By BeauHD from Slashdot's bad-at-its-job department
Last week, cybersecurity company PenTest Partners managed to unlock TappLock's smart padlock within two seconds. They "found that the actual code and digital authentication methods for the lock were basically nonexistent," reports The Verge. "All someone would need to unlock the lock is its Bluetooth Low Energy MAC address, which the lock itself broadcasts." The company also managed to snap the lock with a pair of 12-inch bolt cutters.
Today, Naked Security reports that it gets much worse: "Tapplock's cloud-based administration tools were as vulnerable as the lock, as Greek security researcher Vangelis Stykas found out very rapidly." From the report: Stykas found that once you'd logged into one Tapplock account, you were effectively authenticated to access anyone else's Tapplock account, as long as you knew their account ID. You could easily sniff out account IDs because Tapplock was too lazy to use HTTPS (secure web connections) for connections back to home base -- but you didn't really need to bother, because account IDs were apparently just incremental IDs anyway, like house numbers on most streets. As a result, Stykas could not only add himself as an authorized user to anyone else's lock, but also read out personal information from that person's account, including the last location (if known) where the Tapplock was opened.
Incredibly, Tapplock's back-end system would not only let him open other people's locks using the official app, but also tell him where to find the locks he could now open! Of course, this gave him an unlocking speed advantage over Pen Test Partners -- by using the official app Stykas needed just 0.8 seconds to open a lock, instead of the sluggish two seconds needed by the lock-cracking app.Read Replies (0)
By BeauHD from Slashdot's dead-in-the-water department
An anonymous reader quotes a report from Ars Technica: Back in January 2017, Google and Uber teamed up to put a cool feature in Google Maps: You could search for, book, and pay for an Uber all directly from Google Maps. You didn't even need the Uber app installed. Now, 18 months later, the feature is dead. Google posted a new support page (first spotted by Android Police) that flatly states, "You can no longer book Uber rides directly in Google Maps."
The feature would have you search for a location in Google Maps and ask for directions like normal, but instead of choosing walking, driving, biking, or mass transit directions, a tab for ride-sharing would allow you to book a ride directly. The ride-sharing tab still exists, but instead of booking an Uber, it just gives you an estimate and offers to kick you out to the Uber app.Read Replies (0)
By BeauHD from Slashdot's science-fiction-to-reality department
Gunfighter shares a report from Defense News: President Donald Trump on Monday appeared to sign an executive order directing the Pentagon to create a new "Space Force," a move that could radically transform the U.S. military by pulling space functions variously owned by the Air Force, Navy and other military branches into a single independent service. "I am hereby directing the Department of Defense and Pentagon to immediately begin the process necessary to establish a Space Force as the sixth branch of the armed forces," Trump said during a meeting of the National Space Council. "That's a big statement. We are going to have the Air Force and we are going to have the Space Force. Separate but equal. It is going to be something. So important," Trump added. "General Dunford, if you would carry that assignment out, I would be very greatly honored." Dunford responded in the affirmative, telling Trump, "We got you." The oddity of Trump's statement was that it was followed up with a White House readout that "contained no language related to the creation of a new military branch, leaving open the question of whether Trump has actually issued formal guidance to the military," reports Defense News. It is believed that Trump still needs the support of Congress to actually establish a space force.Read Replies (0)
By msmash from Slashdot's stranger-things department
Late last week, YouTube videos from several high-profile channels began to mysteriously disappear, puzzling both the owners of those channels and viewers. Some of these channels include MIT Open Courseware, Blender Foundation, Jamendo Music, India's Press Information Bureau, soccer club Sparta Praha, and England Rugby. In a statement, MIT Open Courseware said, "You may have noticed that we are having some trouble with our videos! Please stand by. The elves are working around the clock to fix the issue. There is still a ton of content you can use on MIT OCW's website that doesn't have video. Hang in there folks!" Ton Roosendaal, the chairman of Blender Foundation, has been tweeting his frustration at YouTube. The issue, which per Roosendaal YouTube is aware of, is yet to be resolved at the time of publication. TorrentFreak, a news website which covers piracy and copyright issues, speculates that YouTube's piracy filters could be the bottleneck here. Google did not respond to a request for comment.Read Replies (0)
By msmash from Slashdot's future-is-here department
A newly developed tool by Google can forecast a host of patient outcomes, including how long people may stay in hospitals, their odds of re-admission and chances they will soon die. Google documented some of this tool's abilities in May; in one instance, Google's tool estimated, by taking 175,639 data points into consideration, that a particular patient's odds at dying during her stay at the hospital was 19.9 percent, up from 9.3 percent that the hospital's computers had estimated. Now Bloomberg reports what Google intends to do with this new tool next. From the report: Google's next step is moving this predictive system into clinics, AI chief Jeff Dean told Bloomberg News in May. Dean's health research unit -- sometimes referred to as Medical Brain -- is working on a slew of AI tools that can predict symptoms and disease with a level of accuracy that is being met with hope as well as alarm. Inside the company, there's a lot of excitement about the initiative. "They've finally found a new application for AI that has commercial promise," one Googler says. Since Alphabet's Google declared itself an "AI-first" company in 2016, much of its work in this area has gone to improve existing internet services. The advances coming from the Medical Brain team give Google the chance to break into a brand new market -- something co-founders Larry Page and Sergey Brin have tried over and over again. Software in health care is largely coded by hand these days. In contrast, Google's approach, where machines learn to parse data on their own, "can just leapfrog everything else," said Vik Bajaj, a former executive at Verily, an Alphabet health-care arm, and managing director of investment firm Foresite Capital. "They understand what problems are worth solving," he said. "They've now done enough small experiments to know exactly what the fruitful directions are." The report adds that, among other things, Google's tool has the ability to sift through notes buried in PDFs or scribbled on old charts.Read Replies (0)
By msmash from Slashdot's how-about-that department
The World Health Organization has announced "gaming disorder" as a new mental health condition included in the 11th edition of its International Classification of Diseases, released Monday. From a report: "I'm not creating a precedent," said Dr. Vladimir Poznyak, a member of WHO's Department of Mental Health and Substance Abuse, which proposed the new diagnosis to WHO's decision-making body, the World Health Assembly. Instead, he said, WHO has followed "the trends, the developments, which have taken place in populations and in the professional field." However, not all psychologists agree that gaming disorder is worthy of inclusion in the International Classification of Diseases, known as the ICD. A diagnosis standard, the ICD defines the universe of diseases, disorders, injuries and other related health conditions. Researchers use it to count deaths, diseases, injuries and symptoms, and doctors and other medical practitioners use it to diagnose disease and other conditions. In many cases, health care companies and insurers use the ICD as a basis for reimbursement. Poznyak said the expectation is that the classification of gaming disorder means health professionals and systems will be more "alerted to the existence of this condition" while boosting the possibility that "people who suffer from these conditions can get appropriate help."Read Replies (0)
By msmash from Slashdot's up-next department
An anonymous reader writes: Linux 4.18 development is going strong with recent 4.18-rc1 release. This kernel cycle has dropped 107,210 lines of code so far but Linux 4.18 is adding many new features. The kernel is coming in lighter as a result of the LustreFS code being removed and other code cleanups. On the feature front, Phoronix reports, "ew AMDGPU support improvements, mainlining of the V3D DRM driver, initial open-source work on NVIDIA Volta GV100 hardware, merging of the Valve Steam Controller kernel driver, merging of the BPFILTER framework, ARM Spectre mitigation work, Speck file-system encryption support, removal of the Lustre file-system, the exciting restartable sequences system call was merged, the new DM writecache target, and much more."Read Replies (0)
By BeauHD from Slashdot's bat-friendly-city department
Since streetlights disturb bats' internal sensors and rhythms and affect their feeding patterns, inner compasses, and general nocturnal behaviors, the Dutch town of Zuidhoek-Nieuwkoop is taking action. The town is using special streetlights that emit a red color and use a wavelength that doesn't interfere with a bat's internal compass and lets them feed undisturbed. The Next Web reports: The lights [developed by Signify and the University of Wageningen and other NGO's active in conservation], being both beneficial for bats and humans alike, are also proving to be extremely energy saving, and is therefore also a big plus for the environment and the town's carbon footprint. The lights are connected LED lights that can be controlled remotely. This means that if there is one particular neighborhood in need of more or less light, this can be adjusted as needed.
Zuidhoek-Nieuwkoop, due to their specific natural surroundings, is keen on being a sustainable town. The town and its surrounding area are part of the nature-protection network Natura 2000, which protects breeding and nesting areas for rare and threatened species all over Europe.Read Replies (0)
By BeauHD from Slashdot's pain-in-the-ass department
A Portland man appears to have a pill-sized camera stuck in his gut. That man is me... Let me explain.
For the average Joe, the following statement might sound a bit peculiar: I have swallowed a pill-sized camera a number of times. You see, I have Crohn's Disease (CD) in the small intestine -- a 20 foot-long portion of the gastrointestinal tract that runs between the stomach and the large intestine (colon). A "PillCam" is the most non-invasive, detailed method to survey this area as it doesn't require a scope up the rectum or down the esophagus, nor does it require any tissue slicing. It's also one of the safest procedures available -- the retention rate is as low as 1%. Unfortunately, this most recent capsule endoscopy resulted in my admission to the 1% club.
On March 27th, 2018, I swallowed the PillCam that is currently lodged in my small intestine. If you do the math, that's more than 82 days ago (over 12 weeks). After hiking Smith Rock and summiting Black Butte a couple weeks later, I thought for sure the pill would have exited. It didn't, as evident by the follow-up X-ray. It can be difficult to find research on such a what-if scenario that happens to so few, but I did manage to find a Motherboard article telling the story of Scott Willis, a CD patient that had a PillCam lodged in his gut for eight weeks. One of the key differences between him and me is that he had a partial block and endured more symptoms, prompting him to schedule a procedure to get it out quicker. I'm relatively symptom free.
< article continued at Slashdot's pain-in-the-ass department
>Read Replies (0)
By BeauHD from Slashdot's cause-and-effect department
An anonymous reader writes: "Several gaming companies have announced plans to remove support for an analytics app they have bundled with their games," reports Bleeping Computer. "The decision to remove the app came after several Reddit and Steam users noticed that many game publishers have recently embedded a controversial analytics SDK (software development kit) part of recent updates to their games. The program bundled with all these games, and at the heart of all the recent controversy, is RedShell, an analytics package provided by Innervate, Inc., to game publishers." The app is intended to collect information about the source of new game installs, and details about the gamer. Following a massive user outcry in the past two weeks, several game makers have given in to pressure and are removing this SDK. Game makers and games who announced they were removing RedShell include Bethesda (Elder Scrolls), All Total War games, Warhammer games, Magic the Gathering Arena, and more. [This Google Docs spreadsheet and Reddit thread have a list of games containing RedShell. ]Read Replies (0)