By msmash from Slashdot's breakthrough department
For the first time, scientists have caught two neutron stars in the act of colliding, revealing that these strange smash-ups are the source of heavy elements such as gold and platinum. From a report: The discovery, announced today at a news conference and in scientific reports written by some 3,500 researchers, solves a long-standing mystery about the origin of these heavy elements -- which are found in everything from wedding rings to cellphones to nuclear weapons. It's also a dramatic demonstration of how astrophysics is being transformed by humanity's newfound ability to detect gravitational waves, ripples in the fabric of space-time that are created when massive objects spin around each other and finally collide. "It's so beautiful. It's so beautiful it makes me want to cry. It's the fulfillment of dozens, hundreds, thousands of people's efforts, but it's also the fulfillment of an idea suddenly becoming real," says Peter Saulson of Syracuse University, who has spent more than three decades working on the detection of gravitational waves. Albert Einstein predicted the existence of these ripples more than a century ago, but scientists didn't manage to detect them until 2015. Until now, they'd made only four such detections, and each time the distortions in space-time were caused by the collision of two black holes. That bizarre phenomenon, however, can't normally be seen by telescopes that look for light. Neutron stars, by contrast, spew out visible cosmic fireworks when they come together. These incredibly dense stars are as small as cities like New York and yet have more mass than our sun. Further reading: 'A New Rosetta Stone for Astronomy' (The Atlantic), and Gravitational Wave Astronomers Hit Mother Lode (Scientific American).Read Replies (0)
By msmash from Slashdot's security-woes department
A security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers, has been broken, putting almost every wireless-enabled device at risk of attack. From a report: The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network. That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream. In other words: hackers can eavesdrop on your network traffic. The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices -- putting every supported device at risk. "If your device supports Wi-Fi, it is most likely affected," said Vanhoef, on his website. News of the vulnerability was later confirmed on Monday by US Homeland Security's cyber-emergency unit US-CERT, which about two months ago had confidentially warned vendors and experts of the bug, ZDNet has learned.Read Replies (0)
By EditorDavid from Slashdot's first-person-cheaters department
The new anti-cheating system installed in PlayerUnknown's Battlegrounds has been banning more than 6,000 suspected cheaters every day. An anonymous reader quotes PC Gamer:
That's according to BattlEye, which polices the game's servers. Its official account tweeted yesterday that between 6,000 and 13,000 players are getting their marching orders daily. On Saturday morning, it had cracked down on nearly 20,000 players within the previous 24-hour period... In total, the service has blocked 322,000 people, double the number that was reported by the game's creator Brendan Greene, aka PlayerUnknown, last month.
Yesterday the game had more than 2.2 million concurrent players.Read Replies (0)
By EditorDavid from Slashdot's anti-antivirus department
First, here's the opinion of two former NSA cybersecurity analysts (via Consumer Reports):
"It's a big deal," says Blake Darche, a former NSA cybersecurity analyst and the founder of the cybersecurity firm Area 1. "For any consumers or small businesses that are concerned about privacy or have sensitive information, I wouldn't recommend running Kaspersky." By its very nature antivirus software is an appealing tool for hackers who want to access remote computers, security experts say. Such software is designed to scan a computer comprehensively as it searches for malware, then send regular reports back to a company server. "One of the things people don't realize, by installing that tool you give [the software manufacturer] the right to pull any information that might be interesting," says Chris O'Rourke, another former NSA cybersecurity expert who is the CEO of cybersecurity firm Soteria.
But for that reason, Bloomberg View columnist Leonid Bershidsky suggests any anti-virus software will be targetted by nation-state actors, and argues that for most users, "non-state criminal threats are worse. That's why Interpol this week signed a new information-sharing agreement with Kaspersky despite all the revelations in the U.S. media: The international police cooperation organization deals mainly with non-state actors, including profit-seeking hackers, rather than with the warring intelligence services."
And long-time Slashdot reader freddieb is a loyal Kaspersky user who is wondering what to do, calling the software "very effective and non-intrusive." And in addition, "Numerous recent hacks have gotten my data (Equifax, and others) so I expect I have nothing else to fear except ransomware."
Share your own informed opinions in the comments. Should users uninstall Kaspersky's antivirus software?Read Replies (0)
By EditorDavid from Slashdot's when-city-councils-choose-software department
An anonymous reader quotes TechRepublic:
The city of Munich has suggested it will cost too much to carry on using Linux alongside Windows, despite having spent millions of euros switching PCs to open-source software... "Today, with a Linux client-centric environment, we are often confronted with major difficulties and additional costs when it comes to acquiring and operating professional application software," the city council told the German Federation of Taxpayers. Running Linux will ultimately prove unsustainable, suggests the council, due to the need to also keep a minority of Windows machines to run line-of-business software incompatible with Linux. "In the long term, this situation means that the operation of the non-uniform client landscape can no longer be made cost-efficient"... Since completing the multi-year move to LiMux, a custom-version of the Linux-based OS Ubuntu, the city always kept a smaller number of Windows machines to run incompatible software. As of last year it had about 4,163 Windows-based PCs, compared to about 20,000 Linux-based PCs.
< article continued at Slashdot's when-city-councils-choose-software department
>Read Replies (0)
By EditorDavid from Slashdot's we-are-the-world department
An anonymous reader writes:
Tech companies are competing to serve the wealthy, argues the winner of the 2006 Nobel Peace Prize, complaining there's no "global vision," with big innovations instead "designed and dedicated mostly for commercial successes... while trillions of dollars are invested in developing robotics and artificial intelligence for military and commercial purposes, there is little interest in applying technology to overcome the massive human problems of the world." A genius in the tech industry "can dedicate his work to creating a medical breakthrough that will save thousands of lives -- or he can develop an app that will let people amuse themselves."
As an exception, he cites the low-cost Endless computer, which runs Linux and has 50,000 Wikipedia articles pre-installed to enable offline research -- plus more than 100 applications -- for a price of just $79. "One part of Endless's business is operated like a conventional, profit-seeking company, while the other part is a social business that provides underserved populations with educational, health, and creative services they were once denied. Endless is already being shipped around the globe by four of the five largest computer manufacturers. It has become the leading PC platform in Indonesia and much of Southeast Asia. It has also been selected as the standard operating system for the Brazilian Ministry of Education, and in coming months it will be adopted as the primary platform by a number of other Latin American countries."
The article is by Muhammad Yunus, who pioneered the concepts of microcredit and microfinance, and is taken from his new book, A World of Three Zeros: The New Economics of Zero Poverty, Zero Unemployment, and Zero Net Carbon Emissions.Read Replies (0)
By EditorDavid from Slashdot's outpizza-ing-the-hut department
An anonymous reader quotes McClatchy:
Pizza Hut told customers by email on Saturday that some of their personal information may have been compromised. Some of those customers are angry that it took almost two weeks for the fast food chain to notify them. According to a customer notice emailed from the pizza chain, those who placed an order on its website or mobile app between the morning of Oct. 1 and midday Oct. 2 might have had their information exposed. The "temporary security intrusion" lasted for about 28 hours, the notice said, and it's believed that names, billing ZIP codes, delivery addresses, email addresses and payment card information -- meaning account number, expiration date and CVV number -- were compromised... A call center operator told McClatchy that about 60,000 people across the U.S. were affected.
"[W]e estimate that less than one percent of the visits to our website over the course of the relevant week were affected," read a customer notice sent only to those affected, offering them a free year of credit monitoring. But that hasn't stopped sarcastic tweets like this from the breach's angry victims.
"Hey @pizzahut, thanks for telling me you got hacked 2 weeks after you lost my cc number. And a week after someone started using it."Read Replies (0)
By EditorDavid from Slashdot's thinking-different department
Speaking at Oxford, Apple CEO Tim Cook shared a lesson learned from the "spectacular" commercial failure of the Power Mac G4 Cube in 2000 -- and from his mentor Steve Jobs. An anonymous reader quotes Business Insider:
"It was a very important product for us, we put a lot of love into it, we put enormous engineering into it," Cook said of the G4 Cube on stage. He calls it an "engineering marvel." At the time, Cook was Apple Senior VP of Worldwide Operations, recruited personally by then-CEO Steve Jobs... While the design was a hit, it was $200 more expensive than the regular Power Mac G4, a more traditional-looking PC with very similar specs. And some Cubes would develop cosmetic cracks in the acrylic cube casing due to a manufacturing flaw. In his talk, Cook says that Apple knew the Cube was flopping "from the very first day, almost..."
Ultimately, Cook says, it was a lesson in humility and pride. Apple had told both employees and customers that the G4 Cube was the future. And yet, despite Apple's massive hype, demand just wasn't there, and the company had to walk away. "This was another thing that Steve [Jobs] taught me, actually," says Cook. "You've got to be willing to look yourself in the mirror and say I was wrong, it's not right." In a broader sense, Cook says that Jobs taught him the value of intellectual honesty -- that, no matter how much you care about something, you have to be willing to take new data and apply it to the situation.
He advised his audience to "be intellectually honest -- and have the courage to change."
And the article points out that today there's a small but enthusiastic community who are still hacking their Power Mac G4 Cubes.Read Replies (0)
By EditorDavid from Slashdot's regretting-retractions department
China now has more laboratory scientists than any other country in the world, reports Amy Qin in the New York Times, and spends more on research than the entire European Union.
But in its rush to dominance, China has stood out in another, less boastful way. Since 2012, the country has retracted more scientific papers because of faked peer reviews than all other countries and territories put together, according to Retraction Watch, a blog that tracks and seeks to publicize retractions of research papers... In April, a scientific journal retracted 107 biology research papers, the vast majority of them written by Chinese authors, after evidence emerged that they had faked glowing reviews of their articles. Then, this summer, a Chinese gene scientist who had won celebrity status for breakthroughs once trumpeted as Nobel Prize-worthy was forced to retract his research when other scientists failed to replicate his results. At the same time, a government investigation highlighted the existence of a thriving online black market that sells everything from positive peer reviews to entire research articles... In part, these numbers may simply reflect the enormous scale of the world's most populous nation. But Chinese scientists also blame what they call the skewed incentives they say are embedded within their nation's academic system.Read Replies (0)
By EditorDavid from Slashdot's asking-him-anything department
Long-time Slashdot reader Rei writes:
On Saturday evening, Elon Musk took questions in a Reddit AMA (Ask-Me-Anything) concerning SpaceX's new design for the BFR (Big F* Rocket). But unlike the 2016 IAC conference where many audience questions seemed to be trolling Musk, this time the tables were turned. Asked why Raptor thrust was reduced from 300 tons to 170, Musk replied, "We chickened out." He responded to a statement about landing on the moon by quoting Bob the Builder, while responding to a user's suggestion about caching internet data from Mars by writing simply "Nerd." A question as to whether BFR autogenous pressurization would be heat-exchanger based, Musk replied that they planned to utilize the Incendio spell from Harry Potter -- helpfully providing a Wikipedia link for the spell.
A technical question about the lack of a tail? "Tails are lame." A question about why the number of landing legs was increased from 3 to 4? "Because 4." After one Redditor observed "This is one bizarre AMA so far," Musk replied "Just wait..." While Musk ultimately did follow up some of the trolling with some actual responses, the overall event could be best described as "surreal".
To be fair, Musk provided some serious answers. (And his final comment ended with "Great questions nk!!") But one Redditor suggested Musk's stranger answers were like a threat, along the lines of "Just wait. It will get way more bizarre than that. Let me finish my whiskey."
Musk replied, "How did you know? I am actually drinking whiskey right now. Really."Read Replies (0)
By EditorDavid from Slashdot's fob-fails department
An anonymous reader writes:
Tom Wimmenhove, a Dutch electronics designer, has discovered a flaw in the key fob system used by several Subaru models, a vulnerability the vendor has not patched and could be abused to hijack cars. The issue is that key fobs for some Subaru cars use sequential codes for locking and unlocking the vehicle, and other operations. These codes -- called rolling codes or hopping code -- should be random, in order to avoid situations when an attacker discovers their sequence and uses the flaw to hijack cars. This is exactly what Wimmenhove did. He created a device that sniffs the code, computes the next rolling code and uses it to unlock cars...
The researcher said he reached out to Subaru about his findings. "I did [reach out]. I told them about the vulnerability and shared my code with them," Wimmenhove told BleepingComputer. "They referred me to their 'partnership' page and asked me to fill in a questionnaire. It didn't seem like they really cared and I haven't heard back from them."
His Subaru-cracking feat -- documented in a video -- was accomplished using a $25 Raspberry Pi B+ and two dongles, one for wifi ($2) and one for a TV ($8), plus a $1 antenna and a $1 MCX-to-SMA convertor.Read Replies (0)
By EditorDavid from Slashdot's broken-ATMs department
schwit1 quotes the Mises Institue: When Hurricane Maria knocked out power in Puerto Rico, residents there realized they were going to need physical cash — and a lot of it. Bloomberg reported that the Fed was forced to fly a planeload of cash to the Island to help avert disaster. "William Dudley, the New York Fed president, put the word out within minutes, and ultimately a jet loaded with an undisclosed amount of cash landed on the stricken island. [Business executives in Puerto Rico] described corporate clients' urgent requests for hundreds of thousands in cash to meet payrolls, and the challenge of finding enough armored cars to satisfy endless demand at ATMs... As early as the day after the storm, the Fed began working to get money onto the island."
For a time, unless one had a hoard of cash stored up in ones home, it was impossible to get cash at all. 85 percent of Puerto Rico is still without power... Bloomberg continues: "When some generator-powered ATMs finally opened, lines stretched hours long, with people camping out in beach chairs and holding umbrellas against the sun." In an earlier article from September 25, Bloomberg noted how, without cash, necessities were simply unavailable: "Cash only," said Abraham Lebron, the store manager standing guard at Supermax, a supermarket in San Juan's Plaza de las Armas. He was in a well-policed area, but admitted feeling like a sitting duck with so many bills on hand. "The system is down, so we can't process the cards. It's tough, but one finds a way to make it work."Read Replies (0)
By EditorDavid from Slashdot's fighting-over-phishing department
An anonymous reader quotes Computerworld:Microsoft's Edge easily beat rival browsers from Google and Mozilla in third-party tests of the behind-the-scenes services which power anti-malware warnings and malicious website-blocking... NSS Labs says Windows 10's default browser is better at blocking phishing and socially-engineered malware attacks than Google Chrome or Mozilla Firefox... According to NSS Labs of Austin, Texas, Edge automatically blocked 92% of all in-browser credential phishing attempts and stymied 100% of all socially-engineered malware (SEM) attacks. The latter encompassed a wide range of attacks, but their common characteristic was that they tried to trick users into downloading malicious code. The tactics that SEM attackers deploy include links from social media, such as Facebook and Twitter, and bogus in-browser notifications of computer infections or other problems.
Edge bested Chrome and Firefox by decisive margins. For instance, Chrome blocked 74% of all phishing attacks, and 88% of SEM attacks. Meanwhile, Firefox came in third in both tests, stopping just 61% of the phishing attacks and 70% of all SEM attempts... Both Chrome and Mozilla's Firefox rely on the Safe Browsing API (application programing interface), but historically, Mozilla's implementation has performed poorly compared to Google's. No shock: Google created the API. Edge also took top prize in blocking attacks from the get-go. In NSS's SEM attack testing, for example, the Microsoft browser stopped nearly every attempt from the first moments a new attack was detected. Chrome and Firefox, on the other hand, halted 75% and 54% of the brand-new attacks, respectively. Over a week's time, Chrome and Firefox improved their blocking scores, although neither reached Edge's impressive 99.8%.
< article continued at Slashdot's fighting-over-phishing department
>Read Replies (0)