By BeauHD from Slashdot's stuff-of-legend department
Programmer and engineer David Fifield has unveiled a brand-new Zip bomb that explodes a 46-megabyte file to 4.5 petabytes of data. Fifield's new type of "Zip bomb" or "compression bomb" is particularly novel because he "figured out how to 'overlap' files inside of a Zip archive, allowing for compression rates far beyond those of a traditional archive," reports Motherboard. From the report: In an email interview, Fifield noted that, while 42.zip (which has a 106 billion-to-one compression ratio and has been hosted on the same single-serving website for at least 15 years) gets much of the attention, he finds later attempts more technically interesting. "eI find 42.zip inspiring on an aesthetic level -- not so much the file itself but the circumstances around it," Fifield said. "It's like folklore. There must have been many examples of the same basic idea, but for whatever reason 42.zip is the one that had staying power."
Fifield noted that part of what makes his process possible was by coming up with ways to handle cyclic redundancy checks, or CRCs, a basic error-correction functionality baked into Zip, PNG, Ethernet, and numerous other technical standards. Messing around with CRC -- 32 checksums, as they're called, was where Fifield said he learned the most. Fifield, who will present his findings at the USENIX Workshop on Offensive Technologies (WOOT) conference next month, noted that while the work itself adds to a history of research and likely will be superseded in the future, its benefit from an awareness standpoint is important.Read Replies (0)
By BeauHD from Slashdot's counterattacks-from-coal department
Using a record of solar radiation measurements around China going back to the late 1950s, researchers from ETH Zurich found that China's coal-driven air pollution is significantly reducing the output of solar panels by dimming the Sun. Ars Technica reports: The researchers found that, over the entire record between about 1960 and 2015, the average potential solar generation declined by about 13%. Expressed in terms of capacity factor -- the fraction of a solar panel's maximum output that is actually produced on average -- the drop from the start to the lowest point in 2008 was 0.162 to 0.142. The change wasn't the same everywhere, though, as air pollution and local conditions varied. The five worst provinces actually saw potential generation drops of fully 20-28%. These included industrial centers in the east but also some clearer high-elevation areas in the west where a small amount of air pollution can have a big impact.
If China could go back to its 1950s air quality, its existing solar installations in 2016 would have produced an additional 14 terawatt-hours of electricity for free. As more solar panels are built, that number would only grow. By 2030, cleaner air could net an additional 70 terawatt-hours of electricity each year -- about 1% of total projected electricity generation at that point. To put some dollar signs on these numbers, the researchers used the current feed-in tariff of $0.14 per kilowatt-hour and a projected drop to $0.09 per kilowatt-hour in 2030. In 2016, this would mean cleaner air would have brought $1.9 billion worth of electricity. In 2030, the extra 13% or so of solar potential could be worth over $6 billion per year. The study has been published in the journal Nature Energy.Read Replies (0)
By BeauHD from Slashdot's invasion-of-privacy department
A new report from Belgian broadcaster VRT News describes the process by which Google Home recordings end up being listened to by contractors -- and the scary part is that it apparently doesn't take much, if anything, to start a recording. While the recordings are not listened to live, audio clips are sent to subcontractors. The Next Web reports: VRT, with the help of a whistleblower, was able to listen to some of these clips and subsequently heard enough to discern the addresses of several Dutch and Belgian people using Google Home -- in spite of the fact some hadn't even uttered the words "Hey Google," which are supposed to be the device's listening trigger. The person who leaked the recordings was working as a subcontractor to Google, transcribing the audio files for subsequent use in improving its speech recognition. They got in touch with VRT after reading about Amazon Alexa keeping recordings indefinitely.
According to the whistleblower, the recordings presented to them are meant to be carefully annotated, with notes included about the speakers presumed identity and age. From the sound of the report, these transcribers have heard just about everything. Personal information? Bedroom activities? Domestic violence? Yes, yes, and yes. While VRT only listened to recordings from Dutch and Belgian users, the platform the whistleblower showed them had recordings from all over the world -- which means there are probably thousands of other contractors listening to Assistant recordings. The VRT report states that the Google Home Terms of Service don't mention that recordings might be listened to by other humans. The report says that the recordings are identified by numbers rather than user names, but VRT "was able to pick up enough data from the recordings to find the addresses of the users in question, and even confront some of the users in the recordings -- to their great dismay," reports The Next Web.
< article continued at Slashdot's invasion-of-privacy department
>Read Replies (0)
By BeauHD from Slashdot's copy-and-paste department
"Tech workers' favorite communications tool, Slack, is losing ground to its biggest rival, Microsoft Teams, which has copied its way into popularity," writes Rani Molla for Recode. "In other words, Slack has the same problem as Snapchat, which has suffered from its bigger rival Facebook's relentless appropriation." From the report: Slack's market share among the world's largest companies is mostly flat, adoption rates are declining, and a bigger portion of these companies indicate they plan on leaving the service, according to a new survey by market research firm ETR, which asks chief information officers and other leaders at the world's biggest organizations* where they plan to spend their company's tech budget. Meanwhile, Teams is seeing increased market share, relatively higher adoption rates, and low rates of defection, according to the data.
Slack, which is currently trading below its first-day opening price, has been beset both by smaller companies hoping to improve upon it and tech giants trying to copy and replace it. Microsoft, at one point, had even considered buying Slack. Instead, nearly four years after Slack's debut, Microsoft launched Teams, which has since adopted many of its competitor's functions, including the basic premise of creating an online office space for coworkers to collaborate and communicate. The situation was similar with Facebook, which after failing to buy Snapchat began to copy it, feature by feature. Facebook did this with impunity because it's not really possible to copyright what software does -- you can only copyright the code itself. Since products like Slack and Microsoft Teams or Facebook and Snapchat are built on different platforms, the code for each is likely distinct, so copying features is fair game.Read Replies (0)
By msmash from Slashdot's security-woes department
The Caps Lock, Num Lock, and Scroll Lock LEDs on a keyboard can be used to exfiltrate data from a secure air-gapped system, academics from an Israeli university have proved. From a report: The attack, which they named CTRL-ALT-LED, is nothing that regular users should worry about but is a danger for highly secure environments such as government networks that store top-secret documents or enterprise networks dedicated to storing non-public proprietary information. he attack requires some pre-requisites, such as the malicious actor finding a way to infect an air-gapped system with malware beforehand. CTRL-ALT-LED is only an exfiltration method. But once these prerequisites are met, the malware running on a system can make the LEDs of an USB-connected keyboard blink at rapid speeds, using a custom transmission protocol and modulation scheme to encode the transmitted data. A nearby attacker can record these tiny light flickers, which they can decode at a later point, using the same modulation scheme used to encode it.Read Replies (0)
By msmash from Slashdot's shape-of-things-to-come department
First, there was the meatless burger. Soon we may have fishless fish. From a report: Impossible Foods, the California company behind the meatless Impossible Whopper now available at Burger King, is joining a crowded field of food companies developing alternatives to traditional seafood with plant-based recipes or laboratory techniques that allow scientists to grow fish from cells. So far, much of Impossible's work has focused on the biochemistry of fish flavor, which can be reproduced using heme, the same protein undergirding its meat formula [Editor's note: the link may be paywalled; alternative source], according to Pat Brown, the company's chief executive. Last month, Impossible's 124-person research and development team, which the company plans to increase to around 200 by the end of next year, produced an anchovy-flavored broth made from plants, he said. "It was being used to make paella," Mr. Brown said. "But you could use it to make Caesar dressing or something like that."
The fishless-fish project is part of Impossible's grand ambitions to devise tasty replacements for every animal-based food on the market by 2035. Whether that aim is achievable, either scientifically or financially, remains to be seen. But for now, Mr. Brown said, he's confident Impossible's plant-based beef recipe can be reconfigured to simulate a new source of protein. It's unclear whether consumers -- even those who eat meatless burgers -- will embrace fish alternatives. Those faux-beef products owe their success partly to the enthusiasm of so-called flexitarians, people who want to reduce their meat consumption without fully converting to vegetarianism, but flexitarians are not necessarily motivated by a desire to save the planet.Read Replies (0)