By BeauHD from Slashdot's pubic-to-public department
An anonymous reader quotes a report from Ars Technica: A recent hack of eight poorly secured adult websites has exposed megabytes of personal data that could be damaging to the people who shared pictures and other highly intimate information on the online message boards. Included in the leaked file are (1) IP addresses that connected to the sites, (2) user passwords protected by a four-decade-old cryptographic scheme, (3) names, and (4) 1.2 million unique email addresses, although it's not clear how many of the addresses legitimately belonged to actual users.
Robert Angelini, the owner of wifelovers.com and the seven other breached sites, told Ars on Saturday morning that, in the 21 years they operated, fewer than 107,000 people posted to them. He said he didn't know how or why the almost 98-megabyte file contained more than 12 times that many email addresses, and he hasn't had time to examine a copy of the database that he received on Friday night. Still, three days after receiving notification of the hack, Angelini finally confirmed the breach and took down the sites on early Saturday morning. A notice on the just-shuttered sites warns users to change passwords on other sites, especially if they match the passwords used on the hacked sites. The affected sites "offer a variety of pictures that members say show their spouses," reports Ars. "It's not clear that all of the affected spouses gave their consent to have their intimate images made available online."Read Replies (0)
By msmash from Slashdot's captain-returns department
At Open Source Summit Europe in Edinburgh, Scotland, Linus Torvalds is meeting with Linux's top 40 or so developers at the Maintainers' Summit. This is his first step back in taking over Linux's reins. From a report: A little over a month ago, Torvalds has stepped back from running the Linux development community. Then, in a note to the Linux Kernel Mailing List (LKML), Torvalds has said, "I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely." To do, this he took time off "to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely. I am going to take time off and get some assistance on how to understand people's emotions and respond appropriately." That time is over. Torvalds is back. Whether he'll be a kinder and gentler Torvalds remains to be seen. In the Linux 4.19 announcement, Greg Kroah-Hartman, Linux's temporary leader and maintainer of the stable branch, wrote: "Linus, I'm handing the kernel tree back to you. You can have the joy of dealing with the merge window :)"Read Replies (0)
By BeauHD from Slashdot's lost-but-never-forgotten department
In an article published to the Wall Street Journal on Thursday, Bill Gates reflected on Microsoft co-founder Paul Allen's life and the impact Allen had on him. Paul Allen passed away last Monday from complications of non-Hodgkin's lymphoma at the age of 65. People Magazine reports: "I met Paul Allen when I was in 7th grade, and it changed my life, Gates wrote in the Journal. "I looked up to him right away. He was two years ahead of me in school, really tall, and proved to be a genius with computers... Eventually, we were spending just about all our free time messing around with any machine we could get our hands on." The two would often sneak off during late hours to use the computers at the University of Washington, something Gates said he wouldn't have had the nerve to do without Allen by his side.
Back then, Allen was able to foresee how powerful and essential computers would one day become. When Allen came across an issue of Popular Electronics that featured a powerful computer that was going to be released, he convinced Gates to join him in placing all of their focus into getting in on the computer industry before it took off without them. "That moment marked the end of my college career and the beginning of our new company, Microsoft," Gates recalled, adding that Allen's talents largely helped to make Microsoft successful at its inception. "As the first person I ever partnered with, Paul set a standard that few other people could meet. He had a wide-ranging mind and a special talent for explaining complicated subjects in a simple way." In closing, Gates wrote: "Paul was cooler than I was. He was really into Jimi Hendrix, and I remember him playing 'Are You Experienced?' for me. I wasn't experienced at much of anything back then, and Paul wanted to share this amazing music with me. That's the kind of person he was. He loved life and the people around him, and it showed."Read Replies (0)
By msmash from Slashdot's pushing-the-limits department
Two years ago, XPrize, which creates challenges that pit the brightest minds against one another, announced that it would give any startup or company $1 million that can turn thin air into water. This month, it announced that the challenge has been concluded. From a report: A new device that sits inside a shipping container can use clean energy to almost instantly bring clean drinking water anywhere -- the rooftop of an apartment building in Nairobi, a disaster zone after a hurricane in Manila, a rural village in Zimbabwe -- by pulling water from the air. The design, from the Skysource/Skywater Alliance, just won $1.5 million in the Water Abundance XPrize. The competition, which launched in 2016, asked designers to build a device that could extract at least 2,000 liters of water a day from the atmosphere (enough for the daily needs of around 100 people), use clean energy, and cost no more than 2 cents a liter. "We do a lot of first principles thinking at XPrize when we start designing these challenges," says Zenia Tata, who helped launch the prize and serves as chief impact officer of XPrize. Nearly 800 million people face water scarcity; other solutions, like desalination, are expensive. Freshwater is limited and exists in a closed system. But the atmosphere, the team realized, could be tapped as a resource. "At any given time, it holds 12 quadrillion gallons -- the number 12 with 19 zeros after it -- a very, very, big number," she says. The household needs for all 7 billion people on earth add up to only around 350 or 400 billion gallons. A handful of air-to-water devices already existed, but were fairly expensive to use. The new system, called WEDEW ("wood-to-energy deployed water") was created by combining two existing systems. One is a device called Skywater, a large box that mimics the way clouds are formed: It takes in warm air, which hits cold air and forms droplets of condensation that can be used as pure drinking water. The water is stored in a tank inside the shipping container, which can then be connected to a bottle refill station or a tap.Read Replies (0)
By BeauHD from Slashdot's strategically-sound department
Micron is planning to exercise a $1.5 billion option to buy Intel's 49% stake in the companies' IM Flash Technologies Joint Venture. "The option is exercisable on Jan. 1, 2019, and Micron says the deal will close six to 12 months after," reports TheStreet. From the report: In a statement, Intel suggests the timing of the deal's closing is at its discretion for up to a year after the option is exercised, while indicating it long expected Micron's decision. The companies have already made a pair of announcements this year that between them that signal the end of their age-old R&D partnership for developing non-volatile memory technologies. IMFT owns a manufacturing plant (fab) in Lehi, Utah that both produces NAND flash memory and is for now the sole manufacturer of 3D XPoint (pronounced 3D cross-point), a memory technology that Micron and Intel co-developed and announced to much fanfare in mid-2015. Intel, via its Optane product line, has a head-start on Micron in launching 3D XPoint-based products. However, Micron, via its QuantX brand, plans to launch its own 3D XPoint offerings in late 2019, using a second generation version of the technology.
< article continued at Slashdot's strategically-sound department
>Read Replies (0)
By msmash from Slashdot's outage-reports department
Github engineers are trying to repair the data storage system underpinning the code hosting website, which has been presenting users with a "What!?" error for much of the Sunday. From a report: Depending on where you are, you may have been working on some Sunday evening programming, or getting up to speed with work on a Monday morning, using resources on GitHub.com -- and possibly failing miserably as a result of the outage. From about 4pm US West Coast time on Sunday, the website has been stuttering and spluttering. Specifically, the site is still up and serving pages -- it's just intermittently serving out-of-date files, and ignoring submitted Gists, bug reports, and posts. Sometimes, it appears to be serving a read-only cache or older backup of itself, although some fresh code pushes are coming through onto the site. From the status page, it appears a data storage system died, forcing the platform's engineers to move the dot-com's files over to another box. In the meantime, some older versions of files and repos are being served to visitors and users. "We're continuing to work on migrating a data storage system in order to restore access to GitHub.com," the team said just after 5pm PT, adding in the past few minutes: "We are continuing to repair a data storage system for GitHub.com. You may see inconsistent results during this process."Read Replies (0)
By BeauHD from Slashdot's cause-and-effect department
An anonymous reader quotes a report from EurekAlert: Air pollution in the U.S. has decreased since about 1990, and a new study conducted at the University of North Carolina at Chapel Hill now shows that this air quality improvement has brought substantial public health benefits. The study, published in the journal Atmospheric Chemistry and Physics, found that deaths related to air pollution were nearly halved between 1990 and 2010. The team's analyses showed that deaths related to air pollution exposure in the U.S. decreased by about 47 percent, dropping from about 135,000 deaths in 1990 to 71,000 in 2010.
These improvements in air quality and public health in the U.S. coincided with increased federal air quality regulations, and have taken place despite increases in population, energy and electricity use, and vehicle miles traveled between 1990 and 2010. [...] Still, despite clear improvements, air pollution remains an important public health issue in the U.S. The estimated 71,000 deaths in 2010 translates to 1 of every 35 deaths in the U.S. -- that's as many deaths as we see from all traffic accidents and all gun shootings combined.Read Replies (0)
By BeauHD from Slashdot's hit-and-run department
A critical remote code execution vulnerability has been spotted in the LIVE555 media streaming library used by popular media players such as VLC and MPlayer. "Maintained by the company Live Networks, the library works with RTP / RTCP, RTSP or SIP protocols, with the ability to process video and audio formats such as MPEG, H.265, H.264, H.263 +, VP8, DV, JPEG, MPEG, AAC, AMR, AC-3, and Vorbis," reports Hackread. From the report: These findings (CVE-2018-4013) have left millions of users of media players vulnerable to cyber attacks, according to Lilith Wyatt, a researcher at the Cisco Talos Intelligence Group. In this case, the flaw lies in the HTTP packet parsing functionality, which analyzes HTTP headers for RTSP tunneling over HTTP, explains. An update has already been issued to address the vulnerability. Therefore, if you are using any of the vulnerable media players make sure they are updated to the latest version.Read Replies (0)
By BeauHD from Slashdot's prepare-yourself department
The TSA has released its roadmap to use biometrics technology in the coming years. The Verge reports: Customs and Border Protection has been using facial recognition to screen non-U.S. residents on international flights since 2015, a project that was expedited by the Trump administration. Last year, the U.S. government laid out its plans to start expanding the screening tools to U.S. citizens, which would require them to undergo facial scans when they leave the country through a system called the Biometric Pathway. Today's news lays out how the TSA will adopt the same technology, partnering with CBP on biometrics for international travelers, expanding security operations to TSA Precheck members, and eventually, using facial recognition to verify domestic travelers.
TSA says that by moving toward facial recognition technology in a time where travel volume is rising, it's hoping to reduce the need for physical documents like passports and paper tickets. Currently, TSA manually compares the passengers in front of them to their ID photos, but it believes an automated process that can match facial images to photos from passports and visa applications will be more accurate and efficient.Read Replies (0)
By BeauHD from Slashdot's time-to-get-moving department
An anonymous reader quotes a report from CNN: We've all heard exercise helps you live longer. But a new study [published in the journal JAMA Network Open] goes one step further, finding that a sedentary lifestyle is worse for your health than smoking, diabetes and heart disease. Researchers retrospectively studied 122,007 patients who underwent exercise treadmill testing at Cleveland Clinic between January 1, 1991 and December 31, 2014 to measure all-cause mortality relating to the benefits of exercise and fitness. Those with the lowest exercise rate accounted for 12% of the participants. Dr. Wael Jaber, a cardiologist at the Cleveland Clinic and senior author of the study, said the other big revelation from the research is that fitness leads to longer life, with no limit to the benefit of aerobic exercise. Researchers have always been concerned that "ultra" exercisers might be at a higher risk of death, but the study found that not to be the case. "There is no level of exercise or fitness that exposes you to risk," he said. "We can see from the study that the ultra-fit still have lower mortality."Read Replies (0)
By BeauHD from Slashdot's eye-tracking department
An experimental new Android app developed by a team at Cornell University is designed to determine a person's alertness by examining their eyes. The app, called AlertnessScanner, utilizes a smartphone's front-facing camera to gauge the size of users' pupils. "When we're in an alert state, our sympathetic nervous system causes our pupils to dilate so that we can take in information more easily," reports New Atlas. "On the other hand, when we're tired, our parasympathetic nervous system causes our pupils to contract." From the report: In an initial study, test subjects were prompted to use the app to manually take photos of their pupils, once every three hours. Additionally, six times a day they completed a five-minute phone-based Psychomotor Vigilance Test (PVT), which is an established method of gauging reaction time. When the results of the two alertness-testing methods were compared, they were found to be very similar. That said, it was determined that most people wouldn't like having to make a point of using the app so many times every day. Additionally, in order to properly image the test subjects' pupils, the infrared filters of the phones' cameras had to be removed. The researchers managed to address these problems by changing it so that the app automatically takes a one-second-long burst of 30 pupil photos whenever users unlock their phones; and using a larger 13-megapixel front-facing camera.Read Replies (0)
By BeauHD from Slashdot's performance-improvements department
Microsoft is including Google's mitigation for the Spectre Variant 2 speculative execution side-channel attack in the next release of Windows 10, currently codenamed 19H1. ZDNet reports: Google developed a software-based mitigation for Spectre Variant 2 called Retpoline that constrains speculative execution behavior sufficiently to mitigate an attack. Google's testing found its fix had a negligible effect on performance. Retpoline was implemented by Linux distributions such as Red Hat and SUSE, as well as by Oracle for Oracle Linux 6 and 7. And now, as MSPoweruser spotted, Microsoft's kernel engineers have confirmed that Retpoline will be part of the next version of Windows 10, 19H1, which is due out next year. Google's Retpoline plus Microsoft's own kernel modifications have reduced the performance impact to "noise level", according to Mehmet Iyigun of Microsoft's Windows and Azure kernel team. "Yes, we have enabled Retpoline by default in our 19H1 flights along with what we call 'import optimization' to further reduce perf impact due to indirect calls in kernel-mode. Combined, these reduce the perf impact of Spectre v2 mitigations to noise-level for most scenarios," wrote Iyigun.
"The bad news is that Microsoft didn't include the Retpoline fix in the latest Windows 10 October 2018 Update Redstone 5, or RS5, release, even though, according to CrowdStrike researcher Alex Ionescu, it could have," reports ZDNet.Read Replies (0)
By BeauHD from Slashdot's new-and-improved department
An anonymous reader shares new work that could allow us to generate electricity using supercritical carbon dioxide. Ars Technica reports: The researchers involved in the new work, a large U.S.-based collaboration, focus on a composite material: tungsten and zirconium carbide. These have extremely high melting points: 3,700K for both materials. Both of them conduct heat extremely well, and neither of them expands or softens much under these conditions, meaning they would hold up better to the mechanical stresses. While the stats are impressive, the amazing part of this is how the material is fabricated. The researchers started with tungsten carbide, a ceramic that can be formed into a porous material simply by pouring it as a powder into a mold and heating it. At this point, the ceramic can be further machined to produce a final shape. Once in its final form, the ceramic was placed in a bath of a molten mixture of copper and zirconium. The molten mixture filled the pores, and the zirconium reacted with the tungsten carbide, replacing the tungsten. The copper in the molten material formed a thin film on the surface of the solid.
< article continued at Slashdot's new-and-improved department
>Read Replies (0)
By EditorDavid from Slashdot's putting-it-to-the-testers department
An anonymous reader quotes Gizmodo:
When it was discovered earlier this month that the 1809 build of Windows 10 was deleting user files just because, Microsoft halted the update until the problem was fixed. Shame, then, that another not-as-bad-but-still-bad file overwriting bug has now reared its head. in 1809, overwriting files by extracting from an archive using File Explorer doesn't result in an overwrite prompt dialogue and also doesn't replace any files at all; it just fails silently. There are also some reports that it did overwrite items, but did so silently without asking.
Ars Technica speculates that there's a larger program with Microsoft's testing process:
[M]any of the preview builds had a bug wherein deleting a directory that was synced to OneDrive crashed the machine. Not only was this bug integrated into the Windows code, it was allowed to ship to end users. This tells us some fundamental things about how Windows is being developed. Either tests do not exist at all for this code (and I've been told that yes, it's permitted to integrate code without tests, though I would hope this isn't the norm), or test failures are being regarded as acceptable, non-blocking issues, and developers are being allowed to integrate code that they know doesn't work properly...
Microsoft's new development process has, proportionately, a greater amount of time spent writing new features, and a reduced amount of time stabilizing and fixing those features. That would be fine if the quality of the features were higher to start with, with the testing infrastructure to support it and higher standards before new code was integrated. But the experience with Windows 10 thus far is that Microsoft hasn't developed the processes and systems needed to sustain this new approach.Read Replies (0)