Slashdot

Subscribe to Slashdot feed Slashdot
News for nerds, stuff that matters
Updated: 1 hour 14 min ago

Hackers Are Exploiting a 5-Alarm Bug In Networking Equipment

Tue, 2020-07-07 10:00
Andy Greenberg writes via Wired: Late last week, government agencies, including the United States Computer Emergency Readiness Team and Cyber Command, sounded the alarm about a particularly nasty vulnerability in a line of BIG-IP products sold by F5. The agencies recommended security professionals immediately implement a patch to protect the devices from hacking techniques that could fully take control of the networking equipment, offering access to all the traffic they touch and a foothold for deeper exploitation of any corporate network that uses them. Now some security companies say they're already seeing the F5 vulnerability being exploited in the wildâ"and they caution that any organization that didn't patch its F5 equipment over the weekend is already too late. The F5 vulnerability, first discovered and disclosed to F5 by cybersecurity firm Positive Technologies, affects a series of so-called BIG-IP devices that act as load balancers within large enterprise networks, distributing traffic to different servers that host applications or websites. Positive Technologies found a so-called directory traversal bug in the web-based management interface for those BIG-IP devices, allowing anyone who can connect to them to access information they're not intended to. That vulnerability was exacerbated by another bug that allows an attacker to run a "shell" on the devices that essentially lets a hacker run any code on them that they choose. The result is that anyone who can find an internet-exposed, unpatched BIG-IP device can intercept and mess with any of the traffic it touches. Hackers could, for instance, intercept and redirect transactions made through a bank's website, or steal users' credentials. They could also use the hacked device as a hop point to try to compromise other devices on the network. Since BIG-IP devices have the ability to decrypt traffic bound for web servers, an attacker could even use the bug to steal the encryption keys that guarantee the security of an organization's HTTPS traffic with users, warns Kevin Gennuso, a cybersecurity practitioner for a major American retailer. While only a small minority of F5 BIG-IP devices are directly exploitable, Positive Technologies says that still includes 8,000 devices worldwide. "About 40 percent of those are in the U.S., along with 16 percent in China and single-digit percentages in other countries around the globe," reports Wired. "Owners of those devices have had since June 30, when F5 first revealed the bug along with its patch, to update," adds Wired. "But many may not have immediately realized the seriousness of the vulnerability. Others may have been hesitant to take their load balancing equipment offline to implement an untested patch, points out Gennuso, for fear that critical services might go down, which would further delay a fix."

Read more of this story at Slashdot.

Categories: Linux fréttir

Moon's Metal-Rich Craters Challenge Popular Theories About Its Origin

Tue, 2020-07-07 07:00
schwit1 shares a report from UPI: The most popular theory of the moon's origins contends the satellite was formed when a Mars-sized object collided with Earth, vaporizing large portions of Earth's upper crust. While Earth's upper crust is poor in metals, new research -- published Wednesday in the journal Earth and Planetary Science Letters -- suggests the moon's subsurface is surprisingly metal-rich, undermining the satellite's proposed origin story. Authors of the new study suggest planetary scientists consider alternative theories for the moon's formation. It's possible the collision that forged the moon was more violent than scientists thought, gouging out even deeper portions of Earth's crust and mantle. It's also possible the moon experienced an unusual cool-down process, post-collision -- a process that left the moon with large concentrations of metal.

Read more of this story at Slashdot.

Categories: Linux fréttir

Giant Flywheel Project In Scotland Could Prevent UK Blackouts

Tue, 2020-07-07 03:30
An anonymous reader quotes a report from The Guardian: A giant flywheel in north-east Scotland could soon help to prevent blackouts across Britain by mimicking the effect of a power station but without using fossil fuels. The trailblazing project near Keith in Moray, thought to cost about 25 million British pounds, will not generate electricity or produce carbon emissions -- but it could help keep the lights on by stabilizing the energy grid's electrical frequency. The Norwegian energy company Statkraft hopes that from next winter the new flywheel, designed by a division of General Electric, will be able to mimic the spinning turbines of a traditional power station, which have helped to balance the grid's frequency at about 50 hertz for decades. Currently, the National Grid Electricity System Operator (ESO) is forced to shut down windfarms and run gas power stations even when there is more than enough renewable energy to meet Britain's electricity demand, in order to keep the grid's frequency steady. By simulating the spinning metal mass of a power station turbine without producing emissions, Statkraft should be able to help ESO rely less on fossil fuels and use renewable energy more. This is the first time a project of this kind will be used anywhere in the world and ESO believes it could be a "huge step forward" in running a zero-carbon electricity grid.

Read more of this story at Slashdot.

Categories: Linux fréttir

Microsoft's Next Xbox Series X Game Showcase Coming July 23

Tue, 2020-07-07 01:30
Microsoft will be holding its next Xbox Games Showcase on July 23, the company announced today. Ars Technica reports: Unlike Microsoft's May promotional event, which focused on third-party launch titles for the upcoming console, the July 23 event is expected to discuss first-party exclusives from Microsoft's own Xbox Game Studios. That likely includes new footage of Halo Infinite, which saw a new teaser trailer a few weeks ago. That lineup of first-party studios now includes Psychonauts 2 developer Double Fine, which Microsoft acquired in June, and The Outer Worlds developer Obsidian Entertainment, which Microsoft acquired last November.

Read more of this story at Slashdot.

Categories: Linux fréttir

New H.266 VCC Codec Up To 50% More Efficient Than Previous Standard

Tue, 2020-07-07 00:50
The Fraunhofer Heinrich Hertz Institute on Tuesday announced the H.266 Versatile Video Coding codec, which will power more data-efficient video capture and transmission on future iPhones. AppleInsider reports: Apple adopted the predecessor to the new codec, H.265/HEVC, in iOS 11. The updated video codec, which was developed after years of research and standardization, will bring a number of tangible benefits to future iPhone users. In its announcement, the Fraunhofer HHI said that H.266 will reduce data requirements by around 50% thanks to improved compression. With the previous HEVC codec, it took about 10GB of data to transmit a 90-minute ultra-high definition (UHD) video. H.266 can do that with 5GB. The codec, as detailed in a 500-page specification, was designed from the ground up for use with 4K and 8K streaming. It'll allow users to store more high-definition video and reduce the amount of data on cellular networks.

Read more of this story at Slashdot.

Categories: Linux fréttir

Microsoft Is Interested In Acquiring Warner Bros. Gaming Unit

Tue, 2020-07-07 00:30
According to a new report from The Information, Microsoft is interested in bidding on Warner Bros. Interactive Entertainment, which is currently a division of AT&T. From a report: Warner Bros. Interactive Entertainment, or WB Games, is known for publishing the "Batman: Arkham" series, "Middle-Earth: Shadow of Mordor," many "Lego" and "Harry Potter" games, "Mortal Kombat," and "The Witcher 3: Wild Hunt." The unit consists of game-development studios in the U.S., Canada and the U.K. AT&T acquired the gaming business as part of the 2018 buyout of Time Warner assets. This deal and the 2014 acquisition of DirecTV increased AT&T's debt and the company has been looking to ways to cut costs and unload assets.

Read more of this story at Slashdot.

Categories: Linux fréttir

How Google Docs Became the Social Media of the Resistance

Tue, 2020-07-07 00:10
An anonymous reader quotes a report from MIT Technology Review: In just the last week, Google Docs has emerged as a way to share everything from lists of books on racism to templates for letters to family members and representatives to lists of funds and resources that are accepting donations. Shared Google Docs that anyone can view and anyone can edit, anonymously, have become a valuable tool for grassroots organizing during both the coronavirus pandemic and the police brutality protests sweeping the US. It's not the first time. In fact, activists and campaigners have been using the word processing software for years as a more efficient and accessible protest tool than either Facebook or Twitter. It wasn't until the 2016 elections, when misinformation campaigns were rampant, that the software came into its own as a political tool. Melissa Zimdars, an assistant professor of communication at Merrimack College, used it to create a 34-page document titled "False, Misleading, Clickbaity-y, and/or Satirical 'News' Sources.'" Zimdars inspired a slew of political Google Docs, written by academics as ad hoc ways of campaigning for Democrats for the 2018 midterm elections. By the time the election passed, Google Docs were also being used to protest immigration bans and advance the #MeToo movement. Now, in the wake of George Floyd's murder on Memorial Day weekend, communities are using the software to organize. One of the most popular Google Docs to emerge in the past week is "Resources for Accountability and Actions for Black Lives," which features clear steps people can take to support victims of police brutality. It is organized by Carlisa Johnson, a 28-year-old graduate journalism student at Georgia State University.

Read more of this story at Slashdot.

Categories: Linux fréttir

Foreign Students Must Leave the US If Their Universities Transition To Online-Only Learning

Mon, 2020-07-06 23:34
ugen shares a report from Reuters: Foreign students must leave the United States if their school's classes this fall will be taught completely online or transfer to another school with in-person instruction, the U.S. Immigration and Customs Enforcement (ICE) agency announced on Monday. It was not immediately clear how many student visa holders would be affected by the move, but foreign students are a key source of revenue for many U.S. universities as they often pay full tuition. ICE said it would not allow holders of student visas to remain in the country if their school was fully online for the fall. Those students must transfer or leave the country, or they potentially face deportation proceedings, according to the announcement. The ICE guidance applies to holders of F-1 and M-1 visas, which are for academic and vocational students. The State Department issued 388,839 F visas and 9,518 M visas in fiscal 2019, according to the agency's data. The guidance does not affect students taking classes in person. It also does not affect F-1 students taking a partial online course-load, as long as their university certifies the student's instruction is not completely digital. M-1 vocational program students and F-1 English language training program students will not be allowed to take any classes online.

Read more of this story at Slashdot.

Categories: Linux fréttir

PlayStation's Secret Weapon: A Nearly All-Automated Factory

Mon, 2020-07-06 22:50
According to Nikkei Asian Review, much of the PlayStation's success can be attributed to an unassuming factory in Japan that is almost entirely operated by robots. From the report: On the outskirts of Kisarazu, a large, white building towers over an otherwise suburban landscape. Once inside, visitors are greeted by the whirring of motors as dozens of robots seamlessly churn out PlayStation 4 consoles. Just a few humans were present to deal with a handful of tasks -- two to feed bare motherboards to the line, and two to package the finished consoles. But the actual assembly is done entirely by articulated robots, supplied by Mitsubishi Electric. The 31.4-meter line, completed in 2018, has the ability to churn out a new console every 30 seconds. The Kisarazu plant is operated by Sony Global Manufacturing & Operations, or SGMO, the group's manufacturing arm. The unit has worked with video game unit Sony Interactive Entertainment to bring cutting-edge technologies to the facility. One of the plant's crowning achievements is the use of robots to attach wires, tape and other flexible parts to the consoles. Twenty-six out of 32 robots at the Kisarazu plant are dedicated to the task, deftly handling materials most robots would find too finicky. "There's probably no other site that can manipulate robots in this manner," said an engineer. Every process -- all the way to final packaging -- is automated. The blend of robotic and human labor is painstakingly optimized with a priority on return on investment.

Read more of this story at Slashdot.

Categories: Linux fréttir

Fujitsu Announces Permanent Work-From-Home Plan

Mon, 2020-07-06 22:10
Technology firm Fujitsu announced a new "Work Life Shift" program that will offer unprecedented flexibility to its 80,000 workers in Japan. "Staff will be able to work flexible hours, and working from home will be standard wherever possible," reports the BBC. From the report: In a statement sent to the BBC, Fujitsu said it "will introduce a new way of working that promises a more empowering, productive, and creative experience for employees that will boost innovation and deliver new value to its customers and society." Under the plan employees will "begin to primarily work on a remote basis to achieve a working style that allows them to flexibly use their time according to the contents of their work, business roles, and lifestyle." The company also said the program would allow staff to choose where they worked, whether that was from home, a major corporate hub or a satellite office. Fujitsu believes that that the increased autonomy offered to its workers will help to improve the performance of teams and increase productivity.

Read more of this story at Slashdot.

Categories: Linux fréttir

Supreme Court Upholds Cellphone Robocall Ban

Mon, 2020-07-06 21:30
An anonymous reader quotes a report from The Associated Press: The Supreme Court on Monday upheld a 1991 law that bars robocalls to cellphones. The case, argued by telephone in May because of the coronavirus pandemic, only arose after Congress in 2015 created an exception in the law that allowed the automated calls for collection of government debt. Political consultants and pollsters were among those who asked the Supreme Court to strike down the entire 1991 law that bars them from making robocalls to cellphones as a violation of their free speech rights under the Constitution. The issue was whether, by allowing one kind of speech but not others, the exception made the whole law unconstitutional. Six justices agreed that by allowing debt collection calls to cellphones Congress "impermissibly favored debt-collection speech over political and other speech, in violation of the First Amendment," Justice Brett Kavanaugh wrote (PDF). And seven justices agreed that the 2015 exception should be stricken from the law. "Americans passionately disagree about many things. But they are largely united in their disdain for robocalls," Kavanaugh noted at the outset of his opinion.

Read more of this story at Slashdot.

Categories: Linux fréttir

Broadband's Underused Lifeline For Low-income Users

Mon, 2020-07-06 20:50
The federal government's main program to keep lower income people connected is only serving one-fifth of the people it could help, even during a pandemic that has forced school and work online. From a report: Millions of Americans still lack access to the high-speed internet service that's become vital as people remain stuck at home and reopenings reverse. The Lifeline program, administered by the Federal Communications Commission, provides a $9.25 monthly subsidy (more on tribal lands) to companies that provide phone or broadband service to low-income consumers, generally at no out-of-pocket cost to the customer. Less than a fifth of the 38 million households that qualify for the program are actually enrolled. And despite a recent uptick, enrollment remains down sharply from the Obama era. "It's very clear that the program is needed now more than ever," Democratic FCC Commissioner Geoffrey Starks told Axios. "It's a program that is severely underutilized, and it has got to really meet the moment here."

Read more of this story at Slashdot.

Categories: Linux fréttir

Facial-Recognition Firm Ends Operations in Canada, Watchdog Says

Mon, 2020-07-06 20:21
Canada's privacy watchdog said facial recognition software provider Clearview AI will no longer offer its services in the country, suspending a contract with its last remaining client, the Royal Canadian Mounted Police. From a report: The move comes almost five months after privacy authorities at the federal level and in three provinces launched an investigation into the New York-based firm over allegations it collected personal information without consent and provided data to law enforcement. That probe is still ongoing, the Office of the Privacy Commissioner of Canada said in a statement Monday. At the end of February, the national watchdog opened a separate investigation into the RCMP's use of Clearview AI's facial recognition technology and it also plans to complete that inquiry.

Read more of this story at Slashdot.

Categories: Linux fréttir

China Confirms Case of Bubonic Plague In Inner Mongolia

Mon, 2020-07-06 20:12
China has confirmed one case of bubonic plague in northern province Inner Mongolia, according to a statement on the local health authority's website. From a report: The patient is now under treatment at a hospital and is in a stable condition, the Bayannur health commission said in a late Sunday night statement. It also issued a level-three alert, warning of the risks of human-to-human infection and urging citizens to report dead animals, suspected plague cases and patients running a fever for unidentified reasons. Bubonic plague, also called the 'Black Death,' killed 50 million people in a 14th century outbreak in Europe and about 12 million globally in the 19th century. It's now the most common type of plague and can be treated with antibiotics. Inner Mongolia reported four cases in November while Madagascar sees some cases nearly every year between the months of September and April. Mongolia also confirmed two cases of bubonic plague earlier this month, triggering a quarantine in the province that borders China and Russia. While the ailment is treatable, unlike the novel pathogen which has caused the ongoing pandemic, Chinese health authorities are wary of any infectious disease spreading after a hard-fought containment of the coronavirus outbreak.

Read more of this story at Slashdot.

Categories: Linux fréttir

DNA Inherited From Neanderthals May Increase Risk of Covid-19

Mon, 2020-07-06 19:35
A stretch of DNA linked to Covid-19 was passed down from Neanderthals 60,000 years ago, according to a new study. From a report: Scientists don't yet know why this particular segment increases the risk of severe illness from the coronavirus. But the new findings, which were posted online on Friday and have not yet been published in a scientific journal, show how some clues to modern health stem from ancient history. "This interbreeding effect that happened 60,000 years ago is still having an impact today," said Joshua Akey, a geneticist at Princeton University who was not involved in the new study. This piece of the genome, which spans six genes on Chromosome 3, has had a puzzling journey through human history, the study found. The variant is now common in Bangladesh, where 63 percent of people carry at least one copy. Across all of South Asia, almost one-third of people have inherited the segment. Elsewhere, however, the segment is far less common. Only 8 percent of Europeans carry it, and just 4 percent have it in East Asia. It is almost completely absent in Africa. It's not clear what evolutionary pattern produced this distribution over the past 60,000 years. "That's the $10,000 question," said Hugo Zeberg, a geneticist at the Karolinska Institute in Sweden who was one of the authors of the new study. One possibility is that the Neanderthal version is harmful and has been getting rarer over all. It's also possible that the segment improved people's health in South Asia, perhaps providing a strong immune response to viruses in the region.

Read more of this story at Slashdot.

Categories: Linux fréttir

Harvard Will Allow Some Students on Campus This Fall So Long as They Take Coronavirus Tests Every 3 Days

Mon, 2020-07-06 18:44
Harvard University is welcoming freshmen and some other students back to campus this fall semester, but students will have to take coronavirus tests every three days, classes will still be taught online and it won't discount tuition, the school announced Monday. From a report: Upperclassmen will be able to petition to return if they don't have sufficient technology at home or have challenging family circumstances. The total percentage of undergraduates living on campus would be limited to around 40%. "Assuming that we maintain 40% density in the spring semester, we would again bring back one class, and our priority at this time is to bring seniors to campus," Harvard said. "Under this plan, first years would return home and learn remotely in the spring." It expects to release a decision about the spring in early December. Harvard is the latest school to announce its fall semester plans as coronavirus cases continue to spike the U.S. Harvard previously announced that all teaching would occur online. Today it also said tuition will not be discounted from $49,653, although students enrolled remotely won't pay housing fees. The semester will begin as scheduled on Sept. 2 and all students living on campus will be expected to leave by Thanksgiving.

Read more of this story at Slashdot.

Categories: Linux fréttir

Hong Kong Government Tells Schools To Remove Books Breaching Security Law

Mon, 2020-07-06 18:05
Hong Kong's government on Monday ordered schools to review and remove any books that might breach a sweeping new security law that Beijing imposed last week on the restless city. From a report: "In accordance with the four types of offences clearly stipulated in the law, the school management and teachers should review teaching and learning materials in a timely manner, including books," the Education Bureau said. "If they find outdated content or content that may concern the four aforementioned offences, they should remove them," the bureau added. Last week China enacted a security law outlawing four national security crimes: subversion, secession, terrorism and colluding with foreign forces. Authorities promptly declared political views espousing independence or self-autonomy would be viewed as illegal under the new law. Rights groups and legal analysts have warned the broad wording of the law, which was kept secret until it was passed, would have a chilling effect of political freedoms in the semi-autonomous hub. The order for schools to review and remove any contraband books comes two days after Hong Kong's libraries said they were also pulling titles deemed to breach the law for a review. Among those withdrawn from shelves was one by prominent activist Joshua Wong, another by pro-democracy lawmaker Tanya Chan and multiple other titles written by Chin Wan, a scholar who is seen as the godfather of a "localist" movement advocating greater self-determination for the city. Hong Kong has some of Asia's best universities and a campus culture where topics that would be taboo on the mainland are still discussed and written about.

Read more of this story at Slashdot.

Categories: Linux fréttir

US Secret Service Reports an Increase in Hacked Managed Service Providers

Mon, 2020-07-06 17:27
The US Secret Service sent out a security alert last month to the US private sector and government organizations warning about an increase in hacks of managed service providers (MSPs). From a report: MSPs provide remote management software for companies. MSPs can be simple services like file-sharing systems to complete solutions that manage a customer's entire computer fleet. Most MSP services are built around a server-client software architecture. The server part can be remotely hosted with the MSP inside a clout infrastructure, or installed on-premise with the client. Usually, getting access to the server component of an MSP grants an attacker full control of all software clients. In a security alert sent out on June 12, Secret Service officials said their investigations team (GIOC -- Global Investigations Operations Center) has been seeing an increase in incidents where hackers breach MSP solutions and use them as a springboard into the internal networks of the MSP's customers. Secret Service officials said they've been seeing threat actors use hacked MSPs to carry out attacks against point-of-sale systems, to perform business email compromise (BEC) scams, and to deploy ransomware.

Read more of this story at Slashdot.

Categories: Linux fréttir

US Tech Giants Halt Reviews of Hong Kong Demands For User Data

Mon, 2020-07-06 16:45
Facebook and Twitter have confirmed they have suspended processing demands for user data from Hong Kong authorities following the introduction of a new Beijing-imposed national security law. From a report: A spokesperson for Facebook told TechCrunch it will "pause" the processing of data demands until it can better understand the new national security law, "including formal human rights due diligence and consultations with human rights experts." The spokesperson added: "We believe freedom of expression is a fundamental human right and support the right of people to express themselves without fear for their safety or other repercussions." Facebook said its suspension will also apply to WhatsApp, which it owns. Soon after, Twitter also confirmed it followed suit. "Given the rapid pace at which the new National Security Law in China has been passed and that it was only published in its entirety for the first time last week, our teams are reviewing the law to assess its implications, particularly as some of the terms of the law are vague and without clear definition," said a Twitter spokesperson. "Like many public interest organizations, civil society leaders and entities, and industry peers, we have grave concerns regarding both the developing process and the full intention of this law," the spokesperson said.

Read more of this story at Slashdot.

Categories: Linux fréttir

The Stunning Second Life of 'Avatar: The Last Airbender'

Mon, 2020-07-06 16:22
A fifteen-year-old cartoon is an unlikely contender for most-watched show in America. And yet when "Avatar: The Last Airbender" arrived on Netflix, in May, it rose through the ranks to become the platform's No. 1 offering, and even now it remains a fixture in the Top Ten for the U.S. From a report: The series first ran from 2005 to 2008 on Nickelodeon, and swiftly made a name for itself as a politically resonant, emotionally sophisticated work -- one with a sprawling but meticulously plotted mythos that destined the show for cult-classic status. Last summer, after "Game of Thrones" flubbed its finale, fans and critics held up "Avatar" as a counterexample: a fantasy series that knew what it wanted to be from the beginning. Like all such stories, "Avatar" (created by Bryan Konietzko and Michael Dante DiMartino, and no relation to the James Cameron blockbuster) demands some exposition. In a world where nations are defined by their connection to one of the four elements -- water, earth, fire, and air -- maintaining the peace falls to the Avatar, the only person who can achieve mastery of them all. Just as the Fire Nation launches an attack, he vanishes. The series begins a century later, when a twelve-year-old boy named Aang is discovered and revived by a pair of Water Tribe teen-agers -- and the Fire Nation is well on its way to global conquest. The first two episodes are largely what you'd expect: world-building punctuated by moments of whimsy. In the third, Aang returns to the temple where he was born to find the aftermath of a genocide. He is, he discovers, both the Avatar and the last of the Air Nomads. Where earlier shows might have hinted at such an atrocity for adult viewers' benefit, "Avatar" is overt, taking seriously its young audience's capacity to confront the consequences of endless war. Moral ambiguity abounds, and people from all nations see the conflict as, variously, an opportunity or a tragedy; there are Earth Kingdom citizens who have become cynical or apathetic after generations of fighting, and those from the Fire Nation who are fully capable of doing good. Aang, like the monks who raised him, is a pacifist at heart, but the series makes it clear that his is not the only way of bringing balance to the world. On the eve of his confrontation with the Fire Lord, one of his past lives -- a warrior named Kyoshi, who has killed would-be conquerors before -- counsels that "only justice will bring peace."

Read more of this story at Slashdot.

Categories: Linux fréttir

Pages