By BeauHD from Slashdot's bug-bounty department
The Model 3 will be entered into Pwn2Own this year, the first time a car has been included in the annual high-profile hacking contest. The prize for the winning security researchers: a Model 3. TechCrunch reports: Pwn2Own, which is in its 12th year and run by Trend Micro's Zero Day Initiative, is known as one of the industry's toughest hacking contests. ZDI has awarded more than $4 million over the lifetime of the program. Pwn2Own's spring vulnerability research competition, Pwn2Own Vancouver, will be held March 20 to 22 and will feature five categories, including web browsers, virtualization software, enterprise applications, server-side software and the new automotive category. The targets, chosen by ZDI, include software products from Apple, Google, Microsoft, Mozilla, Oracle and VMware. And, of course, Tesla . Pwn2Own is run in conjunction with the CanSec West conference. There will be "more than $900,000 worth of prizes available for attacks that subvert a variety of [the Model 3's] onboard systems," reports Ars Technica. "The biggest prize will be $250,000 for hacks that execute code on the car's getaway, autopilot, or VCSEC." "A gateway is the central hub that interconnects the car's powertrain, chassis, and other components and processes the data they send. The autopilot is a driver assistant feature that helps control lane changing, parking, and other driving functions. Short for Vehicle Controller Secondary, VCSEC is responsible for security functions, including the alarm."Read Replies (0)
By BeauHD from Slashdot's insider-trading department
Federal prosecutors unveiled charges in an international stock-trading scheme that involved hacking into the Securities and Exchange Commission's EDGAR corporate filing system. "The scheme allegedly netted $4.1 million for fraudsters from the U.S., Russia and Ukraine," reports CNBC. "Using 157 corporate earnings announcements, the group was able to execute trades on material nonpublic information. Most of those filings were 'test filings,' which corporations upload to the SEC's website." From the report: The scheme involves seven individuals and operated from May to at least October 2016. Prosecutors said the traders were part of the same group that previously hacked into newswire services. Carpenito, in a press conference Tuesday, said the thefts included thousands of valuable, private business documents. "After hacking into the EDGAR system they stole drafts of [these] reports before the information was disseminated to the general public," he said.
Those documents included quarterly earnings, mergers and acquisitions plans and other sensitive news, and the criminals were able to view it before it was released as a public filing, thus affecting the individual companies' stock prices. The alleged hackers executed trades on the reports and also sold them to other illicit traders. One inside trader made $270,000 in a single day, according to Carpenito. The hackers used malicious software sent via email to SEC employees. Then, after planting the software on the SEC computers, they sent the information they were able to gather from the EDGAR system to servers in Lithuania, where they either used it or distributed the data to other criminals, Carpenito said.Read Replies (0)
By BeauHD from Slashdot's privacy-first department
Search engine DuckDuckGo now displays location information from Apple Maps in its search results. "DuckDuckGo now uses Apple Maps both for small maps in location-related search results and for larger, interactive search results that appear in a separate maps tab," reports CNET. "That replaces a combination including MapBox, OpenStreetMap and homegrown technology." From the report: The top reason DuckDuckGo argues you should try it is that it doesn't keep any personal information on you and what you searched for, unlike search leader Google. That dovetails nicely with Apple's sustained push to improve online privacy. But maintaining your privacy can be tough when you're looking for location-related information. DuckDuckGo says it's struck a balance, though. It doesn't send personally identifiable information such as your computer's Internet Protocol network address, to Apple or other third parties, DuckDuckGo said. "For local searches, where your approximate location information is sent by your browser to us, we discard it immediately after use," the company added.Read Replies (0)
By BeauHD from Slashdot's contrary-to-popular-belief department
An anonymous reader quotes a report from Ars Technica: There have long been anecdotal reports that the eyes of the Mona Lisa -- Renaissance artist Leonardo da Vinci's most famous painting -- sometimes seem to follow viewers as they move around the artwork. The phenomenon is even called the "Mona Lisa effect" because of it. But a new study published in the journal i-Perception found that she's really "looking" to the right-hand side of her audience. "There is no doubt about the existence of the Mona Lisa effect," the authors wrote. "It just does not occur with the Mona Lisa herself."
This was a small study, with just 24 subjects. All were asked to look at a high-resolution recreation of the Mona Lisa on a computer monitor, with a folding ruler placed between them and the screen to track viewing distance. Subjects would signal where they perceived Mona Lisa's gaze met the ruler. The researchers sampled 15 sections of the famous portrait, ranging from the Mona Lisa's full head to just her eyes and nose, and they showed subjects each image three times in random order. They also changed the ruler's distance from the monitor halfway through the sessions. Based on the more than 2,000 individual assessments, they found no evidence of the Mona Lisa effect with Leonardo's masterpiece. "We demonstrated that Mona Lisa gazes to her left-hand side [the viewer's right] from about 35.5 cm inside pictorial space, and 14.4 degrees to the viewer's right-hand side in real space," the authors wrote. "Thus, Mona Lisa does not fulfill the premise of the Mona Lisa effect. She does not gaze at the viewer."Read Replies (0)
By BeauHD from Slashdot's beauty-is-in-the-eye-of-the-beholder department
"Motherboard spoke to the Barcelona Supercomputing Center about how it outfitted a deconsecrated 19th century chapel to host the MareNostrum 4 -- the 25th most powerful supercomputer in the world," writes Slashdot reader dmoberhaus. From the report: Heralded as the "most beautiful data center in the world," the MareNostrum supercomputer came online in 2005, but was originally hosted in a different building at the university. Meaning "our sea" in Latin, the original MareNostrum was capable of performing 42.35 teraflops -- 42.35 trillion operations per second -- making it one of the most powerful supercomputers in Europe at the time. Yet the MareNostrum rightly became known for its aesthetics as much as its computing power. According to Gemma Maspoch, head of communications for Barcelona Supercomputing Center, which oversees the MareNostrum facility, the decision to place the computer in a giant glass box inside a chapel was ultimately for practical reasons.
"We were in need of hundreds of square meters without columns and the capacity to support 44.5 tons of weight," Maspoch told me in an email. "At the time there was not much available space at the university and the only room that satisfied our requirements was the Torre Girona chapel. We did not doubt it for a moment and we installed a supercomputer in it." According to Maspoch, the chapel required relatively few modifications to host the supercomputer, such as reinforcing the soil around the church so that it would hold the computer's weight and designing a glass box that would house the computer and help cool it. The supercomputer has been beefed up over the years. Most recently, the fourth iteration came online in 2017 "with a peak computing capacity of 11 thousand trillion operations per second (11.15 petaflops)," reports Motherboard. "MareNostrum 4 is spread over 48 server racks comprising a total of 3,456 nodes. A node consists of two Intel chips, each of which has 24 processors."Read Replies (0)
By BeauHD from Slashdot's can't-make-up-their-mind department
An anonymous reader quotes a report from Bloomberg: The U.S. Justice Department's decision that all internet gambling is illegal will cast a pall on the industry as businesses and state lotteries evaluate the implications of the change and the government's plans to enforce it. The U.S. now says federal law bars all internet gambling, reversing its position from 2011 that only sports betting is prohibited under a law passed 50 years earlier. Although the federal law specifically prohibits transmission of wagers and related information across state lines, the Justice Department's new interpretation will impact all online gambling because as a practical matter it's difficult to guarantee that no payments are routed through other states, said Aaron Swerdlow, an attorney with Glaser Weil Fink Howard Avchen & Shapiro LLP in Los Angeles.
The reversal was prompted by the department's criminal division, which prosecutes illegal gambling. The opinion issued about seven years ago that the 1961 Wire Act only banned sports gambling was a misinterpretation of the statute, according to a 23-page opinion by the department's Office of Legal Counsel dated Nov. 2 and made public Monday. The new reading of the law probably will be tested in the courts as judges may entertain challenges to the government's view of the law's scope, the Justice Department said. It may also affect states that began selling lottery tickets online after the 2011 opinion, as well as casinos that offer online gambling. In contrast, the Supreme Court last May "cleared the way [...] for states to legalize sports betting, striking down a 1992 federal law that had prohibited most states from authorizing sports betting."Read Replies (0)
By msmash from Slashdot's closer-look department
Joshua S. Goldstein, a professor emeritus of international relations at American University, and Staffan A. Qvist, an energy engineer and consultant, writing for The Wall Street Journal: Climate scientists tell us that the world must drastically cut its fossil fuel use in the next 30 years to stave off a potentially catastrophic tipping point for the planet. Confronting this challenge is a moral issue, but it's also a math problem -- and a big part of the solution has to be nuclear power. Today, more than 80% of the world's energy comes from fossil fuels, which are used to generate electricity, to heat buildings and to power car and airplane engines. Worse for the planet, the consumption of fossil fuels is growing quickly as poorer countries climb out of poverty and increase their energy use. Improving energy efficiency can reduce some of the burden, but it's not nearly enough to offset growing demand.
Any serious effort to decarbonize the world economy will require, then, a great deal more clean energy, on the order of 100 trillion kilowatt-hours per year, by our calculations -- roughly equivalent to today's entire annual fossil-fuel usage. A key variable is speed. To reach the target within three decades, the world would have to add about 3.3 trillion more kilowatt-hours of clean energy every year. Solar and wind power alone can't scale up fast enough to generate the vast amounts of electricity that will be needed by midcentury, especially as we convert car engines and the like from fossil fuels to carbon-free energy sources. Even Germany's concerted recent effort to add renewables -- the most ambitious national effort so far -- was nowhere near fast enough. A global increase in renewables at a rate matching Germany's peak success would add about 0.7 trillion kilowatt-hours of clean electricity every year. That's just over a fifth of the necessary 3.3 trillion annual target.Read Replies (0)
By msmash from Slashdot's closer-look department
H. Peter Soyer, Professor of Dermatology, and Katie Lee, Research assistant at The University of Queensland, write: There's a lot to be said for sunshine -- both good and bad. It's our main source of vitamin D, which is essential for bone and muscle health. Populations with higher levels of sun exposure also have better blood pressure and mood levels, and fewer autoimmune diseases such as multiple sclerosis. On the other hand, excess UV exposure is estimated to contribute to 95% of melanomas and 99% of non-melanoma skin cancers. These skin cancers account for a whopping 80% of all new cancers each year in Australia.
Like any medicine, the dose counts. And in Australia, particularly in the summer, our dose of UV is so high that even short incidental exposures -- like while you hang out the washing or walk from your carpark into the shops -- adds up to huge lifetime doses. Fortunately, when it comes to tanning, the advice is clear: don't. A UV dose that's high enough to induce a tan is already much higher than the dose needed for vitamin D production. A four-year-long study of 1,113 people in Nambour, Queensland, found no difference in vitamin D levels between sunscreen users and sunscreen avoiders. Further reading: Is Sunscreen the New Margarine?Read Replies (0)
By msmash from Slashdot's tussle-continues department
Huawei would never allow China's government to access customer data, even if Beijing requested it, the CEO and founder of the company repeatedly emphasized Tuesday, amid continued political pressure on the Chinese technology giant. From a report: In a rare sit down with international media, Ren Zhengfei addressed concerns raised by the U.S. government, which has warned that the company's equipment could allow the Chinese government to have a backdoor into a nation's telecommunications network. Ren, speaking Mandarin and using a company-provided translator, told the group that Huawei has never handed data to Beijing. "When it comes to cybersecurity and privacy protection we are committed to be sided with our customers. We will never harm any nation or any individual," Ren told the journalists assembled at Huawei's headquarters in Shenzhen, China.
"China's ministry of foreign affairs has officially clarified that no law in China requires any company to install mandatory back doors. Huawei and me personally have never received any request from any government to provide improper information," Ren added. [...] But Ren actually praised the U.S. president. "For President Trump as a person, I still believe he is a great president," he said. "In the sense that he was bold to slash taxes. And I think that's conducive for the development of industries in the United States."Read Replies (0)