Slash Boxes

SoylentNews is people

Log In

Log In

Create Account  |  Retrieve Password

Site News

Join our Folding@Home team:
Main F@H site
Our team page

Funding Goal
For 6-month period:
2020-01-01 to 2020-06-30
(All amounts are estimated)
Base Goal:


Covers transactions:
2020-01-01 00:00:00 ..
2020-06-02 11:21:59 UTC
(SPIDs: [1207..1325])
Last Update:
2020-06-02 11:25:04 UTC

Support us: Subscribe Here
and buy SoylentNews Swag

We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.

Which of the following "Dilbert" characters would your co-workers say best resembles you?

  • Dilbert
  • Dogbert
  • Wally
  • Alice
  • Catbert
  • Intern
  • PHB
  • Other (please specify)

[ Results | Polls ]
Comments:73 | Votes:110

posted by martyb on Thursday May 21, @10:35PM   Printer-friendly [Skip to comment(s)]
from the greasing-the-palms? dept.

Arthur T Knackerbracket has found the following story:

Palm oil is often associated with tropical deforestation above all else. However, this is only one side of the story, as agricultural scientists from the University of Göttingen and the IPB University Bogor (Indonesia) show in a new study.

[...] For the study, the researchers evaluated results from over 30 years of research on the environmental, economic and social consequences of oil palm cultivation in Africa, Asia and Latin America. They combined the results from the international literature with their own data from Indonesia, which they have been collecting since 2012 as part of an interdisciplinary German-Indonesian Collaborative Research Centre (CRC 990). Indonesia is the largest palm oil producer and exporter in the world. A large proportion of the palm oil produced in Indonesia is exported to Europe and the U.S., where it is used by the food, fuel and cosmetics industries.

The research data show that the expansion of oil palm in some regions of the world—especially Indonesia and Malaysia—contributes significantly to tropical deforestation and the loss of biodiversity. Clearing forestland also leads to substantial carbon emissions and other environmental problems. "However, banning palm oil production and trade would not be a sustainable solution," says Professor Matin Qaim, agricultural economist at the University of Göttingen and first author of the study. "The reason is that oil palm produces three times more oil per hectare than soybean, rapeseed, or sunflower. This means that if palm oil was replaced with alternative vegetable oils, much more land would be needed for cultivation, with additional loss of forests and other natural habitats."

Banning palm oil would also have negative economic and social consequences in the producing countries. "It is often assumed that oil palm is only grown on large industrial plantations," says Qaim. "In reality, however, around half of the world's palm oil is produced by smallholder farmers. Our data show that oil palm cultivation increases profits and incomes in the small farm sector, in addition to raising wages and creating additional employment for rural laborers. Although there are incidences of conflicts over land, overall the oil palm boom has significantly reduced rural poverty in Indonesia and other producing countries."

Journal Reference:
Matin Qaim, et al. Environmental, Economic, and Social Consequences of the Oil Palm Boom [open], (DOI: 10.1146/annurev-resource-110119-024922)

(2018-12-18) Indonesia: A Country That Became "Crazy Rich"
(2018-12-01) Palm Oil was Supposed to Help Save the Planet. Instead it Unleashed a Catastrophe.
(2017-03-15) A Makeover for the World's Most Hated Crop

Original Submission

posted by martyb on Thursday May 21, @08:13PM   Printer-friendly [Skip to comment(s)]
from the oh-say-canis-you-see? dept.

Arthur T Knackerbracket has found the following story:

In our 13.8 billion-year-old universe, most galaxies like our Milky Way form gradually, reaching their large mass relatively late. But a new discovery made with the Atacama Large Millimeter/submillimeter Array (ALMA) of a massive rotating disk galaxy, seen when the universe was only ten percent of its current age, challenges the traditional models of galaxy formation. This research appears on 20 May 2020 in the journal Nature.

Galaxy DLA0817g, nicknamed the Wolfe Disk after the late astronomer Arthur M. Wolfe, is the most distant rotating disk galaxy ever observed. The unparalleled power of ALMA made it possible to see this galaxy spinning at 170 miles (272 kilometers) per second, similar to our Milky Way.

"While previous studies hinted at the existence of these early rotating gas-rich disk galaxies, thanks to ALMA we now have unambiguous evidence that they occur as early as 1.5 billion years after the Big Bang," said lead author Marcel Neeleman of the Max Planck Institute for Astronomy in Heidelberg, Germany.

[...] "Most galaxies that we find early in the universe look like train wrecks because they underwent consistent and often 'violent' merging," explained Neeleman. "These hot mergers make it difficult to form well-ordered, cold rotating disks like we observe in our present universe."

In most galaxy formation scenarios, galaxies only start to show a well-formed disk around 6 billion years after the Big Bang. The fact that the astronomers found such a disk galaxy when the universe was only ten percent of its current age, indicates that other growth processes must have dominated.

Journal Reference:

Marcel Neeleman & J. Xavier Prochaska, et al. A Cold, Massive, Rotating Disk 1.5 Billion Years after the Big Bang. Nature, 2020 DOI: 10.1038/s41586-020-2276-y

Original Submission

posted by Fnord666 on Thursday May 21, @05:53PM   Printer-friendly [Skip to comment(s)]
from the spoof-in-advertising dept.

AT&T slapped down for its '5G E' ads: You don't have a 5G network, so stop saying so, says watchdog:

AT&T has been officially slapped down by America's National Advertising Review Board (NARB) for its 5G Evolution campaign in which it branded its phone and network 5G E, despite not actually deploying 5G technology.

"A panel of the National Advertising Review Board has recommended that AT&T Services discontinue its '5G Evolution' and '5G Evolution, The First Step to 5G' claims," the self-regulatory body ruled on Wednesday.

It went on: "The NARB panel determined that both claims will mislead reasonable consumers into believing that AT&T is offering a 5G network and recommended that the claims be discontinued."

Amazingly, despite AT&T being roundly mocked for its campaign – which, among other things, placed a "5GE" logo in the icon-bar along the top of its phones to dress up its 4G network as 5G – AT&T fought against the censure, even appealing a previous recommendation that it stop.

The NARB noted straight though you suspect with a smirk: "It was not disputed that the AT&T network is not a 5G network."

It also disagreed with AT&T that people would realize the "E" meant "Evolution," as in the network will eventually evolve into a 5G network, rather than thinking, er, it's 5G. And the watchdog pointed out, quite reasonably, that "the current prevalent technology in wireless is 4G LTE, and LTE stands for 'evolution'." Bam!

Also at iPhone Hacks, the Mac Observer, and Android Police.

Original Submission

posted by Fnord666 on Thursday May 21, @03:46PM   Printer-friendly [Skip to comment(s)]
from the gotta-hand-it-to-them dept.

Cosmic Rays May Have Left Indelible Imprint On Early Life, Stanford Physicist Says:

Chirality, also known as handedness, is the existence of mirror-image versions of molecules. Like the left and right hand, two chiral forms of a single molecule reflect each other in shape but don't line up if stacked. In every major biomolecule – amino acids, DNA, RNA – life only uses one form of molecular handedness. If the mirror version of a molecule is substituted for the regular version within a biological system, the system will often malfunction or stop functioning entirely. In the case of DNA, a single wrong handed sugar would disrupt the stable helical structure of the molecule.

Louis Pasteur first discovered this biological homochirality in 1848. Since then, scientists have debated whether the handedness of life was driven by random chance or some unknown deterministic influence. Pasteur hypothesized that, if life is asymmetric, then it may be due to an asymmetry in the fundamental interactions of physics that exist throughout the cosmos.

"We propose that the biological handedness we witness now on Earth is due to evolution amidst magnetically polarized radiation, where a tiny difference in the mutation rate may have promoted the evolution of DNA-based life, rather than its mirror image," said Noémie Globus lead author of the paper and a former Koret Fellow at the Kavli Institute for Particle Astrophysics and Cosmology (KIPAC).

In their paper, published on May 20 in Astrophysical Journal Letters, the researchers detail their argument in favor of cosmic rays as the origin of homochirality.

Cosmic rays are an abundant form of high-energy radiation that originates from various sources throughout the universe, including stars and distant galaxies. After hitting the Earth's atmosphere, cosmic rays eventually degrade into fundamental particles. At ground level, most of the cosmic rays exist only as particles known as muons.

Muons are unstable particles, existing for a mere 2 millionths of a second, but because they travel near the speed of light, they have been detected more than 700 meters below Earth's surface. They are also magnetically polarized, meaning, on average, muons all share the same magnetic orientation. When muons finally decay, they produce electrons with the same magnetic polarization. The researchers believe that the muon's penetrative ability allows it and its daughter electrons to potentially affect chiral molecules on Earth and everywhere else in the universe.

[...] The researchers' hypothesis is that, at the beginning of life on Earth, this constant and consistent radiation affected the evolution of the two mirror life-forms in different ways, helping one ultimately prevail over the other. These tiny differences in mutation rate would have been most significant when life was beginning and the molecules involved were very simple and more fragile. Under these circumstances, the small but persistent chiral influence from cosmic rays could have, over billions of generations of evolution, produced the single biological handedness we see today.

Globus and Blandford suggest experiments that could help prove or disprove their cosmic ray hypothesis. For example, they would like to test how bacteria respond to radiation with different magnetic polarization.

Journal Reference:
Noemie Globus, Roger D. Blandford. The Chiral Puzzle of Life. The Astrophysical Journal, 2020; 895 (1): L11 DOI: 10.3847/2041-8213/ab8dc6

Original Submission

posted by Fnord666 on Thursday May 21, @01:38PM   Printer-friendly [Skip to comment(s)]
from the we-just-don't-have-anything-interesting-to-say dept.

New study estimates the odds of life and intelligence emerging beyond our planet:

We know from the geological record that life started relatively quickly, as soon our planet's environment was stable enough to support it. We also know that the first multicellular organism, which eventually produced today's technological civilization, took far longer to evolve, approximately 4 billion years.

But despite knowing when life first appeared on Earth, scientists still do not understand how life occurred, which has important implications for the likelihood of finding life elsewhere in the universe.

In a new paper published in the Proceeding of the National Academy of Sciences today, David Kipping, an assistant professor in Columbia's Department of Astronomy, shows how an analysis using a statistical technique called Bayesian inference could shed light on how complex extraterrestrial life might evolve in alien worlds.

"The rapid emergence of life and the late evolution of humanity, in the context of the timeline of evolution, are certainly suggestive," Kipping said. "But in this study it's possible to actually quantify what the facts tell us."

To conduct his analysis, Kipping used the chronology of the earliest evidence for life and the evolution of humanity. He asked how often we would expect life and intelligence to re-emerge if Earth's history were to repeat, re-running the clock over and over again.

He framed the problem in terms of four possible answers: Life is common and often develops intelligence, life is rare but often develops intelligence, life is common and rarely develops intelligence and, finally, life is rare and rarely develops intelligence.

This method of Bayesian statistical inference—used to update the probability for a hypothesis as evidence or information becomes available—states prior beliefs about the system being modeled, which are then combined with data to cast probabilities of outcomes.

"The technique is akin to betting odds," Kipping said. "It encourages the repeated testing of new evidence against your position, in essence a positive feedback loop of refining your estimates of likelihood of an event."

From these four hypotheses, Kipping used Bayesian mathematical formulas to weigh the models against one another. "In Bayesian inference, prior probability distributions always need to be selected," Kipping said. "But a key result here is that when one compares the rare-life versus common-life scenarios, the common-life scenario is always at least nine times more likely than the rare one."

Original Submission

posted by Fnord666 on Thursday May 21, @11:29AM   Printer-friendly [Skip to comment(s)]
from the let-the-competition-begin dept.

ZFS versus RAID: Eight Ironwolf disks, two filesystems, one winner:

This has been a long while in the making—it's test results time. To truly understand the fundamentals of computer storage, it's important to explore the impact of various conventional RAID (Redundant Array of Inexpensive Disks) topologies on performance. It's also important to understand what ZFS is and how it works. But at some point, people (particularly computer enthusiasts on the Internet) want numbers.

First, a quick note: This testing, naturally, builds on those fundamentals. We're going to draw heavily on lessons learned as we explore ZFS topologies here. If you aren't yet entirely solid on the difference between pools and vdevs or what ashift and recordsize mean, we strongly recommend you revisit those explainers before diving into testing and results.

And although everybody loves to see raw numbers, we urge an additional focus on how these figures relate to one another. All of our charts relate the performance of ZFS pool topologies at sizes from two to eight disks to the performance of a single disk. If you change the model of disk, your raw numbers will change accordingly—but for the most part, their relation to a single disk's performance will not.

[It is a long — and detailed — read with quite a few examples and their performance outcomes. Read the 2nd link above to get started and then continue with this story's linked article.--martyb]

(2018-09-11) What is ZFS? Why are People Crazy About it?
(2017-07-16) ZFS Is the Best Filesystem (For Now)
(2017-06-24) Playing with ZFS (on Linux) Encryption
(2016-02-18) ZFS is Coming to Ubuntu LTS 16.04
(2016-01-13) The 'Hidden' Cost of Using ZFS for Your Home NAS

Original Submission

posted by Fnord666 on Thursday May 21, @09:20AM   Printer-friendly [Skip to comment(s)]
from the studying-praying-mantis-style-kung-fu dept.

Praying Mantises: More Deadly Than We Knew:

A praying mantis watches intently as a fly bobs by. In less than a blink, she's snatched it up. When the tape is played back in slow motion, we see the mantis pause and calibrate, almost like an experienced baseball catcher who has realized she's dealing with a knuckleball.

It's an impressive highlight reel. As detailed in a paper published this week in Biology Letters, it's also evidence that mantises strike less like automatons and more like active hunters, calibrating their attacks to more efficiently capture their prey as it flies by at different speeds.

[...] The strike of a praying mantis has two phases. In the first, the approach phase, a mantis extends its arms up and outward.In the second, the sweep phase, the mantis scoops the prey out of the air and pulls it in to eat.

Mr. Rossoni and Dr. Niven found that the mantises did indeed adjust their strike speed, according to how quickly the target was moving. Most of that modulation occurred in the approach phase — when presented with a slower target, the mantises would raise their limbs more slowly or pause in the middle, in a zombielike pose.

And if they initially miscalculated the speed of their prey, the mantises would often "correct their own mistakes" with a similar pause, Mr. Rossoni said. "Considering that some of the strikes are less than a tenth of a second, this is quite extraordinary."

It also adds to a growing conversation about what insects — from wasps that can logically infer to ants that can roll down inclines — are capable of.

"Historically, they were viewed more as almost miniature robots that were following very simple sets of rules," Dr. Niven said. "I think that there is new research coming out that suggests that that rule book might be much more complicated."

Original Submission

posted by Fnord666 on Thursday May 21, @07:11AM   Printer-friendly [Skip to comment(s)]
from the different-type-of-dissection dept.

Extracting ROM constants from the 8087 math coprocessor's die:

Intel introduced the 8087 chip in 1980 to improve floating-point performance on the 8086 and 8088 processors, and it was used with the original IBM PC. Since early microprocessors operated only on integers, arithmetic with floating-point numbers was slow and transcendental operations such as arctangent or logarithms were even worse. Adding the 8087 co-processor chip to a system made floating-point operations up to 100 times faster.

I opened up an 8087 chip and took photos with a microscope. The photo below shows the chip's tiny silicon die. Around the edges of the chip, tiny bond wires connect the chip to the 40 external pins. The labels show the main functional blocks, based on my reverse engineering. By examining the chip closely, various constants can be read out of the chip's ROM, numbers such as pi that the chip uses in its calculations.

The top half of the chip contains the control circuitry. Performing a floating-point instruction might require 1000 steps; the 8087 used microcode to specify these steps. The die photo above shows the "engine" that ran the microcode program; it is basically a simple CPU. Next to it is the large ROM that holds the microcode.

The bottom half of the die holds the circuitry that processes floating-point numbers. A floating-point number consists of a fraction (also called significand or mantissa), an exponent, and a sign bit. (For a base-10 analogy, in the number 6.02×1023, 6.02 is the fraction and 23 is the exponent.) The chip has separate circuitry to process the fraction and the exponent in parallel. The fraction processing circuitry supports 67-bit values, a 64-bit fraction with three extra bits for accuracy. From left to right, the fraction circuitry consists of a constant ROM, a shifter, adder/subtracters, and the register stack. The constant ROM (highlighted in green) is the subject of this post.

Original Submission

posted by Fnord666 on Thursday May 21, @05:02AM   Printer-friendly [Skip to comment(s)]
from the puzzling dept.

Can you solve it? Sudoku as spectator sport is unlikely lockdown hit:

It may not be as hair-raising as Formula 1, nor as dramatic as Premier League football, but Sudoku solving is acquiring a niche following as a spectator sport.

It's surprisingly thrilling, believe me. Just ask fans of the puzzle-solving YouTube channel Cracking the Cryptic, which has seen its viewing figures shoot up over the last two months. Its top Sudoku video has had more than 3 million views.

In daily challenges, the channel's two British hosts, puzzle wizards Simon Anthony and Mark Goodliffe, narrate their strategies and processes of deduction as they attempt to solve fiendishly difficult Sudokus.

What makes the videos so joyous is the constant stream of 'aha!' moments, as well as the ingenuity of the sudokus presented. The puzzle I am setting today, the Miracle, appeared on the channel last week. (Click here for a printable page for all today's puzzles. To solve them online there is a link underneath each grid.)

Original Submission

posted by martyb on Thursday May 21, @02:53AM   Printer-friendly [Skip to comment(s)]
from the WORLD-health-organization dept.

Trump threatens to take US out of WHO entirely and stop all funding:

In a letter to WHO Director General Tedros Adhanom Ghebreyesus, Trump alleged that "the repeated missteps by you and your organization in responding to the pandemic have been extremely costly for the world" and that the WHO must "demonstrate independence from China."

"[I]f the World Health Organization does not commit to major substantive improvements within the next 30 days, I will make my temporary freeze of United States funding to the World Health Organization permanent and reconsider our membership in the organization," Trump wrote. "I cannot allow American taxpayer dollars to continue to finance an organization that, in its present state, is so clearly not serving America's interests."

Trump posted the letter on Twitter, writing, "It is self-explanatory!"

Trump has repeatedly denied any responsibility for COVID-19 spreading in America and said on April 14 that the US would temporarily halt funding the WHO until his administration completed a review of the group's response to the coronavirus pandemic. Trump's letter yesterday said that "review has confirmed many of the serious concerns I raised last month and identified others that the World Health Organization should have addressed, especially the World Health Organization's alarming lack of independence from the People's Republic of China."

[...] Trump's letter then lists a series of claims, the first being that the WHO "consistently ignored credible reports of the virus spreading in Wuhan in early December 2019 or even earlier, including reports from the Lancet medical journal."

The Lancet quickly issued a response explaining that Trump is wrong. "This statement is factually incorrect," The Lancet said. "The Lancet published no report in December, 2019, referring to a virus or outbreak in Wuhan or anywhere else in China." The Lancet's first reports on the topic were published on January 24, 2020 the statement said.

[...] Trump's letter yesterday said, "Throughout this crisis, the World Health Organization has been curiously insistent on praising China for its alleged 'transparency.'" Trump's letter did not mention that Trump himself praised China for its "transparency" on January 24 or that Trump repeatedly praised China for its coronavirus response throughout February.

[...] Health experts say Trump's travel ban had little effect on the pandemic's spread. Trump continued to downplay the virus's severity by comparing it to the flu as late as March 24, nearly two months after the WHO declared a global health emergency. Trump has also fought state governors over their cautious approaches to reopening the economy.

Original Submission

posted by martyb on Thursday May 21, @12:30AM   Printer-friendly [Skip to comment(s)]
from the Untappd-opportunities dept.

Beer rating app reveals homes and identities of spies and military bods, warns Bellingcat:

A beer and pub-rating app built off the back of Foursquare’s location-tracking API poses a risk to the security of military and intelligence personnel, according to legendary OSINT website Bellingcat.

Untappd 'has over eight million mostly European and North American users, and its features allow researchers to uncover sensitive information about said users at military and intelligence locations around the world,' wrote Bellingcat’s Foeke Postma in a fascinating guide to using the app for tracking down people of interest.

Bellingcat is an open-source intelligence and investigative journalism website. Its most famous contribution to the world was identifying the Russian military personnel who shot down Malaysian Airlines flight MH17, something that saw Russian hackers target it in revenge.

Untappd’s concept of operations is simple. You go to the pub and drink beer. During the beer-drinking process you take a picture of your beer with your smartphone and rate it. You can also rate the pub and leave comments. To do these things you need to register an account and provide some personal details – or log in with Facebook.

“Untappd users log hundreds, often thousands of time-stamped location data points. These locations are neatly sorted in over 900 categories, which can be as diverse and specific as 'botanic garden.' 'strip club,' 'gay bar,' 'west-Ukrainian restaurant,' and 'airport gate.' As the result of this, the app allows anyone to trace the movements of other users between sensitive locations,' wrote Bellingcat’s Postma.

“Untappd users log hundreds, often thousands of time-stamped location data points. These locations are neatly sorted in over 900 categories, which can be as diverse and specific as 'botanic garden.' 'strip club,' 'gay bar,' 'west-Ukrainian restaurant,' and 'airport gate.' As the result of this, the app allows anyone to trace the movements of other users between sensitive locations,' wrote Bellingcat’s Postma.

All you need to do to deploy Untappd as an intelligence-gathering tool is use the app through its normal user interface. With a little knowledge of how the app works plus access to online map websites that list pub, bar and restaurant details, it’s scarily simple to find people who probably shouldn’t be easily findable.

So we put it to the test

Quite successfully, at that. The linked Bellingcat guide is thorough and revealing. Not only could this be used to track military personnel, it could be similarly be used on politicians, judges, and executives. Cross-reference it with venues associated with strip clubs, "massage" parlors, and the like. Certainly nothing here that could be used by a divorce attorney, health insurance company, or investigative journalist. Those "snap" decisions could prove quite costly.

Original Submission

posted by Fnord666 on Wednesday May 20, @10:05PM   Printer-friendly [Skip to comment(s)]
from the another-day-another-breach dept.

EasyJet Says Cyberattack Exposed Data of 9 Million Customers

EasyJet says cyberattack exposed data of 9 million customers:

UK budget airline EasyJet reported on Tuesday that hackers accessed the email addresses and travel details of more than 9 million customers in a "highly sophisticated" cyberattack. The hackers also accessed the credit card details of 2,208 customers.

The airline in the coming days will contact customers whose details were exposed in the breach. It has already contacted, and offered support to, those whose credit card information was accessed.

[...] As soon as the airline became aware of the attack, it took steps to respond to and manage the incident and engaged forensic experts to investigate the issue, EasyJet said. It also notified the National Cyber Security Centre and the ICO, the UK's data protection watchdog.

"We have a live investigation into the cyber attack involving easyJet," said a spokeswoman for the ICO in a statement. "People have the right to expect that organisations will handle their personal information securely and responsibly. When that doesn't happen, we will investigate and take robust action where necessary."

The ICO will be able to examine whether EasyJet should be fined under Europe's General Data Protection Regulation (GDPR), which is part of UK law.

EasyJet Admits Data of Nine Million Hacked

EasyJet admits data of nine million hacked:

EasyJet has admitted that a "highly sophisticated cyber-attack" has affected approximately nine million customers.

It said email addresses and travel details had been stolen and that 2,208 customers had also had their credit card details "accessed".

The firm has informed the UK's Information Commissioner's Office while it investigates the breach.

EasyJet first became aware of the attack in January.

It told the BBC that it was only able to notify customers whose credit card details were stolen in early April.

"This was a highly sophisticated attacker. It took time to understand the scope of the attack and to identify who had been impacted," the airline told the BBC.

"We could only inform people once the investigation had progressed enough that we were able to identify whether any individuals have been affected, then who had been impacted and what information had been accessed."

Stolen credit card data included the three digital security code - known as the CVV number - on the back of the card itself.

EasyJet added that it had gone public now in order to warn the nine million customers whose email addresses had been stolen to be wary of phishing attacks.

It said that it would notify everyone affected by 26 May.

Original Submission #1Original Submission #2

posted by martyb on Wednesday May 20, @07:40PM   Printer-friendly [Skip to comment(s)]
from the put-your-whole-system-on-a-tiny-chip dept.

SD cards hop on the PCIe 4.0 bus to hit 4GB/s with version 8.0 of storage spec:

As outlined in a whitepaper [PDF] this month, the new spec will let existing SD Express and microSD Express cards employ PCIe 4.0 and NVMe to deliver a top speed data transfer speed of [3938 MB/s].

While the new spec is backwards-compatible, the latest top speed will only come with a card reader capable of connecting to the extra row of pins present on SD Express cards that support dual PCIe lanes.

[...] The good news is that SD Express and microSD Express cards can still get to 1970 MB/s on a device with a single PCIe 4.x lane under version 8 of the specification, and SD Express can get there with a pair of 3.x lanes. Which is rather faster than many SSDs and, as SD Express can climb to 128TB on a single card, a rather tasty storage option.

Also at The Verge, PetaPixel, and Yahoo! Finance.

Original Submission

posted by Fnord666 on Wednesday May 20, @05:20PM   Printer-friendly [Skip to comment(s)]
from the headed-out-the-door dept.

NASA's human spaceflight chief just resigned, and the timing couldn't be worse:

On Tuesday, NASA announced that its chief of human spaceflight had resigned from the space agency. The timing of Doug Loverro's departure is terrible, with NASA's first launch of humans in nearly nine years due to occur in just eight days.

[...] "Associate Administrator for Human Exploration and Operations Doug Loverro has resigned from his position effective Monday, May 18," the statement said. "Loverro hit the ground running this year and has made significant progress in his time at NASA. His leadership of HEO has moved us closer to accomplishing our goal of landing the first woman and the next man on the Moon in 2024. Loverro has dedicated more than four decades of his life in service to our country, and we thank him for his service and contributions to the agency."

Loverro's resignation set off a firestorm of speculation after it was announced. He was due to chair a Flight Readiness Review meeting on Thursday to officially clear SpaceX's Crew Dragon spacecraft for the first flight of humans to the International Space Station. The final go or no-go decision for that mission was to be his. That launch is presently scheduled for May 27.

However, his departure does not seem to be directly related to his work on Crew Dragon. Rather it seems to stem from the recent process during which NASA selected three bids—led by Blue Origin, Dynetics, and SpaceX—from among five bidders. In an email to the human exploration staff at NASA on Tuesday, Loverro admitted that he made a mistake earlier this year.

"Our mission is certainly not easy, nor for the faint of heart, and risk-taking is part of the job description," Loverro wrote. "The risks we take, whether technical, political, or personal, all have potential consequences if we judge them incorrectly. I took such a risk earlier in the year because I judged it necessary to fulfill our mission. Now, over the balance of time, it is clear that I made a mistake in that choice for which I alone must bear the consequences. And therefore, it is with a very, very heavy heart that I write to you today to let you know that I have resigned from NASA effective May 18th, 2020."

Original Submission

posted by Fnord666 on Wednesday May 20, @03:11PM   Printer-friendly [Skip to comment(s)]
from the a-notable-bias dept.

Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices:

Academic researchers have uncovered security vulnerabilities in Bluetooth Classic that allows attackers to spoof paired devices: They found that the bugs allow an attacker to insert a rogue device into an established Bluetooth pairing, masquerading as a trusted endpoint. This allows attackers to capture sensitive data from the other device.

The bugs allow Bluetooth Impersonation Attacks (BIAS) on everything from internet of things (IoT) gadgets to phones to laptops, according to researchers at the École Polytechnique Fédérale de Lausanne (EPFL) in France. The flaws are not yet patched in the specification, though some affected vendors may have implemented workarounds.

"We conducted BIAS attacks on more than 28 unique Bluetooth chips (by attacking 30 different devices)," the researchers said. "At the time of writing, we were able to test chips from Cypress, Qualcomm, Apple, Intel, Samsung and CSR. All devices that we tested were vulnerable to the BIAS attack."

The issue lies in the pairing/bonding protocols used in the specification. When two Bluetooth devices are paired for the first time, they exchange a persistent encryption key (the "long-term key") that will then be stored, so that the endpoints are thereafter bonded and will connect to each other without having to perform the lengthier pairing process every time.

For the attacks to be successful, an attacking device would need to be within wireless range of a vulnerable Bluetooth device that has previously established bonding with a remote device with a Bluetooth address known to the attacker.

The post-pairing connections are enabled because the devices – let's call them Alice and Bob – perform a background check to make sure both possess the long-term key. This is done using the Legacy Secure Connections or Secure Connections protocols inside the Bluetooth specification, which verify three things: Alice's Bluetooth address, Bob's Bluetooth address and the shared long-term key.

As the researchers explained in their paper released on Monday, an attacker (let's call him Charlie) can change his Bluetooth address to mimic either Alice or Bob's address (uncovered via simple eavesdropping), but he cannot prove the ownership of [the long-term key]." The researchers explained, "this is the fundamental assumption behind Bluetooth's authentication guarantees, and this assumption should protect against impersonation attacks."

They added, "Both procedures authenticate [the long-term key] using a challenge-response protocol, and the procedure selection depends on Alice and Bob' supported features. The standard claims that both procedures protect secure connection establishment against impersonation attacks, as an attacker who does not know [the long-term key] cannot provide a correct response to a challenge."

However, several bugs exist in these processes, they found, opening the door for BIAS gambits while that post-pairing connection is being carried out. The problems include: The Bluetooth secure connection establishment is neither encrypted nor integrity-protected; Legacy Secure Connections secure connection establishment does not require mutual authentication; a Bluetooth device can perform a role switch anytime after baseband paging; and devices who paired using Secure Connections can use Legacy Secure Connections during secure connection establishment.

Original Submission

Today's News | May 22 | May 20  >