SoylentNews

Freeman writes:

Expert says the focus on quantum attacks may distract us from more immediate threats:

Three weeks ago, panic swept across some corners of the security world after researchers discovered a breakthrough that, at long last, put the cracking of the widely used RSA encryption scheme within reach by using quantum computing.

Scientists and cryptographers have known for two decades that a factorization method known as Shor's algorithm makes it theoretically possible for a quantum computer with sufficient resources to break RSA. That's because the secret prime numbers that underpin the security of an RSA key are easy to calculate using Shor's algorithm. Computing the same primes using classical computing takes billions of years.
[...]
The paper, published three weeks ago by a team of researchers in China, reported finding a factorization method that could break a 2,048-bit RSA key using a quantum system with just 372 qubits when it operated using thousands of operation steps. The finding, if true, would have meant that the fall of RSA encryption to quantum computing could come much sooner than most people believed.

upstart writes:

NASA Ultrasound Technique Eliminates Kidney Stones Painlessly:

About one in 11 Americans will experience the discomfort of a kidney stone in their lifetime. While some might think of these pesky mineral clumps as earthly inconveniences, they're a problem up in space, too, prompting NASA to devise a treatment solution appropriate for those suffering among the stars. Their technique could be the secret to eliminating kidney stones quickly and painlessly.

Kidney stones are hard, often jagged mineral deposits that manifest in the ureter, which connects the kidneys with the bladder. While smaller kidney stones (up to 3 mm in diameter) can sometimes pass through the body on their own, larger stones (up to 20 mm) must be broken up within the body or removed surgically. Breaking them up has historically required shock wave lithotripsy (SWL), a technique in which hundreds of shock waves are directed toward the stone from outside of the body.

Though effective, SWL has its caveats. Not only is it effective only half of the time, but it's painful, which means patients must be anesthetized. This makes the procedure more expensive and time-consuming. Anesthesia also isn't ideal for people traveling through space, which is what propelled NASA to devise and test an alternative method. The agency shared its new technique in a recent issue of The Journal of Urology.

Abstract:

Purpose:
Our goal was to test transcutaneous focused ultrasound in the form of ultrasonic propulsion and burst wave lithotripsy to reposition ureteral stones and facilitate passage in awake subjects.
[...]
Conclusions:
This study supports the efficacy and safety of using ultrasonic propulsion and burst wave lithotripsy in awake subjects to reposition and break ureteral stones to relieve pain and facilitate passage

Reference: M. Kennedy Hall, Jeff Thiel, Barbrina Dunmire et al., First Series Using Ultrasonic Propulsion and Burst Wave Lithotripsy to Treat Ureteral Stones, J Urology, 2022. DOI: https://doi.org/10.1097/JU.0000000000002864

Original Submission

owl writes:

https://www.extremetech.com/extreme/342413-us-marines-defeat-darpa-robot-by-hiding-under-a-cardboard-box

The Pentagon's Defense Advanced Research Projects Agency (DARPA) has invested some of its resources into a robot that's been trained—likely among other things—to identify humans. There's just one little problem: The robot is cartoonishly easy to confuse.

Army veteran, former Pentagon policy analyst, and author Paul Scharre is gearing up to release a new book called Four Battlegrounds: Power in the Age of Artificial Intelligence. Despite the fact that the book isn't scheduled to hit shelves until Feb. 28, Twitter users are already sharing excerpts via social media. This includes The Economist's defense editor, Shashank Joshi, who shared a particularly laughable passage on Twitter.

In the excerpt, Scharre describes a week during which DARPA calibrated its robot's human recognition algorithm alongside a group of US Marines. The Marines and a team of DARPA engineers spent six days walking around the robot, training it to identify the moving human form. On the seventh day, the engineers placed the robot at the center of a traffic circle and devised a little game: The Marines had to approach the robot from a distance and touch the robot without being detected.

DARPA was quickly humbled. Scharre writes that all eight Marines were able to defeat the robot using techniques that could have come straight out of a Looney Tunes episode. Two of the Marines somersaulted toward the center of the traffic circle, thus using a form of movement the robot hadn't been trained to identify. Another pair shuffled toward the robot under a cardboard box. One Marine even stripped a nearby fir tree and was able to reach the robot by walking "like a fir tree" (the meaning of which Twitter users are still working to figure out).

Original Submission

canopic jug writes:

Developer Robert Graham has written a retrospective on how his proprietary software was able to detect the Microsoft Sapphire Worm, also known as SQL Slammer as it hit due to his design choices. These choices were first, a poll-mode driver instead of interrupt driven and, second, protocol analysis for recognizing the behavior signature rather than pattern matching.

An industry luminary even gave a presentation at BlackHat saying that my claimed performance (2-million packets-per-second) was impossible, because everyone knew that computers couldn't handle traffic that fast. I couldn't combat that, even by explaining with very small words "but we disable interrupts".

Now this is the norm. All network drivers are written with polling in mind. Specialized drivers like PF_RING and DPDK do even better. Networks appliances are now written using these things. Now you'd expect something like Snort to keep up and not get overloaded with interrupts. What makes me bitter is that back then, this was inexplicable magic.

I wrote an article in PoC||GTFO 0x15 that shows how my portscanner masscan uses this driver, if you want more info.

When it hit in January 2003, the Microsoft Sapphire Worm, also known as SQL Slammer, began spreading quickly across the Internet by doubling in size every 8.5 seconds, infecting than 90% of vulnerable, networked Windows systems within 10 minutes.

Original Submission

upstart writes:

A communications delay timed out the instrument's flight software, and some planned observations will have to be rescheduled:

NASA says the Webb Space Telescope's Near Infrared Imager and Slitless Spectrograph is currently unavailable for science operations following a software glitch earlier this month.

In a release published yesterday, the agency stated that the issue started on January 15, when a communications delay within the instrument caused its flight software to time out. Flight software is a crucial aspect of any instrument operating in space, as it manages a whole suite of operations on a given spacecraft, including its orientation, communications, data collection, and thermal control.

[...] There have also been some software hiccups. In August, the telescope's Mid-Infrared Instrument (or MIRI) had a software glitch that paused its operations through November. And in December, there was an issue with the telescope's attitude control, which manages where the telescope is pointing. The glitch put the telescope into safe mode multiple times last month.

[...] Webb has done some tremendous work so far and will continue to illuminate the most ancient and murky regions of the cosmos. You can check out some of what's on the docket, along with other astronomy plans for the year, here.

Original Submission

fliptop writes:

The project, in concert with US government agency DARPA, aims to develop pioneering propulsion system for space travel as soon as 2027:

The project is intended to develop a pioneering propulsion system for space travel far different from the chemical systems prevalent since the modern era of rocketry dawned almost a century ago.

"Using a nuclear thermal rocket allows for faster transit time, reducing risk for astronauts," Nasa said in a press release.

[...] Using current technology, Nasa says, the 300m-mile journey to Mars would take about seven months. Engineers do not yet know how much time could be shaved off using nuclear technology, but Bill Nelson, the Nasa administrator, said it would allow spacecraft, and humans, to travel in deep space at record speed.

[...] Using low thrust efficiently, nuclear electric propulsion systems accelerate spacecraft for extended periods and can propel a Mars mission for a fraction of the propellant of high-thrust systems.

Also at CNN and Engadget. Link to Nasa press release.

Original Submission

upstart writes:

They were in the midst of synchronizing databases, the agency revealed:

The contractors working on the Federal Aviation Administration's NOTAM system apparently deleted files by accident, leading to the delays and cancellations of thousands of US flights. If you'll recall, the FAA paused all domestic departures in the US on the morning of January 11th, because its NOTAM or Notice to Air Missions system had failed. NOTAMs typically contain important information for pilots, including warnings for potential hazards along a flight's route, flight restrictions and runway closures. 

[...] The agency later reported that the system failed after "personnel who failed to follow procedures" damaged certain files. Now, it has shared more details as part of the preliminary findings of an ongoing investigation. Apparently, its contractors were synchronizing a main and a back-up database when they "unintentionally deleted files" that turned out to be necessary to keep the alert system running. It also reiterated what it said in the past that it has "so far found no evidence of a cyberattack or malicious intent."

Original Submission

upstart writes:

The historic move is a step on the long path ahead for nuclear power:

The U.S. has just given the green light to its first-ever small modular nuclear design, a promising step forward for a power source that remains controversial among some climate advocates but is experiencing a popular renaissance.

The Nuclear Regulatory Commission approved the design, which was published Thursday in the Federal Register, from NuScale, an Oregon-based reactor company. The publication of the design in the Register allows utilities to select this type of reactor when applying for a license to build a new nuclear facility. The design would be able to produce a reactor about one-third the size of a usual reactor, with each module able to produce around 50 megawatts of power.

[...] Just because a design is on the books doesn't mean that it's smooth sailing for the industry or that all our grids are going to be powered by carbon-free nuclear electricity in a few years. NuScale is currently working on a six-module demonstration plant in Idaho that will be fully operational by 2030; the company said this month that its estimates for the price per megawatt hour of the demo plant had jumped by more than 50% since its last estimates, in an uncomfortable echo of ballooning costs associated with other traditional nuclear projects. Small modular reactors still produce nuclear waste, which some environmentalists say is a concern that can't be overlooked as the industry develops.

Previous stories:
US Regulators Certify First Small Nuclear Reactor Design
First Major Modular Nuclear Project Having Difficulty Retaining Backers
US Gives First-Ever OK for Small Commercial Nuclear Reactor
The US Government Just Invested Big in Small-Scale Nuclear Power
Safer Nuclear Reactors on the Horizon

Original Submission

upstart writes:

Earth's inner core might be reversing its spin:

A new study suggests that the Earth's inner core recently stopped spinning and is changing its direction. The changing spin may be behind slight fluctuations in the length of a day from year to year.

In the January 2023 issue of the science journal Nature Geoscience, researchers Xiaodong Song and Yi Yang of China's Peking University claimed the planet's inner core stopped spinning relative to the other layers around 2009. The Earth's innermost layer, about 3,100 miles below our feet, made of hot iron and about the size of Pluto, can rotate independently of the mantle and crust because of a liquid outer core that surrounds it.

The researchers said the inner core started reversing its spin after stopping and that this process repeats about every 35 years. The reversal last occurred in the early 1970s; the next could be in the mid-2040s.

[...] University of Southern California seismologist John Vidale disagrees. He thinks the inner core oscillates every six years based on data from nuclear explosions from the late 1960s to the early 1970s. Other geophysicists have numerous theories, but Vidale doesn't believe any models adequately explain all the data.

[...] However, he also doubts the accuracy of all the proposed theories. Seismic data only provides limited information about what's happening inside the Earth. Other theories postulate that the inner core may have another core inside it. So scientists have yet to reach a consensus on what happens in the inner Earth.

Journal Reference:
Yang, Y., Song, X. Multidecadal variation of the Earth's inner-core rotation. Nat. Geosci. (2023). https://doi.org/10.1038/s41561-022-01112-z

Original Submission

upstart writes:

NSA offers security guidelines for IPv6 migration:

The US National Security Agency (NSA) has published a guidance document for system administrators to help them mitigate potential security issues as their organizations transition to Internet Protocol version 6 (IPv6).

The prosaically named "IPv6 Security Guidance" [PDF] was compiled for admins inside the Department of Defense (DoD), but is likely to prove useful as a quick reference for anyone managing the transition from IPv4 to IPv6, which could turn out to be a more drawn-out experience than was originally anticipated.

"The Department of Defense will incrementally transition from IPv4 to IPv6 over the next few years and many DoD networks will be dual-stacked," NSA Cybersecurity Technical Director Neal Ziring said in a statement accompanying the publication of the document.

"It's important that DoD system admins use this guidance to identify and mitigate potential security issues as they roll out IPv6 support in their networks."

One of the recommendations is pretty basic: education. Successfully securing an IPv6 network requires, at a minimum, a fundamental knowledge of the differences between the IPv4 and IPv6 protocols and how they operate, the NSA says, so all network administrators should receive proper training.

It advises that security methods used in IPv4 networks will largely also be used with IPv6, but with adaptations to address where there are differences.

upstart writes:

Memory safe programming languages are on the rise. Here's how developers should respond:

Developers across government and industry should commit to using memory safe languages for new products and tools, and identify the most critical libraries and packages to shift to memory safe languages, according to a study from Consumer Reports.

The US nonprofit, which is known for testing consumer products, asked what steps can be taken to help usher in "memory safe" languages, like Rust, over options such as C and C++. Consumer Reports said it wanted to address "industry-wide threats that cannot be solved through user behavior or even consumer choice" and it identified "memory unsafety" as one such issue.

The report, Future of Memory Safety, looks at range of issues, including challenges in building memory safe language adoption within universities, levels of distrust for memory safe languages, introducing memory safe languages to code bases written in other languages, and also incentives and public accountability.

During the past two years, more and more projects have started gradually adopting Rust for codebases written in C and C++ to make code more memory safe. Among them are initiatives from Meta, Google's Android Open Source Project, the C++-dominated Chromium project (sort of), and the Linux kernel.

upstart writes:

Procrastination may harm your health. Here's what you can do:

The worst procrastinators probably won't be able to read this story. It'll remind them of what they're trying to avoid, psychologist Piers Steel says.

[...] In a study of thousands of university students, scientists linked procrastination to a panoply of poor outcomes, including depression, anxiety and even disabling arm pain. "I was surprised when I saw that one," says Fred Johansson, a clinical psychologist at Sophiahemmet University in Stockholm. His team reported the results January 4 in JAMA Network Open.

The study is one of the largest yet to tackle procrastination's ties to health. Its results echo findings from earlier studies that have gone largely ignored, says Fuschia Sirois, a behavioral scientist at Durham University in England, who was not involved with the new research.

For years, scientists didn't seem to view procrastination as something serious, she says. The new study could change that. "It's that kind of big splash that's ... going to get attention," Sirois says. "I'm hoping that it will raise awareness of the physical health consequences of procrastination."

upstart writes:

Google is being sued by the DOJ over alleged digital ad monopoly:

On Tuesday, the US Department of Justice announced that it would be joining eight states in filing a civil antitrust suit against Google over its monopoly on digital advertising. The lawsuit claims that Google abuses its power to put website publishers and advertisers at a disadvantage if they "dare to use" competing advertising technology products.

"Google has used anticompetitive, exclusionary, and unlawful conduct to eliminate or severely diminish any threat to its dominance over digital advertising technologies," said Attorney General Merrick B. Garland in a statement. "No matter the industry and no matter the company, the Justice Department will vigorously enforce our antitrust laws to protect consumers, safeguard competition, and ensure economic fairness and opportunity for all."

The suit alleges that Google has been engaging in anticompetitive behavior for years. Some of that alleged anticompetitive conduct includes acquiring competitors to obtain their digital ad tech, forcing publishers to adopt its tools, distorting auction competition by limiting real-time bidding on publisher inventory, and manipulating auction mechanics.

"The complaint filed today alleges a pervasive and systemic pattern of misconduct through which Google sought to consolidate market power and stave off free-market competition," said Deputy Attorney General Lisa O. Monaco.

According to the DOJ and the eight Attorneys General of California, Colorado, Connecticut, New Jersey, New York, Rhode Island, Tennessee, and Virginia, Google violated Sections 1 and 2 of the Sherman Act, which concern contracts in restraint of trade and monopolization.

Original Submission

upstart writes:

Rocket Lab has aces its first launch from U.S. soil:

Rocket Lab has completed its maiden mission from its new launch site in the U.S., marking a big step forward for the company as it seeks to better compete with the likes of SpaceX.

[...] The spaceflight company used its trusty Electron rocket to deploy three satellites for Hawkeye 360, a radio frequency geospatial analytics company, to an orbit of 342 miles (550 kilometers) above Earth.

It means Rocket Lab has now launched 33 Electron missions from three different pads in two countries — the U.S. and New Zealand — deploying a total of 155 satellites to orbit.

Rocket Lab livestreamed the mission, which showed the early stages of the Electron's flight. You can watch the launch below. There was, however, a longer than usual — and rather tense — wait for confirmation of the mission's success. The delay was put down to a ground station malfunction that temporarily prevented communications between the satellite and the team on the ground. Thankfully, around 90 minutes after launch, a relieved team was able to confirm that everything had gone to plan.

Now with two launch complexes in two countries, the SpaceX rival says it will be able to support more than 130 launches annually for government and commercial satellite operators.

Besides expanding its satellite-launch service using the Electron, Rocket Lab is also building its next-generation rocket, the Neutron, which will also launch from the Mid-Atlantic Regional Spaceport, with its first test launch targeted for 2024.

Original Submission

upstart writes:

The Mystery of the Radeon RX 6000 Mass Extinction Event May Have Been Solved:

Earlier this month, there was a widely reported story regarding a large batch of AMD Radeon RX 6000-series graphics cards (all Navi 21 models) that had mysteriously but catastrophically died. These were some of the best graphics cards, up until the latest generation parts started launching. German electronics repair shop KrisFix.de received 61 broken or malfunctioning RX 6900 / 6800 family graphics cards and found 48 of them suffered from physically cracked GPU silicon. The mystery regarding these ruined GPUs may now have been solved, with the likely culprits being the terrible twosome of crypto mining and high humidity storage.

[...] According to KrisFix, these cards were likely stored for a few weeks or months since GPU-based cryptomining became uneconomical. The problem is that they seem to have been stored in an environment with inappropriate temperatures / humidity levels. The experienced electronics repairer says he has seen this exact symptom of chips cracking and popping up from the PCB after being used in the wake of this kind of inappropriate storage.

[...] Readers need to be wary of the used GPUs market, but the post-crypto world has been both a source of great bargains and ticking time bombs with regard to product durability. Miners will go to extraordinary lengths to clean up and sell on their old GPUs, but thankfully we haven't heard too many tales like this one from KrisFix.

Original Submission