By msmash from Slashdot's in-a-galaxy-far-far-away department
In the last decade, we have discovered thousands of planets outside our solar system and have learned that rocky, temperate worlds are numerous in our galaxy. The next step will involve asking even bigger questions. Could some of these planets host life? And if so, asks NASA, will we be able to recognize life elsewhere if we see it? From a blog post on NASA's website: A group of leading researchers in astronomy, biology and geology has come together under NASA's Nexus for Exoplanet System Science, or NExSS, to take stock of our knowledge in the search for life on distant planets and to lay the groundwork for moving the related sciences forward. "We're moving from theorizing about life elsewhere in our galaxy to a robust science that will eventually give us the answer we seek to that profound question: Are we alone?" said Martin Still, an exoplanet scientist at NASA Headquarters, Washington. In a set of five review papers published last week in the scientific journal Astrobiology, NExSS scientists took an inventory of the most promising signs of life, called biosignatures. The paper authors include four scientists from NASA's Jet Propulsion Laboratory in Pasadena, California. They considered how to interpret the presence of biosignatures, should we detect them on distant worlds. A primary concern is ensuring the science is strong enough to distinguish a living world from a barren planet masquerading as one.Read Replies (0)
By msmash from Slashdot's pushing-the-limits department
Last January in northern Sweden, a German-led team of physicists loaded a curious machine onto an unmanned rocket. The payload, about as tall as a single-story apartment, was essentially a custom-made freezer -- a vacuum chamber, with a small chip and lasers within, that could cool single atoms near absolute zero. It may sound like a bizarre experiment, but it is something physicists have been aching to do for years. They launched the rocket about 90 miles past the atmosphere's boundary of outer space, monitoring a livestream from a heated building nearby. Then, just 17 minutes later, they watched as the freezer plummeted back down to Earth, landing via parachute on snowy ground 40 miles from the launch site. Wired elaborates: See, the freezer that the Germans launched has the ability to make atoms clump together in a cloud-like blob called a Bose-Einstein condensate -- a phase of matter that exhibits some truly bizarre properties. It's delicate enough to respond to tiny fluctuations in gravity and electromagnetic fields, which means it could someday make for a super-precise sensor in space. But down on Earth, it tends to collapse in a matter of milliseconds because of gravity. So the blobs had to go to space. Since the late '90s, physicists have been developing machines that can autonomously assemble and control the blobs during spaceflight. With this rocket launch, they've succeeded. The group in Germany, led by physicist Ernst Rasel of University of Hannover, just released pictures of blobs they managed to create [PDF], as well as precise measurements of how they jiggled during their brief trip. "They've essentially laid the groundwork to show that you can actually do this, and it's not totally insane," says physicist Nathan Lundblad of Bates College.Read Replies (0)
By msmash from Slashdot's catch-me-if-you-can department
There are cyberheists, and then there's Carbanak, a cybercriminal gang that has stolen about $1.2 billion from more than 100 banks in 40 nations. The suspected 34-year-old ringleader is under arrest, but the whopping $1.2 billion amount remains missing. And to add insult to the injury, the malware attacks live on. Bloomberg Businessweek has an insightful story on this, which includes comments from none other than Europol itself, on the chase to catch Carabanak which has lasted for three years. Some excerpts from the story: Before WannaCry, before the Sony Pictures hack, and before the breaches that opened up Equifax and Yahoo!, there was a nasty bit of malware known as Carbanak. Unlike those spectacular attacks, this malware wasn't created by people interested in paralyzing institutions for ransom, publishing embarrassing emails, or taking personal data. The Carbanak guys just wanted loot, and lots of it. Since late 2013, this band of cybercriminals has penetrated the digital inner sanctums of more than 100 banks in 40 nations, including Germany, Russia, Ukraine, and the U.S., and stolen about $1.2 billion, according to Europol, the European Union's law enforcement agency. The string of thefts, collectively dubbed Carbanak -- a mashup of a hacking program and the word "bank" -- is believed to be the biggest digital bank heist ever. In a series of exclusive interviews with Bloomberg Businessweek, law enforcement officials and computer-crime experts provided revelations about their three-year pursuit of the gang and the mechanics of a caper that's become the stuff of legend in the digital underworld. Besides forcing ATMs to cough up money, the thieves inflated account balances and shuttled millions of dollars around the globe. Deploying the same espionage methods used by intelligence agencies, they appropriated the identities of network administrators and executives and plumbed files for sensitive information about security and account management practices. The gang operated through remotely accessed computers and hid their tracks in a sea of internet addresses.Read Replies (0)
By msmash from Slashdot's it's-here department
On Tuesday, Mozilla released Firefox 61, the newest version of its web browser for Windows, Mac, Linux, and Android platforms. The release builds on Firefox Quantum, which the company calls "by far the biggest update since Firefox 1.0 in 2004." VentureBeat: Version 61 brings TLS 1.3, the ability to add custom search engines to the location bar, tab warming, retained display lists, WebExtension tab management, and the Accessibility Tools Inspector. Mozilla doesn't break out the exact numbers for Firefox, though the company does say "half a billion people around the world" use the browser. In other words, it's a major platform that web developers have to consider.Read Replies (0)
By msmash from Slashdot's mixed-feelings department
AOL discontinued AIM, its 20-year-old iconic instant messaging service, last December, months after cutting third-party access to it. Now Motherboard reports a a small team of developers has resurrected it with a private server. From the report: The new chat service is called AIM Phoenix, and it works by running the messages through a private Dynamic DNS run by Wildman Productions, a non-profit group of hobbyist programers. This isn't a new AIM client, it literally uses the old software running on a new server, so it looks and feels exactly like AIM. It's simple to set up. First, you download an old version of AIM from the AIM Phoenix website, register for a new username, tweak the settings to reroute through Wildman Productions' server, and then open yourself up the nostalgic glory of Web 2.0. The old versions of AIM are touchy on new machines and I had to play with a few different versions before I got 5.0 working on my Windows 10 machine.Read Replies (0)
By msmash from Slashdot's closer-look department
An anonymous reader writes: A survey conducted among the tech workers, including many employees of Silicon Valley's elite tech companies, has revealed that over 57% of respondents are suffering from job burnout. The survey was carried out by the makers of an app that allows employees to review workplaces and have anonymous conversations at work, behind their employers' backs. Over 11K employees answered one question -- if they suffer from job burnout, and 57.16% said "Yes." The company with the highest employee burnout rate was Credit Karma, with a whopping 70.73%, followed by Twitch (68.75%), Nvidia (65.38%), Expedia (65.00%), and Oath (63.03% -- Oath being the former Yahoo company Verizon bought in July 2017). On the other end of the spectrum, Netflix ranked with the lowest burnout rate of only 38.89%, followed by PayPal (41.82%), Twitter (43.90%), Facebook (48.97%), and Uber (49.52%).Read Replies (0)
By BeauHD from Slashdot's heads-up department
An anonymous reader quotes a report from Bleeping Computer: Security researchers have found, on average, five security flaws in each cryptocurrency ICO held last year. Only one ICO held in 2017 did not contain any critical flaws. According to Positive.com, a security firm specialized in ICO security audits, most of the vulnerabilities they found, they discovered in the smart contracts at the base of the ICO itself.
"71% of tested projects contained vulnerabilities in smart contracts, the heart and soul of an ICO," the company said. "Once an ICO starts, the contract cannot be changed and is open to everyone, meaning anyone can view it and look for flaws. Typically, these would consist of non compliance with the ERC20 standard (the token interface for digital wallets and cryptocurrency exchanges), incorrect random number generation and incorrect scoping amongst others," Positive.com experts say. "Generally, these vulnerabilities occur due to lack of programmer expertise and insufficient source code testing." According to the researchers, all the mobile apps ICO organizers have launched in 2017 contained security flaws. "The most common flaws in mobile apps are the use of insecure data transfer methods, storage of user data in phone backups, and disclosure of session IDs that an attacker could capture and use against the user," reports Bleeping Computer. Security bugs were also found in the web apps.Read Replies (0)
By BeauHD from Slashdot's technical-difficulties department
The Russian-manufactured Proton rocket that has been traveling into space since before humans landed on the Moon will finally stop flying. "In an interview with a Russian publication, Roscosmos head Dmitry Rogozin said production of the Proton booster will cease as production shifts to the new Angara booster," reports Ars Technica. "No new Proton contracts are likely to be signed." From the report: First launched in 1965, the rocket was initially conceived of as a booster to fly two-person crews around the Moon, as the Soviet Union sought to beat NASA into deep space. Indeed, some of its earliest missions launched creatures, including two turtles, to the Moon and back.
The decision will bring down the curtain on one of the longest-used and most versatile rockets in world history. As the United States developed the space shuttle in the 1970s and began flying it in the 1980s, the Russian space agency saw the opportunity to commercialize the Proton rocket, and by the end of the 1990s, the booster became a major moneymaker for the Russian space industry. With a capacity of 22.8 tons to low-Earth orbit, it became a dominant player in the commercial market for heavier satellites. An increasing rate of failures, combined with the rise of SpaceX's cheaper Falcon 9 rockets, "have caused the number of Proton launches in a given year to dwindle from eight or so to just one or two," adds Ars. "This shrinking market has opened the door to the Angara rocket, which has the advantage of not using environmentally hazardous fuel for each of its stages..."Read Replies (0)
By BeauHD from Slashdot's privacy-matters department
Troy Hunt, web security expert and creator of the website Have I Been Pwned (HIBP), wrote a blog post announcing his partnerships with Firefox and 1Password. For those unfamiliar with the site, Have I Been Pwned allows you to search across multiple data breaches to see if your email address has been compromised. The service is especially handy now that data breaches are becoming a daily occurrence. Hunt writes: Last November, there was much press about Mozilla integrating HIBP into Firefox. I was a bit surprised at the time as it was nothing more than their Breach Alerts feature which simply highlighted if the site being visited had previously been in a data breach (it draws this from the freely accessible breach API on HIBP). But the press picked up on some signals which indicated that in the long term, we had bigger plans than that and the whole thing got a heap of very positive attention. I ended up fielding a heap of media calls just on that one little feature - people loved the idea of HIBP in Firefox, even in a very simple form. As it turns out, we had much bigger plans and that's what I'm sharing here today. Over the coming weeks, Mozilla will begin trialling integration between HIBP and Firefox to make breach data searchable via a new tool called "Firefox Monitor." Here's what Hunt has to say about 1Password: As of now, you can search HIBP from directly within 1Password via the Watchtower feature in the web version of the product. This helps Watchtower become "mission control" for accounts and introduces the "Breach Report" feature. If you're a 1Password user you can use this feature right now, just head on over to the 1Password login page.Read Replies (0)
By BeauHD from Slashdot's quality-of-data department
dcblogs writes: LinkedIn has developed a new analytics platform that should make it easier to poach job candidates. It will use its vast database of nearly 600 million profiles to help recruiters find pockets of talent, know the attrition rate and glean competitive data. The platform, due in September, was discussed at a recent HR conference. One attendee asked a LinkedIn official: "Does that set up an environment for poaching talent?" And then she immediately answered her own question. "I think the answer is yes. And so why would I sign off on that?" In response to the attendees' question, Eric Owski, the head of product for Talent Insights at LinkedIn, said there was nothing wrong with making this data available. The LinkedIn team concluded that "the world is becoming more transparent," and "very sophisticated teams at large companies were able to figure out a lot of the calculations that we're making available in this product," he said. "We think by packaging it up nicely, it levels the playing field," Owski said. "We feel like we're on safe ground."Read Replies (0)
By BeauHD from Slashdot's one-size-doesn't-fit-all department
Recompiling is unlikely to be a catch-all solution for a recently unveiled Intel CPU vulnerability known as TLBleed, the details of which were leaked on Friday, the head of the OpenBSD project Theo de Raadt says. iTWire reports: The details of TLBleed, which gets its name from the fact that the flaw targets the translation lookaside buffer, a CPU cache, were leaked to the British tech site, The Register; the side-channel vulnerability can be theoretically exploited to extract encryption keys and private information from programs. Former NSA hacker Jake Williams said on Twitter that a fix would probably need changes to the core operating system and were likely to involve "a ton of work to mitigate (mostly app recompile)." But de Raadt was not so sanguine. "There are people saying you can change the kernel's process scheduler," he told iTWire on Monday. "(It's) not so easy."
He said that Williams was lacking all the details and not thinking it through. "They actually have sufficient detail to think it through: the article says the TLB is shared between hyperthreading CPUs, and it is unsafe to share between two different contexts. Basically you can measure evictions against your own mappings, which indicates the other process is touching memory (you can determine the aliasing factors)." De Raadt said he was still not prepared to say more, saying: "Please wait for the paper [which is due in August]."Read Replies (0)
By BeauHD from Slashdot's always-listening department
According to a new report from Bloomberg's Mark Gurman and Debby Wu, Apple is "planning higher-end AirPods, a new HomePod and studio-quality over-ear headphones for as early as next year." From the report: The Cupertino, California-based company is working on new AirPods with noise-cancellation and water resistance, the people said. Apple is trying to increase the range that AirPods can work away from an iPhone or iPad, one of the people said. You won't be swimming in them though: The water resistance is mainly to protect against rain and perspiration, the people said. Slated for 2019, the earbuds will likely cost more than the existing $159 pair, and that could push Apple to segment the product line like it does with iPhones, one of the people said. Apple is also working on a wireless charging case that's compatible with the upcoming AirPower charger.
There are over-ear headphones coming from Apple, too. Those will compete with pricey models from Bose Corp. and Sennheiser. They will use Apple branding and be a higher-end alternative to the company's Beats line. Apple originally intended to introduce the headphones by the end of 2018, but has faced development challenges, and is now targeting a launch as early as next year, the people said. A previous Bloomberg report was plugged, teasing a new version of the current AirPods that will feature a new chip and support for hands-free Siri activation. They are reportedly launching later this year.Read Replies (0)