By BeauHD from Slashdot's don't-mess-with-my-settings-bro department
An anonymous reader quotes a report from Ars Technica: On May 17, researchers at Tenable revealed that they had discovered a vulnerability in the Windows version of the desktop application for Slack, the widely used collaboration service. The vulnerability, in Slack Desktop version 3.3.7 for Windows, could have been used to change the destination of a file download from a Slack conversation to a remote file share owned by an attacker. This would allow the attacker to not only steal the files that were downloaded by a targeted user, but also allow the attacker to alter the files and add malware to them. When victims opened the files, they would get a potentially nasty surprise. Tenable reported the vulnerability to Slack via HackerOne. Slack has issued an update to the Windows desktop client that closes the vulnerability. Once the attacker had changed the default download location, "the attacker could have not only stolen the document, but even inserted malicious code in it so that when opened by victim after download (through the Slack application), their machine would have been infected," writes Tenable's David Wells in a blog post.Read Replies (0)
By BeauHD from Slashdot's world-is-your-oyster department
Microsoft is working on an ambitious new Minecraft game with an augmented-reality spin that hopes to one up Niantic's wildly popular Pokemon Go mobile game. The Verge's Tom Warren sat down with Microsoft's HoloLens and Kinect creator, Alex Kipman, to take a look Minecraft Earth, a new free-to-play game for iOS and Android that lets players create and share whatever they've made in the game with friends in the real world, away from TV screens and monitors.
"We have covered the entire planet in Minecraft," explains Torfi Ilafsson, game director of Minecraft Earth. "Every lake is a place you can fish, every park is a place you can chop down trees. We've actually taken maps of the entire world and converted them to Minecraft." Warren writes: These maps, based on OpenStreetMap, have allowed Microsoft to start working out where to place Minecraft adventures into the world. These adventures spawn dynamically on the Minecraft Earth map and are designed for multiple people to get involved in. This is really where Minecraft Earth starts to get interesting and beyond anything I've played in other AR games like Pokemon Go. I tried a variety of adventures during my brief Minecraft Earth gameplay demo, and they range from peaceful and friendly to a little more risky, knowing you enter them and might lose all your treasure if you die to a monster. The fascinating part of adventures is that you can be side-by-side with friends, all experiencing the same game on the exact same spot of a sidewalk or in a park at the same time. Microsoft is doing some impressive behind-the-scenes computational magic (more on that later) so that when you play an adventure, it's in a precise location, beyond regular GPS coordinates, so that everyone is experiencing the same thing. You can fight monsters, break down structures for resources together, and even stand in front of a friend to block them from physically killing a virtual sheep.
< article continued at Slashdot's world-is-your-oyster department
>Read Replies (0)
By BeauHD from Slashdot's too-much-passion department
An anonymous reader quotes a report from Reuters: A California man was sentenced to 20 months in prison on Friday after pleading guilty for threatening to kill the family of U.S. Federal Communications Commission Chairman Ajit Pai over the regulator's successful effort to repeal net neutrality rules. The Justice Department said Markara Man, 33, of Norwalk, California, sent the email threats "in hopes it would cause (Pai) to reverse his position on net neutrality." Led by Pai, the FCC in December 2017 repealed landmark net neutrality protections, which required internet service providers to provide users equal access to all data, regardless of their kind, source or destination. When Markara pleaded guilty in September 2018, Pai thanked law enforcement and the FCC for protecting him and his family, adding "I am deeply grateful for all they have done to keep us safe." In November 2018, Tyler Barriss pleaded guilty for calling in a bomb threat to the FCC during the December 2017 meeting where the vote to repeal net neutrality was held.Read Replies (0)
By msmash from Slashdot's here's-to-the-next-10-years department
For more than three decades, Stephen Wolfram, a 59-year-old scientist, software designer and entrepreneur, has built software that has attracted an avid following among mathematicians and scientists. His Mathematica program for symbolic mathematical computation and its programming language, Wolfram Language, are favorites of the intelligentsia of the quant world in universities and corporations. Wolfram Alpha, one of his creations, is a unique search engine that does not forage the web, but culls its own painstakingly curated database to find answers. This week, the search engine turned 10.
On the big occasion, Mr. Wolfram has shared some insight: It was a unique and surprising achievement when it first arrived, and over its first decade it's become ever stronger and more unique. It's found its way into more and more of the fabric of the computational world, both realizing some of the long-term aspirations of artificial intelligence, and defining new directions for what one can expect to be possible. Oh, and by now, a significant fraction of a billion people have used it. And we've been able to keep it private and independent, and its main website has stayed free and without external advertising.
As the years have gone by, Wolfram Alpha has found its way into intelligent assistants like Siri, and now also Alexa. It's become part of chatbots, tutoring systems, smart TVs, NASA websites, smart OCR apps, talking (toy) dinosaurs, smart contract oracles, and more. It's been used by an immense range of people, for all sorts of purposes. Inventors have used it to figure out what might be possible. Leaders and policymakers have used it to make decisions. Professionals have used it to do their jobs every day. People around the world have used it to satisfy their curiosity about all sorts of peculiar things. And countless students have used it to solve problems, and learn. The footage of the launch of Alpha, from 10 years ago.Read Replies (0)
By msmash from Slashdot's time-to-move-on department
An anonymous reader shares a report: With just seven more months of support left for Windows 7, the South Korean government is planning to migrate to Linux, according to the Korea Herald, which notes that the Interior Ministry will begin "test-running Linux on its PCs, and if no security issues arise, Linux systems will be introduced more widely within the government. The Herald quotes the Interior Ministry as indicating that the transition to Linux, and the purchase of new PCs, would cost about 780 billion won ($655 million), but also anticipates long-term cost reductions with the adoption of Linux. The report doesn't mention a specific distro, instead "hopes to avoid building reliance on a single operating system." "Before the government-wide adoption, the ministry said it would test if the system could be run on private networked devices without security risks and if compatibility could be achieved with existing websites and software which have been built to run on Windows," the report stated.Read Replies (0)
By msmash from Slashdot's growing-concern department
MySpace, which recently lost 50 million files uploaded between 2003 and 2015, is not alone in encountering problems. As the internet grows, batches of old information are increasingly disappearing from it. From a story: Amazon cloud services, for example, also experienced a substantial outage in 2011 and another in 2017. Though temporary, and without actual loss of data, these outages left users without access to precious and important files for some time. Preserving content or intellectual property on the internet presents a conundrum. If it's accessible, then it isn't safe; if it's safe, then it isn't accessible. Accessible content is subject to tampering, theft or other sorts of bad actions. Only content that is inaccessible can be locked and protected from hacking.
The internet currently accesses about 15 zettabytes of data, and is growing at a rate of 70 terabytes per second. It is an admittedly leaky vessel, and content is constantly going offline to wind up lost forever. Massive and desperate efforts are underway to preserve whatever is worth preserving, but even sorting out what is and what is not is itself a formidable undertaking. What will be of value in 10 years -- or 50 years? And how to preserve it? Acid-free paper can last 500 years; stone inscriptions even longer. But magnetic media like hard drives have a much shorter life, lasting only three to five years. They also need to be copied and verified on a very short life cycle to avoid data degradation at observed failure rates between 3% and 8% annually. Then there is also a problem of software preservation: How can people today or in the future interpret those WordPerfect or WordStar files from the 1980s, when the original software companies have stopped supporting them or gone out of business?Read Replies (0)
By msmash from Slashdot's closer-look department
An anonymous reader shares a report: Fun as the element of surprise may be, matches in PUBG might be less dynamic than they seem. That's the assertion of researchers at the Department of Computer Science at the University of Georgia, who tested several AI algorithms to predict final player placement in PUBG from in-game stats and initial rankings. As the coauthors explain, each PUBG game starts with players parachuting from a plane onto one of four maps containing procedurally generated weapons, vehicles, armor, and other equipment. To train their AI models, the team sourced telemetry data recorded and compiled by Google-owned Kaggle, an online machine learning community. In total, it contained 4.5 million instances of solo, duo, and squad battles with 29 attributes, which the researchers whittled down to 1.9 million with 28 attributes.
Most players don't rack up any kills, the team notes, and only a small fraction manage to win with a pacifistic strategy. In fact, 0.3748% of the players in the corpus won kill-free, out of which 0.1059% players won without a kill and without dealing damage. They also observed that players who actively traverse maps -- i.e., walk more -- increase their chances of winning; that 2.0329% players in the sample set died before taking a single step; and that with players with fewer kills who prefer to battle solo or in pairs had higher chances of winning compared with players who played in a squad.Read Replies (0)
By msmash from Slashdot's big-shark,-small-shark department
Hewlett Packard Enterprise will be buying the supercomputer maker Cray for roughly $1.3 billion, the companies said this morning. Intending to use Cray's knowledge and technology to bolster their own supercomputing and high-performance computing technologies, when the deal closes, HPE will become the world leader for supercomputing technology. From a report: Cray of course needs no introduction. The current leader in the supercomputing field and founder of supercomputing as we know it, Cray has been a part of the supercomputing landscape since the 1970s. Starting at the time with fully custom systems, in more recent years Cray has morphed into an integrator and scale-out specialist, combining processors from the likes of Intel, AMD, and NVIDIA into supercomputers, and applying their own software, I/O, and interconnect technologies. The timing of the acquisition announcement closely follows other major news from Cray: the company just landed a $600 million US Department of Energy contract to supply the Frontier supercomputer to Oak Ridge National Laboratory in 2021. Frontier is one of two exascale supercomputers Cray is involved in -- the other being a subcontractor for the 2021 Aurora system -- and in fact Cray is involved in the only two exascale systems ordered by the US Government thus far. So in both a historical and modern context, Cray was and is one of the biggest players in the supercomputing market.Read Replies (0)
By msmash from Slashdot's how-about-that department
The Ethereum ecosystem is no different than the Windows or IoT landscape, where security flaws remain unpatched for long periods of time, despite the availability of public patches. From a report: In a report shared with ZDNet today, security researchers from SRLabs revealed that a large chunk of the Ethereum client software that runs on Ethereum nodes has yet to receive a patch for a critical security flaw the company discovered earlier this year. "According to our collected data, only two thirds of nodes have been patched so far," said Karsten Nohl, one of the researchers. The vulnerability is a denial of service (DoS) vulnerability in the Parity client that can be used to run Ethereum nodes. Per SRLabs, the vulnerability allows an attacker to remotely crash Ethereum nodes (that run Parity) by sending malformed packets. The issue was fixed with the release of the Parity Ethereum client v2.2.10, in mid-February this year, a few days after it was reported. While most DoS flaws are considered "low impact" for most products, this is not the case in the cryptocurrency world.Read Replies (0)
By BeauHD from Slashdot's all-about-the-money department
An anonymous reader shares a report from CNBC: The Federal Railroad Administration announced Thursday that it terminated a 2010 agreement with the California High-Speed Rail Authority and will pull a nearly $929 million federal grant. In a release, the FRA said the California agency "repeatedly failed to comply with the terms of the FY10 agreement and has failed to make reasonable progress on the project." At the same time, the federal agency said, "California has abandoned its original vision of a high-speed passenger rail service connecting San Francisco and Los Angeles, which was essential to its applications for FRA grant funding." In addition, the FRA said it "continues to consider all options regarding the return of $2.5 billion in American Recovery and Reinvestment Act funds awarded to CHSRA." "The Trump administration's action is illegal and a direct assault on California, our green infrastructure, and the thousands of Central Valley workers who are building this project," Newsom said in a statement Thursday. "Just as we have seen from the Trump administration's attacks on our clean air standards, our immigrant communities and in countless other areas, the Trump administration is trying to exact political retribution on our state. This is California's money, appropriated by Congress, and we will vigorously defend it in court."Read Replies (0)
By BeauHD from Slashdot's new-and-improved-medicine department
hackingbear shares a report from CNN: A team of researchers from Zhejiang University School of Medicine in Hangzhou, China, created a gel composed of a network of proteins, inspired by the matrix composition of human connective tissues, and other molecules. The product, which requires ultraviolet light to activate, can adhere within seconds and then bond to wet biological tissue surfaces without suturing. In pigs, the bio-glue sealed a punctured carotid artery, a major blood vessel in the neck, in less than a minute and also filled holes in the cardiac wall. The Chinese researchers monitored their post-surgical pigs for a two-week recovery period and saw natural healing with no abnormalities or unusual inflammation. Around the globe, more than 234 million surgeries are performed each year, the World Health Organization estimates. Additional research confirming the safety of this product is needed before experiments can begin in humans, according to the authors of a study published Wednesday in the journal Nature Communications.Read Replies (0)
By BeauHD from Slashdot's don't-get-too-excited department
A month ago, Verizon's 5G coverage in Chicago was exceedingly difficult to find and the speeds were only noticeably faster than LTE. Now, Chris Welch from The Verge says the company "has ramped things up." While coverage "remains extremely limited" and "varies widely block by block," the speed is lightning fast. From the report: I just ran a speed test that crossed 1Gbps, and my mind is frankly a little blown. This is in the real world, where my iPhone XS Max is barely hitting 20Mbps in the same spot. Download speeds on Verizon's 5G network now feel like a proper next-gen leap over current LTE performance. Going over 700Mbps is very typical, and crossing that gigabit marker can happen regularly if you're standing near one of the carrier's 5G nodes, which utilize millimeter wave technology to achieve the faster download rates.
I'm still walking around Chicago and testing things out, but here are a few quick tests I ran: The pilot episode of The Office downloaded from Netflix at "high" quality in eight seconds. That's not a typo. I pulled down Marvel's Iron Man 2 from the Amazon Prime Video app at "best" quality in 90 seconds. Welch balances his excitement by saying that "indoor coverage on Verizon's 5G network is basically nonexistent." Also, "uploads are still limited to LTE on Verizons 5G network" and "tethering with the Galaxy S10 5G isn't yet supported (at 5G speeds)."
Another thing to think about is the fact that barely anyone is on Verizon's 5G network right now. When people actually start buying 5G devices, the 1Gbps speeds will surely drop.Read Replies (0)
By BeauHD from Slashdot's structure-of-the-moon department
China's Chang'e-4 mission to the dark side of the moon has discovered signs of mantle material at the moon's surface, "effectively setting an 'X' on lunar maps for future explorers seeking this not-so-buried geological treasure," reports Scientific American. From the report: China's Chang'e-4 mission touched down near the south pole on the lunar far side on January 3, 2019, the first spacecraft ever to land intact on this largely unexplored region of the moon. Consisting of a lander and rover, the mission is still going strong today, with the rover -- called Yutu-2 -- continuing its journey across the surface. On board are a variety of instruments, and today in Nature scientists from the Chinese Academy of Sciences in Beijing report the mission's first scientific results, suggesting lunar mantle material has at last been located.
"We found that the material of the Chang'e-4 landing site is mainly composed of olivine and low-calcium pyroxene," says Dawei Liu, one of the paper's co-authors. "This mineral combination is the candidate mantle-derived material." Chang'e-4 rests inside the South Pole-Aitken (SPA) basin, which, at 2,500 kilometers across, is one of the solar system's oldest and largest known impact craters. Specifically, the mission touched down in the 186-kilometer-wide Von Karman crater within this larger basin. Von Karman was produced billions of years ago by the impact of a large comet or asteroid; such collisions can excavate mantle material from deep underground, allowing it to be scattered across the surface by subsequent impacts.
< article continued at Slashdot's structure-of-the-moon department
>Read Replies (0)