You are here

Tech/Science News

Did China Hack The CIA In A Massive Intelligence Breach From 2010 To 2012?

Slashdot - Mon, 05/22/2017 - 01:34
schwit1 quotes the International Business Times: Both the CIA and the FBI declined to comment on reports saying the Chinese government killed or imprisoned 18 to 20 CIA sources from 2010 to 2012 and dismantled the agency's spying operations in the country. It is described as one of the worst intelligence breaches in decades, current and former American officials told the New York Times. Investigators were uncertain whether the breach was a result of a double agent within the CIA who had betrayed the U.S. or whether the Chinese had hacked the communications system used by the agency to be in contact with foreign sources. The Times reported Saturday citing former American officials from the final weeks of 2010 till the end of 2012, the Chinese killed up to 20 CIA sources.

Read more of this story at Slashdot.

Categories: Tech/Science News

Ex-IBM Employee Guilty of Stealing Secrets For China

Slashdot - Mon, 05/22/2017 - 00:34
An anonymous reader quotes Fortune: A former developer for IBM pled guilty on Friday to economic espionage and to stealing trade secrets related to a type of software known as a clustered file system, which IBM sells to customers around the world. Xu Jiaqiang stole the secrets during his stint at IBM from 2010 to 2014 "to benefit the National Health and Family Planning Commission of the People's Republic of China," according to the U.S. Justice Department. In a press release describing the criminal charges, the Justice Department also stated that Xu tried to sell secret IBM source code to undercover FBI agents posing as tech investors. (The agency does not explain if Xu's scheme to sell to tech investors was to benefit China or to line his own pockets). Part of the sting involved Xu demonstrating the stolen software, which speeds computer performance by distributing works across multiple servers, on a sample network. The former employee acknowledged that others would know the software had been taken from IBM, but said he could create extra computer scripts to help mask its origins. At one point 31-year-old Xu even showed undercover FBI agents the part of the source code that identified it as coming from IBM "as well as the date on which it had been copyrighted."

Read more of this story at Slashdot.

Categories: Tech/Science News

How AI Can Infer Human Emotions

Slashdot - Sun, 05/21/2017 - 23:39
An anonymous reader quotes OReilly.com's interview with the CEO of Affectiva, an emotion-measurement technology company that grew out of MIT's Media Lab. We can mine Twitter, for example, on text sentiment, but that only gets us so far. About 35-40% is conveyed in tone of voice -- how you say something -- and the remaining 50-60% is read through facial expressions and gestures you make. Technology that reads your emotional state, for example by combining facial and voice expressions, represents the emotion AI space. They are the subconscious, natural way we communicate emotion, which is nonverbal and which complements our language... Facial expressions and speech actually deal more with the subconscious, and are more unbiased and unfiltered expressions of emotion... Rather than encoding specific rules that depict when a person is making a specific expression, we instead focus our attention on building intelligent algorithms that can be trained to recognize expressions. Through our partnerships across the globe, we have amassed an enormous emotional database from people driving cars, watching media content, etc. A portion of the data is then passed on to our labeling team, who are certified in the Facial Action Coding System...we have gathered 5,313,751 face videos, for a total of 38,944 hours of data, representing nearly two billion facial frames analyzed. They got their start testing advertisements, and now are already working with a third of all Fortune 500 companies. ("We've seen that pet care and baby ads in the U.S. elicit more enjoyment than cereal ads -- which see the most enjoyment in Canada.") One company even combined their technology with Google Glass to help autistic children learn to recognize emotional cues.

Read more of this story at Slashdot.

Categories: Tech/Science News

Vint Cerf Reflects On The Last 60 Years

Slashdot - Sun, 05/21/2017 - 22:34
Computerworld celebrated its 50th anniversary by interviewing Vinton Cerf. The 73-year-old "father of the internet" remembers reading the early issues of the magazine, and reflects on how much things have changed since he gained access to computers at UCLA in 1960, "the beginning of my love affair with computing." I worry 100 years from now our descendants may not know much about us or be able to read our emails or tweets or documents because nobody saved them or the software you need to read them won't exist anymore. It's a huge issue. I have files of text that were written 20 years ago in WordPerfect, except I don't have WordPerfect running anywhere... Q: Do you think [creating the internet] was your greatest accomplishment? No. Getting it turned on was a big deal. Keeping it running for the last some odd years was an even bigger deal. Protecting it from hostile governments that want to shut it down and supporting new applications at a higher capacity are all evolutions. The evolution continues... I don't know if I can point to anything and say that's the biggest accomplishment. It's one big climb up the mountain. Looking ahead to a future filled with AI, Cerf says "I worry about turning over too much autonomous authority to a piece of software," though he's not overly concerned, "not like Stephen Hawking or Elon Musk, who are alarmists about artificial intelligence. Every time you use Google search or self-driving cars, you're using A.I. These are all assistive technologies and I suspect this is how it will be used." He also acknowledges that "I probably don't have another 50 years left, unless Ray Kurzweil's predictions come true, and I can upload my consciousness into a computer."

Read more of this story at Slashdot.

Categories: Tech/Science News

FCC Won't Release DDoS Logs, And Will Probably Honor Fake Comments

Slashdot - Sun, 05/21/2017 - 21:34
An anonymous reader quotes ZDNet on the alleged denial of service attack which blocked comments supporting net neutrality. In a ZDNet interview, FCC chief information officer David Bray said that the agency would not release the logs, in part because the logs contain private information, such as IP addresses. In unprinted remarks, he said that the logs amounted to about 1 gigabyte per hour during the alleged attack... The log files showed that non-human [and cloud-based] bots submitted a flood of comments using the FCC's API. The bot that submitted these comments sparked the massive uptick in internet traffic on the FCC by using the public API as a vehicle... Bray's comments further corroborate a ZDNet report (and others) that showed unknown anti-net neutrality spammers were behind the posting of hundreds of thousands of the same messages to the FCC's website using people's names and addresses without their consent -- a so-called "astroturfing" technique -- in an apparent attempt to influence the results of a public solicitation for feedback on net neutrality. Speaking to reporters last week, FCC chairman Ajit Pai hinted that the agency would likely honor those astroturfed comments, nonetheless.

Read more of this story at Slashdot.

Categories: Tech/Science News

Soon You'll Be Able To Build Your Own 4G Network Over Wi-Fi Frequencies

Slashdot - Sun, 05/21/2017 - 20:34
Long-time Slashdot reader Esther Schindler writes: An industry consortium called MulteFire wants to help you build your own LTE-like network that uses the Wi-Fi spectrum, with no need for carriers or providers, writes Andy Patrizio. Just don't expect to get started today. "In its basic specification, MulteFire Release 1.0 defines an LTE-like network that can run entirely on unlicensed spectrum frequencies. The alliance didn't try to do too much with the 1.0 spec; it simply wanted to get it out the door so partners and manufacturers could begin adoption. For 1.0, the alliance focused on the 5-GHz band. More functionality and more spectrums will be supported in future specs." Why would you want it? As Patrzio explains, MulteFire's target audience is fairly obvious: anyone who needs speed, scalability, and security beyond what Wi-Fi offers. "MulteFire is enabling cellular technologies to run in unassigned spectrum, where they are free to use it so long as they follow the rules of the spectrum band," says Mazen Chmaytelli, president of the MulteFire Alliance." Is this something you think would make a difference? The alliance includes Qualcomm and Cisco Systems, and the article points out some advantages. LTE cell towers "can be miles apart versus Wi-Fi's range of just a few feet. Plus, LTE's security has never been breached, as far as we know."

Read more of this story at Slashdot.

Categories: Tech/Science News

Texas Legislature Clears Road For Uber and Lyft To Return To Austin

Slashdot - Sun, 05/21/2017 - 19:34
schwit1 shared this article from the Austin Monitor: The Texas Legislature has cleared the road for Uber and Lyft to return to Austin on their own terms. On Wednesday, the state Senate overwhelmingly approved House Bill 100 on second and third readings, sending the statewide ride-hailing regulations to Governor Greg Abbott's desk for his signature. If Abbott signs it, as he is expected to do, the new law will preempt regulations City Council passed in December 2015 that both Uber and Lyft deemed too restrictive on transportation network companies such as themselves. The new rules still require criminal background checks, but drop the requirement for fingerprinting. "We find it unfortunate that the 36 lobbyists deployed by the Silicon Valley giants were effective in convincing the State Legislature that there was a need to overrule the Austin voters," said a local ride-sharing company, which vowed to continue operating -- and to at least continue fingerprinting their own drivers. Houston's mayor complained the new statewide rules handed down are "another example of the legislature circumventing local control to allow corporations to profit at the expense of public safety."

Read more of this story at Slashdot.

Categories: Tech/Science News

Movie Piracy Blackmail Plot Fails In India, Six Arrested

Slashdot - Sun, 05/21/2017 - 18:34
An anonymous reader quote's TorrentFreak's report about "a plot against Baahubali 2: The Conclusion, a record-breaking movie taking India by storm." Someone posing as a "film anti-piracy activist" told the company that a pirated copy of the movie had been obtained and if a ransom wasn't paid, a leak onto the Internet would be inevitable... Following the call Arka Mediaworks immediately involved the police, who advised the company to engage the 'kidnappers' in dialog to obtain proof that they had the movie in question. That was delivered in the form of a high-definition sample of the movie, a move that was to mark the beginning of the end for those attempting to extort Arka Mediaworks. It's unclear whether those who sent the sample were aware, but the movie was forensically or otherwise marked, something which allowed police and investigators to track the copy back to a specific theater... shortly after the owner of the theater was arrested by police. This was followed by the arrest of the person who allegedly called Arka Mediaworks with the ransom demand. From there, police were led to other co-conspirators. In total, six arrests were made, with two of the men already known to police. TorrentFreak calls the ransoming of movies "a worrying trend in 2017" that's "damaging the image of piracy further, if that was even possible."

Read more of this story at Slashdot.

Categories: Tech/Science News

New Battery Technology Draws Energy Directly From The Human Body

Slashdot - Sun, 05/21/2017 - 17:34
An anonymous reader quotes BleepingComputer: A team of eleven scientists from UCLA and the University of Connecticut has created a new energy-storing device that can draw electrical power from the human body. What researchers created is a biological supercapacitor, a protein-based battery-like device that extracts energy from the human body and then releases it inside an electrical circuit â" the implantable medical device. According to a research paper published earlier this month, the supercapacitor is made up by a device called a "harvester" that operates by using the body's heat and movements to extract electrical charges from ions found in human body fluids, such as blood, serum, or urine. As electrodes, the harvester uses a carbon nanomaterial called graphene, layered with modified human proteins. The electrodes collect energy from the human body, relay it to the harvester, which then stores it for later use. Because graphene sheets can be drawn in sheets as thin as a few atoms, this allows for the creation of utra-thin supercapacitors that could be used as alternatives to classic batteries. For example, the bio-friendly supercapacitors researchers created are thinner than a human hair, and are also flexible, moving and twisting with the human body.

Read more of this story at Slashdot.

Categories: Tech/Science News

Indian Election Officials Challenges Critics To Hack Electronic Voting Machine

Slashdot - Sun, 05/21/2017 - 16:34
Slashdot reader erodep writes: Following the recent elections in India, there have been multiple allegations of electoral fraud by hacking of Electronic Voting Machines... Two weeks ago, a party even "demonstrated" that these machines can be hacked. The Election Commission of India has rubbished these claims and they have thrown an open challenge, starting June 3rd to hack these EVMs using WiFi, Bluetooth or any internet device. This is a plea to the hackers of Slashdot to help secure the future of the largest democracy on the planet. Each party can nominate three experts -- though India's Aam Aaadmi Party is already complaining that there's too many terms and conditions. And party leader Sanjay Singh has said he also wants paper ballots for all future elections, arguing "All foreign countries like America, Japan, Germany and Britain have gone back to ballot paper."

Read more of this story at Slashdot.

Categories: Tech/Science News

Endless OS Now Ships With Steam And Slack FlatPak Applications

Slashdot - Sun, 05/21/2017 - 15:34
An anonymous reader writes: Steam and Slack are now both included as Flatpak applications on the Endless OS, a free Linux distribution built upon the decades of evolution of the Linux operating system and the contributions of thousands of volunteers on the GNOME project. The beauty of Flatpak is the ability to bridge app creators and Linux distributions using a universal framework, making it possible to bring this kind of software to operating systems that encourage open collaboration... As an open-source deployment mechanism, Flatpak was developed by an independent cohort made up of volunteers and contributors from supporting organizations in the open-source community. Alexander Larsson, lead developer of Flatpak and principal engineer at Red Hat, provided comment saying, "We're particularly excited about the opportunity Endless affords to advance the benefits of open-source environments to entirely new audiences."

Read more of this story at Slashdot.

Categories: Tech/Science News

Netgear Adds Support For "Collecting Analytics Data" To Popular R7000 Router

Slashdot - Sun, 05/21/2017 - 13:29
An anonymous reader writes: Netgear's latest firmware update for the R7000 includes new support for collecting analytics data. The update release notes include this caution: NOTE:It is strongly recommended that after the firmware is updated to this version, log back in to the router s web GUI and configure the settings for this feature. An article on Netgear's KB states updated last week that Netgear collects information including IP addresses, MAC, certain WiFi information, and information about connected devices.

Read more of this story at Slashdot.

Categories: Tech/Science News

The Working Dead: Which IT Jobs Are Bound For Extinction?

Slashdot - Sun, 05/21/2017 - 09:24
Slashdot reader snydeq shares an InfoWorld article identifying "The Working Dead: IT Jobs Bound For Extinction." Here's some of its predictions. The president of one job leadership consultancy argues C and C++ coders will soon be as obsolete as Cobol programmers. "The entire world has gone to Java or .Net. You still find C++ coders in financial companies because their systems are built on that, but they're disappearing."A data scientist at Stack Overflow "says demand for PHP, WordPress, and LAMP skills are seeing a steady decline, while newer frameworks and languages like React, Angular, and Scala are on the rise." The CEO and co-founder of an anonymous virtual private network service says "The rise of Azure and the Linux takeover has put most Windows admins out of work. Many of my old colleagues have had to retrain for Linux or go into something else entirely."In addition, "Thanks to the massive migration to the cloud, listings for jobs that involve maintaining IT infrastructure, like network engineer or system administrator, are trending downward, notes Terence Chiu, vice president of careers site Indeed Prime."The CTO of the job site Ladders adds that Smalltalk, Flex, and Pascal "quickly went from being popular to being only useful for maintaining older systems. Engineers and programmers need to continually learn new languages, or they'll find themselves maintaining systems instead of creating new products."The president of Dice.com says "Right now, Java and Python are really hot. In five years they may not be... jobs are changing all the time, and that's a real pain point for tech professionals." But the regional dean of Northeastern University-Silicon Valley has the glummest prediction of all. "If I were to look at a crystal ball, I don't think the world's going to need as many coders after 2020. Ninety percent of coding is taking some business specs and translating them into computer logic. That's really ripe for machine learning and low-end AI."

Read more of this story at Slashdot.

Categories: Tech/Science News

Attackers DDoS WannaCry Kill Switch

Slashdot - Sun, 05/21/2017 - 06:19
An anonymous reader quotes VentureBeat: As of late Friday, after many of the deadlines threatening data deletion had passed, few victims had paid ransoms. According to Elliptic Enterprises, only about $94,000 worth of ransoms had been paid via Bitcoin, which works out to less than one in a thousand of the 300,000 victims who were reportedly affected by WannaCry... While not as bad as feared, ransomware (not to mention cybersecurity threats in general) isn't going away. Wired reported that the domain registered by Hutchins has been under intense denial-of-service attacks delivered by an army of IoT devices marshalled, zombie-like, by Mirai.

Read more of this story at Slashdot.

Categories: Tech/Science News

Possible Radioactive Leak Investigated At Washington Nuclear Site

Slashdot - Sun, 05/21/2017 - 03:14
Authorities are investigating radioactive material found on a worker's clothing one week after a tunnel collapse at the waste nuclear waste site in the state of Washington. Around 7 p.m. Thursday, Washington River Protection Solutions, a government contractor contractor in charge of all 177 underground storage tanks at the nuclear site. detected high radiation readings on a robotic device that seven workers were pulling out of a tank. Then, contamination was also discovered on the clothing of one worker -- on one shoe, on his shirt and on his pants in the knee area. "Radiological monitoring showed contamination on the unit that was three times the planned limit. Workers immediately stopped working and exited the area according to procedure," said Rob Roxburgh, deputy manager of WRPS Communications & Public Relations said to KING-TV. Using leak-detection instruments, WRPS said it did not find liquid escaping the tank. "Everybody was freaked, shocked, surprised," said a veteran worker, who was in direct contact with crew members. "[The contamination] was not expected. They're not supposed to find contamination in the annulus [safety perimeter] of the double shell tanks." Washington's attorney general, urging a federal clean-up of the site, insists "This isn't the first potential leak and it won't be the last."

Read more of this story at Slashdot.

Categories: Tech/Science News

New Evidence of a Decline In Electricity Use By U.S. Households

Slashdot - Sun, 05/21/2017 - 01:09
There's some surprising news from the Energy Institute at the University of California's business school. America's households are using less electricity than they did five years ago. So what is different? Energy-efficient lighting. Over 450 million LEDs have been installed to date in the United States, up from less than half a million in 2009, and nearly 70% of Americans have purchased at least one LED bulb. Compact fluorescent lightbulbs (CFLs) are even more common, with 70%+ of households owning some CFLs. All told, energy-efficient lighting now accounts for 80% of all U.S. lighting sales. It is no surprise that LEDs have become so popular. LED prices have fallen 94% since 2008, and a 60-watt equivalent LED lightbulb can now be purchased for about $2. LEDs use 85% less electricity than incandescent bulbs, are much more durable, and work in a wide-range of indoor and outdoor settings. "I would add LED TVs replacing LCD, Plasma and CRTs," writes Slashdot reader schwit1.

Read more of this story at Slashdot.

Categories: Tech/Science News

New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two

Slashdot - Sat, 05/20/2017 - 23:59
An anonymous reader writes: Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two. Named EternalRocks, the worm seems to be in a phase where it is infecting victims and building its botnet, but not delivering any malware payload. EternalRocks is far more complex than WannaCry's SMB worm. For starters, it uses a delayed installation process that waits 24 hours before completing the install, as a way to evade sandbox environments. Further, the worm also uses the exact same filenames as WannaCry in an attempt to fool researchers of its true origin, a reason why the worm has evaded researchers almost all week, despite the attention WannaCry payloads have received. Last but not least, the worm does not have a killswitch domain, which means the worm can't be stopped unless its author desires so. Because of the way it was designed, it is trivial for the worm's owner to deliver any type of malware to any of the infected computers. Unfortunately, because of the way he used the DOUBLEPULSAR implant, one of the seven NSA hacking tools, other attackers can hijack its botnet and deliver their own malware as well. IOCs are available in a GitHub repo. Ars Technica quotes security researchers who say "there are at least three different groups that have been leveraging the NSA exploit to infect enterprise networks since late April... These attacks demonstrate that many endpoints may still be compromised despite having installed the latest security patch."

Read more of this story at Slashdot.

Categories: Tech/Science News

EU Passes 'Content Portability' Rules Banning Geofencing

Slashdot - Sat, 05/20/2017 - 22:54
Long-time Slashdot reader AmiMoJo writes: The European Parliament has passed draft rules mandating 'content portability', i.e. the ability to take your purchased content and services across borders within the EU. Freedom of movement rules, which allow EU citizens to live and work anywhere in the EU, require that the individual is able to take their life with them -- family, property, and services. Under the new rules, someone who pays for Netflix or BBC iPlayer and then moves to another EU country will retain access to those services and the same content they had previously. Separately, rules to prevent geofencing of content within the EU entirely are also moving forward.

Read more of this story at Slashdot.

Categories: Tech/Science News

Groups War Over Resources For DDoS Attacks

Slashdot - Sat, 05/20/2017 - 21:49
An anonymous reader quotes CSO: As more groups get into the denial-of-service attack business they're starting to get in each other's way, according to a report released Thursday... There are only so many devices around that have the kind of vulnerabilities that make them potential targets for a botnet. That translates into a smaller average attack size, said Martin McKeay, senior security advocate at Cambridge, Mass.-based Akamai Technologies Inc. There are only so many devices around that have the kind of vulnerabilities that make them potential targets for a botnet. "And other people can come in and take over the device, and take those resources to feed their own botnet," he said. "I'm seeing that over and over." The article reports a median size for DDoS attacks of 4 gigabits per second at the start of 2015 -- which droped in the first quarter of 2017 down to 500 megabits per second.

Read more of this story at Slashdot.

Categories: Tech/Science News

Stealing Windows Credentials Using Google Chrome

Slashdot - Sat, 05/20/2017 - 20:44
Orome1 writes: A default setting in Google Chrome, which allows it to download files that it deems safe without prompting the user for a download location, can be exploited by attackers to mount a Windows credential theft attack using specially-crafted SCF shortcut files, DefenseCode researchers have found. What's more, for the attack to work, the victim does not even have to run the automatically downloaded file. Simply opening the download directory in Windows File Explorer will trigger the code icon file location inserted in the file to run, and it will send the victim's username, domain and NTLMv2 password hash to a remote SMB server operated by the attackers.

Read more of this story at Slashdot.

Categories: Tech/Science News

Pages

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer