By BeauHD from Slashdot's patient-safety department
An anonymous reader quotes a report from Ars Technica: Life-saving pacemakers manufactured by Medtronic don't rely on encryption to safeguard firmware updates, a failing that makes it possible for hackers to remotely install malicious wares that threaten patients' lives, security researchers said Thursday. At the Black Hat security conference in Las Vegas, researchers Billy Rios and Jonathan Butts said they first alerted medical device maker Medtronic to the hacking vulnerabilities in January 2017. So far, they said, the proof-of-concept attacks they developed still work. The duo on Thursday demonstrated one hack that compromised a CareLink 2090 programmer, a device doctors use to control pacemakers after they're implanted in patients. Because updates for the programmer aren't delivered over an encrypted HTTPS connection and firmware isn't digitally signed, the researchers were able to force it to run malicious firmware that would be hard for most doctors to detect. From there, the researchers said, the compromised machine could cause implanted pacemakers to make life-threatening changes in therapies, such as increasing the number of shocks delivered to patients. Rios and Butts were also able to use a $200 HackRF software-defined radio to hack a Medtronic-made insulin pump and make it withhold a scheduled dose of insulin. Medtronic has released a page that lists all the security advisories they have issued on the pacemakers and insulin pumps.Read Replies (0)
By msmash from Slashdot's varying-opinions department
Even with all of its problems, AI is a step up from the notoriously biased recruiting process, a report argues. From the report: Artificial intelligence promises to make hiring an unbiased utopia. There's certainly plenty of room for improvement. Employee referrals, a process that tends to leave underrepresented groups out, still make up a bulk of companies' hires. Recruiters and hiring managers also bring their own biases to the process, studies have found, often choosing people with the "right-sounding" names and educational background. Across the pipeline, companies lack racial and gender diversity, with the ranks of underrepresented people thinning at the highest levels of the corporate ladder. "Identifying high-potential candidates is very subjective," said Alan Todd, CEO of CorpU, a technology platform for leadership development. "People pick who they like based on unconscious biases." AI advocates argue the technology can eliminate some of these biases. Instead of relying on people's feelings to make hiring decisions, companies such as Entelo and Stella.ai use machine learning to detect the skills needed for certain jobs. The AI then matches candidates who have those skills with open positions. The companies claim not only to find better candidates, but also to pinpoint those who may have previously gone unrecognized in the traditional process.Read Replies (0)
By msmash from Slashdot's never-gonna-give-you-up department
Blockchain euphoria is giving way to blockchain fatigue: Despite the hype, only 1% of executives in a survey reported deploying the technology at their firms. And while corporate management remains bullish about distributed ledgers, mentions of "blockchain" are on the decline during earnings conference calls. But IBM, which has roots going back more than 100 years, still thinks the technology that underpins bitcoin has untapped potential. From a report: Blockchain is a kind of tamper-proof database for keeping track of just about anything. IBM has around 1,600 employees working on such projects, and is leading other technology companies in terms of headcount and investment, according to Marie Wieck, general manager for IBM Blockchain. The Armonk, New York-based company thinks promising uses include supply chains and finance. And while the public's love affair with blockchain is showing signs of dissipating, Wieck still thinks the technology could be as transformative for businesses processes as the internet has been for personal ones.Read Replies (0)
By msmash from Slashdot's up,-up,-and-away department
A solar-powered aircraft from the European aerospace giant Airbus has completed a maiden flight lasting 25 days, 23 hours, and 57 minutes. In doing so, the production model unmanned solar-powered aircraft set the record for the longest flight ever made by any aircraft. From a report: Originally built by British defence company Qinetiq and now owned by Airbus, the Zephyr aircraft is designed to soar through the stratosphere for months at a time by drawing on the power of the sun. It is similar to Facebook's now defunct Aquila aircraft in this sense, and is hoped to one day provide satellite-like services with the flexibility of an unmanned drone. The latest version of the Zephyr weighs just 75 kg (165 lb), but is able to carry up to five times its own weight. Flying above weather and other air traffic at 70,000 ft (21,300 m), the aircraft can be controlled from the ground and has the potential to carry all kinds of payloads, be they to collect high-resolution imagery, provide voice communications or, as was the idea with Aquila, beam internet service to underserved areas. [...] It took off from Arizona on the 11th of July and has only now come down to Earth, a total of 25 days, 23 hours and 57 minutes later. This was the first outing for the production model Zephyr S, and the team is already setting its sights on its next voyage.Read Replies (0)
By msmash from Slashdot's tough-discussions department
Facing criticism from fellow scientists, the researcher behind the world's largest effort to edit human embryos with CRISPR is vowing to continue his efforts to develop what he calls "IVF gene therapy." MIT Technology Review: Shoukhrat Mitalipov, of Oregon Health Sciences University in Portland, drew global headlines last August when he reported successfully repairing a genetic mutation in dozens of human embryos, which were later destroyed as part of the experiment. The laboratory findings on early-stage embryos, he said, had brought the eventual birth of the first genetically modified humans "much closer" to reality. The breakthrough drew wide attention, including from critics who quickly pounced, calling it biologically implausible and potentially the result of careless errors and artifacts. Today, those critics are getting an unusual hearing in the journal Nature, which is publishing two critiques of the Oregon research as well as a lengthy reply from Mitalipov and 31 of his coworkers in South Korea, China, and the Salk Institute in La Jolla, California. The scientific sparring centers on CRISPR's well-known tendency to introduce unseen damage into a cell's DNA. [...] Mitalipov remains intent on proving that CRISPR can work safely on embryos. In an interview, Mitalipov said he believes it will take five to 10 years before the process is ready to attempt in an IVF center. The revolutionary medical technology being pursued is a way to adjust an embryo's DNA to remove disease risks. It is sometimes called germline gene editing because any DNA fixes a baby is born with would then be passed down to future generations through that person's germ cells, the egg or sperm. For its initial research, the Oregon team recruited women around Portland and paid them $5,000 each to undergo an egg retrieval. With those eggs the team created more than 160 embryos for CRISPR experiments. Mitalipov said his Oregon center continues to obtain eggs in an ongoing effort to confirm his results and extend them in new directions.Read Replies (0)
By msmash from Slashdot's security-woes department
Security flaws have been found in major city infrastructure such as flood defences, radiation detection and traffic monitoring systems.
A team of researchers found 17 vulnerabilities, eight of which it described as "critical." From a report: The researchers warned of so-called "panic attacks," where an attacker could manipulate emergency systems to create chaos in communities. The specific flaws uncovered by the team have been patched. "If someone, supervillain or not, were to abuse vulnerabilities like the ones we documented in smart city systems, the effects could range from inconvenient to catastrophic," wrote Daniel Crowley, from IBM's cyber research division, X-Force Red. "While no evidence exists that such attacks have taken place, we have found vulnerable systems in major cities in the US, Europe and elsewhere." The team plans to explain the vulnerabilities at Black Hat -- a cyber-security conference -- on Thursday.Read Replies (0)
By msmash from Slashdot's shape-of-things-to-come department
Vice President Mike Pence on Thursday laid out details for President Donald Trump's proposed new branch of the U.S. military responsible for protecting national security in outer space. From a report: In a speech at the Pentagon, Pence said the new Space Force would be established by 2020. "As President Trump has said, in his words, it is not enough to merely have an American presence in space -- we must have American dominance in space. And so we will," Pence said. "Space is, in his words, a war-fighting domain just like land and air and sea." He added, "History proves that peace only comes through strength, and in the realm of outer space, the United States Space Force will be that strength in the years ahead." The Space Force would ultimately become the sixth branch of the U.S. Armed Forces and would be equal to the other five, Pence said. The Department of Defense has prepared a report laying out the phases of creating the new branch, which will ultimately have to be reviewed and approved by Congress.Read Replies (0)
By msmash from Slashdot's fwiw department
The Galaxy Note 9 touts a slightly larger 6.4-inch end-to-end screen, a 4,000mAh battery that promises "all-day" use, and a minimum 128GB of storage -- there's also a 512GB version that, with 512GB microSD cards, can give you a full terabyte of space. It runs Android 8.1 Oreo -- not Android Pie, which Google and Essential rolled out to some of their devices earlier this month. Engadget: Samsung is also bringing over welcome improvements from the Galaxy S9 family, including stereo speakers and the variable aperture f/1.5-2.4 primary camera (there's a second camera on the back, of course). This year, though, the most conspicuous change revolves around the S Pen. This is Samsung's first S Pen to incorporate Bluetooth, and that lets you do a whole lot more than doodle on the screen. You can use it as a remote control for selfies and presentations, and Samsung is providing a toolkit to let app developers use the pen for their own purposes. And no, you don't need to load it with batteries or plug it into a charger -- it'll top up just by staying in your phone. The base model of the Note 9, featuring 128GB of storage and 6GB of RAM, is priced at $999. The other variant will set you back by $1,250. Preorders begin on August 10th, and the phone will be available on August 24th at all major carriers or direct (and unlocked) from Samsung. CNET writes about the camera sensors on the new handset: The Galaxy Note 9 keeps the same hardware setup as the Galaxy S9 Plus. That is, dual 12-megapixel cameras on the back, one of them that automatically changes aperture when it detects the need for a low-light shot. (Samsung calls this dual aperture, and it's also on both S9 phones.) There's also an 8-megapixel front-facing camera for your selfies. What's different is AI software that analyzes the scene and quickly detects if you're shooting a flower, food, a dog, a person. There are 20 options the Note 9's been trained on, including snowflakes, cityscapes, fire, you get it. Then, the camera optimizes white balance, saturation and contrast to make photos pop.Read Replies (0)
By msmash from Slashdot's cooool department
An anonymous reader shares a report: Amazon gets trashed on the international stage pretty often for its inhumane work conditions in its warehouses. However, it seems the Indian arm of the company is trying to do better, at least according to the latest announcement from Country Head Amit Agarwal. According to Business Standard, in an email to senior staff members this week, Agarwal has reportedly asked employees to leave themselves enough time to spend at home, and maintain a healthy "work-life harmony." He's told employees to stop taking calls and emails after hours, and specifically that, "No business decision should be made between 6 pm and 8 am." It's still unclear whether this decision comes from Agarwal or from the company's global leadership. Likely the latter, considering there's been no such chatter for US employees. It'll also be interesting to see how long this plan will hold, given the sheer size of the e-commerce portal. In the email, Agarwal also said that responding to emails while on vacation is "not cool."Read Replies (0)
By BeauHD from Slashdot's internet-shake-up department
According to a new study from market research firm SimilarWeb, Facebook may cede its runner-up position to YouTube in the next two to three months. Currently, the top five most-visited websites in the U.S. are Google, Facebook, YouTube, Yahoo and Amazon, in that order. However, Facebook's monthly page visits are declining rapidly, from 8.5 billion to 4.7 billion in the last two years, which could shake up that order. CNBC reports: YouTube, which is owned by Google parent Alphabet, has seen increased traffic, the study said. The app has also experienced in increase in viewership. Yahoo is also poised to lose its position in the ranking. Amazon has already surpassed Yahoo during big spending months, including December 2017 and July 2018, when the e-commerce giant held its annual Prime Day. The study projects that Amazon will take over Yahoo's ranking in the next two to three months. However, none of the bottom four of the top five comes close to Google. Although it has seen some decline in website traffic thanks to app use and voice search, it saw approximately 15 billion visits in July 2018, the study said. The others were all below 5 billion, according to the report.Read Replies (0)
By BeauHD from Slashdot's black-hole-sun department
In T-minus three days, NASA will launch a car-sized spacecraft to investigate our Sun's scorching hot atmosphere. "The vehicle is the Parker Solar Probe, and it's set to launch at 3:33AM ET on Saturday, August 11th, from Cape Canaveral, Florida. "It'll be riding on a Delta IV Heavy rocket made by the United Launch Alliance, which will send the probe zooming toward the inner Solar System," reports The Verge. "Just six weeks after launch, Parker will do a flyby of Venus to alter its route slightly, and then six weeks later, the vehicle will be in the corona. Over the course of seven years, Parker will do 24 orbits around the star, as well as six more Venus flybys so that it can get even closer to the Sun's surface over time." From the report: NASA has long wanted to send a vehicle to the Sun's atmosphere, but such a mission has been considered impossible until the last few decades. This region of space, known as the corona, is filled with tiny, energetic particles that can reach above 3 million degrees Fahrenheit. Any vehicle that ventures near this region must have sophisticated protection to keep from melting. But thanks to advancements in carbon manufacturing and other key areas of engineering, NASA has been able to create a vehicle with a state-of-the-art heat shield and other crucial cooling systems. The result: the spacecraft will stay at room temperature in some of the hottest places in the Solar System.
The Sun's corona is actually 300 times hotter than the surface of the Sun, and no one understands why. The region gets so hot that chunks of the corona actually accelerate and break away from the immense pull of the Sun at supersonic speeds. These so-called solar winds shoot highly energized particles out in all directions, which then slam into surrounding planets. Parker is tasked with investigating the mechanics of the breakaway effect and why the atmosphere is so much hotter than its source.Read Replies (0)
By BeauHD from Slashdot's if-there's-a-will-there's-a-way department
olsmeister writes: A security flaw in the Comcast Xfinity online portal exposed social security numbers and partial home addresses of more than 26.5 million subscribers, according to security researcher Ryan Stevenson. Comcast says the flaws have already been patched and that it currently has no reason to believe that the flaws were ever exploited. BuzzFeed reports of the two vulnerabilities: One of the flaws could be exploited by going to an "in-home authentication" page where customers can pay their bills without signing in. The portal asked customers to verify their account by choosing from one of four partial home addresses it suggested, if the device was (or seemed like it was) connected to the customer's home network. If a hacker obtained a customer's IP address and spoofed Comcast using an "X-forwarded-for" technique, they could repeatedly refresh this login page to reveal the customer's location. That's because each time the page refreshed, three addresses would change, while one address, the correct address, remained the same. Eventually, the page would show the first digit of the street number and first three letters of the correct street name, while asterisks hid the remaining characters. A hacker could then use IP lookup websites to determine the city, state, and postal code of the partial address.
< article continued at Slashdot's if-there's-a-will-there's-a-way department
>Read Replies (0)
By BeauHD from Slashdot's deserved-recognition department
An anonymous reader quotes a report from Popular Science: Plenty of prominent scientists have Wikipedia pages. But while checking to see if someone specific has a Wikipedia page is a quick Google search away, figuring out who should be on Wikipedia but isn't -- and then writing an entry for him or her -- is much trickier. For example, you may or may not have heard of Christina Economos. She doesn't have a Wikipedia page about her, although she's a professor at Tufts University and the New Balance Chair in childhood nutrition. But while she lacks a Wikipedia page, she does have a very short stub describing who she is professionally on a website made by a company called Primer. That little blurb, which could one day grow into a full-blown Wiki entry, was created by an AI system dubbed Quicksilver. The idea behind the project is to use AI as a jumping off point. Humans can use it to help them write Wikipedia pages for scientists who don't have them, but deserve to. For example, on Economos' Primer page, there's a link to an article from CBS Boston that mentions her -- a good potential source for a human Wikipedia editor who may want to write an entry for her.
Primer launched officially last year and uses AI to read information and generate reports; part of its focus is doing the kind of work an intelligence analyst might do. Artificial intelligence generally needs data to learn from, and so for this project, Primer used around 30,000 existing scientist Wikipedia pages to train their machine learning systems. Then they fed 200,000 names and related employment information into their AI system. Those names came from the listed authors of scientific papers focused on computer science and biomedical research provided to Primer from the Allen Institute for Artificial Intelligence. If you're curious to see a sample, you can head on over to this page, which has 100 examples of AI-generated Wikipedia blurbs.Read Replies (0)
By BeauHD from Slashdot's something-doesn't-add-up-here department
"In Chicago, it used to be claimed that even death couldn't stop a person from voting," writes Slashdot reader lunchlady55. "But in the Deep South, there are new reports of discrepancies in voter turnout with the approval of new electronic voting systems." Ars Technica reports: [I]f any state is a poster child for terrible election practices, it is surely Georgia. Bold claims demand bold evidence, and unfortunately there's plenty; on Monday, McClatchy reported a string of irregularities from the state's primary election in May, including one precinct with a 243-percent turnout.
McClatchy's data comes from a federal lawsuit filed against the state. In addition to the problem in Habersham County's Mud Creek precinct, where it appeared that 276 registered voters managed to cast 670 ballots, the piece describes numerous other issues with both voter registration and electronic voting machines. (In fact it was later corrected to show 3,704 registered voters in the precinct.) Multiple sworn statements from voters describe how they turned up at their polling stations only to be turned away or directed to other precincts. Even more statements allege incorrect ballots, frozen voting machines, and other issues. "George is one of four states in the U.S. that continues to use voting machines with no ability to provide voters a paper record so that they can verify the machine counted their vote correctly," the report adds.Read Replies (0)
By BeauHD from Slashdot's under-development department
Google is using search samples from a Beijing-based website it owns to make blacklists for the censored search engine it is developing for China. Google's website 265.com redirects to China's dominant search engine, Baidu, by default, "but Google can apparently see the queries that users are typing in," reports The Verge. From the report: Google engineers are reportedly sampling those search queries in order to develop a list of thousands of blocked websites it should hide on its upcoming search engine in China. Blacklisted results, which include topics like the Tiananmen Square massacre, will result in users seeing a blank page, The Intercept reports. On Baidu, if you search for something less specific, like Taiwan or Xinjiang, you'll get a partial blackout where you can only see tourist information and not politically sensitive news reports. It could be possible that Google is taking a similar tack.
Originally, 265.com was founded in 2003 by Chinese entrepreneur Cai Wensheng, who's also the founder of Chinese beauty app Meitu. Google bought the site in 2008, while it was still operating its search engine within China. Google has essentially been using the site to figure out what Chinese users are searching for since 2008, and now that it is working on an Android search app, it will finally have a use for that data. The Intercept first reported this news.Read Replies (0)
By BeauHD from Slashdot's blood-sucking department
An anonymous reader quotes a report from Ars Technica: A vicious species of tick originating from Eastern Asia has invaded the U.S. and is rapidly sweeping the Eastern Seaboard, state and federal officials warn. The tick, the Asian longhorned tick (or Haemaphysalis longicornis), has the potential to transmit an assortment of nasty diseases to humans, including an emerging virus that kills up to 30 percent of victims. So far, the tick hasn't been found carrying any diseases in the U.S. It currently poses the largest threat to livestock, pets, and wild animals; the ticks can attack en masse and drain young animals of blood so quickly that they die -- an execution method called exsanguination.
Key to the tick's explosive spread and bloody blitzes is that its invasive populations tend to reproduce asexually, that is, without mating. Females drop up to 2,000 eggs over the course of two or three weeks, quickly giving rise to a ravenous army of clones. In one U.S. population studied so far, experts encountered a massive swarm of the ticks in a single paddock, totaling well into the thousands. They speculated that the population might have a ratio of about one male to 400 females. Yesterday, August 7, Maryland became the eighth state to report the presence of the tick. It followed a similar announcement last Friday, August 3, from Pennsylvania. Other affected states include New York, Arkansas, North Carolina, Virginia, and West Virginia.Read Replies (0)