Slashdot

Subscribe to Slashdot feed Slashdot
News for nerds, stuff that matters
Updated: 2 hours 49 min ago

Hackers Say They've Broken Face ID a Week After iPhone X Release

Mon, 11/13/2017 - 09:05
Andy Greenberg, writing for Wired: When Apple released the iPhone X on November 3, it touched off an immediate race among hackers around the world to be the first to fool the company's futuristic new form of authentication. On Friday, Vietnamese security firm Bkav released a blog post and video showing that -- by all appearances -- they'd cracked Face ID with a composite mask of 3-D-printed plastic, silicone, makeup, and simple paper cutouts, which in combination tricked an iPhone X into unlocking. That demonstration, which has yet to be confirmed publicly by other security researchers, could poke a hole in the expensive security of the iPhone X, particularly given that the researchers say their mask cost just $150 to make. But it's also a hacking proof-of-concept that, for now, shouldn't alarm the average iPhone owner, given the time, effort, and access to someone's face required to recreate it. Bkav, meanwhile, didn't mince words in its blog post and FAQ on the research. "Apple has done this not so well," writes the company. "Face ID can be fooled by mask, which means it is not an effective security measure."

Read more of this story at Slashdot.

New Study Suggests We Don't Understand Supervolcanoes

Mon, 11/13/2017 - 07:34
Better microsampling (and analysis) are revealing "previously obscured" clues about how super-hot molten lava behaves, according to a Science Alert article shared by schwit1: "The older view is that there's a long period with a big tank of molten rock in the crust," says geoscientist Nathan Andersen from the University of Wisconsin-Madison. "A new view is that magma is stored for a long period in a state that is locked, cool, crystalline, and unable to produce an eruption. That dormant system would need a huge infusion of heat to erupt." Such a huge infusion of heat is what's thought to have unleashed a violent supereruption in California some 765,000 years ago... [A]s awesomely destructive as the supereruption was, lingering evidence from the aftermath can tell us about the magma conditions deep underground before the top blew so spectacularly. Specifically, an analysis of argon isotopes contained in crystals from the Bishop Tuff -- the large rocky outcrop produced when the Long Valley Caldera was created -- shows the magma from the supereruption was heated rapidly, not slowly simmered. Geologically speaking, that is -- meaning the heating forces that produced the supereruption occurred over decades, or perhaps a couple of centuries. (A long time for people, sure, but a blink of an eye in the life-time of a supervolcano.) The reasoning is that argon quickly escapes from hot crystals, so it wouldn't have a chance to accumulate in the rock if the rock were super-heated for a long time... Unfortunately, while scientists are doing everything they can to read the signs of volcanic supereruptions -- something NASA views as more dangerous than asteroid strikes -- the reality is, the new findings don't bring us any closer to seeing the future. "This does not point to prediction in any concrete way," warns geologist Brad Singer, "but it does point to the fact that we don't understand what is going on in these systems, in the period of 10 to 1,000 years that precedes a large eruption."

Read more of this story at Slashdot.

Asgardia Becomes the First Nation Deployed in Space

Mon, 11/13/2017 - 03:34
An anonymous reader quotes CNET: An Orbital ATK Antares rocket carrying a cubesat named Asgardia-1 launched from NASA's Wallops Flight Facility in Virginia early Sunday. The milk carton-sized satellite makes up the entirety of territory of the self-proclaimed "Space Kingdom" of Asgardia... Over 300,000 people signed up online to become "citizens" of the nation over the last year. The main privilege of citizenship so far involves the right to upload data to Asgardia-1 for safekeeping in orbit, seemingly far away from the pesky governments and laws of Earth-bound countries... As of now, Asgardia's statehood isn't acknowledged by any other actual countries or the United Nations, and it doesn't really even fit the definition of a nation since it's not possible for a human to physically live in Asgardia. Not yet, at least. The long-term vision for Asgardia includes human settlements in space, on the moon and perhaps even more distant colonies. On Tuesday Orbital ATK's spacecraft will dock with the International Space Station for a one-month re-supply mission -- then blast higher into orbit to deploy the space kingdom's satellite. "Asgardia space kingdom has now established its sovereign territory in space," read an online statement. Next the space kingdom plans to hold elections for 150 Members of Parliament.

Read more of this story at Slashdot.

Ask Slashdot: Which Laptop Has The Best Keyboard?

Mon, 11/13/2017 - 00:00
Slashdot reader Rock21k is thinking of replacing an old laptop. But... All newer laptops seem to have wide spacing between the keyboard keys, which I hate... At one time, this used to be for consumer laptops but most major companies have done it for business laptops as well... Probably over time I might get used to it, but definitely not the first choice. I understand I can use an external keyboard but that defeats the purpose of a laptop! Do you also hate wide spacing between keyboard keys? Which brand do you find least annoying? Leave your best answers in the comments. Which laptop has the best keyboard?

Read more of this story at Slashdot.

North Korean Hackers Are Targeting US Defense Contractors

Sun, 11/12/2017 - 21:30
chicksdaddy quotes Security Ledger: North Korean hackers have stepped up their attacks on U.S. defense contractors in an apparent effort to gain intelligence on weapon systems and other assets that might be used against the country in an armed conflict with the United States and its allies, The Security Ledger is reporting. Security experts and defense industry personnel interviewed by The Security Ledger say that probes and attacks by hacking groups known to be associated with the government of the Democratic People's Republic of Korea (DPRK) have increased markedly as hostilities between that country and the United States have ratcheted up in the last year. The hacking attempts seem to be aimed at gaining access to intellectual property belonging to the companies, including weapons systems deployed on the Korean peninsula. "As the situation between the DPRK and the US has become more tense, we've definitely seen an increase in number of probe attempts from cyber actors coming out of the DPRK," an official at an aerospace and defense firm told Security Ledger. The so-called "probes" were targeting the company's administrative network and included spear phishing attacks via email and other channels. The goal was to compromise computers on the corporate network... So far, the attacks have targeted "weakest links" within the firms, such as Human Resources personnel and general inquiry mailboxes, rather than targeting technical staff directly. However, experts who follow the DPRK's fast evolving cyber capabilities say that the country may have more up their sleeve. CNBC also reports that America's congressional defense committees have authorized a last-minute request for $4 billion in extra spending for "urgent missile defeat and defense enhancements to counter the threat of North Korea." Other countries newly interested in purchasing missile defense systems include Japan, Sweden, Poland, and Saudi Arabia.

Read more of this story at Slashdot.

New Samsung Video Demos Linux on Galaxy Smartphones

Sun, 11/12/2017 - 19:26
Slashdot reader boudie2 tipped us off to some Linux news. Liliputing reports: Samsung's DeX dock lets you connect one of the company's recent phones to an external display, mouse, and keyboard to use your phone like a desktop PC... assuming you're comfortable with a desktop PC that runs Android. But soon you may also be able to use your Android phone as a Linux PC [and] the company has released a brief video that provides more details. One of those details? At least one of the Linux environments in question seems to be Ubuntu 16.04... While that's the only option shown, the fact that it does seem to be an option suggests you may be able to run different Linux environments as well. Once Ubuntu is loaded, the video shows a user opening Eclipse, an integrated development environment that's used to create Java (and Android apps). In other words, you can develop apps for Android phones with ARM-based processors on an Android phone with an ARM-based processor. Samsung promised in October that its Linux on Galaxy app will ultimately let users "run their preferred Linux distribution on their smartphones utilizing the same Linux kernel that powers the Android OS."

Read more of this story at Slashdot.

NASA Funds Designs for a Nuclear Thermal Propulsion Rocket

Sun, 11/12/2017 - 18:22
"Dangerous radiation. Overstuffed pantries. Cabin fever. NASA could sidestep many of the impediments to a Mars mission if they could just get there faster," writes Space.com, which reports NASA is now exploring an alternative to chemical rockets. In August, NASA announced an $18.8-million-dollar contract with nuclear company BWXT to design fuel and a reactor suitable for nuclear thermal propulsion (NTP), a rocket technology that could jumpstart a new era of space exploration. "The strengths with NTP are the ability to do the very fast round trip [to Mars], the ability to abort even if you're 2 to 3 months into the missions, the overall architectural robustness, and also the growth potential to even more advanced systems," Michael Houts, principal investigator for the NTP project at NASA's Marshall Space Flight Center, told Space.com. NTP rockets would pull all that off by offering about twice the bang for the buck that chemical rockets do... "Nuclear thermal propulsion can enable you to get to Mars faster, on the order of twice as fast," said Vishal Patel, a researcher involved in subcontract work for BWXT at the Ultra Safe Nuclear Corp. in Los Alamos, New Mexico. "We're looking at nice 3- to 4-month transit times."

Read more of this story at Slashdot.

Linux 4.14 Has Been Released

Sun, 11/12/2017 - 17:18
diegocg quotes Kernel Newbies: Linux 4.11 has been released. This release adds support for bigger memory limits in x86 hardware (128PiB of virtual address space, 4PiB of physical address space); support for AMD Secure Memory Encryption; a new unwinder that provides better kernel traces and a smaller kernel size; support for the zstd compression algorithm has been added to Btrfs and Squashfs; support for zero-copy of data from user memory to sockets; support for Heterogeneous Memory Management that will be needed in future GPUs; better cpufreq behaviour in some corner cases; faster TBL flushing by using the PCID instruction; asynchronous non-blocking buffered reads; and many new drivers and other improvements. Phoronix has more on the changes in Linux 4.14 -- and notes that its codename is still "Fearless Coyote."

Read more of this story at Slashdot.

US Airports Still Fail New Security Tests

Sun, 11/12/2017 - 16:14
schwit1 quotes ABC News: In recent undercover tests of multiple airport security checkpoints by the Department of Homeland Security, inspectors said screeners, their equipment or their procedures failed more than half the time, according to a source familiar with the classified report. When ABC News asked the source if the failure rate was 80 percent, the response was, "You are in the ballpark." In a public hearing after a private classified briefing to the House Committee on Homeland Security, members of Congress called the failures by the Transportation Security Administration disturbing. Rep. Mike Rogers went as far as to tell TSA Administrator David Pekoske, "This agency that you run is broken badly, and it needs your attention."

Read more of this story at Slashdot.

The iPhone X Becomes Unresponsive When It Gets Cold

Sun, 11/12/2017 - 15:10
sqorbit writes: Apple is working on a fix for the newly release iPhone X. It appears that the touch screen can become unresponsive when the iPhone is subjected to cold weather. Users are reporting that locking and unlocking the phone resolves the issue. Apple stated that it is aware of the issue and it will be addressed in a future update.

Read more of this story at Slashdot.

What Happens to Open Source Code After Its Developer Dies?

Sun, 11/12/2017 - 14:06
An anonymous reader writes: The late Jim Weirich "was a seminal member of the western world's Ruby community," according to Ruby developer Justin Searls, who at the age of 30 took over Weirich's tools (which are used by huge sites like Hulu, Kickstarter, and Twitter). Soon Searls made a will and a succession plan for his own open-source projects. Wired calls succession "a growing concern in the open-source software community," noting developers have another option: transferring their copyrights to an open source group (for example, the Apache Foundation). Most package-management systems have "at least an ad-hoc process for transferring control over a library," according to Wired, but they also note that "that usually depends on someone noticing that a project has been orphaned and then volunteering to adopt it." Evan Phoenix of the Ruby Gems project acknowledges that "We don't have an official policy mostly because it hasn't come up all that often. We do have an adviser council that is used to decide these types of things case by case." Searls suggests GitHub and package managers like Ruby Gems add a "dead man's switch" to their platform, which would allow programmers to automatically transfer ownership of a project or an account to someone else if the creator doesn't log in or make changes after a set period of time. Wired also spoke to Michael Droettboom, who took over the Python library Matplotlib after John Hunter died in 2012. He points out that "Sometimes there are parts of the code that only one person understands," stressing the need for developers to also understand the code they're inheriting.

Read more of this story at Slashdot.

Is Physical Law an Alien Intelligence?

Sun, 11/12/2017 - 13:02
What if alien life were so advanced that its powers were indistinguishable from physics? It's the one-year anniversary of a startling article which appeared in Nautilus magazine. Long-time Slashdot reader wjcofkc writes: Caleb Scharf, astronomer and the director of the multidisciplinary Columbia Astrobiology Center at Columbia University presents an intriguing thought experiment. "Perhaps Arthur C. Clarke was being uncharacteristically unambitious. He once pointed out that any sufficiently advanced technology is going to be indistinguishable from magic. If you dropped in on a bunch of Paleolithic farmers with your iPhone and a pair of sneakers, you'd undoubtedly seem pretty magical. But the contrast is only middling: The farmers would still recognize you as basically like them, and before long they'd be taking selfies. But what if life has moved so far on that it doesn't just appear magical, but appears like physics?" The original submitter included their own counterarguments against the idea, but the astronomer follows his proposal to its ultimate conclusion. "Perhaps hyper-advanced life isn't just external. Perhaps it's already all around. It is embedded in what we perceive to be physics itself, from the root behavior of particles and fields to the phenomena of complexity and emergence."

Read more of this story at Slashdot.

CopperheadOS Fights Unlicensed Installations On Nexus Phones

Sun, 11/12/2017 - 11:58
An anonymous reader writes: Earlier this week security-hardened Android build CopperheadOS temporarily blocked Nexus updates on its servers after finding out that other companies have been flashing the ROM onto Nexus phones and selling them commercially in violation of the CopperheadOS licensing terms. The incident highlights an inherent problem in getting open source to be used by the masses: the difficulty of organizations being able to build and monetize a successful, long-term open source business model... "We've enabled over-the-air updates again," CopperheadOS tweeted Saturday, "to avoid impacting our remaining customers on Nexus devices and other legitimate users. However, downloads on the site will no longer be available and we'll be making changes to the update client for Nexus devices." In an earlier series of tweets, they explained it's an ongoing issue. "It's not okay to disrespect our non-commercial licensing terms for those official builds by flashing and selling it on hundreds of phones... This is why we've been unable to sell access to Pixel images. There are people that are going to buy those and flash + sell devices in direct competition with us in violation of the licensing terms. Needing to deal with so many people acting in bad faith makes this difficult. "It's not permitted for our official Nexus builds and yet that's what's happening. We do all of the development, testing, release engineering and we provide the infrastructure, and then competitors sell far more devices than us in violation of our licensing terms. Ridiculous."

Read more of this story at Slashdot.

Lockheed Martin To Build High-Energy Airborne Laser For Fighter Planes

Sun, 11/12/2017 - 10:54
Slashdot reader Big Hairy Ian quotes New Atlas: In a move that could revolutionize aerial combat, the US Air Force Research Lab (AFRL) has awarded Lockheed Martin a US$26.3 million contract to design, develop, and produce a high-power laser weapon that the AFRL wants to install and test on a tactical fighter jet by 2021. The new test weapon is part of the AFRL Self-protect High Energy Laser Demonstrator (SHiELD) program tasked with developing airborne laser systems. Airborne laser weapons are nothing new. Experimental lasers mounted on aircraft date back to the US Strategic Defense Initiative of the 1980s, but producing a practical weapon system has proven difficult. Previous attempts have resulted in dodgy chemical laser weapons so bulky that they had to be mounted in a 747, but the development of solid state fiber optic lasers is starting to change the game. Earlier this year, Lockheed's ground-based ATHENA system shot down five 10.8-ft (3.3-m) wingspan Outlaw drones by focusing its 30-kW Accelerated Laser Demonstration Initiative (ALADIN) laser at their stern control surfaces until they burned off, sending them crashing into the desert floor.

Read more of this story at Slashdot.

Your Visual Skills Are Not Correlated To Your IQ

Sun, 11/12/2017 - 09:50
Science_afficionado writes: Psychologists at Vanderbilt University have conducted the first study of individual variation in visual ability. They have discovered that there is a broad range of differences in people's capability for recognizing and remembering novel objects and this ability is not associated with individuals' general intelligence, or IQ. Or, as the article puts it, "Just because someone is smart and well-motivated doesn't mean he or she can learn the visual skills needed to excel at tasks like matching fingerprints, interpreting medical X-rays, keeping track of aircraft on radar displays or forensic face matching."

Read more of this story at Slashdot.

Ask Slashdot: Can You Convert Old iPods Into A Home Music-Streaming Solution?

Sun, 11/12/2017 - 06:46
Slashdot reader zhennian wants to stream music throughout his entire house, "and was hoping that with three old iPods I might be able to put together a centrally managed house-wide audio system." Ideally it would be possible to control what's playing from a central web interface using an app on an IOS or Android device. With the iPods already plugged into docking stations and on the home wifi network, I assume it should be possible. A search of the Apple app store didn't bring up much and forking out $AUS400 for a Sonos One or equivalent seems wasted when I've already purchased iPod docks. Can anyone recommend an App that will still be compatible with old (ie. 2007) iPods and might do this? Or is there a better cheap alternative? Leave your best answers in the comments. Can you convert old iPods into a home music-streaming solution?

Read more of this story at Slashdot.

Bill Gates Just Bought 25,000 Acres in the Arizona Desert

Sun, 11/12/2017 - 03:42
What's the world's second-richest man up to now? A Phoenix news station reports: One of Bill Gates' investment firms has spent $80 million to kickstart the development of a brand-new community in Arizona's far West Valley. The large plot of land is about 45 minutes west of downtown Phoenix off I-10 near Tonopah. The proposed community, made up of close to 25,000 acres of land, is called Belmont. According to Belmont Partners, a real estate investment group based in Arizona, the goal is to turn the land into its own "smart city." "Belmont will create a forward-thinking community with a communication and infrastructure spine that embraces cutting-edge technology, designed around high-speed digital networks, data centers, new manufacturing technologies and distribution models, autonomous vehicles and autonomous logistics hubs," Belmont Partners said in a news release. A former columnist for the Phoenix newspaper writes that "Unless Gates plans to turn the land into a preserve, he might want to know a few things that the locals didn't tell him..." First, Arizona doesn't have enough water to continue these kind of developments, no matter what the mouthpieces of the Real Estate Industrial Complex say... Second, climate change poses a clear and present danger to Arizona now. Summers are significantly hotter and lasting longer than a few decades ago. Massive wildfires are common, another new phenomenon. Whether Phoenix will even be inhabitable by mid-century is an open question. Already, it is a man-made environment totally dependent on electricity to power air conditioning and gasoline delivered by vulnerable pipelines. All of which make it questionable whether all the dreamed developments ever get built, much less last long. "To be fair, wealthy people who were clever in one area -- especially tech -- often think they know a lot about everything," the columnist concludes. "If this is the case here, he might want to study up."

Read more of this story at Slashdot.

Equifax Tells Investors They Could Be Breached Again - And That They're Still Profitable

Sun, 11/12/2017 - 00:38
"Equifax executives will forgo their 2017 bonuses," reports CNBC. But according to the New York Post, the company "hasn't lost any significant business customers... Equifax largely does business with banks and other financial institutions -- not with the people they collect information on." Even though it's facing more than 240 class-action lawsuits, Equifax's revenue actually increased 3.8% from July to September, to a whopping $834.8 million, while their net income for that period was $96.3 million -- which is still more than the $87.5 million that the breach cost them, according to a new article shared by chicksdaddy: The disclosure, made as part of the company's quarterly filing with the US Securities and Exchange Commission, is the first public disclosure of the direct costs of the incident, which saw the company's stock price plunge by more than 30% and wiped out billions of dollars in value to shareholders. Around $55.5m of the $87.5m in breach-related costs stems from product costs â" mostly credit monitoring services that it is offering to affected individuals. Professional fees added up to another $17.1m for Equifax and consumer support costs totaled $14.9m, the company said. Equifax also said it has spent $27.3 million of pretax expenses stemming from the cost of investigating and remediating the hack to Equifax's internal network as well as legal and other professional expenses. But the costs are likely to continue. Equifax is estimating costs of $56 million to $110 million in "contingent liability" in the form of free credit monitoring and identity theft protection to all U.S. consumers as a good will gesture. The costs provided by Equifax are an estimate of the expenses necessary to provide this service to those who have signed up or will sign up by the January 31, 2018 deadline. So far, however, the company has only incurred $4.7 million through the end of September. So, while the upper bound of those contingent liability costs is high, there's good reason to believe that they will never be reached. The Post reports that some business customers "have delayed new contracts until Equifax proves that they've done enough to shore up their cybersecurity." But in their regulatory filing Thursday, Equifax admitted that "We cannot assure that all potential causes of the incident have been identified and remediated and will not occur again."

Read more of this story at Slashdot.

ESR Sees Three Viable Alternatives To C

Sat, 11/11/2017 - 21:34
An anonymous reader writes: After 35 years of programming in C, Eric S. Raymond believes that we're finally seeing viable alternatives to the language. "We went thirty years -- most of my time in the field -- without any plausible C successor, nor any real vision of what a post-C technology platform for systems programming might look like. Now we have two such visions...and there is another." "I have a friend working on a language he calls 'Cx' which is C with minimal changes for type safety; the goal of his project is explicitly to produce a code lifter that, with minimal human assistance, can pull up legacy C codebases. I won't name him so he doesn't get stuck in a situation where he might be overpromising, but the approach looks sound to me and I'm trying to get him more funding. So, now I can see three plausible paths out of C. Two years ago I couldn't see any. I repeat: this is huge... Go, or Rust, or Cx -- any way you slice it, C's hold is slipping." Raymond's essay also includes a fascinating look back at the history of programming languages after 1982, when the major complied languages (FORTRAN, Pascal, and COBOL) "were either confined to legacy code, retreated to single-platform fortresses, or simply ran on inertia under increasing pressure from C around the edges of their domains. "Then it stayed that way for nearly thirty years."

Read more of this story at Slashdot.

iPhone Encryption Hampers Investigation of Texas Shooter, Says FBI

Sat, 11/11/2017 - 19:34
"FBI officials said Tuesday they have been stymied in their efforts to unlock the cellphone of the man who shot and killed at least 26 people at a church here on Sunday," reports the Houston Chronicle. Slashdot reader Anon E. Muss writes: The police obtained a search warrant for the phone, but so far they've been unable to unlock it. The phone has been sent to the FBI, in the hope that they can break in... If it is secure, and the FBI can't open it, expect all hell to break loose. The usual idiots (e.g. politicians) will soon be ranting hysterically about the evil tech industry, and how they're refusing to help law enforcement. FBI special agent Christopher Combs complained to the Chronicle that "law enforcement increasingly cannot get in to these phones." A law professor at the Georgia Institute of Technology argues there's other sources of information besides a phone, and police officers might recognize this with better training. As just one example, Apple says the FBI could've simply just used the dead shooter's fingerprint to open his iPhone. But after 48 hours, the iPhone's fingerprint ID stops working.

Read more of this story at Slashdot.

Pages