SoylentNews

upstart writes:

Webb Telescope reaches major milestone: All its light is in one place:

Today, NASA shared an image indicating that it had successfully completed the image alignment stage of commissioning the James Webb Space Telescope. The Webb's primary mirror is composed of 18 individual segments, and, as of today's update, all of those segments are aligned so that a single star shows up as a single object. While there are still several more focusing steps required, the path to commissioning the telescope keeps getting shorter.

[...] Earlier this month, however, tweaks to the mirrors created a hexagonal array of smears that replicated the arrangement of the primary mirror segments. Today's announcement saw the segments shifted so that each of the smears was partly focused and moved to the center of the secondary mirror. The result? The star that's being imaged for this process is now a single dot at the center of the telescope's field of view.

NASA isn't done just yet, however. Although all the images are in the same place, they're simply superimposed there. The ultimate goal is to have the segments behave as a single mirror, which requires more careful focusing. To do so, engineers will image the spectra of the light, looking for slight shifts of the image locations at different wavelengths. From that, it's possible to figure out which way the mirrors must be shifted to fine-tune the mirror segments.

Original Submission

upstart writes:

This Linux backdoor went undetected for 10 years:

New details have emerged regarding a previously undetected Linux backdoor that is believed to have been created by the notorious Equation Group which has ties to the US National Security Agency (NSA).

According to a new report from the cybersecurity firm Pangu, security researchers from its Advanced Cyber Security Research team first found the malware behind the backdoor back in 2013 while conducting a "forensic investigation of a host in a key domestic department". At that time, the team decided to name the malware Bvp47 due to the fact that the most common string in the sample was "Bvp" and 0x47 was the numerical value used in its encryption algorithm.

[...] Now that Bvp47's Linux backdoor has finally come to light, security researchers will likely conduct further analysis on it and we could see more evidence that it was used in other past attacks as well.

Bvp47 - a Top-tier Backdoor of US NSA Equation Group

An Anonymous Coward writes:

Full Report Download: The Bvp47 Technical Paper (PDF)

In a certain month of 2013, during an in-depth forensic investigation of a host in a key domestic department, researchers from the Pangu Lab extracted a set of advanced backdoors on the Linux platform, which used advanced covert channel behavior based on TCP SYN packets, code obfuscation, system hiding, and self-destruction design. In case of failure to fully decrypt, It is further found that this backdoor needs the check code bound to the host to run normally. Then the researchers cracked the check code and successfully ran the backdoor. Judging from some behavioral functions, this is a top-tier APT backdoor, but further investigation requires the attacker's asymmetric encrypted private key to activate the remote control function. Based on the most common string "Bvp" in the sample and the numerical value 0x47 used in the encryption algorithm, the team named the corresponding malicious code "Bvp47" at the time.

In 2016 and 2017, "The Shadow Brokers" published two batches of hacking files claimed to be used by "The Equation Group". In these hacking files, researchers form Pangu Lab found the private key that can be used to remotely trigger the backdoor Bvp47. Therefor, It can be concluded that Bvp47 is a hacker tool belonging to "The Equation Group".

Through further research, the researchers found that the multiple procedures and attack operation manuals disclosed by "The Shadow Broker" are completely consistent with the only identifier used in the NSA network attack platform operation manual [References 3 and 4] exposed by CIA analyst Snowden in the "Prism" incident in 2013.

Original Submission #1  Original Submission #2 

An Anonymous Coward writes:

The new FreeDOS 1.3 which is a MS-DOS compatible free software operating system is now available for download.

"This contains a bunch of great new features and improvements since the 1.2 release, including: new FreeCOM 0.85a, new Kernel 2043 and an 8086 version with FAT32 support, floppy Edition now uses compression and requires about half as many diskettes, the return of networking, some new programs and games, many many many package updates, some updates and improvements to NLS, improved install process, especially with the MBR, some support to automatically set the COUNTRY.SYS information, improved CD initialization for the boot media and installed system, .. and much, much more"

It also including a Live mode on the CD.

Get it from the official FreeDOS site.

Original Submission

An Anonymous Coward writes:

Telemedicine leaves behind non-English speakers, study shows:

People who speak limited English struggled to access telehealth services in the US. "That was really a concern of ours — who is getting left out?" says Denise Payán, an assistant professor of health, society, and behavior at the University of California, Irvine, who worked on the study. The researchers spoke with 15 clinic workers and nine patients. Clinic patients who spoke limited English struggled to set up and use platforms like Zoom for health visits, the researchers found. "Things like not being able to read FAQs," Payán says. People who speak limited English are at risk of bad health outcomes without them because they can't understand their medical providers as well. The findings of the study show how important it is for telehealth platforms to consider their most vulnerable users while developing tools. People who speak languages other than English should be included in pilot tests, for example, Payán says.

"Increasingly, the focus in Silicon Valley is on diversity, equity inclusion, this is clearly it — are you actually meeting the needs of a diverse set of patients?" she says.

Original Submission

hubie writes:

A news article over at Science talks about new research demonstrating that after only a few minutes of mopping the floors indoors using a delightfully-lemon-scented cleaner can generate as many harmful airborne particles as vehicles driving on busy streets.

The air in homes, schools, and offices can sometimes be dirtier than the air outdoors, even in cities with pollution problems. Any kind of burning—candles, incense, cigarettes—is bad. Gas stoves and cooking food also spew unhealthy particles into the air, which can cause asthma and other health problems when breathed in. Other significant sources of indoor air pollution include personal care and cleaning products, whose fragrances contain volatile organic chemicals that react with ozone in the air to form small particles known as aerosols.

One molecule of concern is limonene, a commonly added to cleaners and furniture polish to help remove oil and grease. The lemon-scented molecule reacts readily with ozone, an outdoor pollutant that is the main ingredient in smog. When ozone wafts into buildings, it reacts with limonene and similar molecules called monoterpenes, turning them into peroxides, alcohols, and other molecules that grow into airborne particles. Small particles can lodge deep in the lungs, irritating cells and—at high enough exposure—leading to health problems, such as asthma. In vulnerable people, particulate air pollution can cause heart attacks and strokes.

The study did show that as the particles grow in size, after a few hours they eventually fall out of the air onto surfaces where they are harmless.

Journal Reference:
Colleen Marciel F. Rosales, Jinglin Jiang, Ahmad Lahib, et al. Chemistry and human exposure implications of secondary organic aerosol production from indoor terpene ozonolysis, Science Advances (DOI: http://www.science.org/doi/10.1126/sciadv.abj9156)

Original Submission

Freeman writes:

Driver that promised faster Ethereum mining for Nvidia GPUs is full of viruses:

Both Nvidia and AMD have made changes to their gaming GPU lineups in an effort to make them less appealing to cryptocurrency miners, including releasing mining-specific GPU models and making entry-level GPUs with specs that aren't good enough for mining. One of the most significant changes came in mid-2021, when Nvidia released "Lite Hash Rate" (LHR) versions of its RTX 3000-series GPUs that halved their performance when mining Ethereum or similar coins but didn't affect their gaming performance.

[...] a hacker by the name of Sergey released an "Nvidia RTX LHR v2 Unlocker" that promised to remove the hash-rate limits on most Nvidia cards using a combination of BIOS updates and specially modified drivers.

Surprising no one, the sketchy drivers with the too-good-to-be-true performance promises turned out to be full of viruses. An extensive report shows that the software package modifies Windows Powershell policies, deletes and creates new files in system directories, and causes abnormally high CPU usage, among other things.

Original Submission

upstart writes:

Backups 'no longer effective' for stopping ransomware attacks:

The growth of double extortion – and even triple extortion – ransomware attacks is in danger of rendering common, traditional methods of mitigating the impact of a ransomware hit, such as well-maintained backups, less efficacious, according to a report from machine identity specialist Venafi.

Data collated from Venafi's worldwide survey of IT and security decision-makers reveal that 83% of successful ransomware attacks now involve alternative extortion methods – for example, using stolen data to extort customers (38%), leaking data to the dark web (35%), and informing customers that their data has been compromised (32%). A mere 17% of attacks merely ask for money for a decryption key.

Venafi said that this means that because ransomware attacks now rely on data exfiltration, effective backup strategies are therefore to some extent "no longer effective" for containing a breach.

"Ransomware attacks have become much more dangerous. They have evolved beyond basic security defences and business continuity techniques like next-gen antivirus and backups," said Kevin Bocek, vice-president of business development and threat intelligence at Venafi.

Venafi also found that cyber criminals are increasingly following through on their threats whether or not they get paid. Indeed, 18% of victims had their data leaked despite paying, while more than the 16% who refused outright to pay anything and had their data leaked. Some 8% refused outright, but then had their customers extorted; and 35% paid, but were left hanging, unable to retrieve their data.

Original Submission

upstart writes:

Intel might be about to make a major Linux move:

Intel has quietly acquired a German software developer with the aim of bringing fresh life to a key, decades-old Linux kernel project.

In a blog post, vice president and general manager of system software engineering at Intel's Software and Advanced Technology Group, Mark Skarpness revealed that the company had acquired the German firm Linutronix which provides services for Linux-powered industrial systems and also specializes in real-time Linux applications.

While neither Intel nor Linutronix disclosed the financial terms of the deal, the acquisition is a sign that the chip giant wants to further commit to an incredibly important yet often overlooked Linux kernel project.

According to Intel, Linutronix is the "architect of PREEMPT_RT (Real Time)" and this patch set can be used to make low-latency communication possible between controllers, sensors, robots and tooling and other equipment in real-time industrial applications running on Linux.

When enabled, PREEMPT_RT changes the way the Linux kernel handles interrupts and locks to allow threads to to get additional time on a CPU core with little latency. As a result, developers can use it to configure the Linux kernel for real-time use-cases without having to worry about out-of-tree patches, new kernel versions or other disruptions resulting from new point releases.

Original Submission

Arthur T Knackerbracket has processed the following story:

Dominique Lord and Soheil Sohrabi, with funding from the A.P. and Florence Wiley Faculty Fellow at Texas A&M, designed a study to examine the safety of navigational tools. Comparing the safest and shortest routes between five metropolitan areas in Texas -- Dallas-Fort Worth, Waco, Austin, Houston and Bryan-College Station -- including more than 29,000 road segments, they found that taking a route with an 8% reduction in travel time could increase the risk of being in a crash by 23%.

"As route guidance systems aim to find the shortest path between a beginning and ending point, they can misguide drivers to take routes that may minimize travel time, but concurrently, carry a greater risk of crashes," said Lord, professor in the Zachry Department of Civil and Environmental Engineering.

The researchers collected and combined road and traffic characteristics, including geometry design, number of lanes, lane width, lighting and average daily traffic, weather conditions and historical crash data to analyze and develop statistical models for predicting the risk of being involved in crashes.

The study revealed inconsistencies in the shortest and safest routes. In clear weather conditions, taking the shortest route instead of the safest between Dallas-Fort Worth and Bryan-College Station will reduce the travel time by 8%. Still, the probability of a crash increases to 20%. The analysis suggests that taking the longest route between Austin and Houston with an 11% increase in travel time results in a 1% decrease in the daily probability of crashes.

[...] "Given the fact that crashes can affect not only those involved but also other road users, leaving the choice between safety and time to the users may result in unethical decisions and unfair consequences," Sohrabi said.

Original Submission

upstart writes:

X-rays help unlock secrets of King Tut's iron dagger, made from a meteorite:

Among the many items recovered from King Tut's tomb was a dagger made of iron, which is a material that was rarely used during Egypt's 18th dynasty. That iron likely came from a meteorite, and a recent paper published in the journal Meteorites and Planetary Science sheds further light on precisely how that iron dagger was forged, as well as how it came into Tut's possession.

Tutankhamen was the son of Akhenaten and ascended to the throne when he was just 8 or 9 years old. He wasn't considered an especially important pharaoh in the grand scheme of things, but the treasures that were recovered from his tomb in the 1920s are what led to his fame.

[...] These became part of a global touring exhibition, which received worldwide press coverage during the 1960s and 1970s in particular. The mummy even inspired a couple of songs: Steve Martin's hit "King Tut" (which debuted on Saturday Night Live in 1978) and the lesser-known "Dead Egyptian Blues," by the late folk rock singer Michael Peter Smith (which contains the immortal line, "Your sarcophagus is glowing, but your esophagus is showing").

Arthur T Knackerbracket has processed the following story:

Very low concentrations of the popular organic insecticide spinosad have profound effects on beneficial insect species, including vision loss and neurodegeneration, new research led by the University of Melbourne has found.

The study, published in eLife, used the vinegar fly Drosophila to analyze the impact of chronic exposure to low concentrations (0.2 parts per million) of spinosad and the resulting physiological impacts on the brain and other tissues.

Spinosad is commonly used to control insect pests including thrips, leafminers, spider mites, mosquitoes, ants and fruit flies, in both commercial and domestic settings.

"Within a matter of 20 days, tiny doses of spinosad can have an alarming impact on the brains of adult Drosophila. Observing sections of brain tissue under microscope demonstrated there was an average of 17% of the fly brains destroyed due to exposure," said Dr. Felipe Martelli from Monash University, who completed this work as part of his Ph.D. at the University of Melbourne.

"Neurons that serve vital functions die leaving large vacuoles, fluid-filled sacs, in the brain. This leads to neurodegeneration, blindness and behavioral changes in adult vinegar flies. Due to the Drosophila's genetic and biochemical similarities to other insects, the research indicates that these impacts could be translated to other beneficial insects such as bees," Dr. Martelli said.

[...] "When you look at insect species disappearing it's almost like randomly pulling blocks out of a Jenga tower; its destabilizing ecosystems making them vulnerable to collapse."

Journal Reference:
Felipe Martelli, Natalia H. Hernandes, Zhongyuan Zuo, et al. Low doses of the organic insecticide spinosad trigger lysosomal defects, elevated ROS, lipid dysregulation, and neurodegeneration in flies, (DOI: 10.7554/eLife.73812)

Original Submission

upstart writes:

Police forces 'must' do data protection due diligence checks before using PDS-backed AWS cloud:

Police forces across England and Wales are being cautioned to remember that the onus is on them to ensure their use of the Police Digital Service's (PDS) Amazon-powered cloud platform is in compliance with Part 3 of the Data Protection Act 2018.

This is in the wake of ongoing concerns about whether police forces across the UK are doing enough to ensure compliance with the required data protection laws before adopting public cloud services.

PDS went public earlier this month with the news that the latest iteration of its Amazon Web Services (AWS)-powered cloud platform is now available for use by all 43 police forces across England and Wales.

The platform, known as the Police Assured Landing Zone (PALZ), is designed to provide forces with access to a suite of tools – spanning online storage, compute capacity and cloud-based collaboration – that will allow them to incorporate cloud technologies into their ICT systems.

Original Submission

Arthur T Knackerbracket has processed the following story:

NASA’s plans to shift from the International Space Station to commercial space stations may force one key partner to rethink how it cooperates in low Earth orbit.

Speaking at a panel on space diplomacy organized by George Washington University’s Space Policy Institute Feb. 23, Sylvie Espinasse, head of the European Space Agency’s Washington office, said the current arrangements between ISS partners to barter resources won’t work well on future commercial stations in low Earth orbit.

“ESA-NASA cooperation on the ISS is based on non-exchange of funds and barter of goods and services between the partners,” she said. “This allows ESA to use its asset in orbit, the Columbus module, and to fly its European astronauts.”

Once NASA shifts to commercial stations, though, “ESA will probably not be in a position to buy commercial services from U.S. providers for its research activities in LEO or to fly its astronauts,” she warned. “This will probably not be acceptable for our member states.” Buying services from U.S. companies, she explained, would contradict an ESA mandate to support Europe’s space industry.

upstart writes:

Largest ever human family tree: 27 million ancestors:

The past two decades have seen extraordinary advancements in human genetic research, generating genomic data for hundreds of thousands of individuals, including from thousands of prehistoric people. This raises the exciting possibility of tracing the origins of human genetic diversity to produce a complete map of how individuals across the world are related to each other.

Until now, the main challenges to this vision were working out a way to combine genome sequences from many different databases and developing algorithms to handle data of this size. However, a new method published today by researchers from the University of Oxford's Big Data Institute can easily combine data from multiple sources and scale to accommodate millions of genome sequences.

Dr Yan Wong, an evolutionary geneticist at the Big Data Institute, and one of the principal authors, explained: "We have basically built a huge family tree, a genealogy for all of humanity that models as exactly as we can the history that generated all the genetic variation we find in humans today. This genealogy allows us to see how every person's genetic sequence relates to every other, along all the points of the genome."

An Anonymous Coward writes:

Dymo causes a stir by adding DRM to printer paper:

[...] But some people do need a printer, and it seems that label printer maker Dymo is giving us yet another reason to hate printers.

It's building DRM directly into the printer paper. Or in this case, rolls of labels.

Yes, that's right, according to author, journalistc, and activist Cory Doctorow writing for the Electronic Frontier Foundation (EFF), Dymo is putting RFID readers into its latest label printers, and using those to prevent owners from putting third-party labels through their printers.

"The new label rolls come with a booby-trap," writes Doctorow, "a RFID-equipped microcontroller that authenticates with your label-maker to attest that you bought Dymo's premium-priced labels and not a competitor's. The chip counts down the labels as you print them (so you can't transplant it to a generic label roll)."

This goes back to the original question that gets asked a lot around here, who owns the products that you buy?

Also, as the video points out, it's possible that the anti-circumvention law of the DMCA may possibly make it illegal for you to circumvent these restrictions(?). As the video points out, these corporations are huge on free market capitalism but only when it suits them. When it doesn't they're suddenly in favor of more government restrictions.

Original Submission