SoylentNews

ikanreed writes:

Fifteen years ago this month, Professor Sir Andre Geim and Professor Sir Kostya Novoselov performed the first successful attempts at creating a synthetic monolayer of carbon atoms, a feat that would earn them a nobel prize 6 years later.

The European Union graphene flagship project has put out a release celebrating progress in the field. Which includes a list of products already on the market using graphene

It also makes some bold claims about the future of the tech

A host of applications for graphene are expected to hit the market 10 to 15 years from now. These are related to (opto)electronics, where graphene can deliver performances orders of magnitude higher than current technologies. The developments in this area could trigger the next-generation of (opto)electronic devices, bringing the 'more-than-Moore' devices to reality.

Original Submission

takyon writes:

NASA administrator Jim Bridenstine issued a statement seen as chiding SpaceX prior to the company's Starship update presentation:

Specifically, Bridenstine (or whoever fed him the statement) went out of his way to make it entirely one-sided in its focus on SpaceX. By all appearances, it would have never been posted if not for Elon Musk's plans to present on Starship. Bridenstine additionally notes that "Commercial Crew is years behind schedule" and indicates that "NASA expects to see the same level of enthusiasm focused on [its] investments".

Altogether, it's simply impossible to interpret it as anything less than Bridenstine scolding SpaceX – and SpaceX alone – for not falling to the floor, kissing NASA's feet, and pretending that Crew Dragon and Falcon 9 are the only things in existence. Absent from Bridenstine's criticism was NASA's other (and even more delay-complicit) Commercial Crew Partner, Boeing, who has yet to complete a pad abort or orbital flight test of its Starliner spacecraft. SpaceX completed Crew Dragon's pad abort in 2015 and completed a flawless orbital flight test in March 2019.

[...] [As] Musk noted in his relatively subtle September 28th responses to Bridenstine's implicitly derisive comment, something like 50-80% of the entirety of SpaceX's workforce and resources are focused on Crew Dragon, the Falcon 9 rockets that will launch it, or a combination of both. At present, Starship is – at most – a side project, even if its strategic importance to SpaceX is hard to exaggerate. The same is largely true for Starlink, SpaceX's ambitious internet satellite constellation program. It may be true that Starship will eventually make Crew and Cargo Dragon (as well as Falcon 9 and Falcon Heavy) wholly redundant, but that is likely years away and SpaceX will support NASA – as it is contractually required to – for as long as the space agency has vested interest in using Crew Dragon.

[...] It would be another two years before Congress began to seriously fund Commercial Crew at its requested levels, beginning in FY2016. In response to Bridenstine, former NASA deputy administrator Lori Garver noted that over the ~5 years Congress consistently withheld hundreds of millions of dollars of critical funds from Commercial Crew, NASA's SLS rocket and Orion spacecraft were just as consistently overfunded above and beyond their budget requests. From 2011 to 2016 alone, SLS and Orion programs requested $11B and received an incredible $16.3B (148%) from Congress, while Commercial Crew requested $5.8B and received $2.4B (41%).

An Anonymous Coward writes:

https://www.cbc.ca/news/technology/sabre-toothed-cat-1.5305505

During the last ice age, huge cats bigger than an African lion prowled Alberta — including the fearsome beast commonly known as the "sabre-toothed tiger," a new study shows.

The proper name for the extinct predator with foot-long, serrated knife-like canines is Smilodon fatalis.

And up until the discovery of the fossil from Medicine Hat, Alta., the species had never been found further north than Idaho.

That's why a couple of small fossils caught Ashley Reynolds's eye as she was rummaging through the drawers at the Royal Ontario Museum in Toronto.

"What struck me is they were listed as being Smilodon from Alberta," recalled Reynolds, a PhD student in paleontology at the University of Toronto. "And I knew that Smilodon wasn't really considered to be a Canadian species."

[...] While Smilodon is often referred to colloquially as a "sabre-toothed tiger" — and popularized as such in The Flintstones and Ice Age — Reynolds said that's a misnomer, as sabre-toothed cats are just as closely related to housecats as tigers.

The bone found in Alberta is estimated to be 35,000 to 40,000 years old, from the Pleistocene epoch, before there were humans in the area.

Original Submission

"An Anonymous Coward" writes:

If You Owned the Samsung Galaxy S4, You're Entitled to Some Cold, Hard Cash

We never thought we'd be writing about the Samsung Galaxy S4 again — but Samsung has just settled a lawsuit over false benchmarks on the now six-year-old device. The lawsuit was settled for $13.4 million.

According to The Register, the lawsuit was first filed in November 2014 by Daniel Norcia, after it was found that Samsung was artificially inflating benchmark scores by introducing code that detected when benchmarks were running and then overclocking the Qualcomm Snapdragon 600 processor speed to 532MHz, instead of the 480MHz that the processor normally ran at.

Samsung never denied that it inflated benchmark scores, instead taking a different approach. The company argued that under California law, it was not "legally obliged" to disclose that the phone was set up to inflate scores. Instead, the company argued that only security issues and data breaches need to be disclosed to the public. The case made its way all the way up to the Supreme Court, and was set to go to trial before Samsung finally settled for $13.4 million.

As part of the settlement, Samsung has agreed not to inflate software that artificially increases benchmark tests — but interestingly, it only agreed to do so until 2024. Not only that, but the company is not required to admit any wrongdoing.

Source: https://www.digitaltrends.com/mobile/samsung-galaxy-s4-benchmark-inflation-settlement/

Original Submission

martyb writes:

Kaspersky Warns of Encryption-Busting Reductor Malware:

Kaspersky says it has uncovered a new malware infection that is able to decode encrypted TLS traffic without the need to intercept or manipulate it.

Known as Reductor, the malware was spotted in April of this year[...].

"Besides typical RAT functions such as uploading, downloading and executing files, Reductor's authors put a lot of effort into manipulating digital certificates and marking outbound TLS traffic with unique host-related identifiers," Kaspersky explains.

[...] Rather than try to man-in-the middle traffic or steal keys, the Kaspersky team found that the Reductor malware works by infecting the browser (either Chrome or Firefox) itself.

"The solution that Reductor's developers found to mark TLS traffic is the most ingenious part," Kaspersky explained.

"They don't touch the network packets at all; instead developers analyzed the Firefox source code and Chrome binary code to patch the corresponding pseudo random number generation (PRNG) functions in the process's memory."

By compromising the random number generator, the malware's operators would know ahead of time how the traffic will be encrypted when the victim establishes a TLS connection, and have the ability to mark that traffic for later use. From there, the malware can easily decode the traffic and see what the transmitted data is, then send anything of interest back to the command server.

Because this data can be decoded, the attacker has no need to actually tamper with the traffic while it is in transit, and thus is able to function without alerting security tools or administrators that something is amiss.

Original Submission

martyb writes:

New Test Assists Physicians with Quicker Treatment Decisions for Sepsis. Alternative link: https://www.sciencedaily.com/releases/2019/10/191003155233.htm

"Randomized Clinical Trial Evaluating Clinical Impact of RAPid Identification and Antimicrobial Susceptibility Testing for Gram-Negative Bacteremia (RAPIDS-GN)," is the largest study to evaluate the clinical impact of rapid blood culture diagnostics in the management of patients with Gram-negative bacilli bloodstream infections.

The results demonstrate that providing rapid, accurate drug susceptibility information to physicians could improve the care of patients with sepsis[*], a potentially life-threatening condition caused by the body's response to an infection.

According to Ritu Banerjee, MD, PhD, associate professor of Pediatrics at Monroe Carell Jr. Children's Hospital at Vanderbilt, time is of the essence.

"Patients are placed on a standard course of antibiotics when they initially present with possible sepsis," said Banerjee, the principal investigator of the RAPIDS-GN trial. "These antibiotics may be ineffective, or conversely, too broad-spectrum. Conventional culture and susceptibility testing methods take days for results to identify the bacteria and drug resistance.

[...] Banerjee and her colleagues sought a way to shorten the wait time until the appropriate medication could be started to treat the infection.

RAPIDS-GN, is the first multicenter, prospective, randomized controlled trial to compare the outcomes of patients with Gram-negative bloodstream infections who had blood culture testing with standard-of- care culture and antibiotic susceptibility testing versus rapid organism identification and phenotype antibiotic susceptibility testing.

The study looked at the outcomes of 448 patients — 226 received conventional care while 222 were randomized to the new testing method.

[...] "The time to results was significantly shorter," said Banerjee. "The median time to the first antibiotic change was 24 hours faster in the rapid testing arm compared to the control arm. We can now tailor the antibiotics more quickly and place patients on pathogen-directed therapy rather than broad-spectrum, empiric therapy.

[...] "One of the challenges is the cost of the testing, because rapid testing methods are more expensive than conventional methods," she said. "The overarching goal is to improve outcomes for patients with sepsis."

[*] Sepsis:

Sepsis is a life-threatening condition that arises when the body's response to infection causes injury to its own tissues and organs.

[...] Sepsis is caused by an inflammatory immune response triggered by an infection. Most commonly, the infection is bacterial, but it may also be fungal, viral, or protozoan.

[...] Disease severity partly determines the outcome. The risk of death from sepsis is as high as 30%, from severe sepsis as high as 50%, and from septic shock as high as 80%.

Any cut or injury that turns red and starts to emit pus is a sign of infection that could, in turn, lead to sepsis. Be sure to seek out medical help if you are at all unsure.

Original Submission

An Anonymous Coward writes:

https://abcnews.go.com/US/fbi-monitor-violent-online-threats-light-joker-premiere/story?id=66031356

The FBI has received tips of threatening posts on social media calling for "unspecific mass shootings" linked to the release of the new psychological thriller, "Joker," starring Oscar-nominated actor Joaquin Phoenix that will hit theaters this Friday, according to a joint intelligence bulletin obtained by ABC News.

These threats have been circling online platforms since at least May 2019, but give no information indicating specific or credible threats to particular locations or venues, the bulletin said.

Some of the threats did contain references to a primarily online group called the involuntary celibate community, or Incels, and a subset that refers to itself as "Clowncels." However, the intelligence community doesn't necessarily regard the group as a whole as a violent one.

"While many Incels do not engage in violence, some within the community encourage or commit violent acts as retribution for perceived societal wrongdoing against them," the bulletin said. "Some Incel attackers have claimed inspiration from previous mass shooters."

Original Submission

An Anonymous Coward writes:

https://www.marketwatch.com/story/hp-to-slash-7000-to-9000-jobs-over-three-years-as-part-of-major-restructuring-2019-10-03

HP Inc. on Thursday announced a major restructuring that will eliminate 7,000 to 9,000 jobs over the next three years as part of a series of moves to transform the computing giant into a software and services powerhouse.

"This is one of the toughest decisions we had to make, but it is absolutely necessary for HP's future," incoming Chief Executive Enrique Lores told MarketWatch in a conference call with a handful of industry analysts. Lores and Chief Financial Officer Steve Fieler laid out a financial road map for the company's fiscal year 2020 several hours before HP's analyst day was to start.

The boldest move is a job reduction of up to 13% to 16% of HP's 55,000 employees worldwide to save $1 billion in operation costs. Those savings, in turn, would be invested in software and services as HP attempts to "reinvent business,". Those savings, in turn, would be invested in software and services as HP attempts to "reinvent business," Lores said.

HP shares slid 3% at $17.83 in after-hours trading Thursday.

Additional reporting at ZDNet.com.

Affected employees will be let go through a combination of employee exits and voluntary early retirement, HP said.

To be completed by fiscal 2022, the restructure, according to HP, will cost the business a total of approximately $1 billion, with approximately $100 million in 4Q19, $500 million in fiscal 2020, and the rest to be split between fiscal 2021 and 2022.

The company also estimates that the restructure will result in annualised gross run rate savings of about $1 billion by the end of fiscal 2022.

The announcement comes as part of HP's outlook for fiscal 2020, which estimates that its generally accepted accounting principles (GAAP) diluted net Earnings Per Share (EPS) will be in the range of $1.98 to $2.10. It also estimates that non-GAAP diluted net EPS will be in the range of $2.22 to $2.32.

Based on the current environment, HP said it anticipates generating free cash flow of at least $3 billion for fiscal 2020.

Original Submission

upstart writes:

Submitted via IRC for Bytram

Header aches in Firefox, Tor, Brave and Chrome as HTTP opens new security holes

The HTTP Alternative Services header can be abused to conduct network reconnaissance and attacks, to bypass malware protection services, and to foil tracking defenses and privacy assumptions, according to a paper scheduled to be presented at the WOOT '19 security conference on Tuesday.

Back in March 2016, the Internet Engineering Steering Group approved the HTTP Alternative Services header as a proposed web standard for situations when a web server needs to send a client to another service.

There are a variety of legitimate reasons to do this: a web server may be overloaded with requests, may be undergoing maintenance, or may determine that another server is closer (and thus quicker to respond). As Mark Nottingham, co-chair the IETF HTTP and QUIC Working Groups, explained at the time, such redirection can be handled by DNS load balancing under short-lived HTTP/1.1 connections.

But DNS load balancing doesn't work as well with HTTP/2, which is designed to maintain a persistent connection.

HTTP Alternatives Services was designed as an alternative method to point requests elsewhere. It allows a web server to return a header that specifies another server as the host of its resources, in effect deputizing the stand-in to act as the Origin, the first-party source of content.

"The ability to redirect clients to use another server in a transparent, persistent fashion brings some obvious security concerns," said Nottingham in his post.

A paper titled "Alternative (ab)uses for HTTP Alternative Services," by boffins Trishita Tiwari, who co-authored the paper while at Boston University and is currently a cyber-security PhD student at Cornell University, and Ari Trachtenberg, professor of electrical and computer engineering at Boston University, makes these obvious security concerns more evident.

martyb writes:

The Largest Unofficial Dice Roll In History: 216,000 Dice Spill from a Truck:

A truck carrying about 432,000 dice from Trivium Studios took a turn a little too sharply on Interstate 75 in Atlanta, causing half the load to spill out, about 216,000 D6.

The article links to a YouTube video of what the aftermath looked like.

From the video's description:

On Friday afternoon in Atlanta, our truck, which was carrying three palettes of Chessex dice for an upcoming game, took a turn a little too sharply. Roughly half the dice spilled across the interstate. About 216,000 individual dice were lost, making this the largest unofficial dice roll in history.

What are the chances of that happening again?

=)

Original Submission

Arthur T Knackerbracket has found the following story:

How do you weigh the largest animals on the planet?

[...] Body mass is a key factor in the success of whales as a group, determining their energy uses, food requirements and growth rates.

Yet most of what we know about the body size of whales comes from old whaling literature or from animals that end up stranded on the beach or caught in fishing gear.

"It is very difficult to measure a whale on a scale - I mean you have to kill it to do it and that's exactly what we're avoiding here," said study researcher Fredrik Christiansen from the Aarhus Institute of Advanced Studies in Denmark.

The researchers studied southern right whales, which gather in large numbers at their winter breeding grounds off the coast of Argentina.

They flew a drone over whales swimming in clear water, capturing photographs when the adults and calves came up to the surface to breathe, including their backs and sides when they rolled over.

From these, they were able to obtain length, width and height measurements for 86 individuals.

They found they could get a good representation of the body shape of the whales, which they linked back to old whaling literature recording body length, girth and mass. They were then able to convert body shapes, or volumes, to mass.

Baleen whales are the largest animals on this planet, ranging from the 3,500kg pygmy right whale to the 190,000kg blue whale.

The research was carried out in collaboration with the Southern Right Whale Health Monitoring Programme in Argentina and the Woods Hole Oceanographic Institution in the US.

Original Submission

Fnord666 writes:

American Express Customer Info Accessed by Employee for Possible Fraud

An American Express employee is being investigated for accessing card holder information and potentially using it to open accounts at other financial institutions.

Starting on September 30th, 2019, American Express began sending out data breach notifications to cardholder members whose information was fraudulently accessed by an employee.

According to this notification, an employee was accessing the information for cardholders and potentially using it to perform identity theft by fraudulently opening accounts at other financial institutions.

"It was brought to our attention that personal information, related to your American Express Card account listed above, may have been wrongfully accessed by one of our employees in an attempt to conduct fraudulent activity, including potentially opening accounts at other financial institutions. In response, we immediately launched an investigation and are fully cooperating with law enforcement agencies to further their investigation."

The information that was accessed for affected members includes the full name, physical and/or billing address, Social Security numbers, birth dates, and the credit card number.

While the notifications are titled "Notice of Data Breach", this is not the same type of data breach that we commonly report on. No systems were hacked or databases stolen.

Instead this was an employee of American Express accessing information when they were not supposed to in order to use it for fraudulent purposes.

Source: BleepingComputer

Original Submission

Fnord666 writes:

Cybersecurity is becoming more of a common tongue term in today's industry. It is being passed around the executive meetings along with financial information and projected marketing strategies. Here are some common attack vectors plaguing the industry when it comes to network infrastructure. It does not really matter the infrastructure type you have. If there is value to the data you are transferring within, someone wants to get it.

1. Reconnaissance Attacks
2. Access Attacks
3. Denial of Service Attacks

It is a pipe dream to believe a network infrastructure is invulnerable; however, the possibility of being protected is within grasp. Fundamentally, it comes down to knowledge of what can happen to your network, knowing your equipment and training up the staff.

Source: Tripwire.com

Original Submission

Fnord666 writes:

Zendesk Security Breach May Impact Orgs Like Uber, Slack, and FCC

Customer service software company Zendesk has published a blog post today and is sending users notifications regarding a security incident that might have impacted roughly 10,000 Zendesk Support and Chat accounts activated prior to November 1, 2016.

Zendesk's customer support platform is currently used by over 145,000 organizations worldwide according to the company's website, with customers such as Uber, Shopify, Airbnb, and Slack.

"We recently were alerted by a third party regarding a security matter that may have affected the Zendesk Support and Chat products and customer accounts of those products activated prior to November of 2016," says Zendesk.

"While our investigation is still ongoing, on September 24, 2019, we determined that information belonging to a small percentage of customers was accessed prior to November of 2016."

Even though Zendesk found no evidence that all accounts registered before November 1, 2016, were affected, the company says that it has decided to alert all of them nonetheless.

Source: BleepingComputer

Original Submission

takyon writes:

Google contractors reportedly targeted homeless people for Pixel 4 facial recognition

In July, Google admitted it has employees pounding the pavement in a variety of US cities, looking for people willing to sell their facial data for a $5 gift certificate to help improve the Pixel 4's face unlock system. But the New York Daily News reports that a Google contractor may be using some questionable methods to get those facial scans, including targeting groups of homeless people and tricking college students who didn't know they were being recorded.

According to several sources who allegedly worked on the project, a contracting agency named Randstad sent teams to Atlanta explicitly to target homeless people and those with dark skin, often without saying they were working for Google, and without letting on that they were actually recording people's faces.

Google wasn't necessarily aware that Randstad was going after homeless people, but a Google manager reportedly did instruct the group to target people with darker skin, one source told the Daily News.

Also at Android Central.

Original Submission