By EditorDavid from Slashdot's learning-to-add department
"A Chinese headmaster has been fired after a secret stack of crypto-currency mining machines was found connected to his school's electricity supply," writes the BBC. An anonymous reader quotes their report:
Teachers at the school in Hunan became suspicious of a whirring noise that continued day and night, local media report. This led to the discovery of the machines, which were mining the crypto-currency Ethereum. They racked up an electricity bill of 14,700 yuan [£1,600, or about $2,100]...
The headmaster had originally spent 10,000 yuan on a single machine for use at home, but allegedly decided to move it to the school after he saw how much electricity it consumed... A total of eight mining machines were installed in the Hunan school's computer room between summer 2017 and summer 2018... The deputy headmaster also became involved in the scheme and allegedly acquired a ninth machine for himself in January, which was also installed at the school. The computer network in the building became overloaded as a result of the mining activity, according to reports, and this "interfered" with teaching.
All the money earned through the mining operation has now been claimed by the local official responsible for "discipline inspection."Read Replies (0)
By EditorDavid from Slashdot's adventurous-capital department
An anonymous reader quotes the Bay Area Newsgroup:
A former Tesla global supply manager was indicted Thursday by federal prosecutors alleging he embezzled more than $9 million from the Palo Alto electric car maker. Salil Parulekar, 32, is charged with felony wire fraud and aggravated identity theft. Parulekar oversaw Tesla's dealings with certain auto parts and services vendors, and used that position to divert to a German auto parts company $9.3 million in payments intended for a Taiwanese supplier, according to the indictment. ... Parulekar, who was living in San Jose and working for Tesla in 2016 and 2017, falsified invoices, created fake accounts-payable documents, and impersonated an employee of the Taiwanese supplier to trick Tesla's accounts-payable department into switching the bank account information of the Taiwanese and German companies, the indictment alleged.
That Taiwanese firm's complaints to Tesla about missing money went to Parulekar, who responded by sending fake documents purporting to show the payments were made, the indictment claimed.Read Replies (0)
By EditorDavid from Slashdot's charging-ahead department
An anonymous reader quotes Reuters:
Volkswagen intends to sell electric cars for less than 20,000 euros ($22,836) and protect German jobs by converting three factories to make Tesla rivals, a source familiar with the plans said... Plans for VW's electric car, known as "MEB entry" and with a production volume of 200,000 vehicles, are due to be discussed at a supervisory board meeting on Nov. 16, the source said... The November 16 strategy meeting will discuss Volkswagen's transformation plan to shift from being Europe's largest maker of combustion engine vehicles into a mass producer of electric cars, another source familiar with the deliberations said.
VW's strategy shift comes as cities start to ban diesel engine vehicles, forcing carmakers to think of new ways to safeguard 600,000 German industrial jobs, of which 436,000 are at car companies and their suppliers.... The shift from combustion engines to electric cars would also cost 14,000 jobs at VW by 2020 as it takes less time to build an electric car than a conventional one and because jobs will shift overseas to battery manufacturers.Read Replies (0)
By EditorDavid from Slashdot's un-friending department
An anonymous reader quotes Fortune:
Facebook is the least trustworthy of all major tech companies when it comes to safeguarding user data, according to a new national poll conducted for Fortune, highlighting the major challenges the company faces following a series of recent privacy blunders. Only 22% of Americans said that they trust Facebook with their personal information, far less than Amazon (49%), Google (41%), Microsoft (40%), and Apple (39%)....
In question after question, respondents ranked the company last in terms of leadership, ethics, trust, and image... Public mistrust extended to Zuckerberg, Facebook's public face during its privacy crisis and who once said that Facebook has "a responsibility to protect your information, If we can't, we don't deserve it." The company subsequently fell victim to a hack but continued operating as usual, including debuting a video-conferencing device intended to be used in people's living rooms or kitchens and that further extends Facebook's reach into more areas outside of personal computers and smartphones. Only 59% of respondents said they were "at least somewhat confident" in Zuckerberg's leadership in the ethical use of data and privacy information, ranking him last among four other tech CEOS...
As for Facebook, the social networking giant may have a difficult time regaining public trust because of its repeated problems. Consumers are more likely to forgive a company if they believe a problem was an aberration rather than a systemic failure by its leadership, Harris Poll CEO John Gerzema said.
The article concludes that "For now, the public isn't in a forgiving mood when it comes to Facebook and Zuckerberg."Read Replies (0)
By EditorDavid from Slashdot's lost-in-space department
Long-time Slashdot reader RockDoctor writes: A paper published on Arxiv last week reports on a project to redetermine the "orbits of long period comets... We recently attempted to check, whether the assumption of a parabolic orbit for hundreds of comets discovered after 1950 is fully justified in all cases." The full work by Królikowska & Dybczynski remains in preparation (which is perfectly normal), but this intriguing result deserved early attention. During this research we found an interesting case of the comet C/2014 W10 PANSTARRS. (that's the 10th reported comet in fortnight W of year 2014, source : the PANSTARRS team)
After discovery on 2014-11-25, fourteen observations were made over three days, giving a first-estimate orbit with an eccentricity of 0.6039453. So far, so boring — as the temporary designation suggests, these get found on most days. But that orbit is subject to uncertainty so some more measurements were made on 2014-12-22 from a different observatory. When all of the data is considered, it becomes impossible to clearly assign an orbit to this object (this is possible if, for example, there is a fragmentation of the object between observations), but many of the solutions which can be obtained have a hyperbolic orbit — that is, the object is extra-solar.
If correct, this "post-covery" would double the size of the catalogue of interstellar objects known.
Unfortunately, the quality of the original data remains poor — estimates of the orbital eccentricity vary between 1.22 and 1.65 — which is in contrast to the prompt recognition and intense observation campaign for 'Oumuamua. The report's main conclusion is that Our main purpose is to show that similar cases should be treated in future with greater care by more reliable preliminary orbit determination and alerting observers about the importance of the object to initiate more follow-up observations. Which is exactly what happened with 'Oumuamua.Read Replies (0)
By EditorDavid from Slashdot's bug-bounty-declined department
"A Russian security researcher has published details about a zero-day vulnerability affecting VirtualBox, an Oracle software application for running virtual machines," reports ZDNet.
According to a text file uploaded on GitHub, Saint Petersburg-based researcher Sergey Zelenyuk has found a chain of bugs that can allow malicious code to escape the VirtualBox virtual machine (the guest OS) and execute on the underlying (host) operating system. Once out of the VirtualBox VM, the malicious code runs in the OS' limited userspace (kernel ring 3), but Zelenyuk said that attackers can use many of the already known privilege escalation bugs to gain kernel-level access (ring 0). "The exploit is 100% reliable," Zelenyuk said. "It means it either works always or never because of mismatched binaries or other, more subtle reasons I didn't account."
The Russian researcher says the zero-day affects all current VirtualBox releases, works regardless of the host or guest operating system the user is running, and is reliable against the default configuration of newly created VMs. Besides a detailed write-up of the entire exploit chain, Zelenyuk has also published video proof, showing the zero-day in action against an Ubuntu VM running inside VirtualBox on an Ubuntu host OS.
Long-time Slashdot reader Artem Tashkinov warns that the exploit utilizes "bugs in the data link layer of the default E1000 network interface adapter which makes this vulnerability critical for everyone who uses virtualization to run untrusted code." According to ZDNet, the same security researcher "found and reported a similar issue in mid-2017, which Oracle took over 15 months to fix."
"This lengthy and drawn-out patching process appears to have angered Zelenyuk, who instead of reporting this bug to Oracle, has decided to publish details online without notifying the vendor."Read Replies (0)
By EditorDavid from Slashdot's aging-vs-artificial-brains department
Slashdot reader pgmrdlm quotes Science Daily: Timely diagnosis of Alzheimer's disease is extremely important, as treatments and interventions are more effective early in the course of the disease. However, early diagnosis has proven to be challenging. Research has linked the disease process to changes in metabolism, as shown by glucose uptake in certain regions of the brain, but these changes can be difficult to recognize... Researchers trained [a] deep learning algorithm on a special imaging technology known as 18-F-fluorodeoxyglucose positron emission tomography (FDG-PET). In an FDG-PET scan, FDG, a radioactive glucose compound, is injected into the blood. PET scans can then measure the uptake of FDG in brain cells, an indicator of metabolic activity. The researchers had access to data from the Alzheimer's Disease Neuroimaging Initiative (ADNI), a major multi-site study focused on clinical trials to improve prevention and treatment of this disease. The ADNI dataset included more than 2,100 FDG-PET brain images from 1,002 patients. Researchers trained the deep learning algorithm on 90 percent of the dataset and then tested it on the remaining 10 percent of the dataset. Through deep learning, the algorithm was able to teach itself metabolic patterns that corresponded to Alzheimer's disease. Finally, the researchers tested the algorithm on an independent set of 40 imaging exams from 40 patients that it had never studied. The algorithm achieved 100 percent sensitivity at detecting the disease an average of more than six years prior to the final diagnosis. "We were very pleased with the algorithm's performance," Dr. Sohn said. "It was able to predict every single case that advanced to Alzheimer's diseaseRead Replies (0)
By EditorDavid from Slashdot's punchcard-interfaces department
"Think your vintage computer hardware is old?" writes long-time Slashdot reader corrosive_nf. "Ken Shirriff, Robert Garne, and their associates probably have you beat.
"The IBM 1401 was introduced in 1959, and these guys are keeping one alive in a computer museum... [T]he volunteers have to go digging through historical archives and do some detective work to figure out solutions to pretty much anything!"
Many things that we take for granted are done very differently in old computers. For instance, the IBM 1401 uses 6-bit characters, not bytes. It used decimal memory addressing, not binary. It's also interesting how much people could accomplish with limited resources, running a Fortran compiler on the 1401 with just 8K of memory. Finally, working on the 1401 has given them a deeper understanding of how computers really work. It's not a black box; you can see the individual transistors that are performing operations and each ferrite core that stores a bit.
"It's a way of keeping history alive," says one of the volunteers at Silicon Valley's Computer History museum. "For museum visitors, seeing the IBM 1401 in operation gives them a feeling for what computers were like in the 1960s, the full experience of punching data onto cards and then seeing and hearing the system processing cards....
"So far, things are breaking slowly enough that we can keep up, so it's more of a challenge than an annoyance."Read Replies (0)
By EditorDavid from Slashdot's free-as-in-freedom department
"We recently published a number of updates to our licensing materials," the Free Software Foundation announced Thursday, adding that "While we generally post individual announcements for these types of important changes, there were so many in such a short span that we needed to combine them all in one place."
We added the Commons Clause to our list of nonfree licenses. Not a stand-alone license in and of itself, it is meant to be added to an existing free license to prevent using the work commercially, rendering the work nonfree. It's particularly nasty given that the name, and the fact that it is attached to pre-existing free licenses, may make it seem as if the work is still free software.
If a previously existing project that was under a free license adds the Commons Clause, users should work to fork that program and continue using it under the free license. If it isn't worth forking, users should simply avoid the package. We are glad to see that in the case of Redis modules using the Commons Clause, people are stepping up to maintain free versions.
There's also a new addition to their GNU Licenses FAQ which explains what the GNU GPL says about translating code into another programming language. ("If the original program carries a free license, that license gives permission to translate it. How you can use and license the translated program is determined by that license. If the original program is licensed under certain versions of the GNU GPL, the translated program must be covered by the same versions of the GNU GPL...") And they've also clarified how to handle projects that combine code under multiple compatible licenses.
The FSF has also updated a document commenting on various licenses, clarifying that the Fraunhofer FDK AAC free software license "is incompatible with any version of the GNU GPL. It has a special danger in the form of a term expressly stating it does not grant you any patent licenses, with an enticement to buy some.
< article continued at Slashdot's free-as-in-freedom department
>Read Replies (0)
By EditorDavid from Slashdot's check-mates department
"It's the biggest chess event of the year as World Champion Magnus Carlsen will try to defend his title against the American challenger Fabiano Caruana," reports Chess.com -- which is webcasting game two right now (7 a.m. PST, 3 p.m. London/GMT).
After seven grueling hours and 115 moves on Friday, the first game of their 12-game competition ended in a draw -- though challenger Caruana acknowledged that "I was quite fortunate to end up with a draw... I was outplayed after the opening... I think I was clearly losing, for a long time I was losing."
This was not the most pleasant experience to defend this extremely long game with white. I think I was quite fortunate to end up with a draw... There was definitely a lot of nerves. It is a very different feeling playing the first game of a world championship match.... Normally with white you shouldn't be too happy with a draw, but considering my position I am very happy. I am relieved to have escaped."
Slate reports Caruana has spent $50,000 on chess coaching just in 2018 in hopes of claiming the 1 million euro prize. Ironically, the match's "ceremonial starter", actor Woody Harrelson, bungled Caruana's first move by knocking over his king -- and then by moving the wrong pawn. "Caruana was ready to accept the mistake and continue with the match before officials gave Harrelson a third chance and he finally moved the correct piece."
Defending champion Magnus Carlsen later admitted that "I couldn't quite find the knockout before the time trouble.... I tried to find a way to exchange in order to play for a win, but I couldn't find it. Then I just moved around hoping to force a blunder, but I didn't succeed."Read Replies (0)
By BeauHD from Slashdot's sharing-is-caring department
An anonymous reader quotes a report from Motherboard: This week, U.S. Cyber Command (CYBERCOM), a part of the military tasked with hacking and cybersecurity focused missions, started publicly releasing unclassified samples of adversaries' malware it has discovered. CYBERCOM says the move is to improve information sharing among the cybersecurity community, but in some ways it could be seen as a signal to those who hack U.S. systems: we may release your tools to the wider world. On Friday, CYBERCOM uploaded multiple files to VirusTotal, a Google-owned search engine and repository for malware. Once uploaded, VirusTotal users can download the malware, see which anti-virus or cybersecurity products likely detect it, and see links to other pieces of malicious code.
One of the two samples CYBERCOM distributed on Friday is marked as coming from APT28, a Russian government-linked hacking group, by several different cybersecurity firms, according to VirusTotal. Those include Kaspersky Lab, Symantec, and Crowdstrike, among others. APT28 is also known as Sofacy and Fancy Bear. The malware itself does not appear to still be active.Read Replies (0)
By BeauHD from Slashdot's what's-inside department
iFixit has released their teardown of the new Mac mini, providing a look inside the portable desktop computer. Some of the notable findings include user-upgradable RAM and soldered CPU and SSD. Mac Rumors reports: While the RAM in the previous-gen Mac mini from 2014 was soldered to the logic board, the new Mac mini has user-upgradeable RAM, as discovered earlier this week. As seen in older iMacs, the RAM is protected by a perforated shield that allows the memory modules to operate at a high frequency of 2666 MHz without interfering with other device functions, according to iFixit. To upgrade the RAM, the shield can be removed by unfastening four Torx screws.
Other silicon on the logic board of this particular Mac mini includes the Apple T2 security chip, a 3.6GHz quad-core Intel Core i3 processor, Intel UHD Graphics 630, 128GB of flash storage from Toshiba, an Intel JHL7540 Thunderbolt 3 controller, and a Gigabit Ethernet controller from Broadcom. Despite the good news about the RAM, the CPU and SSD are soldered to the logic board, as are many ports, so this isn't a truly modular Mac mini. iFixit awarded the new Mac mini a repairability score of 6/10, with 10 being the easiest to repair, topping the latest MacBook Air, MacBook, MacBook Pro, iMac, and iMac Pro, and trailing only the 2013 Mac Pro.Read Replies (0)
By BeauHD from Slashdot's family-feud department
An anonymous reader quotes a report from Bloomberg: Amazon.com Inc. has taken another step toward eliminating software from Oracle Corp. that has long helped the e-commerce giant run its retail business. An executive with Amazon's cloud-computing unit hit back at Oracle Executive Chairman Larry Ellison, who ridiculed the internet giant as recently as last month for relying on Oracle databases to track transactions and store information, even though Amazon sells competing software, including Redshift, Aurora and DynamoDB. Amazon's effort to end its use of Oracle's products has made new progress, Andy Jassy, the chief executive officer of Amazon Web Services, tweeted Friday. "In latest episode of 'uh huh, keep talkin' Larry,' Amazon's Consumer business turned off its Oracle data warehouse Nov. 1 and moved to Redshift," Jassy wrote. By the end of 2018, Amazon will stop using 88 percent of its Oracle databases, including 97 percent of its mission-critical databases, he added.Read Replies (0)
By BeauHD from Slashdot's hide-and-seek department
According to federal contracting documents, the U.S. Drug Enforcement Administration (DEA) and Immigration and Customs Enforcement (ICE) have hidden an undisclosed number of covert surveillance cameras inside streetlights around the country. Quartz reports: According to government procurement data, the DEA has paid a Houston, Texas company called Cowboy Streetlight Concealments LLC roughly $22,000 since June 2018 for "video recording and reproducing equipment." ICE paid out about $28,000 to Cowboy Streetlight Concealments over the same period of time. It's unclear where the DEA and ICE streetlight cameras have been installed, or where the next deployments will take place. ICE offices in Dallas, Houston, and San Antonio have provided funding for recent acquisitions from Cowboy Streetlight Concealments; the DEA's most recent purchases were funded by the agency's Office of Investigative Technology, which is located in Lorton, Virginia. "We do streetlight concealments and camera enclosures," Christie Crawford, who owns Cowboy Streetlight Concealments with her husband, told Quartz. "Basically, there's businesses out there that will build concealments for the government and that's what we do. They specify what's best for them, and we make it. And that's about all I can probably say."Read Replies (0)
By BeauHD from Slashdot's winners-and-losers department
dmoberhaus writes: Perceptual ad blockers were supposed to be the "superweapon" that put an end to the arms race between advertisers and users. According to new research, however, perceptual ad blockers will come out on the losing side in the war against internet advertisers and expose users to a host of new attack vectors in the process. Researchers at Stanford tricked six different visual classifiers used in perceptual ad blockers with adversarial ads designed to trick the ad blockers by making nearly imperceptible changes to the ads. "The researchers tried several different adversarial attacks on the perceptual ad blockers' visual classifiers," Motherboard reports. "One attack, for example, slightly altered the AdChoices logo that is commonly used to disclose advertisements to fool the perceptual ad blocker. In another attack, the researchers demonstrated how website publishers could overlay a transparent mask over a website that would allow ads to evade perceptual ad blockers."
"The aim of our work is not to downplay the merits of ad-blocking, nor discredit the perceptual ad blocking philosophy, which is sound when instantiated with a robust visual ad detector," the researchers concluded. "Rather, our overarching goal is to highlight and raise awareness on the vulnerabilities that arise in building ad blockers with current computer vision systems."Read Replies (0)