By msmash from Slashdot's security-woes department
Andy Greenberg, writing for Wired: When Apple released the iPhone X on November 3, it touched off an immediate race among hackers around the world to be the first to fool the company's futuristic new form of authentication. On Friday, Vietnamese security firm Bkav released a blog post and video showing that -- by all appearances -- they'd cracked Face ID with a composite mask of 3-D-printed plastic, silicone, makeup, and simple paper cutouts, which in combination tricked an iPhone X into unlocking. That demonstration, which has yet to be confirmed publicly by other security researchers, could poke a hole in the expensive security of the iPhone X, particularly given that the researchers say their mask cost just $150 to make. But it's also a hacking proof-of-concept that, for now, shouldn't alarm the average iPhone owner, given the time, effort, and access to someone's face required to recreate it. Bkav, meanwhile, didn't mince words in its blog post and FAQ on the research. "Apple has done this not so well," writes the company. "Face ID can be fooled by mask, which means it is not an effective security measure."Read Replies (0)
By EditorDavid from Slashdot's hot-rocks department
Better microsampling (and analysis) are revealing "previously obscured" clues about how super-hot molten lava behaves, according to a Science Alert article shared by schwit1:
"The older view is that there's a long period with a big tank of molten rock in the crust," says geoscientist Nathan Andersen from the University of Wisconsin-Madison. "A new view is that magma is stored for a long period in a state that is locked, cool, crystalline, and unable to produce an eruption. That dormant system would need a huge infusion of heat to erupt." Such a huge infusion of heat is what's thought to have unleashed a violent supereruption in California some 765,000 years ago... [A]s awesomely destructive as the supereruption was, lingering evidence from the aftermath can tell us about the magma conditions deep underground before the top blew so spectacularly.
Specifically, an analysis of argon isotopes contained in crystals from the Bishop Tuff -- the large rocky outcrop produced when the Long Valley Caldera was created -- shows the magma from the supereruption was heated rapidly, not slowly simmered. Geologically speaking, that is -- meaning the heating forces that produced the supereruption occurred over decades, or perhaps a couple of centuries. (A long time for people, sure, but a blink of an eye in the life-time of a supervolcano.) The reasoning is that argon quickly escapes from hot crystals, so it wouldn't have a chance to accumulate in the rock if the rock were super-heated for a long time... Unfortunately, while scientists are doing everything they can to read the signs of volcanic supereruptions -- something NASA views as more dangerous than asteroid strikes -- the reality is, the new findings don't bring us any closer to seeing the future.
< article continued at Slashdot's hot-rocks department
>Read Replies (0)
By EditorDavid from Slashdot's my-kingdom-for-a-satellite department
An anonymous reader quotes CNET:
An Orbital ATK Antares rocket carrying a cubesat named Asgardia-1 launched from NASA's Wallops Flight Facility in Virginia early Sunday. The milk carton-sized satellite makes up the entirety of territory of the self-proclaimed "Space Kingdom" of Asgardia... Over 300,000 people signed up online to become "citizens" of the nation over the last year. The main privilege of citizenship so far involves the right to upload data to Asgardia-1 for safekeeping in orbit, seemingly far away from the pesky governments and laws of Earth-bound countries...
As of now, Asgardia's statehood isn't acknowledged by any other actual countries or the United Nations, and it doesn't really even fit the definition of a nation since it's not possible for a human to physically live in Asgardia. Not yet, at least. The long-term vision for Asgardia includes human settlements in space, on the moon and perhaps even more distant colonies.
On Tuesday Orbital ATK's spacecraft will dock with the International Space Station for a one-month re-supply mission -- then blast higher into orbit to deploy the space kingdom's satellite. "Asgardia space kingdom has now established its sovereign territory in space," read an online statement.
Next the space kingdom plans to hold elections for 150 Members of Parliament.Read Replies (0)
By EditorDavid from Slashdot's cyber-war department
chicksdaddy quotes Security Ledger:
North Korean hackers have stepped up their attacks on U.S. defense contractors in an apparent effort to gain intelligence on weapon systems and other assets that might be used against the country in an armed conflict with the United States and its allies, The Security Ledger is reporting. Security experts and defense industry personnel interviewed by The Security Ledger say that probes and attacks by hacking groups known to be associated with the government of the Democratic People's Republic of Korea (DPRK) have increased markedly as hostilities between that country and the United States have ratcheted up in the last year. The hacking attempts seem to be aimed at gaining access to intellectual property belonging to the companies, including weapons systems deployed on the Korean peninsula.
"As the situation between the DPRK and the US has become more tense, we've definitely seen an increase in number of probe attempts from cyber actors coming out of the DPRK," an official at an aerospace and defense firm told Security Ledger. The so-called "probes" were targeting the company's administrative network and included spear phishing attacks via email and other channels. The goal was to compromise computers on the corporate network... So far, the attacks have targeted "weakest links" within the firms, such as Human Resources personnel and general inquiry mailboxes, rather than targeting technical staff directly. However, experts who follow the DPRK's fast evolving cyber capabilities say that the country may have more up their sleeve.
CNBC also reports that America's congressional defense committees have authorized a last-minute request for $4 billion in extra spending for "urgent missile defeat and defense enhancements to counter the threat of North Korea."
Other countries newly interested in purchasing missile defense systems include Japan, Sweden, Poland, and Saudi Arabia.Read Replies (0)
By EditorDavid from Slashdot's distributing-distros department
Slashdot reader boudie2 tipped us off to some Linux news. Liliputing reports:
Samsung's DeX dock lets you connect one of the company's recent phones to an external display, mouse, and keyboard to use your phone like a desktop PC... assuming you're comfortable with a desktop PC that runs Android. But soon you may also be able to use your Android phone as a Linux PC [and] the company has released a brief video that provides more details. One of those details? At least one of the Linux environments in question seems to be Ubuntu 16.04... While that's the only option shown, the fact that it does seem to be an option suggests you may be able to run different Linux environments as well.
Once Ubuntu is loaded, the video shows a user opening Eclipse, an integrated development environment that's used to create Java (and Android apps). In other words, you can develop apps for Android phones with ARM-based processors on an Android phone with an ARM-based processor.
Samsung promised in October that its Linux on Galaxy app will ultimately let users "run their preferred Linux distribution on their smartphones utilizing the same Linux kernel that powers the Android OS."Read Replies (0)
By EditorDavid from Slashdot's momentum-towards-Mars department
"Dangerous radiation. Overstuffed pantries. Cabin fever. NASA could sidestep many of the impediments to a Mars mission if they could just get there faster," writes Space.com, which reports NASA is now exploring an alternative to chemical rockets.
In August, NASA announced an $18.8-million-dollar contract with nuclear company BWXT to design fuel and a reactor suitable for nuclear thermal propulsion (NTP), a rocket technology that could jumpstart a new era of space exploration. "The strengths with NTP are the ability to do the very fast round trip [to Mars], the ability to abort even if you're 2 to 3 months into the missions, the overall architectural robustness, and also the growth potential to even more advanced systems," Michael Houts, principal investigator for the NTP project at NASA's Marshall Space Flight Center, told Space.com. NTP rockets would pull all that off by offering about twice the bang for the buck that chemical rockets do... "Nuclear thermal propulsion can enable you to get to Mars faster, on the order of twice as fast," said Vishal Patel, a researcher involved in subcontract work for BWXT at the Ultra Safe Nuclear Corp. in Los Alamos, New Mexico. "We're looking at nice 3- to 4-month transit times."Read Replies (0)
By EditorDavid from Slashdot's legacy-code department
An anonymous reader writes:
The late Jim Weirich "was a seminal member of the western world's Ruby community," according to Ruby developer Justin Searls, who at the age of 30 took over Weirich's tools (which are used by huge sites like Hulu, Kickstarter, and Twitter). Soon Searls made a will and a succession plan for his own open-source projects. Wired calls succession "a growing concern in the open-source software community," noting developers have another option: transferring their copyrights to an open source group (for example, the Apache Foundation).
Most package-management systems have "at least an ad-hoc process for transferring control over a library," according to Wired, but they also note that "that usually depends on someone noticing that a project has been orphaned and then volunteering to adopt it." Evan Phoenix of the Ruby Gems project acknowledges that "We don't have an official policy mostly because it hasn't come up all that often. We do have an adviser council that is used to decide these types of things case by case." Searls suggests GitHub and package managers like Ruby Gems add a "dead man's switch" to their platform, which would allow programmers to automatically transfer ownership of a project or an account to someone else if the creator doesn't log in or make changes after a set period of time.
Wired also spoke to Michael Droettboom, who took over the Python library Matplotlib after John Hunter died in 2012. He points out that "Sometimes there are parts of the code that only one person understands," stressing the need for developers to also understand the code they're inheriting.Read Replies (0)
By EditorDavid from Slashdot's guardrails-of-the-galaxy department
What if alien life were so advanced that its powers were indistinguishable from physics? It's the one-year anniversary of a startling article which appeared in Nautilus magazine. Long-time Slashdot reader wjcofkc writes: Caleb Scharf, astronomer and the director of the multidisciplinary Columbia Astrobiology Center at Columbia University presents an intriguing thought experiment.
"Perhaps Arthur C. Clarke was being uncharacteristically unambitious. He once pointed out that any sufficiently advanced technology is going to be indistinguishable from magic. If you dropped in on a bunch of Paleolithic farmers with your iPhone and a pair of sneakers, you'd undoubtedly seem pretty magical. But the contrast is only middling: The farmers would still recognize you as basically like them, and before long they'd be taking selfies. But what if life has moved so far on that it doesn't just appear magical, but appears like physics?"
The original submitter included their own counterarguments against the idea, but the astronomer follows his proposal to its ultimate conclusion.
"Perhaps hyper-advanced life isn't just external. Perhaps it's already all around. It is embedded in what we perceive to be physics itself, from the root behavior of particles and fields to the phenomena of complexity and emergence."Read Replies (0)
By EditorDavid from Slashdot's defending-your-license department
An anonymous reader writes:
Earlier this week security-hardened Android build CopperheadOS temporarily blocked Nexus updates on its servers after finding out that other companies have been flashing the ROM onto Nexus phones and selling them commercially in violation of the CopperheadOS licensing terms. The incident highlights an inherent problem in getting open source to be used by the masses: the difficulty of organizations being able to build and monetize a successful, long-term open source business model...
"We've enabled over-the-air updates again," CopperheadOS tweeted Saturday, "to avoid impacting our remaining customers on Nexus devices and other legitimate users. However, downloads on the site will no longer be available and we'll be making changes to the update client for Nexus devices."
In an earlier series of tweets, they explained it's an ongoing issue. "It's not okay to disrespect our non-commercial licensing terms for those official builds by flashing and selling it on hundreds of phones... This is why we've been unable to sell access to Pixel images. There are people that are going to buy those and flash + sell devices in direct competition with us in violation of the licensing terms. Needing to deal with so many people acting in bad faith makes this difficult.
"It's not permitted for our official Nexus builds and yet that's what's happening. We do all of the development, testing, release engineering and we provide the infrastructure, and then competitors sell far more devices than us in violation of our licensing terms. Ridiculous."Read Replies (0)
By EditorDavid from Slashdot's home-improvement department
Slashdot reader zhennian wants to stream music throughout his entire house, "and was hoping that with three old iPods I might be able to put together a centrally managed house-wide audio system."
Ideally it would be possible to control what's playing from a central web interface using an app on an IOS or Android device. With the iPods already plugged into docking stations and on the home wifi network, I assume it should be possible.
A search of the Apple app store didn't bring up much and forking out $AUS400 for a Sonos One or equivalent seems wasted when I've already purchased iPod docks. Can anyone recommend an App that will still be compatible with old (ie. 2007) iPods and might do this?
Or is there a better cheap alternative? Leave your best answers in the comments. Can you convert old iPods into a home music-streaming solution?Read Replies (0)