By EditorDavid from Slashdot's shades-of-Icarus department
An anonymous reader quotes the Los Angeles Times:
An airline worker stole an empty Alaska Airlines plane from Seattle-Tacoma International Airport in Washington on Friday night, and the National Guard scrambled two fighter jets to chase the aircraft, which crashed on a sparsely populated island in Puget Sound, officials said. No passengers were aboard the 76-seat Horizon Air Q400 turboprop plane, which was stolen by a 29-year-old Horizon Air ground service agent from Pierce County, according to airline and law enforcement officials.... The man was described as suicidal, and it appeared impossible that he could have survived the crash....
The plane made an unauthorized takeoff from the airport around 8 p.m. and crashed on Ketron Island, about five miles southwest of Tacoma, after the renegade pilot bantered erratically with air-traffic controllers who pleaded with him to land the plane, according to officials and dispatch audio. "This is probably jail time for life, huh?" said the man, identified on the radio as Rich, according to dispatch audio reviewed by the Seattle Times.... At another point, the employee said: "I'm gonna land it, in a safe kind of manner. I think I'm gonna try to do a barrel roll, and if that goes good, I'm just gonna nose down and call it a night...."
"Oh, my God! Oh, my God! He's OK? He's OK," one woman said in a video posted on Facebook, which showed at least one military jet in pursuit. Itâ(TM)s not clear how long afterward the plane crashed.Read Replies (0)
By EditorDavid from Slashdot's slow-processes department
An anonymous reader quotes InsideHPC:
Today Julia Computing announced the Julia 1.0 programming language release, "the most important Julia milestone since Julia was introduced in February 2012." As the first complete, reliable, stable and forward-compatible Julia release, version 1.0 is the fastest, simplest and most productive open-source programming language for scientific, numeric and mathematical computing. "With today's Julia 1.0 release, Julia now provides the language stability that commercial customers require together with the unique combination of lightning speed and high productivity that gives Julia its competitive advantage compared with Python, R, C++ and Java."
The Register reports:
Created by Jeff Bezanson, Stefan Karpinski, Viral Shah, and Alan Edelman, the language was designed to excel at data science, machine learning, and scientific computing.... Six years ago, Julia's creators framed their goals thus:
"We want a language that's open source, with a liberal license. We want the speed of C with the dynamism of Ruby. We want a language that's homoiconic, with true macros like Lisp, but with obvious, familiar mathematical notation like Matlab. We want something as usable for general programming as Python, as easy for statistics as R, as natural for string processing as Perl, as powerful for linear algebra as Matlab, as good at gluing programs together as the shell. Something that is dirt simple to learn, yet keeps the most serious hackers happy. We want it interactive and we want it compiled...."
In a julialang.org post announcing the milestone, the minders of the language claim to have achieved some of their goals.Read Replies (0)
By EditorDavid from Slashdot's look-what-I-found department
"Some x86 CPUs have hidden backdoors that let you seize root by sending a command to an undocumented RISC core that manages the main CPU," Tom's Hardware reports, citing a presentation by security researcher Christopher Domas at the Black Hat Briefings conference in Las Vegas.
The command -- ".byte 0x0f, 0x3f" in Linux -- "isn't supposed to exist, doesn't have a name, and gives you root right away," Domas said, adding that he calls it "God Mode." The backdoor completely breaks the protection-ring model of operating-system security, in which the OS kernel runs in ring 0, device drivers run in rings 1 and 2, and user applications and interfaces ("userland") run in ring 3, furthest from the kernel and with the least privileges. To put it simply, Domas' God Mode takes you from the outermost to the innermost ring in four bytes. "We have direct ring 3 to ring 0 hardware privilege escalation," Domas said. "This has never been done.... It's a secret, co-located core buried alongside the x86 chip. It has unrestricted access to the x86."
The good news is that, as far as Domas knows, this backdoor exists only on VIA C3 Nehemiah chips made in 2003 and used in embedded systems and thin clients. The bad news is that it's entirely possible that such hidden backdoors exist on many other chipsets. "These black boxes that we're trusting are things that we have no way to look into," he said. "These backdoors probably exist elsewhere." Domas discovered the backdoor, which exists on VIA C3 Nehemiah chips made in 2003, by combing through filed patents.
"Some of the VIA C3 x86 processors have God Mode enabled by default," Domas adds. "You can reach it from userland. Antivirus software, ASLR and all the other security mitigations are useless."Read Replies (0)
By EditorDavid from Slashdot's beating-the-cheaters department
Recently the Palm Beach Post noted that 20% of the academic credit awarded at Florida Atlantic University is for online courses. So how can they stop cheaters?
Where once it was enough for a professor to roam the aisles of a classroom, checking for cheat sheets and keeping an eye out for students signaling one another, proctoring today's tests often requires web cams and biometric IDs. A field of more than a dozen test-proctoring services has emerged in the past decade. Typically, the company gets some sort of visual on the test taker via a web cam and then asks the student to show the camera his or her ID. Other security layers can include software that recognizes faces or even keystroking patterns.
The next step is to monitor the student during the test. In the online proctoring world, that is done in one of three ways:
* A remote but live proctor who watches in real time.
* A record-and-review method in which a proctor watches the testing session, but not in real time.
* An automated system, in which the software is programmed to spot abnormalities and flag them.
Honorlock -- one of the record-and-review outfits -- expected to proctor roughly 100,000 tests in the 2017-2018 school year, and promises schools that their solution also searches the web for copies of the test and automatically files takedown notices for any leaked copies, according to a link shared by Slashdot reader Presto Vivace. Besides filming students during tests, it also includes patented technology that "detects and prevents searching for test answers online from any secondary device." And it even verifies the identity of test takers using "any government issued" i.d. (like a driver's license or passport) or student ID which includes a photo.
< article continued at Slashdot's beating-the-cheaters department
>Read Replies (0)
By BeauHD from Slashdot's back-to-the-drawing-board department
An anonymous reader quotes a report from Phys.Org: In recent years, some physicists have been investigating the possibility that gravity is not actually a fundamental force, but rather an emergent phenomenon that arises from the collective motion of small bits of information encoded on spacetime surfaces called holographic screens. The theory, called emergent gravity, hinges on the existence of a close connection between gravity and thermodynamics. Emergent gravity has received its share of criticism, however, and a new paper adds to this by showing that the holographic screen surfaces described by the theory do not actually behave thermodynamically, undermining a key assumption of the theory.
In the new paper, the scientists tested whether different kinds of surfaces obey an analogue of the first law of thermodynamics, which is a special form of energy conservation. Their results reveal that, while surfaces near black holes (called stretched horizons) do obey the first law, ordinary surfaces -- including holographic screens -- generally do not. The only exception is that ordinary surfaces that are spherically symmetric do obey the first law. As the scientists explain, the finding that stretched horizons obey the first law is not surprising, since these surfaces inherit much of their behavior from the nearby horizons. Still, the scientists caution that the results do not necessarily imply that stretched horizons obey all of the laws of thermodynamics. On the other hand, the finding that ordinary surfaces do not obey the first law is more unexpected, especially as it is one of the key assumptions of emergent gravity. Going forward, researchers will work to understand what this means for the future of emergent gravity, as well as explore other possible implications.Read Replies (0)
By BeauHD from Slashdot's space-meetup department
Zorro shares a report from Space.com: The Japanese spacecraft Hayabusa2 has successfully rendezvoused with Ryugu, beginning an 18-month stay at the diamond-shaped asteroid. Launched by the Japan Aerospace Exploration Agency, JAXA, in 2014, the probe will poke, prod and even impact the asteroid, deploying a small lander and three rovers. It will then blast an artificial crater to analyze material below the asteroid's surface. After that, the probe will head back to Earth, arriving near the end of 2020 with samples in tow. Hayabusa2 automatically fired its thrusters this morning (June 27) at 9:35 a.m. local Japanese time (8:45 p.m. on June 26 EDT, or 1245 GMT), bringing the probe within a constant 12 miles (20 kilometers) of the asteroid, according to a statement from JAXA. The Hayabusa2 team will have to select the best place for the probe's lander and rovers based on the space rock's spinning-top-like shape and its rotation; the 3,000-foot-wide (900 meters) asteroid rotates perpendicular to its orbit, completing a full rotation every 7.5 hours.Read Replies (0)
By BeauHD from Slashdot's journey-to-the-sun department
In the early hours of Saturday morning, NASA is scheduled to launch the Parker Solar Probe for a seven-year mission to study the sun and its atmosphere. The spacecraft will take off from NASA's Kennedy Space Center in Florida, traveling up to 430,000 miles per hour towards the star -- that will make it the fastest spacecraft ever. Assuming you're reading this story around the time it's published, you still have time to watch the launch via NASA's livestream. The launch window for the Parker Solar Probe opens at 3:33 a.m. ET Saturday, but the exact launch time is unknown. The New York Times has published a story about Eugene N. Parker, the professor that the spacecraft was named after. It is the first time that NASA has named a mission for a living person. Here's an excerpt from the report: In a foundational paper published in The Astrophysical Journal, Dr. Parker described how charged particles streamed continuously from the sun, like the flow of water spreading outward from a circular fountain. Almost no one believed him. [...] Four years later, Dr. Parker was vindicated when Mariner 2, a NASA spacecraft en route to Venus, measured energetic particles streaming through interplanetary space -- exactly what Dr. Parker had predicted. Scientists now call that stream of particles the solar wind.Read Replies (0)
By BeauHD from Slashdot's policy-changes department
Yesterday, Facebook said it's banning websites that host and share blueprints of 3D-printed guns. "Sharing instructions on how to print firearms using 3D printers is not allowed under our Community Standards," said a spokesperson in an email statement. "In line with our policies, we are removing this content from Facebook." BuzzFeed was first to report the news: The move comes amid a rush by states to block these instructions from being posted. A July settlement between the State Department and Defense Distributed, an open-source organization that created the first completely 3D-printed gun, cleared the way for the group to publish the gun code. However, that was stalled when a federal judge on July 31 granted a temporary nationwide injunction that prevented Defense Distributed from uploading the plans. The injunction prevents Defense Distributed from publishing the plans. But the instructions are widely available online, on sites such as CodeIsFreeSpeech.com -- which hosts plans for parts of an AR-15, a Beretta, and Defense Distributed's Liberator. Attempts to post the site on a user's News Feed, through Facebook's Messenger app, or on Instagram (which Facebook owns) produce a variety of error messages. Other sites that host the files can still be posted through Facebook. Specifically, Facebook says that 3D-printed guns violate the regulated goods section of the social giant's community standards, which limits gun sales and exchanges to licensed dealers.Read Replies (0)
By BeauHD from Slashdot's gone-with-the-wind department
Google has removed the open-source Ahoy! extension from the Chrome store with little explanation. The tool facilitated access to more than 1,700 blocked sites in Portugal by routing traffic through its own proxies. TorrentFreak reports: After servicing 100,000 users last December, Ahoy! grew to almost 185,000 users this year. However, progress and indeed the project itself is now under threat after arbitrary action by Google. "Google decided to remove us from Chrome's Web Store without any justification," team member Henrique Mouta informs TF. "We always make sure our code is high quality, secure and 100% free (as in beer and as in freedom). All the source code is open source. And we're pretty sure we never broke any of the Google's marketplace rules."
Henrique says he's tried to reach out to Google but finding someone to help has proven impossible. Even re-submitting Ahoy! to Google from scratch hasn't helped the situation. "I tried and resubmitted the plugin but it was refused after a few hours and without any justification," Henrique says. "Google never reached us or notified us about the removal from Chrome Web Store. We never got a single email justifying what happened, why have we been removed from the store, or/and what are we breaching and how can we fix it." TorrentFreak reached out to Google asking why this anti-censorship tool has been removed from its Chrome store. Despite multiple requests, the search giant failed to respond to us or the Ahoy! team. Thankfully, the Ahoy! extension is still available on Firefox.Read Replies (0)
By BeauHD from Slashdot's let's-make-a-deal department
An anonymous reader quotes a report from Bloomberg: Qualcomm, the smartphone chipmaker fighting regulatory actions and lawsuits threatening its most profitable business, has reached a settlement with Taiwan's antitrust regulators that reverses most of a $773 million fine. As part of an agreement announced Friday by the Fair Trade Commission, the company will invest $700 million over the next five years and boost research activities in Taiwan, home to a clutch of important suppliers to global names such as Apple. In return, Qualcomm can stop paying fines and retains the right to charge manufacturers royalties on its technology. The commission said Friday it will keep NT$2.73 billion ($89 million) in fines that Qualcomm's already paid but waive the rest.
In an October decision, Taiwan's antitrust agency said Qualcomm had monopoly market status over key mobile phone standards and was violating local laws by not providing products to clients who didn't agree with its conditions. Besides the fine, the Fair Trade Commission told Qualcomm at the time to remove previously signed deals that forced competitors to provide price, customer names, shipment, model name and other sensitive information. Qualcomm appealed the decision. The company agreed to ensure fair negotiations with local licensees, and will support research and commercial projects in Taiwan, including collaborating on the development of fifth-generation wireless, Qualcomm said in a separate statement Friday.Read Replies (0)
By BeauHD from Slashdot's public-service-announcement department
New submitter rokahasch writes: Starting today, August 10th, most users of the Dropbox desktop app on Linux have been receiving notifications that their Dropbox will stop syncing starting November. Over at the Dropbox forums, Dropbox have declared that the only Linux filesystem supported for storage of the Dropbox sync folder starting the 7th of November will be on a clean ext4 file system. This basically means Dropbox drops Linux support completely, as almost all Linux distributions have other file systems as their standard installation defaults nowadays
-- not to mention encryption running on top of even an ext4 file system, which won't qualify as a clean ext4 file system for Dropbox (such as eCryptfs which is the default in, for example, Ubuntu for encrypted home folders). The thread is trending heavily on Dropbox' forums with the forum's most views since the thread started earlier today. The cries from a large amount of Linux users have so far remained unanswered from Dropbox, with most users finding the explanation given for this change unconvincing. The explanation given so far is that Dropbox requires a file system with support for Extended attributes/Xattrs. Extended attributes however are supported by all major Linux/Posix complaint file systems. Dropbox has, up until today, supported Linux platforms since their services began back in 2007. A number of users have taken to Twitter to protest the move. Twitter user troyvoy88 tweets: "Well, you just let the shitstorm loose @Dropbox dropping support for some linux FS like XFS and BTRFS. No way in hell im going to reformat my @fedora #development station and removing encryption no way!" Another user by the name of daltux wrote: "It will be time to say goodbye then, @Dropbox. I won't store any personal files on an unencrypted partition."Read Replies (0)
By msmash from Slashdot's problem-persists department
Security meltdowns on your smartphone are often self-inflicted: You clicked the wrong link, or installed the wrong app. But for millions of Android devices, the vulnerabilities have been baked in ahead of time, deep in the firmware, just waiting to be exploited. Who put them there? Some combination of the manufacturer that made it, and the carrier that sold it to you. From a report: That's the key finding of new analysis from mobile security firm Kryptowire, which details troubling bugs preloaded into 10 devices sold across the major US carriers. Kryptowire CEO Angelos Stavrou and director of research Ryan Johnson will present their research, funded by the Department of Homeland Security, at the Black Hat security conference Friday. The potential outcomes of the vulnerabilities range in severity, from being able to lock someone out of their device to gaining surreptitious access to its microphone and other functions. They all share one common trait, though: They didn't have to be there. [...] "The problem is not going to go away, because a lot of the people in the supply chain want to be able to add their own applications, customize, add their own code. That increases the attack surface, and increases the probability of software error," Stavrou says. "They're exposing the end user to exploits that the end user is not able to respond to."Read Replies (0)
The Pirate Bay Turns 15
Posted by News Fetcher on August 10 '18 at 12:10 PM
By msmash from Slashdot's how-about-that department
Sometime about 15 years ago, a group of hackers and activists launched The Pirate Bay, a notorious torrent search engine. TorrentFreak: While the exact launch date is a bit of a mystery, even to the site's founders, August 10 was previously chosen as its anniversary. What we do know is that the site was brought online in 2003 by now-disbanded pro-culture organization Piratbyran, which is Swedish for Bureau of Piracy. The group was formed by political activists and hackers in the same year, many of whom had already launched other web projects challenging political, moral, and power structures. One of the group's unwritten goals was to offer a counterweight to the propaganda being spread by local anti-piracy outfit Antpiratbyran. With BitTorrent as the up-and-coming file-sharing technology, they saw fit to start their own file-sharing site to promote sharing of information. The Pirate Bay first came online in Mexico where Gottfrid Svartholm, aka Anakata, hosted the site on a server owned by the company he was working for at the time. After a few months, the site moved to Sweden where it was hosted on a Pentium III 1GHz laptop with 256MB RAM.Read Replies (0)
By msmash from Slashdot's gauging-the-situation department
"The damage that removing ROMs from the internet could do to video games as a whole is catastrophic." From a report: In July, Nintendo sued two popular ROM sites, LoveROMS and LoveRetro.co, for what it called "brazen and mass-scale infringement of Nintendo's intellectual property rights." Both sites have since shut down. On Wednesday, another big, 18-year-old ROM site, EmuParadise, said it would no longer be able to allow people to download old games due to "potentially disastrous consequences." Nintendo owns the intellectual property for its games, and when people pirate them instead of buying a Nintendo Super NES Classic Edition or a downloading a copy from one of its digital storefronts, it can argue it's losing money. According to Nintendo's official site, ROMs and video game emulation also represent "the greatest threat to date to the intellectual property rights of video game developers," and "have the potential to significantly damage" tens of thousands of jobs. Even when a Nintendo game isn't for sale, it's still the company's intellectual property, and it can enforce its copyright if it wants. But the damage that removing ROMs from the internet could do to video games as a whole is catastrophic. Many game developers and people who have otherwise made video games a major part of their lives, especially those who grew up in low-income households or outside a Western country, wouldn't have been inspired to take that path if it wasn't for ROMs. Entire chapters of video game history would be lost if ROMs and emulation didn't preserve games where publishers failed to. And perhaps most importantly, denying people access to ROMs makes the process of educating them in game development much more difficult, potentially hobbling future generations of video game makers.Read Replies (0)
By msmash from Slashdot's tussle-continues department
Tech companies such as Amazon, Facebook, Google, and Microsoft have faced growing internal unrest from employees who raise ethical concerns about how the companies deploy their high-tech services and products. That chorus of dissent is now growing louder as outside engineers voice their concerns to recruiters working for those tech companies. An anonymous reader shares a report: The protests of tech workers have proven persuasive because Silicon Valley firms compete fiercely to recruit and retain relatively scarce engineering talent. For example, Google's leadership sought to reassure employees by declaring it would not renew its Pentagon contract and by issuing a set of ethical principles for future uses of Google-developed technologies. By the same logic, engineers who are approached by tech recruiters also have leverage. "I might be a one-off example, but it could be different if Amazon gets a lot of people emailing them saying, 'Hey I won't work for you because of this,'" Geiduschek, a software engineer at Dropbox, who declined a job offer from Amazon, says. Jackie Luo, a software engineer at Square, took a similar stance with a tech recruiter who sought to interest her in a career with Google. The recruiter happened to contact Luo when she was reading about Google's plans to re-enter the Chinese market with a censored version of the company's Internet search engine. [...] Individual engineers such as Luo and Geiduschek seem to be responding to tech recruiters through their own initiative rather than as part of any larger movement. Meanwhile, some tech employees have joined organized efforts, such as the #TechWontBuildIt movement spearheaded by the labor advocacy group Tech Workers Coalition.Read Replies (0)