By EditorDavid from Slashdot's cyber-war department
chicksdaddy quotes Security Ledger:
North Korean hackers have stepped up their attacks on U.S. defense contractors in an apparent effort to gain intelligence on weapon systems and other assets that might be used against the country in an armed conflict with the United States and its allies, The Security Ledger is reporting. Security experts and defense industry personnel interviewed by The Security Ledger say that probes and attacks by hacking groups known to be associated with the government of the Democratic People's Republic of Korea (DPRK) have increased markedly as hostilities between that country and the United States have ratcheted up in the last year. The hacking attempts seem to be aimed at gaining access to intellectual property belonging to the companies, including weapons systems deployed on the Korean peninsula.
"As the situation between the DPRK and the US has become more tense, we've definitely seen an increase in number of probe attempts from cyber actors coming out of the DPRK," an official at an aerospace and defense firm told Security Ledger. The so-called "probes" were targeting the company's administrative network and included spear phishing attacks via email and other channels. The goal was to compromise computers on the corporate network... So far, the attacks have targeted "weakest links" within the firms, such as Human Resources personnel and general inquiry mailboxes, rather than targeting technical staff directly. However, experts who follow the DPRK's fast evolving cyber capabilities say that the country may have more up their sleeve.
CNBC also reports that America's congressional defense committees have authorized a last-minute request for $4 billion in extra spending for "urgent missile defeat and defense enhancements to counter the threat of North Korea."
Other countries newly interested in purchasing missile defense systems include Japan, Sweden, Poland, and Saudi Arabia.Read Replies (0)
By EditorDavid from Slashdot's distributing-distros department
Slashdot reader boudie2 tipped us off to some Linux news. Liliputing reports:
Samsung's DeX dock lets you connect one of the company's recent phones to an external display, mouse, and keyboard to use your phone like a desktop PC... assuming you're comfortable with a desktop PC that runs Android. But soon you may also be able to use your Android phone as a Linux PC [and] the company has released a brief video that provides more details. One of those details? At least one of the Linux environments in question seems to be Ubuntu 16.04... While that's the only option shown, the fact that it does seem to be an option suggests you may be able to run different Linux environments as well.
Once Ubuntu is loaded, the video shows a user opening Eclipse, an integrated development environment that's used to create Java (and Android apps). In other words, you can develop apps for Android phones with ARM-based processors on an Android phone with an ARM-based processor.
Samsung promised in October that its Linux on Galaxy app will ultimately let users "run their preferred Linux distribution on their smartphones utilizing the same Linux kernel that powers the Android OS."Read Replies (0)
By EditorDavid from Slashdot's momentum-towards-Mars department
"Dangerous radiation. Overstuffed pantries. Cabin fever. NASA could sidestep many of the impediments to a Mars mission if they could just get there faster," writes Space.com, which reports NASA is now exploring an alternative to chemical rockets.
In August, NASA announced an $18.8-million-dollar contract with nuclear company BWXT to design fuel and a reactor suitable for nuclear thermal propulsion (NTP), a rocket technology that could jumpstart a new era of space exploration. "The strengths with NTP are the ability to do the very fast round trip [to Mars], the ability to abort even if you're 2 to 3 months into the missions, the overall architectural robustness, and also the growth potential to even more advanced systems," Michael Houts, principal investigator for the NTP project at NASA's Marshall Space Flight Center, told Space.com. NTP rockets would pull all that off by offering about twice the bang for the buck that chemical rockets do... "Nuclear thermal propulsion can enable you to get to Mars faster, on the order of twice as fast," said Vishal Patel, a researcher involved in subcontract work for BWXT at the Ultra Safe Nuclear Corp. in Los Alamos, New Mexico. "We're looking at nice 3- to 4-month transit times."Read Replies (0)
By EditorDavid from Slashdot's legacy-code department
An anonymous reader writes:
The late Jim Weirich "was a seminal member of the western world's Ruby community," according to Ruby developer Justin Searls, who at the age of 30 took over Weirich's tools (which are used by huge sites like Hulu, Kickstarter, and Twitter). Soon Searls made a will and a succession plan for his own open-source projects. Wired calls succession "a growing concern in the open-source software community," noting developers have another option: transferring their copyrights to an open source group (for example, the Apache Foundation).
Most package-management systems have "at least an ad-hoc process for transferring control over a library," according to Wired, but they also note that "that usually depends on someone noticing that a project has been orphaned and then volunteering to adopt it." Evan Phoenix of the Ruby Gems project acknowledges that "We don't have an official policy mostly because it hasn't come up all that often. We do have an adviser council that is used to decide these types of things case by case." Searls suggests GitHub and package managers like Ruby Gems add a "dead man's switch" to their platform, which would allow programmers to automatically transfer ownership of a project or an account to someone else if the creator doesn't log in or make changes after a set period of time.
Wired also spoke to Michael Droettboom, who took over the Python library Matplotlib after John Hunter died in 2012. He points out that "Sometimes there are parts of the code that only one person understands," stressing the need for developers to also understand the code they're inheriting.Read Replies (0)
By EditorDavid from Slashdot's guardrails-of-the-galaxy department
What if alien life were so advanced that its powers were indistinguishable from physics? It's the one-year anniversary of a startling article which appeared in Nautilus magazine. Long-time Slashdot reader wjcofkc writes: Caleb Scharf, astronomer and the director of the multidisciplinary Columbia Astrobiology Center at Columbia University presents an intriguing thought experiment.
"Perhaps Arthur C. Clarke was being uncharacteristically unambitious. He once pointed out that any sufficiently advanced technology is going to be indistinguishable from magic. If you dropped in on a bunch of Paleolithic farmers with your iPhone and a pair of sneakers, you'd undoubtedly seem pretty magical. But the contrast is only middling: The farmers would still recognize you as basically like them, and before long they'd be taking selfies. But what if life has moved so far on that it doesn't just appear magical, but appears like physics?"
The original submitter included their own counterarguments against the idea, but the astronomer follows his proposal to its ultimate conclusion.
"Perhaps hyper-advanced life isn't just external. Perhaps it's already all around. It is embedded in what we perceive to be physics itself, from the root behavior of particles and fields to the phenomena of complexity and emergence."Read Replies (0)
By EditorDavid from Slashdot's defending-your-license department
An anonymous reader writes:
Earlier this week security-hardened Android build CopperheadOS temporarily blocked Nexus updates on its servers after finding out that other companies have been flashing the ROM onto Nexus phones and selling them commercially in violation of the CopperheadOS licensing terms. The incident highlights an inherent problem in getting open source to be used by the masses: the difficulty of organizations being able to build and monetize a successful, long-term open source business model...
"We've enabled over-the-air updates again," CopperheadOS tweeted Saturday, "to avoid impacting our remaining customers on Nexus devices and other legitimate users. However, downloads on the site will no longer be available and we'll be making changes to the update client for Nexus devices."
In an earlier series of tweets, they explained it's an ongoing issue. "It's not okay to disrespect our non-commercial licensing terms for those official builds by flashing and selling it on hundreds of phones... This is why we've been unable to sell access to Pixel images. There are people that are going to buy those and flash + sell devices in direct competition with us in violation of the licensing terms. Needing to deal with so many people acting in bad faith makes this difficult.
"It's not permitted for our official Nexus builds and yet that's what's happening. We do all of the development, testing, release engineering and we provide the infrastructure, and then competitors sell far more devices than us in violation of our licensing terms. Ridiculous."Read Replies (0)
By EditorDavid from Slashdot's home-improvement department
Slashdot reader zhennian wants to stream music throughout his entire house, "and was hoping that with three old iPods I might be able to put together a centrally managed house-wide audio system."
Ideally it would be possible to control what's playing from a central web interface using an app on an IOS or Android device. With the iPods already plugged into docking stations and on the home wifi network, I assume it should be possible.
A search of the Apple app store didn't bring up much and forking out $AUS400 for a Sonos One or equivalent seems wasted when I've already purchased iPod docks. Can anyone recommend an App that will still be compatible with old (ie. 2007) iPods and might do this?
Or is there a better cheap alternative? Leave your best answers in the comments. Can you convert old iPods into a home music-streaming solution?Read Replies (0)
By EditorDavid from Slashdot's not-so-smart-cities department
What's the world's second-richest man up to now? A Phoenix news station reports:
One of Bill Gates' investment firms has spent $80 million to kickstart the development of a brand-new community in Arizona's far West Valley. The large plot of land is about 45 minutes west of downtown Phoenix off I-10 near Tonopah. The proposed community, made up of close to 25,000 acres of land, is called Belmont. According to Belmont Partners, a real estate investment group based in Arizona, the goal is to turn the land into its own "smart city."
"Belmont will create a forward-thinking community with a communication and infrastructure spine that embraces cutting-edge technology, designed around high-speed digital networks, data centers, new manufacturing technologies and distribution models, autonomous vehicles and autonomous logistics hubs," Belmont Partners said in a news release.
A former columnist for the Phoenix newspaper writes that "Unless Gates plans to turn the land into a preserve, he might want to know a few things that the locals didn't tell him..."
First, Arizona doesn't have enough water to continue these kind of developments, no matter what the mouthpieces of the Real Estate Industrial Complex say... Second, climate change poses a clear and present danger to Arizona now. Summers are significantly hotter and lasting longer than a few decades ago. Massive wildfires are common, another new phenomenon. Whether Phoenix will even be inhabitable by mid-century is an open question. Already, it is a man-made environment totally dependent on electricity to power air conditioning and gasoline delivered by vulnerable pipelines.
All of which make it questionable whether all the dreamed developments ever get built, much less last long.
"To be fair, wealthy people who were clever in one area -- especially tech -- often think they know a lot about everything," the columnist concludes. "If this is the case here, he might want to study up."Read Replies (0)
By EditorDavid from Slashdot's moving-slow-and-breaking-things department
"Equifax executives will forgo their 2017 bonuses," reports CNBC. But according to the New York Post, the company "hasn't lost any significant business customers... Equifax largely does business with banks and other financial institutions -- not with the people they collect information on."
Even though it's facing more than 240 class-action lawsuits, Equifax's revenue actually increased 3.8% from July to September, to a whopping $834.8 million, while their net income for that period was $96.3 million -- which is still more than the $87.5 million that the breach cost them, according to a new article shared by chicksdaddy:
The disclosure, made as part of the company's quarterly filing with the US Securities and Exchange Commission, is the first public disclosure of the direct costs of the incident, which saw the company's stock price plunge by more than 30% and wiped out billions of dollars in value to shareholders. Around $55.5m of the $87.5m in breach-related costs stems from product costs â" mostly credit monitoring services that it is offering to affected individuals. Professional fees added up to another $17.1m for Equifax and consumer support costs totaled $14.9m, the company said. Equifax also said it has spent $27.3 million of pretax expenses stemming from the cost of investigating and remediating the hack to Equifax's internal network as well as legal and other professional expenses.
< article continued at Slashdot's moving-slow-and-breaking-things department
>Read Replies (0)
By EditorDavid from Slashdot's legacy-languages department
An anonymous reader writes:
After 35 years of programming in C, Eric S. Raymond believes that we're finally seeing viable alternatives to the language. "We went thirty years -- most of my time in the field -- without any plausible C successor, nor any real vision of what a post-C technology platform for systems programming might look like. Now we have two such visions...and there is another."
"I have a friend working on a language he calls 'Cx' which is C with minimal changes for type safety; the goal of his project is explicitly to produce a code lifter that, with minimal human assistance, can pull up legacy C codebases. I won't name him so he doesn't get stuck in a situation where he might be overpromising, but the approach looks sound to me and I'm trying to get him more funding. So, now I can see three plausible paths out of C. Two years ago I couldn't see any. I repeat: this is huge... Go, or Rust, or Cx -- any way you slice it, C's hold is slipping."
Raymond's essay also includes a fascinating look back at the history of programming languages after 1982, when the major complied languages (FORTRAN, Pascal, and COBOL) "were either confined to legacy code, retreated to single-platform fortresses, or simply ran on inertia under increasing pressure from C around the edges of their domains.
"Then it stayed that way for nearly thirty years."Read Replies (0)
By EditorDavid from Slashdot's you-said-that-last-time department
"FBI officials said Tuesday they have been stymied in their efforts to unlock the cellphone of the man who shot and killed at least 26 people at a church here on Sunday," reports the Houston Chronicle. Slashdot reader Anon E. Muss writes:
The police obtained a search warrant for the phone, but so far they've been unable to unlock it. The phone has been sent to the FBI, in the hope that they can break in... If it is secure, and the FBI can't open it, expect all hell to break loose. The usual idiots (e.g. politicians) will soon be ranting hysterically about the evil tech industry, and how they're refusing to help law enforcement.
FBI special agent Christopher Combs complained to the Chronicle that "law enforcement increasingly cannot get in to these phones."
A law professor at the Georgia Institute of Technology argues there's other sources of information besides a phone, and police officers might recognize this with better training.
As just one example, Apple says the FBI could've simply just used the dead shooter's fingerprint to open his iPhone. But after 48 hours, the iPhone's fingerprint ID stops working.Read Replies (0)
By EditorDavid from Slashdot's undocumented-features department
Slashdot user bongey writes:
A pair of security researchers in Russia are claiming to have compromised the Intel Management Engine just using one of the computer's USB ports. The researchers gained access to a fully functional JTAG connection to Intel CSME via USB DCI. The claim is different from previous USB DCI JTAG examples from earlier this year. Full JTAG access to the ME would allow making permanent hidden changes to the machine.
"Getting into and hijacking the Management Engine means you can take full control of a box," reports the Register, "underneath and out of sight of whatever OS, hypervisor or antivirus is installed."
They add that "This powerful God-mode technology is barely documented," while The Next Web points out that USB ports are "a common attack vector."Read Replies (0)
By EditorDavid from Slashdot's back-to-the-future department
A nonprofit founded in 1906 is now offering a glimpse at 2040, according to an anonymous reader:
The Alliance of American Museums has just published an ambitious Nov/Dec 2040 issue of Museum, the Alliance's magazine. The columns, reviews, articles, awards, and even the ads describe activities from a 2040 perspective, based on a multi-faceted consensus scenario.
Besides virtual reality centers (and carbon-neutral cities), it envisions de-extinction biologists who resurrect lost species. It also predicts a 2040 with orbiting storehouses to preserve historic artifacts (as well as genetic materials) as part of a collaboration with both NASA and a new American military branch called the US Space Corps. And of course, by 2040 musuems have transformed into hybrid institutions like "museum schools" and "well-being and cognitive health centers" that are both run by museums.
It also predicts for-profit museums that have partnered with corporations.Read Replies (0)
By EditorDavid from Slashdot's RoboDoc department
"Robot-assisted surgery costs more time and money than traditional methods, but isn't more effective, for certain types of operations," reports the Register, in an article shared by schwit1:
In a study of almost 24,000 laparoscopic surgeries just published in The Journal of American Medicine, researchers from Stanford University School of Medicine analyzed data from 416 hospitals around the U.S. from 2003 to 2015. Robotic assistance provides 3D-visualization, a broader range of motion for instruments, and better ergonomics for physicians, according to the study. While it has advantages in scenarios where a high-degree of precision is required or where improved outcomes have been demonstrated (like radical prostatectomy), it appears to be a waste of resources for the two operations examined... But the patient outcomes were more or less the same.
A thematically-related economic study presented by the National Bureau for Economic Research on Monday suggests that while AI and machine learning have received substantial investment over the past five years and have been widely touted as a transformative technologies, "there is little sign that they have yet affected aggregate productivity statistics... The simplest possibility is that the optimism about the potential technologies is misplaced and unfounded," muse Erik Brynjolfsson and Daniel Rock (MIT), Chad Syverson (University of Chicago) in the paper.
But instead the paper's author suggest that fully realizing the benefits of AI "will require effort and entrepreneurship to develop the needed complements, and adaptability at the individual, organizational, and societal levels to undertake the associated restructuring."Read Replies (0)