Slashdot

posted in: feeds | 0

Slashdot
Slashdot
News for nerds, stuff that matters

Flaw in Billions of Wi-Fi Devices Left Communications Open To Eavesdropping
Billions of devices -- many of them already patched -- are affected by a Wi-Fi vulnerability that allows nearby attackers to decrypt sensitive data sent over the air, researchers said on Wednesday at the RSA security conference. From a report: The vulnerability exists in Wi-Fi chips made by Cypress Semiconductor and Broadcom, the latter a chipmaker Cypress acquired in 2016. The affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, Raspberry Pi 3's, and Wi-Fi routers from Asus and Huawei. Eset, the security company that discovered the vulnerability, said the flaw primarily affects Cyperess' and Broadcom's FullMAC WLAN chips, which are used in billions of devices. Eset has named the vulnerability Kr00k, and it is tracked as CVE-2019-15126. Manufacturers have made patches available for most or all of the affected devices, but it's not clear how many devices have installed the patches. Of greatest concern are vulnerable wireless routers, which often go unpatched indefinitely. "This results in scenarios where client devices that are unaffected (either patched or using different Wi-Fi chips not vulnerable to Kr00k) can be connected to an access point (often times beyond an individual's control) that is vulnerable," Eset researchers wrote in a research paper published on Wednesday. "The attack surface is greatly increased, since an adversary can decrypt data that was transmitted by a vulnerable access point to a specific client (which may or may not be vulnerable itself)."

Read more of this story at Slashdot.


Apple Won't Allow Villains To Use Its Products on Screen, Says Rian Johnson
Apple is trying really, really hard to always come off as the good guys. From a report: According to Rian Johnson, director of Knives Out, Apple won't let villains use iPhones on-screen. Apple is so obsessed with how the public conceptualizes its products that the company has taken steps to ensure none of the bad guys ever use its phones in movies. Johnson told Vanity Fair in an interview, "Also another funny thing, I don't know if I should say this or not... Not cause it's like lascivious or something, but because it's going to screw me on the next mystery movie that I write, but forget it, I'll say it. It's very interesting. Apple... they let you use iPhones in movies but -- and this is very pivotal if you're ever watching a mystery movie - bad guys cannot have iPhones on camera."

Read more of this story at Slashdot.


Google To Spend $10 Billion on Offices, Data Centers in US This Year
Google is continuing to expand beyond its home in the San Francisco Bay Area. Sundar Pichai, CEO of Google and Alphabet, said Wednesday the company will invest more than $10 billion in offices and data centers across the US in 2020. From a report: "These investments will create thousands of jobs -- including roles within Google, construction jobs in data centers and renewable energy facilities, and opportunities in local businesses in surrounding towns and communities," Pichai said in a blog post. The search giant, which already has a presence in 26 states, said its new investments will be focused in 11 states: Colorado, Georgia, Massachusetts, Nebraska, New York, Oklahoma, Ohio, Pennsylvania, Texas, Washington and California. This includes opening Google's new Hudson Square campus in New York City, which the company says gives it the ability to double its local workforce by 2028. Google also said its opening a new Google Operations Center in Mississippi to improve customer support for its users and partners.

Read more of this story at Slashdot.


Solar Storms Can Mess With Whales' Ability To Navigate, Cause Strandings
The ocean's most mammoth, docile beasts manage to find their way around the oceans with relative ease. And that's especially true for the gray whale, a creature that makes the biggest migration of any mammal, traveling over 12,000 kilometers (7,500 miles) across the planet to feed and breed. New research suggests gray whales may navigate with a kind of seventh sense that allows them to detect variations in the Earth's magnetic field -- and this sense can be adversely affected by the sun. From a report: Gray whales are about as long as a school bus and six times heavier than an African elephant. They communicate using low-frequency sounds and navigate the oceans without the help of GPS. In a study published in the journal Current Biology on Monday, researchers examined 186 strandings of gray whales reported between 1985 and 2018. To try to tighten up the data set and remove some variables, the team looked at strandings of whales that were stranded alive with "no signs of injury, illness, emaciation or human interaction." The strandings were then correlated with various measures of solar activity: how many sunspots were present, changes in the Earth's magnetic field and solar radio flux, which is determined by radio frequency noise and has shown to correlate well with sunspot numbers and be affected by solar storms.

Read more of this story at Slashdot.


Americans Should Prepare For Coronavirus Crisis in US, CDC Says
Top U.S. public health officials said Tuesday that Americans should prepare for the spread of the coronavirus in communities across the country. From a report: "It's not so much a question of if this will happen anymore but rather more a question of exactly when this will happen and how many people in this country will have severe illness," Dr. Nancy Messonnier, the head of the National Center for Immunization and Respiratory Diseases at the Centers for Disease Control and Prevention, said during a media briefing Tuesday. Measures to contain the virus in the U.S. so far have involved restricting travel to and from China -- the center of the outbreak -- and isolating identified cases. But Messonnier said evidence that the virus is spreading to countries outside the region, such as Iran and Italy, has raised the CDC's "level of concern and expectation that we'll see spread" in the U.S.

Read more of this story at Slashdot.


Internal Docs Show Why the US Military Publishes North Korean and Russian Malware
An anonymous reader quotes a report from Motherboard: Newly released and previously secret documents explain in greater detail how, and why, a section of the U.S. military decides to publicly release a steady stream of adversarial countries' malware, including hacking tools from North Korea and Russia. Cyber Command, or CYBERCOM, publishes the malware samples onto VirusTotal, a semi-public repository that researchers and defenders can then pore over to make systems more secure. The document provides more insight into how the U.S. military is engaged in an unusually public-facing campaign, and in particular highlights one of the reasons CYBERCOM wants to release other nation's hacking tools: to make it harder for enemy hackers to remain undetected. A previously secret section of one of the CYBERCOM documents reads "Posting malware to VT [VirusTotal] and Tweeting to bring attention and awareness supports this strategy by putting pressure on malicious cyber actors, disrupting their efforts." Motherboard obtained the redacted documents through a Freedom of Information Act (FOIA) request to CYBERCOM. CYBERCOM started publishing malware in 2018, with one sample coming from Russian-linked hacking group APT28. It has since released malware from North Korean hackers. CYBERCOM also has a dedicated Twitter account for distributing news of the samples. Some tweets even include memes such as "DPRK MALWARE" written onto conversation candy hearts to coincide with a release on Valentines Day. When it originally announced the campaign, CYBERCOM said it "initiated an effort to share unclassified malware samples it has discovered that it believes will have the greatest impact on improving global cybersecurity." But the documents show how the effort has a more offensive slant, too. In a statement a CYBERCOM spokesperson reiterated some of the agency's earlier public comments, writing, "We plan to continue to publicly disclose malware samples, which we believe will have the greatest impact on improving global security." You can read the documents here.

Read more of this story at Slashdot.


Uber and Lyft Generate 70 Percent More Pollution Than Trips They Displace, Study Finds
According to the Union of Concerned Scientists, ride-hailing trips today result in an estimated 69 percent more climate pollution on average than the trips they displace. The Verge reports: In cities, ride-hailing trips typically displace low-carbon trips, such as public transportation, biking, or walking. Uber and Lyft could reduce these emissions with a more concerted effort to electrify its fleet of vehicles or by incentivizing customers to take pooled rides, the group recommends. "However, those strategies alone will address neither the increases in vehicle miles traveled nor rising congestion concerns," the report says. "For ride-hailing to contribute to better climate and congestion outcomes, trips must be pooled and electric, displace single-occupancy car trips more often, and encourage low-emissions modes such as mass transit, biking, and walking." It's a tall order, but both Uber and Lyft have shown a willingness to reduce their carbon footprint. So far, their methods include introducing bike- and scooter-sharing services, integrated public transportation scheduling and ticketing into their respective apps, and incentive programs to get drivers to switch to electric cars. "We want Uber to be a part of the solution to address climate change by working with cities to help create a low carbon transportation future," a spokesperson said. "To unlock the opportunities we have to reduce emissions, we will continue to invest in products and advocate for policies that reduce car ownership, promote more pooled trips and support greater adoption of bikes, scooters, green vehicles and the use of public transit." Lyft, meanwhile, dismissed the report as "misleading." "This report, like many before it, makes misleading claims about rideshare," a spokesperson said. "Lyft encourages the use of shared rides, was the first rideshare company to put public transit information into our app, and last year, made one of the largest single deployments of electric vehicles in the nation. We are eager to continue this work in partnership with cities, to advance shared, sustainable transportation."

Read more of this story at Slashdot.


Singapore Airlines Is Using Aeroponics To Upgrade In-Flight Meals
Antony McNeil, Singapore Airlines' global food and beverage director, is purchasing produce from AeroFarms' Newark facility, the world's largest indoor vertical farm. "The 16-year-old agtech startup has taken aeroponics to an industrial scale, growing some 800 varieties of leafy greens, tubers, root crops, vine crops, and berries all without soil, sunshine, or pesticides," reports Quartz. Thanks to this partnership, "Singapore Airlines is the first major carrier to serve produce harvested just hours before a flight." From the report: "We now have the best opportunity to serve the freshest produce, and it doesn't have to fly 2,000 miles," McNeil explains. But do classically trained chefs have qualms about lab-grown vegetables, like many do when it comes to genetically modified meat products? After all, what a strange power to calibrate the color, flavor, and texture of produce based on the whims of a cook. McNeil seems unconcerned, however. "I have no issues with it because it's unadulterated," he explains. "It's just fresh, beautiful produce." AeroFarms customizes orders by altering the environmental growing conditions; increasing the wind speed in the farm yields a firmer kale, for instance. "This is stretching our imagination," says McNeil, who dreams of experimenting with discarded stalks of AeroFarms-grown produce to flavor his soups. Beyond the quality factor, McNeil says having data that traces where and how vegetables are grown is a time-saver -- especially for airlines, where food safety is paramount. As he notes, food served on planes has to pass 10 to 12 critical control points in transit from harvest to the time it's served. Singapore Airlines is currently serving the AeroFarms-grown produce on flights originating from Newark and JFK airports. McNeil says the plan is to expand the company's network of sustainable growers to service more routes around the world.

Read more of this story at Slashdot.


NSA Phone Surveillance Program Cost $100 Million, Yielded One Major Investigation
An anonymous reader quotes a report from The Hill: A National Security Agency (NSA) surveillance program that accessed American citizens' domestic phone calls and text messages resulted in only one investigation between 2015 and 2019 despite costing $100 million, a newly declassified study found. The report, which was produced by the Privacy and Civil Liberties Oversight Board and briefed to Congress on Tuesday, also found that the program only yielded information the FBI did not already have on two occasions during that four-year period. "Based on one report, F.B.I. vetted an individual, but, after vetting, determined that no further action was warranted," the report said, according to The New York Times. "The second report provided unique information about a telephone number, previously known to U.S. authorities, which led to the opening of a foreign intelligence investigation." The report contains no further details of the investigation in question or its outcome. The USA Freedom Act of 2015, the law that authorized the program, is set to expire March 15, but the Trump administration has asked Congress to extend it. The House Judiciary Committee is set to consider a bill that would end the program's authorization on Wednesday.

Read more of this story at Slashdot.


Scientists Find the First-Ever Animal That Doesn't Need Oxygen To Survive
Scientists from Tel Aviv University in Israel discovered that a salmon parasite called Henneguya salminicola doesn't have a mitochondrial genome -- the first multicellular organism known to have this absence. That means it doesn't breathe; in fact, it lives its life completely free of oxygen dependency. ScienceAlert reports: It's a cnidarian, belonging to the same phylum as corals, jellyfish and anemones. Although the cysts it creates in the fish's flesh are unsightly, the parasites are not harmful, and will live with the salmon for its entire life cycle. Tucked away inside its host, the tiny cnidarian can survive quite hypoxic conditions. But exactly how it does so is difficult to know without looking at the creature's DNA -- so that's what the researchers did. They used deep sequencing and fluorescence microscopy to conduct a close study of H. salminicola, and found that it has lost its mitochondrial genome. In addition, it's also lost the capacity for aerobic respiration, and almost all of the nuclear genes involved in transcribing and replicating mitochondria. Like the single-celled organisms, it had evolved mitochondria-related organelles, but these are unusual too -- they have folds in the inner membrane not usually seen. The same sequencing and microscopic methods in a closely related cnidarian fish parasite, Myxobolus squamalis, was used as a control, and clearly showed a mitochondrial genome. These results show that here, at last, is a multicellular organism that doesn't need oxygen to survive. Exactly how it survives is still something of a mystery. It could be leeching adenosine triphosphate from its host, but that's yet to be determined. But the loss is pretty consistent with an overall trend in these creatures - one of genetic simplification. Over many, many years, they have basically devolved from a free-living jellyfish ancestor into the much more simple parasite we see today. The findings have been published in the journal PNAS.

Read more of this story at Slashdot.


Key Silicon Valley Reservoir To Be Completely Drained Due To Earthquake Risk
schwit1 shares a report from Bakersfield Californian: In a dramatic decision that could significantly impact Silicon Valley's water supply, federal dam regulators have ordered Anderson Reservoir, the largest reservoir in Santa Clara County, to be completely drained starting Oct. 1. The 240-foot earthen dam, built in 1950 and located east of Highway 101 between Morgan Hill and San Jose, poses too great of a risk of collapse during a major earthquake, the Federal Energy Regulatory Commission, which regulates dams, has concluded. Anderson Reservoir is owned by the Santa Clara Valley Water District, a government agency based in San Jose. When full, it holds 89,278 acre feet of water -- more than all other nine dams operated by the Santa Clara Valley Water District combined. "With these new requirements, we expect to see an impact to groundwater basins that are replenished with water released from Anderson Reservoir, including South County and southern San Jose," Norma Camacho, the water district's CEO, said. "Staff is already exploring other sources of water that will have to come from outside of the county. While residents have done an excellent job of conserving water since 2013, another drought during this time frame could require everyone to significantly decrease their water use."

Read more of this story at Slashdot.


Tesla Autopilot, Distracted Driving To Blame In Deadly 2018 Crash
Slashdot readers TomGreenhaw and gollum123 are sharing the findings from a National Transportation Safety Board (NTSB) investigation into a fatal Tesla Model X crash that occurred in 2018 near Mountain View, California. The agency says Tesla's Autopilot system and the driver's distraction by a mobile device were two of the probable causes of the crash. The Verge reports: The safety board arrived at those probable causes after a nearly two-year investigation into the crash. NTSB investigators also named a number of contributing factors, including that the crash attenuator in front of the barrier was damaged and had not been repaired by California's transportation department, Caltrans, in a timely manner. Had the crash attenuator been replaced, NTSB investigators said Tuesday that the driver, Walter Huang, likely would have survived. The NTSB shared its findings at the end of a three-hour-long hearing on Tuesday. During the hearing, board members took issue with Tesla's approach to mitigating the misuse of Autopilot, the National Highway Traffic Safety Administration's lax approach to regulating partial automation technology, and Apple -- Huang's employer -- for not having a distracted driving policy. (Huang was playing the mobile game on a company-issued iPhone.) "In this crash we saw an over-reliance on technology, we saw distraction, we saw a lack of policy prohibiting cell phone use while driving, and we saw infrastructure failures, which, when combined, led to this tragic loss," NTSB chairman Robert Sumwalt said at the end of the hearing on Tuesday. "We urge Tesla to continue to work on improving their Autopilot technology and for NHTSA to fulfill its oversight responsibility to ensure that corrective action is taken where necessary. It's time to stop enabling drivers in any partially automated vehicle to pretend that they have driverless cars."

Read more of this story at Slashdot.


Microsoft Wants To Do Away With Windows 10 Local Accounts
An anonymous reader quotes a report from Bleeping Computer: As time goes on, it is becoming increasingly clear that Microsoft is trying to make local accounts a thing of the past and push all new Windows 10 users to a Microsoft account. Since Windows 10 1903, Microsoft quietly changed the Windows Out-of-box Experience (OOBE) or setup experience so that many users are no longer able to create a local account during set up as they could previously. Recently, this change also expanded to international users in India and Germany. For those affected, the only way to create a local account during setup is to disconnect the computer from the Internet. Yes, that's right, Microsoft now makes you disconnect the computer from the Internet to create a local account during setup! If you don't want to disconnect your network, then you need to first set up Windows with a Microsoft Account and then when done with setup go into the Windows 10 'Family & other users' settings and create a local account. Even that is a bit convoluted as you have to first start the process of creating a Microsoft account and finally on the second screen, be given the option that you wish to create a local account. Once a local account has been created, you can delete the original Microsoft account you created during setup.

Read more of this story at Slashdot.


Juul Reportedly Plans To Pitch the FDA An Age-Locked E-Cigarette
According to a report from The Wall Street Journal, Juul is planning to pitch federal officials on a locked version of its e-cigarettes that would bar users younger than 21 from using them. From a report: Citing sources familiar with the matter, the Wall Street Journal reported on Monday that Juul is preparing to present the Food and Drug Administration with a massive document laying out its commitment to curbing youth use as well as research about its products and marketing-related information. As part of these documents, Juul is reportedly planning to include a proposal for the new age-locked device. The company may submit the new device to the FDA in May, or file it as part of a submission later in 2020, the paper said. The Journal, citing a Juul official, reported that the company will also seek approval to market its e-cigarettes as a safer alternative to cigarettes -- an assertion previously made by the company that landed it in deep shit with the FDA, as Juul did not have the necessary approval to make such a claim. Juul's presumably regretful Big Tobacco buddy Altria has reportedly been closely involved with Juul's FDA application to keep its e-cigarettes on the market.

Read more of this story at Slashdot.


Smithsonian Releases 2.8 Million Images Into Public Domain
An anonymous reader quotes a report from the Smithsonian: For the first time in its 174-year history, the Smithsonian has released 2.8 million high-resolution two- and three-dimensional images from across its collections onto an open access online platform for patrons to peruse and download free of charge. Featuring data and material from all 19 Smithsonian museums, nine research centers, libraries, archives and the National Zoo, the new digital depot encourages the public to not just view its contents, but use, reuse and transform them into just about anything they choose -- be it a postcard, a beer koozie or a pair of bootie shorts. And this gargantuan data dump is just the beginning. Throughout the rest of 2020, the Smithsonian will be rolling out another 200,000 or so images, with more to come as the Institution continues to digitize its collection of 155 million items and counting.

Read more of this story at Slashdot.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.