By msmash from Slashdot's closer-look department
Criminal hackers continue to exploit a feature in Autodesk's widely used AutoCAD program in an attempt to steal valuable computer-assisted designs for bridges, factory buildings, and other projects, researchers say. From a report: The attacks arrive in spear-phishing emails and in some cases postal packages that contain design documents and plans. Included in the same directory are camouflaged files formatted in AutoLISP, an AutoCAD-specific dialect of the LISP programming language. When targets open the design document, they may inadvertently cause the AutoLISP file to be executed. While modern versions of AutoCAD by default display a warning that a potentially unsafe script will run, the warnings can be disregarded or suppressed altogether. To make the files less conspicuous, the attackers have set their properties to be hidden in Windows and their contents to be encrypted.
The attacks aren't new. Similar ones occurred as long ago as 2005, before AutoCAD provided the same set of robust defenses against targeted malware it does now. The attacks continued to go strong in 2009. A specific campaign recently spotted by security firm Forcepoint was active as recently as this year and has been active since at least 2014, an indication that malware targeting blueprints isn't going away any time soon. [...] Forcepoint said it has tracked more than 200 data sets and about 40 unique malicious modules, including one that purported to include a design for Hong Kongâ(TM)s Zhuhai-Macau Bridge.Read Replies (0)
By msmash from Slashdot's state-of-things department
Erik Wemple, writing for The Washington Post: According to informed sources, Bloomberg has continued reporting the blockbuster story that it broke on Oct. 4, including a very recent round of inquiries from a Bloomberg News/Bloomberg Businessweek investigative reporter. In emails to employees at Apple, Bloomberg's Ben Elgin has requested "discreet" input on the alleged hack. "My colleagues' story from last month (Super Micro) has sparked a lot of pushback," Elgin wrote on Nov. 19 to one Apple employee. "I've been asked to join the research effort here to do more digging on this ... and I would value hearing your thoughts (whatever they may be) and guidance, as I get my bearings."
One person who spoke with Elgin told the Erik Wemple Blog that the Bloomberg reporter made clear that he wasn't part of the reporting team that produced "The Big Hack." The goal of this effort, Elgin told the potential source, was to get to "ground truth"; if Elgin heard from 10 or so sources that "The Big Hack" was itself a piece of hackery, he would send that message up his chain of command. The potential source told Elgin that the denials of "The Big Hack" were "100 percent right."
According to the potential source, Elgin also asked about the possibility that Peter Ziatek, senior director of information security at Apple, had written a report regarding a hardware hack affecting Apple. In an interview with the Erik Wemple Blog, Ziatek says that he'd never written that report, nor is he aware of such a document. Following the publication of Bloomberg's story, Apple conducted what it calls a "secondary" investigation surrounding its awareness of events along the lines of what was alleged in "The Big Hack." That investigation included a full pat-down of Ziatek's own electronic communications. It found nothing to corroborate the claims in the Bloomberg story, according to Ziatek.Read Replies (0)
By msmash from Slashdot's closer-look department
Millennials, long presumed to have less interest in the nonstop consumption of goods that underpins the American economy, might not be that different after all, a new study from the Federal Reserve says. From a report: Their spending habits are a lot like the generations that came before them, they just have less money at this point in their lives, the Fed study found. The group born between 1981 and 1997 has fallen behind because many of them came of age during the financial crisis. "We find little evidence that millennial households have tastes and preference for consumption that are lower than those of earlier generations, once the effects of age, income, and a wide range of demographic characteristics are taken into account," wrote authors Christopher Kurz, Geng Li and Daniel J. Vine.
Their findings [PDF] are grounded in an analysis of spending, income, debt, net worth, and demographic factors among different generations. The conclusion that millennials aren't all that different also holds for the researchers' more granular examination of expenditures on cars, food, and housing. "It primarily is the differences in average age and then differences in average income that explain a large and important portion of the consumption wedge between millennials and other cohorts," they conclude. So much for the young folks favoring "experiences" over tangible goods.Read Replies (0)
By msmash from Slashdot's catch-me-if-you-can department
In India, a hub for tech support centers, a rise in scams forced Microsoft and the police to take action. From a report: You know the messages. They pop up on your computer screen with ominous warnings like, "Your computer has been infected with a virus. Call our toll-free number immediately for help." Often they look like alerts from Microsoft, Apple or Symantec. Sometimes the warning comes in a phone call. Most people ignore these entreaties, which are invariably scams. But one in five recipients actually talks to the fake tech-support centers, and 6 percent ultimately pay the operators to "fix" the nonexistent problem, according to recent consumer surveys by Microsoft.
Law enforcement authorities, working with Microsoft, have now traced many of these boiler rooms to New Delhi, India's capital and a hub of the global call-center industry. On Tuesday and Wednesday, police from two Delhi suburbs raided 16 fake tech-support centers and arrested about three dozen people. Last month, the Delhi authorities arrested 24 people in similar raids on 10 call centers. In Gautam Budh Nagar, one of the suburbs, 50 police officers swept into eight centers on Tuesday night. Ajay Pal Sharma, the senior superintendent of police there, said the scammers had extracted money from thousands of victims, most of whom were American or Canadian.Read Replies (0)
By msmash from Slashdot's sneaky department
Unwanted gifts arrive after friends click on promotions tucked into wish lists. From a report: Kima Nieves recently received two Aveeno bath-time sets and a box of Huggies diapers through her baby registry on Amazon. The only problem? The new mother didn't ask for the products, or even want them. Instead, Johnson & Johnson and Kimberly-Clark each paid Amazon.com hefty sums to place those sponsored products onto Ms. Nieves's and other consumers' baby registries. The ads look identical to the rest of the listed products in the registry, except for a small gray "Sponsored" tag. Unsuspecting friends and family clicked on the ads and purchased the items, assuming Ms. Nieves had chosen them. "Very sneaky," said the 28-year-old health-care analyst from Fredericksburg, Va. "That's friends' and family's money going somewhere we didn't approve of."
Amazon in recent years has charged into advertising, building the third-largest digital ad business in the U.S. after Alphabet's Google and Facebook, according to eMarketer. Its ad revenue is on pace to double this year, to $5.8 billion, eMarketer estimates. As Amazon has monetized more space on its website, shoppers are increasingly encountering sponsored ads. Amazon is "starting to see how far they can push things," said Harry Brignull, a U.K.-based consultant who specializes in spotting web-design tactics that get people to click on something. Amazon's sponsored ads have appeared in its baby registries for more than a year. Responding to a Wall Street Journal inquiry about the ads, an Amazon spokeswoman declined to comment on criticism that the ads are deceptive, but said the retailer is now phasing out the sponsored listings. "We're constantly experimenting with new ways to improve the shopping experiences for customers," she said.Read Replies (0)
How Restaurants Got So Loud
Posted by News Fetcher on November 29 '18 at 06:42 AM
By msmash from Slashdot's closer-look department
An anonymous reader shares a report: Other sounds that reach 70 decibels include freeway noise, an alarm clock, and a sewing machine. But it's still quiet for a restaurant. Others I visited in Baltimore and New York City while researching this story were even louder: 80 decibels in a dimly lit wine bar at dinnertime; 86 decibels at a high-end food court during brunch; 90 decibels at a brewpub in a rehabbed fire station during Friday happy hour. Restaurants are so loud because architects don't design them to be quiet. Much of this shift in design boils down to changing conceptions of what makes a space seem upscale or luxurious, as well as evolving trends in food service. Right now, high-end surfaces connote luxury, such as the slate and wood of restaurants including The Osprey in Brooklyn or Atomix in Manhattan.
This trend is not limited to New York. According to Architectural Digest, mid-century modern and minimalism are both here to stay. That means sparse, modern decor; high, exposed ceilings; and almost no soft goods, such as curtains, upholstery, or carpets. These design features are a feast for the eyes, but a nightmare for the ears. No soft goods and tall ceilings mean nothing is absorbing sound energy, and a room full of hard surfaces serves as a big sonic mirror, reflecting sound around the room. The result is a loud space that renders speech unintelligible. Now that it's so commonplace, the din of a loud restaurant is unavoidable. That's bad for your health -- and worse for the staff who works there. But it also degrades the thing that eating out is meant to culture: a shared social experience that rejuvenates, rather than harms, its participants.Read Replies (0)
By BeauHD from Slashdot's what-are-you-trying-to-hide department
An anonymous reader quotes a report from Ars Technica: Earlier this year, a federal judge in Fresno, California, denied prosecutors' efforts to compel Facebook to help it wiretap Messenger voice calls. But the precise legal arguments that the government made, and that the judge ultimately rejected, are still sealed. On Wednesday, the American Civil Liberties Union formally asked the judge to unseal court dockets and related rulings associated with this ongoing case involving alleged MS-13 gang members. ACLU lawyers argue that such a little-charted area of the law must be made public so that tech companies and the public can fully know what's going on.
In their new filing, ACLU lawyers pointed out that "neither the government's legal arguments nor the judge's legal basis for rejecting the government motion has ever been made public." The attorneys continued, citing a "strong public interest in knowing which law has been interpreted" and referencing an op-ed published on Ars on October 2 as an example. The ACLU argued that the case is reminiscent of the so-called "FBI v. Apple" legal showdown -- whose docket and related filings were public -- where the government made novel arguments in an attempt to crack the encryption on a seized iPhone. Those legal questions were never resolved, as the government said the day before a scheduled hearing that it had found a company to assist in its efforts. "Moreover, the sealing of the docket sheet in this case impermissibly prevents the public from knowing anything about the actions of both the judiciary and the executive in navigating a novel legal issue, which has the potential to reoccur in the future," the ACLU's attorneys continued.
< article continued at Slashdot's what-are-you-trying-to-hide department
>Read Replies (0)
By BeauHD from Slashdot's click-of-a-button department
An anonymous reader quotes a report from Phys.Org: Hydrogels are physical and chemical polymer networks capable of retaining large quantities of liquid in aqueous conditions without losing their dimensional stability. They are used in a whole host of applications, and in combination with other components and they acquire specific properties such as electrical conductivity. The Materials + Technology research group in the Department of Chemical Engineering and Environment of the UPV/EHU's Faculty of Engineering selected a biopolymer that had not previously been used for applications of this type: starch. They created the hydrogel for use in neural interfaces. "Due to the fact that electrodes of neural interfaces made of platinum or gold are rigid, they require conductive polymer coatings to bring their flexibility closer to that of neural tissue. Right now, however, smaller devices are required that offer better mechanical, electrical and biological properties," explained the researcher.
The hydrogels "address these demands very well." To provide the hydrogel with electrical conductivity, they used graphene. "It provides electrical properties that are highly suited to the hydrogel, but this also has a drawback: It is not easily stabilized in water. We used extracts of salvia to overcome this obstacle and to render the graphene stable in an aqueous medium. These extracts also make the hydrogel even more suitable, if that is possible, for use in medicine as it also has antimicrobial and anti-inflammatory properties." The researchers used "click chemistry" to produce the hydrogel. "Unlike other means of synthesis, click chemistry does not tend to use catalysts in the reactions; in addition, no by-products are generated and they are high-performance reactions."Read Replies (0)
By BeauHD from Slashdot's justice-served department
Two Iranian officials have been indicted by U.S. federal prosecutors for creating and deploying the notorious SamSam ransomware, which exploits a deserialization vulnerability in Java-based servers. TechCrunch reports: Faramarz Shahi Savandi, 34, and Mohammad Mehdi Shah Mansouri, 27, were indicted by a federal grand jury in New Jersey on Monday on several counts of computer hacking and fraud charges. The case was unsealed Wednesday, shortly before a press conference announcing the charges by U.S. deputy attorney general Rod Rosenstein. In total, SamSam has generated some $6 million in proceeds to date -- or 1,430 bitcoin at today's value. In a separate announcement, the Treasury said it had imposed sanctions against two bitcoin addresses associated with the ransomware. The department said the two addresses processed more than 7,000 transactions used to collect ransom demands from victims. "The Iranian defendants allegedly used hacking and malware to cause more than $30 million in losses to more than 200 victims," said Rosenstein. "According to the indictment, the hackers infiltrated computer systems in ten states and Canada and then demanded payment. The criminal activity harmed state agencies, city governments, hospitals, and countless innocent victims." One of the victims was the City of Atlanta, which was knocked offline earlier this year and spent a projected $2.6 million in recovery. "It was later discovered that the city's computers had long been vulnerable to leaked exploits developed by the National Security Agency -- later stolen and leaked online for anyone to use," reports TechCrunch.Read Replies (0)
By BeauHD from Slashdot's mind-games department
An anonymous reader quotes a report from The New York Times: After three weeks, 12 straight draws and a day of tiebreakers, Norway's Magnus Carlsen finally retained the world chess championship in London on Wednesday with a victory against Fabiano Caruana (Warning: source may be paywalled; alternative source), his American challenger. Carlsen's victory came in what amounted to sudden-death chess: a scheduled series of four so-called rapid games in which the players started with 25 minutes to make their moves. The speedier pace of the games, after the far more deliberate matchups of the previous three weeks, meant players were more likely to make blunders. And that increased the chance of a victory by one player. Carlsen won the first two games, then closed out Caruana in Game 3.
Caruana, 26, was bidding to become the first American champion since Bobby Fischer beat Boris Spassky to win the world title in 1972. The famously cantankerous Fischer forfeited his title in 1975 amid a dispute with the world chess federation, and the sport has been dominated by Russians and Eastern Europeans in the decades since then. The tiebreaker result was not a shock. While Carlsen, 27, and Caruana, 26, are closely matched in longer conventional chess games, known as classical chess, Carlsen had been considered the favorite in the tiebreaker because he has had better rapid chess results than Caruana. "It was the first time in the history of the world championship, which dates to the 1800s, that regulation play ended with every game a draw," the report notes.Read Replies (0)
By msmash from Slashdot's about-time department
The Federal Trade Commission this week agreed to investigate video game loot boxes, accepting an official request by Senator Maggie Hassan. In a Congressional oversight committee hearing yesterday, FTC chairman Joe Simons affirmed Sen. Hassan's request that loot boxes be investigated. From a report: During her turn to ask questions at the hearing, Hassan cited a recent report by Great Britain's Gambling Commission that found 31% of children in the country had at one point or another paid money to open a loot box, a well as moves by Belgium (which prompted Square Enix to pull three mobile games from the country), Japan, and other countries to limit how loot boxes can be used in games. "Given the seriousness of this issue, I think it is in fact time for the FTC to investigate these mechanisms to ensure that children are being adequately protected and to educate parents about potential addiction or other negative impacts of these games," Hassan said. "Would you commit to undertaking this project and keeping this committee informed about it?" In response, Simons said "yes," but declined to go into any more detail about the FTC's current position on loot boxes and whether they constitute a form of gambling. Despite vocal criticism from Hassan and a few others on the topic, regulators have not been jumping to get involved in the debate.Read Replies (0)
By msmash from Slashdot's busy-day-at-amazon department
Amazon Web Services announced a slew of new or updated offerings at its cloud-computing conference in Las Vegas, seeking to maintain its lead in the market for internet-based computing. Following is a rundown.
Amazon Elastic Inference is a new service that lets customers attach GPU-powered inference acceleration to any Amazon EC2 instance and reduces deep learning costs by up to 75 percent. From a report: "What we see typically is that the average utilization of these P3 instances GPUs are about 10 to 30 percent, which is pretty wasteful with elastic inference. You don't have to waste all that costs and all that GPU," AWS chief executive Andy Jassy said onstage at the AWS re:Invent conference earlier today. "[Amazon Elastic Inference] is a pretty significant game changer in being able to run inference much more cost-effectively."
While the majority of workloads in the cloud are Linux-based, Amazon Web Services (AWS) CEO Andy Jassy said he is well aware that Windows is still significant, and as a result his company launched a new fully managed Windows file system built on native Windows file servers. From a report: "What we were hoping to do was make this Windows file system work as part of EFS -- would have been much easier for us to layer on another file system ... because it's much easier if you're trying to build a business at scale," he explained. However, he said customers wanted a native Windows file system and they "weren't being flexible." "So we changed our approach," he continued.
< article continued at Slashdot's busy-day-at-amazon department
>Read Replies (0)
By msmash from Slashdot's moving-forward department
Zorro shares a report: Silicon Valley researchers are attacking flying bloodsuckers in California's Fresno County. It's the first salvo in an unlikely war for Google parent Alphabet: eradicating mosquito-borne diseases around the world. A white high-top Mercedes van winds its way through the suburban sprawl and strip malls as a swarm of male Aedes aegypti mosquitoes shoot out of a black plastic tube on the passenger-side window. These pests are tiny and, with a wingspan of just a few millimeters, all but invisible. "You hear that little beating sound?" says Kathleen Parkes, a spokesperson for Verily Life Sciences, a unit of Alphabet. She's trailing the van in her car, the windows down. "Like a duh-duh-duh? That's the release of the mosquitoes."
Jacob Crawford, a Verily senior scientist riding with Parkes, begins describing a mosquito-control technique with dazzling potential. These particular vermin, he explains, were bred in the ultra-high-tech surroundings of Verily's automated mosquito rearing system, 200 miles away in South San Francisco. They were infected with Wolbachia, a common bacterium. When those 80,000 lab-bred Wolbachia-infected, male mosquitoes mate with their counterpart females in the wild, the result is stealth annihilation: the offspring never hatch. Better make that 79,999. "One just hit the windshield," says Crawford. Mosquito-borne disease eradication is serious stuff for Alphabet, though it is just one of many of the company's forays into health care and life sciences.Read Replies (0)