TheRealHocusLocus writes: HR 2039: the National Aeronautics and Space Administration Authorization Act for 2016 and 2017 (press release, full text, and as a pretty RGB bitmap) is in the House. In $18B of goodies we see things that actually resemble a space program. The ~20,000 word document is even a good read, especially the parts about decadal cadence. There is more focus on launch systems and manned exploration, also to "expand the Administration's Near-Earth Object Program to include the detection, tracking, cataloguing, and characterization of potentially hazardous near-Earth objects less than 140 meters in diameter." I find it awesome that the fate of the dinosaurs is explicitly mentioned in this bill. If it passes we will have a law with dinosaurs in it. Someone read the T-shirt. There is also a very specific six month review of NASA's "Earth science global datasets for the purpose of identifying those datasets that are useful for understanding regional changes and variability, and for informing applied science research." Could this be an emerging Earth Sciences turf war between NOAA and NASA? Lately it seems more of a National Atmospheric Space Administration. Mission creep, much?

Lashdots writes: In the next five years, robots won't kill us (or drive our cars). But they will get better at helping us do routine tasks—and at helping each other too. Those are some of the predictions Fast Company gleaned from some of the robotics firms on its "most innovative" list, including Anki Robotics, robot-based genetic testing startup Counsyl, and Lockheed Martin, which has demonstrated a pair of unmanned aerial vehicles that work together to fight fires. I'm just waiting for drones that will simultaneously cut my lawn and deter burglars.

An anonymous reader writes: Security threat researchers Proofpoint have uncovered an email-based phishing attack which infected businesses with malware via the CareerBuilder online job search website. The attack involved the hacker browsing job adverts across the platform and uploading malicious files during the application process, titling the documents "resume.doc" and "cv.doc." Once the CV was submitted, an automatic email notification was sent to the business advertising the position, along with the uploaded document. In this case, Proofpoint found that as a business opens the automatic email from CareerBuilder to view the attached file the document plays on a known Word vulnerability to sneak a malicious code onto the victim's computer. According to the threat research group, the manual attack technique although time-consuming has a higher success rate than automated tools as the email attachments are more likely to be opened by the receiver.

Presto Vivace writes: The H-1B visa issue rarely surfaces during presidential races, and that's what makes the entrance by Sen. Bernie Sanders (I-Vt.) into the 2016 presidential race so interesting. ... ...Sanders is very skeptical of the H-1B program, and has lambasted tech firms for hiring visa workers at the same time they're cutting staff. He's especially critical of the visa's use in offshore outsourcing.

Trailrunner7 writes with this excerpt: A security researcher has developed a method–actually two methods–for defeating the new Chrome Password Alert extension that Google released earlier this week.

The Password Alert extension is designed to warn users when they're about to enter their Google passwords into a fraudulent site. The extension is meant as a defense against phishing attacks, which remain a serious threat to consumers despite more than a decade of research and warnings about the way the attacks work.

Just a day after Google released the extension, Paul Moore, a security consultant in the U.K., developed a method for bypassing the extension. The technique involved using Javascript to look on a given page for the warning screen that Password Alert shows users. The method Moore developed then simply blocks the screen, according to a report on Ars Technica. In an email, Moore said it took him about two minutes to develop that bypass, which Google fixed in short order.

However, Moore then began looking more closely at the code for the extension, and Chrome itself, and discovered another way to get around the extension. He said this one likely will be more difficult to repair.

"The second exploit will prove quite difficult (if not near impossible) to resolve, as it leverages a race condition in Chrome which I doubt any single extension can remedy. The extension works by detecting each key press and comparing it against a stored, hashed version. When you've entered the correct password, Password Alert throws a warning advising the user to change their password," Moore said.

An anonymous reader writes: Today comic book stores around the world celebrate "Free Comic Book Day", offering anyone who pays them a visit some free comic books. This year there's 50 different titles to choose from, including a reprint of Neil Gaiman's "Lady Justice" (not seen in print in nearly 25 years) and a new Fight Club story by Chuck Palahniuk. The Marvel and D.C. universes are represented, as well as Dr. Who, The Simpsons, Jim Henson's Labyrinth, and even something called Steampunk Goldilocks. Saturday many bookstores will also be recognizing "Independent Bookstores Day" with special events, though ironically, some fans may be tempted to visit Amazon.com instead to download some free Kindle editions of last year's free comic books.

sciencehabit writes: Trustees of the Office of Hawaiian Affairs (OHA) – a state agency established to advocate for native Hawaiins — voted Thursday to withdraw their support for construction of the Thirty-Meter Telescope (TMT) on the summit of the Mauna Kea volcano. The vote follows weeks of protests by Native Hawaiians who say the massive structure would desecrate one of their most holy places. The protests have shut down construction of the telescope, which would be the world's largest optical telescope if completed. The vote, which reverses a 2009 decision to endorse the project, strikes a powerful if symbolic blow against a project that, for many native Hawaiians, has come to symbolize more than a century of assaults against their land, culture and sovereignty.

Lasrick writes: Adam Weinstein on a program designed to catch terrorists attacking Baltimore that is now being used to spy on protesters: 'On Ambassador Road, just off I-695 around the corner from the FBI, nearly 100 employees sit in a high-tech suite and wait for terrorists to attack Baltimore. They've waited 11 years. But they still have plenty of work to do, like using the intel community's toys to target this week's street protests.' Great read.

theodp writes: To paraphrase the J. Geils Band, Maddie Zug's high school computer science homework is the centerfold. In a Washington Post op-ed, Zug, a student at the top-ranked Thomas Jefferson High School for Science and Technology, argues that a centerfold does not belong in the classroom. "I first saw a picture of Playboy magazine's Miss November 1972 a year ago as a junior at TJ," Zug explains. "My artificial intelligence teacher told our class to search Google for Lena Soderberg (not the full image, though!) and use her picture to test our latest coding assignment...Soderberg has a history with computer science. In the 1970s, male programmers at the University of Southern California needed to test their image-processing algorithm. They scanned what they had handy: the centerfold of a Playboy magazine. Before long, the image became a convention in industry and academia." (Wikipedia has a nice background, too.)

McGruber writes: 83-year-old Woodland Hills, California resident Ron Dorff usually pays $51 a month to AT&T for a landline, which he uses to access the Internet via an old-school, low-speed AOL dial-up subscription.... but then, in March, AT&T sent him a bill for $8,596.57. He called AT&T and their service rep couldn't make heads or tails of the bill, so she said she'd send a technician to his house. None came, so Dorff figured that everything was ok.

Dorff's next monthly bill was for $15,687.64, bringing his total outstanding debt to AT&T, including late fees, to $24,298.93. If he didn't pay by May 8, AT&T warned, his bill would rise to at least $24,786.16. Droff then called David Lazarus, business columnist for the LA Times, who got in touch with AT&T, who wasted little time in deciding it would waive the more than $24,000 in charges.

AT&T spokeshole Georgia Taylor claims Dorff's modem somehow had started dialing a long-distance number when it accessed AOL, and the per-minute charges went into orbit as he stayed connected for hours.

AT&T declined to answer the LA Times questions about why AT&T didn't spot the problem itself and proactively take steps to fix things? AT&T also declined to elaborate on whether AT&T's billing system is capable of spotting unusual charges and, if so, why it doesn't routinely do so.

Nerval's Lobster writes: Game developers no longer have to pay for the software they need to make great video games, because the tools used by some of the biggest and most successful studios in the world are available to everyone, for free. Among the existing major engines, there is one holdout that does not offer a free version: Crytek continues to charge everyone for CryEngine, and is intent on continuing to do so. That's not to say Crytek is being unreasonable. The company introduced a $10-per-month subscription last year, making it accessible to indie developers who can't afford the higher-priced package that includes full source code. "With CryEngine, Crytek is going to the high-end," Crytek co-founder Faruk Yerli recently told Develop, a news site for developers. Unity3D is going for the low-end while Unreal is aiming for everything from low- to high-end, he added. But according to some developers queried by Dice, there is little reality to the idea that the big three engines are divided between low, mid-end, and high-end capabilities. If you're a developer, is it still worth paying for a game engine?

jones_supa writes: A dangerous software glitch has been found in the Boeing 787 Dreamliner. If the plane is left turned on for 248 days, it will enter a failsafe mode that will lead to the plane losing all of its power, according to a new directive from the US Federal Aviation Administration. If the bug is triggered, all the Generator Control Units will shut off, leaving the plane without power, and the control of the plane will be lost. Boeing is working on a software upgrade that will address the problems, the FAA says. The company is said to have found the problem during laboratory testing of the plane, and thankfully there are no reports of it being triggered on the field.

HughPickens.com writes: Peter Moore has a fascinating article on BBC about how Admiral Robert FitzRoy, the man who invented the weather forecast in the 1860s faced skepticism and even mockery in his time but whose vision of a public forecasting service, funded by government for the benefit of all, is fundamental to our way of life. Chiefly remembered today as Charles Darwin's taciturn captain on HMS Beagle, during the famous circumnavigation in the 1830s, in his lifetime FitzRoy found celebrity from his pioneering daily weather predictions, which he called by a new name of his own invention — "forecasts". There was no such thing as a weather forecast in 1854 when FitzRoy established what would later be called the Met Office. With no forecasts, fishermen, farmers and others who worked in the open had to rely on weather wisdom — the appearance of clouds or the behavior of animals — to tell them what was coming as the belief persisted among many that weather was completely chaotic. But FitzRoy was troubled by the massive loss of life at sea around the coasts of Victorian Britain where from 1855 to 1860, 7,402 ships were wrecked off the coasts with a total of 7,201 lost lives. With the telegraph network expanding quickly, FitzRoy was able to start gathering real-time weather data from the coasts at his London office. If he thought a storm was imminent, he could telegraph a port where a drum was raised in the harbor. It was, he said, "a race to warn the outpost before the gale reaches them".

For FitzRoy the forecasts were a by-product of his storm warnings. As he was analyzing atmospheric data anyway, he reasoned that he might as well forward his conclusions — fine, fair, rainy or stormy — on to the newspapers for publication. "Prophecies and predictions they are not," he wrote, "the term forecast is strictly applicable to such an opinion as is the result of scientific combination and calculation." The forecasts soon became a quirk of this brave new Victorian society. FitzRoy's forecasts had a particular appeal for the horseracing classes who used the predictions to help them pick their outfits or lay their bets.

But FitzRoy soon faced serious difficulties. Some politicians complained about the cost of the telegraphing back and forth. The response to FitzRoy's work was the beginning of an attitude that we reserve for our weather forecasters today. The papers enjoyed nothing more than conflating the role of the forecaster with that of God and the scientific community were skeptical of his methods. While the majority of fishermen were supportive, others begrudged a day's lost catch to a mistaken signal. FitzRoy retired from his west London home to Norwood, south of the capital, for a period of rest but he struggled to recover and on 30 April 1865 FitzRoy cut his throat at his residence, Lyndhurst-house, Norwood, on Sunday morning. "In time, the revolutionary nature of FitzRoy's work would be recognised," says Moore. "FitzRoy's vision of a weather-prediction service funded by government for the benefit of its citizens would not die. In 1871, the United States would start issuing its own weather "probabilities", and by the end of the decade what was now being called the Met Office would resume its own forecasts in Britain."

MojoKid writes: Computer generated graphics have come a long way in the past several years and are starting to blur the line between animation and real actors. One of the more difficult tasks for CG artists is to recreate human emotions, especially crying, though you wouldn't know it after watching a tech demo that Square Enix showed off at the Microsoft BUILD Developer Conference. The real-time tech demo is called Witch Chapter 0 [cry] and is part of a research project that studies various next generation technologies. For this particular demo, Square Enix put a lot of research into real-time CG technology utilizing DirectX 12 in collaboration with Microsoft and NVIDIA, the company said. It's an ongoing project that will help form Square Enix's Luminous Studio engine for future games. The short demo shows some pretty impressive graphics, with an amazing level of detail. As the camera zooms in, you can clearly see imperfections in the skin, along with glistening effects from areas where the face is wet with either tears or water

An anonymous reader writes: For over 5 years, and perhaps even longer, servers around the world running Linux and FreeBSD operating systems have been targeted by an individual or group that compromised them via a backdoor Trojan, then made them send out spam, ESET researchers have found. What's more, it seems that the spammers are connected with a software company called Yellsoft, which sells DirectMailer, a "system for automated e-mail distribution" that allows users to send out anonymous email in bulk. Here's the white paper in which the researchers explain the exploit.