Slashdot

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 19 hours 31 min ago

IT Admin Trashes Railroad Company's Network Before He Leaves

Fri, 10/13/2017 - 12:00
Catalin Cimpanu, writing for BleepingComputer: A federal jury in Minneapolis, Minnesota found a local man guilty of intentionally damaging his former employer's network before leaving the company. The man's name is Christopher Victor Grupe, 46, and from September 2013 until December 2015 he worked as an IT professional for the Canadian Pacific Railway (CPR), a transcontinental railroad based in Alberta, Canada. Things went sideways in December 2015 when CPR suspended Grupe for 12 days for yelling and using inadequate language with his boss. When the man returned to work following his suspension on December 15, management told Grupe they were going to fire him for insubordination. According to court documents obtained by Bleeping Computer, Grupe asked management to resign, effective immediately. He promised to come back the following days and return company property such as his laptop, remote access device, and access badges. He did return the items, as promised, but not before taking the laptop for a last spin inside CPR's network. Court documents show Grupe accessed the company's switches and removed admin accounts, changed passwords for other admin accounts, and deleted log files. When done, Grupe wiped his laptop and returned it to CPR's Minnesota office on December 17, two days after he resigned.

Read more of this story at Slashdot.

SWIFT Says Hackers Still Targeting Bank Messaging System

Fri, 10/13/2017 - 11:20
Hackers continue to target the SWIFT bank messaging system, though security controls instituted after last year's $81 million heist at Bangladesh's central bank have helped thwart many of those attempts, a senior SWIFT official told Reuters. From the report: "Attempts continue," said Stephen Gilderdale, head of SWIFT's Customer Security Programme, in a phone interview. "That is what we expected. We didn't expect the adversaries to suddenly disappear." SWIFT spokeswoman Natasha de Teran told Reuters that the attackers had attempted to hack into computers that banks use to access the organization's proprietary network, then create fraudulent messages to send over the SWIFT system. "We have no indication that our network and core messaging services have been compromised," she said. The disclosure underscores that banks remain at risk of cyber attacks targeting computers used to access SWIFT almost two years after the February 2016 theft from a Bangladesh Bank account at the Federal Reserve Bank of New York.

Read more of this story at Slashdot.

Qualcomm Seeks China iPhone Ban, Escalating Apple Legal Fight

Fri, 10/13/2017 - 10:40
Qualcomm filed lawsuits in China seeking to ban the sale and manufacture of iPhones in the country, the chipmaker's biggest shot at Apple so far in a sprawling and bitter legal fight. From a report: The San Diego-based company aims to inflict pain on Apple in the world's largest market for smartphones and cut off production in a country where most iPhones are made. The product provides almost two-thirds of Apple's revenue. Qualcomm filed the suits in a Beijing intellectual property court claiming patent infringement and seeking injunctive relief, according to Christine Trimble, a company spokeswoman. "Apple employs technologies invented by Qualcomm without paying for them," Trimble said. An Apple spokesman didn't immediately respond to a request for comment on Friday. Qualcomm's suits are based on three non-standard essential patents, it said. They cover power management and a touch-screen technology called Force Touch that Apple uses in current iPhones, Qualcomm said. The inventions "are a few examples of the many Qualcomm technologies that Apple uses to improve its devices and increase its profits," Trimble said. The company made the filings at the Beijing court on Sept. 29. The court has not yet made them public.

Read more of this story at Slashdot.

This Is the Week Wall Street Went Nuts Over Cryptocurrencies

Fri, 10/13/2017 - 10:00
Wall Street banks that weren't already on the bitcoin bandwagon appear to be piling on, or least eyeing seats, after the cryptocurrency surged to all-time highs this week on the way to $6,000. From a report: Analysts are working to keep up with demand from clients for information. UBS and Citigroup published extensive explainers on blockchain technology, while senior executives at JPMorgan Chase warmed to the cryptocurrency during the bank's third-quarter earnings call. The digital currency has risen more than fivefold after trading at less than $1,000 as recently as December, breaking the $5,000 mark this week and already targeting the next thousand-dollar level. Throughout its rise, the cryptocurrency shrugged off tighter regulations, feuding factions and warnings from the likes of JPMorgan's Jamie Dimon of fraud and an eventual price collapse.

Read more of this story at Slashdot.

Twitter Is Crawling With Bots and Lacks Incentive To Expel Them

Fri, 10/13/2017 - 06:40
An anonymous reader shares a report: On Wednesday, the exterior of Twitter's San Francisco headquarters bore an eerie message: "Ban Russian Bots." Someone -- the company doesn't know who -- projected the demand onto the side of its building. Bots, or automated software programs, can be programmed to periodically send out messages on the internet. Now Twitter is scrambling to explain how bots controlled by Russian meddlers may have been used to impact the 2016 president election. Twitter was designed to be friendly to bots. They can help advertisers quickly spread their messages and respond to customer service complaints. Research from the University of Southern California and Indiana University shows that 9 to 15 percent of active Twitter accounts are bots. Many innocuously tweet headlines, the weather or Netflix releases. After the election, there was little discussion inside the company about whether the platform may have been misused, according to people familiar with the matter who asked not to be identified because it is private. But the ubiquity and usefulness of bots did come up. At one point, there were talks about whether Twitter should put a marking on bot accounts, so that users would know they were automated, one of the people said. Yet most of the conversation after the election focused on whether Trump's tweets violated Twitter's policies, the person said.

Read more of this story at Slashdot.

Recordings of the Sounds Heard In the Cuban US Embassy Attacks Released

Fri, 10/13/2017 - 06:00
New submitter chrissfoot shares a report from The Associated Press: The Associated Press has obtained a recording of what some U.S. Embassy workers heard in Havana in a series of unnerving incidents later deemed to be deliberate attacks. The recording, released Thursday by the AP, is the first disseminated publicly of the many taken in Cuba of mysterious sounds that led investigators initially to suspect a sonic weapon. The recordings themselves are not believed to be dangerous to those who listen. Sound experts and physicians say they know of no sound that can cause physical damage when played for short durations at normal levels through standard equipment like a cellphone or computer. What device produced the original sound remains unknown. Americans affected in Havana reported the sounds hit them at extreme volumes. You can listen to the "Dangerous Sound" here via YouTube.

Read more of this story at Slashdot.

Researcher Turns HDD Into Rudimentary Microphone

Fri, 10/13/2017 - 05:00
An anonymous reader writes from Bleeping Computer: Speaking at a security conference, researcher Alfredo Ortega has revealed that you can use your hard disk drive (HDD) as a rudimentary microphone to pick up nearby sounds. This is possible because of how hard drives are designed to work. Sounds or nearby vibrations are nothing more than mechanical waves that cause HDD platters to vibrate. By design, a hard drive cannot read or write information to an HDD platter that moves under vibrations, so the hard drive must wait for the oscillation to stop before carrying out any actions. Because modern operating systems come with utilities that measure HDD operations up to nanosecond accuracy, Ortega realized that he could use these tools to measure delays in HDD operations. The longer the delay, the louder the sound or the intense the vibration that causes it. These read-write delays allowed the researcher to reconstruct sound or vibration waves picked up by the HDD platters. A video demo is here. "It's not accurate yet to pick up conversations," Ortega told Bleeping Computer in a private conversation. "However, there is research that can recover voice data from very low-quality signals using pattern recognition. I didn't have time to replicate the pattern-recognition portion of that research into mine. However, it's certainly applicable." Furthermore, the researcher also used sound to attack hard drives. Ortega played a 130Hz tone to make an HDD stop responding to commands. "The Linux kernel disconnected it entirely after 120 seconds," he said. There's a video of this demo on YouTube.

Read more of this story at Slashdot.

World's First 'Negative Emissions' Plant Has Begun Operation

Fri, 10/13/2017 - 03:30
In an effort to reduce the 40 trillion kg of carbon dioxide humans produce each year, three companies have been working to build machines that can capture the gas directly from the air. One such machine in Iceland has begun operation. Quartz reports: Climeworks just proved the cynics wrong. On Oct. 11, at a geothermal power plant in Iceland, the startup inaugurated the first system that does direct air capture and verifiably achieves negative carbon emissions. Although it's still at pilot scale -- capturing only 50 metric tons CO2 from the air each year, about the same emitted by a single U.S. household -- it's the first system to take CO2 in the air and convert the emissions into stone, thus ensuring they don't escape back into the atmosphere for the next millions of years. Climeworks and Global Thermostat have piloted systems in which they coat plastics and ceramics, respectively, with an amine, a type of chemical that can absorb CO2. Carbon Engineering uses a liquid system, with calcium oxide and water. The companies say it's too early in the development of these technologies to predict what costs will be at scale.

Read more of this story at Slashdot.

Octopuses Show Scientists How To Hide Machines in Plain Sight

Fri, 10/13/2017 - 02:00
If you want to learn the art of camouflage look no further than octopuses. Just watch this famous video that shows a diver slowly swimming up to a clump of rock and seaweed, only for part of that clump to turn white, open its eye, and jet away, squirting ink behind it. Materials scientists and engineers have fallen under the octopuses' spell. From a report: Scientists have engineered a material that can transform from a 2D sheet to a 3D shape, adjusting its texture to blend in with its surroundings, per a new study published today in Science. They mimicked the abilities of an octopus, which can change both shape and color to camouflage. This is a first step toward developing soft robots that can hide in plain sight, robotics expert Cecilia Laschi writes of the research. Robots that can camouflage may one day be used in natural environments to study animals more closely than ever before or in military operations to avoid detection, she writes.

Read more of this story at Slashdot.

The Real Inside Story of How Commodore Failed

Thu, 10/12/2017 - 23:00
dryriver writes: Everybody who was into computers in the 1980s and 1990s remembers Commodore producing amazingly innovative, capable and popular multimedia and gaming computers one moment, and disappearing off the face of the earth the next, leaving only PCs and Macs standing. Much has been written about what went wrong with Commodore over the years, but always by outsiders looking in -- journalists, tech writers, not people who were on the inside. In a 34 minute long Youtube interview that surfaced on October 9th, former Commodore UK Managing Director David John Pleasance and Trevor Dickinson of A-EON Technology talk very frankly about how Commodore really failed, and just how crazy bad and preventable the business and tech decisions that killed Commodore were, from firing all Amiga engineers for no discernible reason, to hiring 40 IBM engineers who didn't understand multimedia computing, to not licensing the then-valuable Commodore Business Machines (CBM) brand to PC makers to generate an extra revenue stream, to one new manager suddenly deciding to manufacture in the Philippines -- a place where the man had a lady mistress apparently. The interview is a truly eye-opening preview of an upcoming book David John Pleasance is writing called Commodore: The Inside Story . The book will, for the first time, chronicle the fall of Commodore from the insider perspective of an actual Commodore Managing Director.

Read more of this story at Slashdot.

FDA Advisers Endorse Gene Therapy To Treat Form of Blindness

Thu, 10/12/2017 - 19:30
An anonymous reader quotes a report from CBS News: A panel of U.S. health advisers has endorsed an experimental approach to treating inherited blindness, setting the stage for the likely approval of an innovative new genetic medicine. A panel of experts to the Food and Drug Administration voted unanimously in favor of Spark Therapeutics' injectable therapy, which aims to improve vision in patients with a rare mutation that gradually destroys normal vision. The vote amounts to a recommendation to approve the therapy. According to Spark Therapeutics' website, inherited retinal diseases are a group of rare blinding conditions caused by one of more than 220 genes. Some living with these diseases experience a gradual loss of vision, while others may be born without the ability to see or lose their vision in infancy or early childhood. Genetic testing is the only way to verify the exact gene mutation that is the underlying cause of the disease.

Read more of this story at Slashdot.

Google Is Really Good At Design

Thu, 10/12/2017 - 17:40
Joshua Topolsky, writing for The Outline: The stuff Google showed off on October 4 was brazenly designed and strangely, invitingly touchable. These gadgets were soft, colorful... delightful? They looked human, but like something future humans had made; people who'd gotten righteously drunk with aliens. You could imagine them in your living room, your den, your bedroom. Your teleportation chamber. A fuzzy little donut you can have a conversation with. A VR headset in stunning pink. A phone with playful pops of color and an interface that seems to presage what you want, when you want it. It's weird. It's subtle. It's... good. It's Google? It's Google. It was only a few years ago that Google was actually something of a laughing stock when it came to design. As an aggressively engineer-led company, the Mountain View behemoth's early efforts, particularly with its mobile software and devices, focused not on beauty, elegance, or simplicity, but rather concentrated on flexibility, iteration, and scale. These are useful priorities for a utilitarian search engine, but didn't translate well to many of the company's other products. Design -- the mysterious intersection of art and communication -- was a second-class citizen at Google, subordinate to The Data. That much was clear from the top down. Enter Matias Duarte, the design impresario who was responsible for the Sidekick's UI (a wacky, yet strangely prescient mobile-everything concept) and later, the revolutionary (though ill-fated) webOS -- the striking mobile operating system and design language that would be Palm's final, valiant attempt at reclaiming the mobile market. Duarte was hired by Google in 2013 (initially as Android's User Experience Director, though he is now VP of design at the company), and spearheaded a complete reset of the company's visual and functional instincts. But even Duarte was aware of the design challenges his new role presented. "I never thought I'd work for Google," he told Surface Magazine in August. "I had zero ambition to work for Google. Everybody knew Google was a terrible place for design." Duarte went to work on a system that would ultimately be dubbed Material Design -- a set of principles that not only began to dictate how Android should look and work as a mobile operating system, but also triggered the march toward a unified system of design that slowly but surely pulled Google's disparate network of services into something that much more closely resembled a singular vision. A school of thought. A family.

Read more of this story at Slashdot.

Driverless Cars Are Giving Engineers a Fuel Economy Headache

Thu, 10/12/2017 - 17:00
schwit1 shares a report from Bloomberg: Judging from General Motors' test cars and Elon Musk's predictions, the world is headed toward a future that's both driverless and all-electric. In reality, autonomy and battery power could end up being at odds. That's because self-driving technology is a huge power drain. Some of today's prototypes for fully autonomous systems consume two to four kilowatts of electricity -- the equivalent of having 50 to 100 laptops continuously running in the trunk, according to BorgWarner Inc. The supplier of vehicle propulsion systems expects the first autonomous cars -- likely robotaxis that are constantly on the road -- will be too energy-hungry to run on battery power alone. A fully autonomous subcompact car like a Honda Fit, for example, will get 54.6 miles to the gallon in 2025 in the best-case scenario, more than 5 miles below the U.S. emissions target, according to BorgWarner. A small pickup or SUV would be at 45.8 mpg, versus a target of 50. Engineers don't have much time to resolve this, as companies are planning to deploy their first fully self-driving cars in the next couple of years. One way for automakers to meet the power-hungry needs of self-driving systems will be to use gasoline-electric hybrid models rather than purely electric cars, said Mary Gustanski, chief technology officer of supplier Delphi Automotive Plc's powertrain business.

Read more of this story at Slashdot.

Alphabet's Waymo Demanded $1 Billion In Settlement Talks With Uber

Thu, 10/12/2017 - 16:20
An anonymous reader quotes a report from Reuters: Alphabet's Waymo sought at least $1 billion in damages and a public apology from Uber as conditions for settling its high-profile trade secret lawsuit against the ride-services company, sources familiar with the proposal told Reuters. The Waymo self-driving car unit also asked that an independent monitor be appointed to ensure Uber does not use Waymo technology in the future, the sources said. Uber rejected those terms as non-starters, said the sources, who were not authorized to publicly discuss settlement talks. The precise dollar amount requested by Waymo and the exact time the offer was made could not be learned. Waymo's tough negotiating stance, which has not been previously reported, reflects the company's confidence in its legal position after months of pretrial victories in a case which may help to determine who emerges in the forefront of the fast-growing field of self-driving cars. The aggressive settlement demands also suggest that Waymo is not in a hurry to resolve the lawsuit, in part because of its value as a distraction for Uber leadership, said Elizabeth Rowe, a trade secret expert at the University of Florida Levin College of Law.

Read more of this story at Slashdot.

Google Permanently Disables Touch Function On All Home Minis Due To Privacy Concerns

Thu, 10/12/2017 - 15:40
Big Hairy Ian shares a report from BBC: Google has stopped its Home Mini speakers responding when users touch them. It permanently turned off the touch activation feature after it found that sensors primed to spot a finger tap were too sensitive. Early users found that the touch sensors were registering "phantom" touches that turned them on. This meant the speakers were recording everything around them thousands of times a day. Google said it disabled the feature to give users "peace of mind." Google's Home Mini gadgets were unveiled on October 4th as part of a revamp of its line of smart speakers. The intelligent assistant feature on it could be activated two ways -- by either saying "OK, Google" or by tapping the surface. About 4,000 Google Home Mini units were distributed to early reviewers and those who attended Google's most recent launch event. Artem Russakovskii from Android Police first discovered the issue with his unit, ultimately causing Google to "permanently [nerf] all Home Minis" because his spied on everything he said 24/7.

Read more of this story at Slashdot.

DJI Unveils Technology To Identify and Track Airborne Drones

Thu, 10/12/2017 - 15:00
garymortimer shares a report from sUAS News: DJI, the world's leader in civilian drones and aerial imaging technology, has unveiled AeroScope, its new solution to identify and monitor airborne drones with existing technology that can address safety, security and privacy concerns. AeroScope uses the existing communications link between a drone and its remote controller to broadcast identification information such as a registration or serial number, as well as basic telemetry, including location, altitude, speed and direction. Police, security agencies, aviation authorities and other authorized parties can use an AeroScope receiver to monitor, analyze and act on that information. AeroScope has been installed at two international airports since April, and is continuing to test and evaluate its performance in other operational environments. AeroScope works with all current models of DJI drones, which analysts estimate comprise over two-thirds of the global civilian drone market. Since AeroScope transmits on a DJI drone's existing communications link, it does not require new on-board equipment or modifications, or require extra steps or costs to be incurred by drone operators. Other drone manufacturers can easily configure their existing and future drones to transmit identification information in the same way.

Read more of this story at Slashdot.

Hyatt Hotels Discovers Card Data Breach At 41 Properties Across 11 Countries

Thu, 10/12/2017 - 14:20
Hyatt Hotels has suffered a second card data breach in two years. In the first breach, hackers had gained access to credit card systems at 250 properties in 50 different countries. This time, the breach appears to have impacted 41 properties across 11 countries. Krebs on Security reports: Hyatt said its cyber security team discovered signs of unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between March 18, 2017 and July 2, 2017. "Upon discovery, we launched a comprehensive investigation to understand what happened and how this occurred, which included engaging leading third-party experts, payment card networks and authorities," the company said in a statement. "Hyatt's layers of defense and other cybersecurity measures helped to identify and resolve the issue. While this incident affects a small percentage of total payment cards used at the affected hotels during the at-risk dates." The hotel chain said the incident affected payment card information -- cardholder name, card number, expiration date and internal verification code -- from cards manually entered or swiped at the front desk of certain Hyatt-managed locations. It added there is no indication that any other information was involved.

Read more of this story at Slashdot.

US Weapons Data Stolen During Raid of Australian Defense Contractor's Computers

Thu, 10/12/2017 - 13:40
phalse phace writes: Another day, another report of a major breach of sensitive U.S. military and intelligence data. According to a report by The Wall Street Journal (Warning: source may be paywalled; alternative source), "A cyberattacker nicknamed 'Alf' gained access to an Australian defense contractor's computers and began a four-month raid that snared data on sophisticated U.S. weapons systems. Using the simple combinations of login names and passwords 'admin; admin' and 'guest; guest' and exploiting a vulnerability in the company's help-desk portal, the attacker roved the firm's network for four months. The identity and affiliation of the hackers in the Australian attack weren't disclosed, but officials with knowledge of the intrusion said the attack was thought to have originated in China." The article goes on to state that "Alf obtained around 30 gigabytes of data on Australia's planned purchase of up to 100 F-35 fighters made by Lockheed Martin, as well as information on new warships and Boeing-built P-8 Poseidon maritime-surveillance aircraft, in the July 2016 breach." The stolen data also included details of the C-130 Hercules transport aircraft and guided bombs used by the U.S. and Australian militaries as well as design information "down to the captain's chair" on new warships for Australia's navy.

Read more of this story at Slashdot.

Google Announces $1 Billion Job Training and Education Program

Thu, 10/12/2017 - 13:00
Google CEO Sundar Pichai was in Pittsburgh Wednesday to announce a new five-year, $1 billion program to help close the global education gap. From a report: Part of the program was a new "Grow with Google" program to work with U.S. cities as well as a $10 million grant to Goodwill that will see Google employees working with the nonprofit to train people in digital skills. Why it matters: Google, along with Apple, Microsoft and other big tech companies, have all launched significant efforts in recent months to demonstrate their commitment to education and U.S. jobs.

Read more of this story at Slashdot.

Learn To Code, It's More Important Than English as a Second Language, Says Apple CEO

Thu, 10/12/2017 - 12:20
Apple CEO Tim Cook says it is more important to learn how to code than it is to learn English as a second language. From a report: The tech executive made the remarks to French outlet Konbini while in the country for a meeting with French President Emmanuel Macron, who has called for tech companies to pay higher taxes in Europe. "If I were a French student and I were 10 years old, I think it would be more important for me to learn coding than English. I'm not telling people not to learn English in some form -- but I think you understand what I am saying is that this is a language that you can [use to] express yourself to 7 billion people in the world," Cook tells Konbini. "I think that coding should be required in every public school in the world. [...] It's the language that everyone needs, and not just for the computer scientists. It's for all of us."

Read more of this story at Slashdot.