By EditorDavid from Slashdot's Def-Con-demos department
"We can now hack the monitor and you shouldn't have blind trust in those pixels coming out of your monitor..." a security researcher tells Motherboard. "If you have a monitor, chances are your monitor is affected." An anonymous Slashdot reader quotes Motherboard's article:
if a hacker can get you to visit a malicious website or click on a phishing link, they can then target the monitor's embedded computer, specifically its firmware...the computer that controls the menu to change brightness and other simple settings on the monitor. The hacker can then put an implant there programmed to wait...for commands sent over by a blinking pixel, which could be included in any video or a website. Essentially, that pixel is uploading code to the monitor. At that point, the hacker can mess with your monitor...
[T]his could be used to both spy on you, but also show you stuff that's actually not there. A scenario where that could dangerous is if hackers mess with the monitor displaying controls for a power plant, perhaps faking an emergency. The researchers warn that this is an issue that could potentially affect one billion monitors, given that the most common brands all have processors that are vulnerable...
"We now live in a world where you can't trust your monitor," one researcher told Motherboard, which added "we shouldn't consider monitors as untouchable, unhackable things."Read Replies (0)
By EditorDavid from Slashdot's rethinking-research department
Slashdot reader sciencehabit quotes an article from Science magazine: The National Institutes of Health announced that the agency soon expects to lift a moratorium on funding for controversial experiments that add human stem cells to animal embryos, creating an organism that is part animal, part human. Instead, these so-called chimera studies will undergo an extra layer of ethical review but may ultimately be allowed to proceed. Although scientists who support such research welcomed the move, some were left trying to parse exactly what the draft policy will mean. It is "a step in the right direction," says Sean Wu, a stem cell researcher at Stanford University in Palo Alto, California, who co-authored a letter to Science last year opposing the moratorium. But "we still don't know what the outcome will be case by case," he adds. However, some see the proposal as opening up research in some areas that had been potentially off-limits. Experiments could include using animals to grow human organs for transplants, although according to the article, some scientists "worry that the experiments could produce, say, a supersmart mouse."Read Replies (0)
By EditorDavid from Slashdot's invisible-targets department
An anonymous reader quotes a report from the Air Force Times: The F-35 Lightning II is so stealthy, pilots are facing an unusual challenge. They're having difficulty participating in some types of training exercises, a squadron commander told reporters Wednesday. During a recent exercise at Mountain Home Air Force Base, Idaho, F-35 squadrons wanted to practice evading surface-to-air threats. There was just one problem: No one on the ground could track the plane. 'If they never saw us, they couldn't target us,' said Lt. Col. George Watkins, the commander of the 34th Fighter Squadron at Hill Air Force Base, Utah. The F-35s resorted to flipping on their transponders, used for FAA identification, so that simulated anti-air weapons could track the planes, Watkins said.Read Replies (0)
By EditorDavid from Slashdot's 127.0.0.1 department
"A pair of security researchers recently uncovered a Nigerian scammer ring that they say operates a new kind of attack...after a few of its members accidentally infected themselves with their own malware," reports IEEE Spectrum. "Over the past several months, they've watched from a virtual front row seat as members used this technique to steal hundreds of thousands of dollars from small and medium-sized businesses worldwide." Wave723 writes: Nigerian scammers are becoming more sophisticated, moving on from former 'spoofing' attacks in which they impersonated a CEO's email from an external account. Now, they've begun to infiltrate employee email accounts to monitor financial transactions and slip in their own routing and account info...The researchers estimate this particular ring of criminals earns about US $3 million from the scheme. After they infected their own system, the scammers' malware uploaded screenshots and all of their keystrokes to an open web database, including their training sessions for future scammers and the re-routing of a $400,000 payment. Yet the scammers actually "appear to be 'family men' in their late 20s to 40s who are well-respected, church-going figures in their communities," according to the article. SecureWorks malware researcher Joe Stewart says the scammers are "increasing the economic potential of the region they're living in by doing this, and I think they feel somewhat of a duty to do this."Read Replies (0)
By EditorDavid from Slashdot's disappearing-act department
On September 1, "GhostMail will no longer provide secure email services unless you are an enterprise client," reports ZDNet. "According to the company, it is 'simply not worth the risk.'" GhostMail provided a free and anonymous "military encrypted" e-mail service based in Switzerland, and collected "as little metadata" as possible. But this week on its home page, GhostMail told its users "Since we started our project, the world has changed for the worse and we do not want to take the risk of supplying our extremely secure service to the wrong people... In general, we believe strongly in the right to privacy, but we have taken a strategic decision to only supply our platform and services to the enterprise segment."
GhostMail is referring their users to other free services like Protonmail as an alternative, but an anonymous Slashdot reader asks: What options does an average person have for non-NSA-spied-on email? I am sure there are still some Ghostmail competitors out there but I'm wondering if it's better to coax friends and family to use encryption within their given client (Gmail, Yahoo, Outlook, whatever...) And are there any options for hosting a "private" email service: inviting friends and family to use it and have it kind of hosted locally. Ghostmail-in-a-box or some such?Read Replies (0)
By EditorDavid from Slashdot's ticked-off department
An anonymous Slashdot reader writes: This week the Washington Post ran a long profile of Ahmed Mohamed, the 14-year-old boy whose home-made clock got him arrested after school officials and the local police mistook it for a bomb last summer. The Justice Department is currently investigating the incident -- while the school district is suing the Texas attorney general, and the boy's family is suing the school district. But Ahmed has just returned back to Texas, and spoke to the press -- including a local Fox news affiliate which later broadcast a commentary saying his family was obsessed with fame and plotted the arrest.
Over the last year Ahmed's read everything that appeared online about him, but never responds because he doesn't want to give in to anger. The Post writes that while some kids at school called him ISIS Boy, "Sympathetic crowdfunders raised $18,000 for his education. He visited the White House, the Google Science Fair and the president of his home country of Sudan (a wanted war criminal, but Mohamed said it would be rude not to accept the invitation)." Though he'd like to return to the U.S. someday for college, he's been living in Qatar, where a government organization paid for private schooling for him and his sister. But the Post says he still sometimes imagines what his life might've been like if the incident had never happened. "By now he could have invented something new -- not just a clock that only took him a few minutes to put together from parts in his family's garage, which was full of '90s-era electronics from when his uncle ran a chain called Beeper Warehouse."Read Replies (0)
By EditorDavid from Slashdot's lawyers-vs-law-breakers department
"A federal appellate court has ruled that government employees, such as Snowden, who signed privacy agreements can't profit from disclosing information without first obtaining agency approval," writes the conservative advocacy site Judicial Watch. Slashdot reader schwit1 quotes their article:
This would make it illegal to profit from his crimes and the Department of Justice should confiscate all money made by the violators. Snowden is no whistleblower. In fact he violated his secrecy agreement, which means he and his conspirators can't materially profit from his fugitive status, violation of law, aiding and abetting of a crime and providing material support to terrorism.
In addition, they argue that both an upcoming movie about Snowden by Oliver Stone and the 2014 documentary Citizenfour "may be in violation of the Anti-Terrorism Act, which forbids providing material support or resources for acts of international terrorism... It's bad enough that people are profiting from Snowden's treason, but adding salt to the wound, the Obama administration is doing nothing about it. "Read Replies (0)
By manishs from Slashdot's dude,-where's-my-car? department
John Timmer, writing for Ars Technica: Toward the end of last year, the people behind the Large Hadron Collider announced that they might have found signs of a new particle. Their evidence came from an analysis of the first high-energy data obtained after the LHC's two general-purpose detectors underwent an extensive upgrade. While the possible new particle didn't produce a signal that reached statistical significance, it did show up in both detectors, raising the hope that the LHC was finally on to some new physics. This week, those hopes have officially been dashed. Physicists used a conference to release their analysis of the flood of data that came out of this year's run. According to their data, the area of the apparent signal is filled by nothing but statistical noise. The search for new particles in data from the LHC starts with a calculation of the sorts of things we should expect to see at a given energy. The Standard Model, which describes particles and forces, can be used to make predictions of the frequency at which specific particles will pop out of collisions, as well as what those particles will decay into. So, for example, the Standard Model might indicate that two electrons should appear in five percent of the collisions that occur at a specific energy. Looking for new particles involves looking for deviations from those predictions.Read Replies (0)
By EditorDavid from Slashdot's 1991-called department
An anonymous reader quotes a report from CNN:
Twenty-five years ago, the first public website went live. It was a helpful guide to this new thing called the World Wide Web. The minimalist design featured black text with blue links on a white background. It's still online today if you'd like to click around and check out the frequently asked questions or geek out over the technical protocols.
Its original URL was info.cern.ch, where CERN is now also offering a line-mode browser simulator and more information about the birth of the web. CNN is also hosting screenshots of nine web "pioneers", including the Darwin Awards site, the original Yahoo, and the San Francisco FogCam, which claims to be the oldest webcam still in operation.
What are some of the first web sites that you remember reading? (Any greybeards remember when the Internet Movie Database was just a Usenet newsgroup where readers collaborated on a giant home-made list of movie credits?)Read Replies (0)
By EditorDavid from Slashdot's Greenland-vs-greenhouse-gases department
Slashdot reader sciencehabit quotes Science magazine: It sounds like something out of a James Bond movie: a secret military operation hidden beneath the Greenland Ice Sheet. But that's exactly what transpired at Camp Century during the Cold War. In 1959, the U.S. Army Corps of Engineers built the subterranean city under the guise of conducting polar research -- and scientists there did drill the first ice core ever used to study climate. But deep inside the frozen tunnels, the corps also explored the feasibility of Project Iceworm, a plan to store and launch hundreds of ballistic missiles from inside the ice. The military ultimately rejected the project, and the corps abandoned Camp Century in 1967. Engineers anticipated that the ice -- already a dozen meters thick -- would continue to accumulate in northwestern Greenland, permanently entombing what they left behind. Now, climate change has upended that assumption. New research suggests that as early as 2090, rates of ice loss at the site could exceed gains from new snowfall. And within a century after that, melting could begin to release waste stored at the camp, including sewage, diesel fuel, persistent organic pollutants like PCBs, and radiological waste from the camp's nuclear generator, which was removed during decommissioning.Read Replies (0)