Forgot your password?
typodupeerror
Space

The Milky Way Is Much Less Massive Than Previous Thought 119

Posted by Soulskill
from the galactic-atkins dept.
schwit1 writes: New research by astronomers suggests that the Milky Way is about half as massive as previously estimated. It was thought to be roughly the same mass as Andromeda, weighing in at approximately 1.26 x 10^12 solar masses (PDF). This new research indicates its mass is around half the mass of Andromeda. "Galaxies in the Local Group are bound together by their collective gravity. As a result, while most galaxies, including those on the outskirts of the Local Group, are moving farther apart due to expansion, the galaxies in the Local Group are moving closer together because of gravity. For the first time, researchers were able to combine the available information about gravity and expansion to complete precise calculations of the masses of both the Milky Way and Andromeda. ... Andromeda had twice as much mass as the Milky Way, and in both galaxies 90 percent of the mass was made up of dark matter."
Android

Old Apache Code At Root of Android FakeID Mess 127

Posted by Soulskill
from the write-once-run-anywhere dept.
chicksdaddy writes: A four-year-old vulnerability in an open source component that is a critical part of Android leaves hundreds of millions of mobile devices susceptible to silent malware infections. The vulnerability affects devices running Android versions 2.1 to 4.4 ("KitKat"), according to a statement released by Bluebox. The vulnerability was found in a package installer in affected versions of Android. The installer doesn't attempt to determine the authenticity of certificate chains that are used to vouch for new digital identity certificates. In short, Bluebox writes, "an identity can claim to be issued by another identity, and the Android cryptographic code will not verify the claim."

The security implications of this are vast. Malicious actors could create a malicious mobile application with a digital identity certificate that claims to be issued by Adobe Systems. Once installed, vulnerable versions of Android will treat the application as if it was actually signed by Adobe and give it access to local resources, like the special webview plugin privilege, that can be used to sidestep security controls and virtual 'sandbox' environments that keep malicious programs from accessing sensitive data and other applications running on the Android device. The flaw appears to have been introduced to Android through an open source component, Apache Harmony. Google turned to Harmony as an alternative means of supporting Java in the absence of a deal with Oracle to license Java directly.

Work on Harmony was discontinued in November, 2011. However, Google has continued using native Android libraries that are based on Harmony code. The vulnerability concerning certificate validation in the package installer module persisted even as the two codebases diverged.
Crime

A 24-Year-Old Scammed Apple 42 Times In 16 Different States 411

Posted by timothy
from the fool-me-42-times-won't-get-fooled-again dept.
redletterdave (2493036) writes "Sharron Laverne Parrish Jr., 24, allegedly scammed Apple not once, but 42 times, cheating the company out of more than $300,000 — and his scam was breathtakingly simple. According to a Secret Service criminal complaint, Parrish allegedly visited Apple Stores and tried to buy products with four different debit cards, which were all closed by his respective financial institutions. When his debit card was inevitably declined by the Apple Store, he would protest and offer to call his bank — except, he wasn't really calling his bank. So he would allegedly offer the Apple Store employees a fake authorization code with a certain number of digits, which is normally provided by credit card issuers to create a record of the credit or debit override. But that's the problem with this system: as long as the number of digits is correct, the override code itself doesn't matter."
Android

Popular Android Apps Full of Bugs: Researchers Blame Recycling of Code 145

Posted by timothy
from the little-of-this-little-of-that dept.
New submitter Brett W (3715683) writes The security researchers that first published the 'Heartbleed' vulnerabilities in OpenSSL have spent the last few months auditing the Top 50 downloaded Android apps for vulnerabilities and have found issues with at least half of them. Many send user data to ad networks without consent, potentially without the publisher or even the app developer being aware of it. Quite a few also send private data across the network in plain text. The full study is due out later this week.
Medicine

Newly Discovered Virus Widespread in Human Gut 99

Posted by timothy
from the right-under-their-noses-and-stomachs dept.
A newly discovered virus has been found by a San Diego State University team to live inside more than half of all human gut cells sampled. Exploring genetic material found in intestinal samples, the international team uncovered the CrAssphage virus. They say the virus could influence the behaviour of some of the most common bacteria in our gut. Researchers say the virus has the genetic fingerprint of a bacteriophage - a type of virus known to infect bacteria. Phages may work to control the behaviour of bacteria they infect - some make it easier for bacteria to inhabit in their environments while others allow bacteria to become more potent. [Study lead Dr. Robert] Edwards said: "In some way phages are like wolves in the wild, surrounded by hares and deer. "They are critical components of our gut ecosystems, helping control the growth of bacterial populations and allowing a diversity of species." According to the team, CrAssphage infects one of the most common types of bacteria in our guts. National Geographic gives some idea why a virus so common in our gut should have evaded discovery for so long, but at least CrAssphage finally has a Wikipedia page of its own.
NASA

SLS Project Coming Up $400 Million Short 132

Posted by Soulskill
from the opportunity-for-real-life-iron-man dept.
schwit1 writes: A GAO report finds that the Space Launch System is over budget and NASA will need an additional $400 million to complete its first orbital launch in 2017. From the article: "NASA isn't meeting its own requirements for matching cost and schedule resources with the congressional requirement to launch the first SLS in December 2017. NASA usually uses a calculation it calls the 'joint cost and schedule confidence level' to decide the odds a program will come in on time and on budget. 'NASA policy usually requires a 70 percent confidence level for a program to proceed with final design and fabrication,' the GAO report says, and the SLS is not at that level. The report adds that government programs that can't match requirements to resources 'are at increased risk of cost and schedule growth.'

In other words, the GAO says SLS is at risk of costing more than the current estimate of $12 billion to reach the first launch or taking longer to get there. Similar cost and schedule problems – although of a larger magnitude – led President Obama to cancel SLS's predecessor rocket system called Constellation shortly after taking office." The current $12 billion estimate is for the program's cost to achieve one unmanned launch. That's four times what it is costing NASA to get SpaceX, Boeing, and Sierra Nevada to build their three spaceships, all scheduled for their first manned launches before 2017.

Comment: Re:Oh really? (Score 1) 376

by coinreturn (#47530261) Attached to: Western US States Using Up Ground Water At an Alarming Rate

So what alarmist hyper-environmentalist news stories are we to believe? Last time I checked, we had environmentalists screaming that fracking thousands of feet down leaks chemicals (sand, light hydrocarbons) through thousands of feet of permeable geological layers. If these layers are so permeable and the alarmists are telling the trough, how come it takes `thousands` of years to recharge the aquifers?

The act of fracking, or fracturing, creates many tiny cracks.

Here's a thought experiment: Stick your head under a bucket of tightly packed soil (mostly clay) in a bottomless bucket and fill it up.

Now try the same thing after you use a spade on the soil in the bucket for a few minutes.

Get the picture?

Let's hope he actually tries your experiment - and without a spotter.

United States

Lawrence Krauss: Congress Is Trying To Defund Scientists At Energy Department 296

Posted by samzenpus
from the let-the-science-flow dept.
Lasrick writes Physicist Lawrence Krauss blasts Congress for their passage of the 2015 Energy and Water Appropriations bill that cut funding for renewable energy, sustainable transportation, and energy efficiency, and even worse, had amendments that targeted scientists at the Department of Energy: He writes that this action from the US Congress is worse even than the Australian government's move to cancel their carbon tax, because the action of Congress is far more insidious: "Each (amendment) would, in its own way, specifically prohibit scientists at the Energy Department from doing precisely what Congress should mandate them to do—namely perform the best possible scientific research to illuminate, for policymakers, the likelihood and possible consequences of climate change." Although the bill isn't likely to become law, Krauss is fed up with Congress burying its head in the sand: The fact that those amendments "...could pass a house of Congress, should concern everyone interested in the appropriate support of scientific research as a basis for sound public policy."
Education

Chromebooks Are Outselling iPads In Schools 223

Posted by Unknown Lamer
from the keyboards-still-useful dept.
Nate the greatest (2261802) writes Apple thrilled investors earlier this week when they revealed that they had sold 13 million iPads to schools and claimed 85% of the educational tablet market, but that wasn't the whole story. It turns out that Apple has only sold 5 million iPads to schools since February 2013, or an average of less than a million tablets a quarter over 6 quarters. It turns out that instead of buying iPads, schools are buying Chromebooks. Google reported that a million Chromebooks were sold to schools last quarter, well over half of the 1.8 million units sold in the second quarter. With Android tablets getting better, Apple is losing market share in the consumer tablet market, and now it looks Apple is also losing the educational market to Google. Analysts are predicting that 5 million Chromebooks will be sold by the end of the year; how many of those will be sold to schools, do you think?

Assembly language experience is [important] for the maturity and understanding of how computers work that it provides. -- D. Gries

Working...