that we hope will open up new ways to support human thriving."

At Johns Hopkins, much of the early work with psychedelics has focused on psilocybin, the chemical found in so-called magic mushrooms. Further studies will determine the chemical's effectiveness as a new therapy for opioid addiction, Alzheimer's disease, post-traumatic stress disorder, post-treatment Lyme disease syndrome (formerly known as chronic Lyme disease), anorexia nervosa, and alcohol use in people with major depression. Researchers hope to create precision medicine treatments tailored to individual patients' specific needs.

"Johns Hopkins is deeply committed to exploring innovative treatments for our patients," says Paul B. Rothman, dean of the medical faculty at the Johns Hopkins University School of Medicine and CEO of Johns Hopkins Medicine. "Our scientists have shown that psychedelics have real potential as medicine, and this new center will help us explore that potential."

The center will provide support for a team of six faculty neuroscientists, experimental psychologists, and clinicians with expertise in psychedelic science, as well as five postdoctoral scientists.

Original Submission

Arthur T Knackerbracket has found the following story:

In March 2008, Paul Graham of Y Combinator wrote an essay called "How to Disagree." In the article he defines a hierarchy to gauge the quality of one's disagreement with another person's argument, a measure which ranges from name-calling at worst, to refutation of the central point at best.

I think a similar hierarchy can be defined to gauge the quality of architectural thinking and discourse of software engineers. I have noticed that most entry-level programmers focus their attention and criticisms on first-order issues such as code style, naming conventions, source code and repository layout, etc. They neglect or are unaware of higher-order concerns that can make a bigger impact on reducing the complexity of their systems. Even experienced programmers seem to suffer from this myopia.

If we're to build the systems of the future, I think we must set our sights above first-order issues. To afford the time to do so, we may need to reconsider, or even abandon, some concerns and practices that currently constitute much of what we call software engineering. Here I propose a hierarchy of concerns, ordered by the degree to which they reduce system complexity from lowest to highest.

An Anonymous Coward writes:

In a Twitter discussion on Sept. 5, Rosa-Maria Ryyti (Miss Universe Finland 2015 winner), argued Bitcoin's risk factor made it more appealing to men.

She was responding to a query by analyst and Cointelegraph contributor, Filb Filb, who asked followers why the Bitcoin community was overwhelmingly male.

"Women are more risk-conscious in general and often go for a 'slow & steady' investment strategy," Ryyti wrote, adding:

"The current general perception of Bitcoin in the msm makes it even less probable for the average women (and men) to get involved."

https://cointelegraph.com/news/miss-finland-bitcoins-risk-keeps-most-women-away-from-cryptocurrency

Original Submission

"exec" writes:

Arthur T Knackerbracket has found the following story:

The City of New Bedford, in Massachusetts, has found a way to deal with ransomware without paying: shoring up defenses, restoring from backups, and rebuilding systems.

The attack on the American city's systems was identified on July 5, after employees noticed unusual network activity upon returning from the July 4th holiday, Mayor Jon Mitchell explained in a press conference on Wednesday.

"We haven't seen any interruption in municipal services at all," said Mitchell.

The city's Management Information Systems (MIS) staff identified the presence of the file-scrambling RYUK nasty, a sophisticated form of ransomware, and through prompt action managed to limit its impact.

Supposedly named for a character in the manga series Death Note, RYUK can find and encrypt network drives, and delete volume snapshots to prevent the use of Windows System Restore in the absence of external backups.

[...] Mitchell attributes the relatively minor impact of the infection to luck, skill and the city's IT architecture.

The luck element has to do with the fact that the malware intrusion began over the July 4th holiday. Holidays and weekends are apparently a common time to launch ransomware attacks because IT staff tends to be scarce and less vigilant then; but in this case the holiday also ensured that many of the city's desktop PCs were powered down, which limited the ransomware's ability to spread.

The prompt action of the MIS staff on the morning of July 5th to defensively disconnect systems, according to Mitchell, helped reduce the impact of the infection.

-- submitted from IRC

Original Submission

martyb writes:

Worst flu Season on Record, Australia (emphasis in original):

According to statistics, the 2019 flu season is Australia's worst in recorded history with over 257,359 confirmed cases so far this year.

This record beat the previous one in 2017 with a total number of 251,163 influenza cases. Meanwhile, only 52,000 cases were confirmed in 2018.

"In terms of sheer numbers and the load on general practice and emergency departments, this is the worst flu season that's ever been," immunization expert Paul van Buynder said.

Local media has also reported 587 fatalities from influenza with a majority of elder people. On the contrary, only 73 died from the flu in 2018.

Australia capital Canberra confirmed 3,402 cases so far, which is worse than the total combined records from 2016 to 2018.

By point of comparison, the population of Australia is approximately 25 million people implying over 1.7% of the population came down with the flu.

Projecting from an estimated ~330 million people in the USA, that would mean over 5.7 million cases.

Original Submission