Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

+ - Hackers Used Nasty "SMB Worm" Attack Toolkit Against Sony

Submitted by wiredmikey
wiredmikey (1824622) writes "Just hours after the FBI and President Obama called out North Korea as being responsible for the destructive cyber attack against Sony Pictures, US-CERT issued an alert describing the primary malware used by the attackers, along with indicators of compromise.

While not mentioning Sony by name in its advisory, instead referring to the victim as a “major entertainment company,” US-CERT said that the attackers used a Server Message Block (SMB) Worm Tool to conduct the attacks.

According to the advisory, the SMB Worm Tool is equipped with five components, including a Listening Implant, Lightweight Backdoor, Proxy Tool, Destructive Hard Drive Tool, and Destructive Target Cleaning Tool.

US-CERT also provided a list of the Indicators of Compromise (IOCs), which include C2 IP addresses, Snort signatures for the various components, host based Indicators, potential YARA signatures to detect malware binaries on host machines, and recommended security practices and tactical mitigations."

+ - New data says volcanoes, not asteroids, killed dinosaurs

Submitted by schwit1
schwit1 (797399) writes "The uncertainty of science: A careful updating of the geological timeline has strengthened the link between the dinosaur extinction 66 million years ago and a major volcanic event at that time.

A primeval volcanic range in western India known as the Deccan Traps, which were once three times larger than France, began its main phase of eruptions roughly 250,000 years before the Cretaceous-Paleogene, or K-Pg, extinction event, the researchers report in the journal Science. For the next 750,000 years, the volcanoes unleashed more than 1.1 million cubic kilometers (264,000 cubic miles) of lava. The main phase of eruptions comprised about 80-90 percent of the total volume of the Deccan Traps’ lava flow and followed a substantially weaker first phase that began about 1 million years earlier.

The results support the idea that the Deccan Traps played a role in the K-Pg extinction, and challenge the dominant theory that a meteorite impact near present-day Chicxulub, Mexico, was the sole cause of the extinction. The researchers suggest that the Deccan Traps eruptions and the Chicxulub impact need to be considered together when studying and modeling the K-Pg extinction event.

The general public might not know it, but the only ones in the field of dinosaur research that have said the asteroid was the sole cause of the extinction have been planetary scientists."

+ - Scientists Discover That Exercise Changes Your DNA

Submitted by HughPickens.com
HughPickens.com (3830033) writes "The human genome is astonishingly complex and dynamic, with genes constantly turning on or off, depending on what biochemical signals they receive from the body. Scientists have known that certain genes become active or quieter as a result of exercise but they hadn’t understood how those genes knew how to respond to exercise. Now the NYT reports that scientists at the Karolinska Institute in Stockholm have completed a study where they recruited 23 young and healthy men and women, brought them to the lab for a series of physical performance and medical tests, including a muscle biopsy, and then asked them to exercise half of their lower bodies for three months. The volunteers pedaled one-legged at a moderate pace for 45 minutes, four times per week for three months. Then the scientists repeated the muscle biopsies and other tests with each volunteer. Not surprisingly, the volunteers’ exercised leg was more powerful now than the other, showing that the exercise had resulted in physical improvements. But there were also changes within the exercised muscle cells’ DNA. Using technology that analyses 480,000 positions throughout the genome, they could see that new methylation patterns had taken place in 7,000 genes (an individual has 20–25,000 genes).

In a process known as DNA methylation, clusters of atoms, called methyl groups, attach to the outside of a gene like microscopic mollusks and make the gene more or less able to receive and respond to biochemical signals from the body. In the exercised portions of the bodies, many of the methylation changes were on portions of the genome known as enhancers that can amplify the expression of proteins by genes. And gene expression was noticeably increased or changed in thousands of the muscle-cell genes that the researchers studied. Most of the genes in question are known to play a role in energy metabolism, insulin response and inflammation within muscles. In other words, they affect how healthy and fit our muscles — and bodies — become. Many mysteries still remain but the message of the study is unambiguous. “Through endurance training — a lifestyle change that is easily available for most people and doesn’t cost much money,” says Sara Lindholm, “we can induce changes that affect how we use our genes and, through that, get healthier and more functional muscles that ultimately improve our quality of life.”"

Comment: Fuel (Score 1) 194

by gmuslera (#48605115) Attached to: Linking Drought and Climate Change: Difficult To Do
In the other hand, what can't be denied is that global warming provides more energy to the climate system. And in a system so complex that is the root of the butterfly effect concept adding more fuel will affect it, maybe even in ways that we didn't realized yet. And with a civilization that is rooted in stable and predictable climates (agriculture depends on that) it will hit us pretty hard in all those ways.
Australia

Apparent Islamic Terrorism Strikes Sydney 873

Posted by timothy
from the serious-thoughts dept.
An anonymous reader send this link to a developing situation in Sydney, Australia, being reported on via live feed at the Guardian, and covered by various other news outlets as well. According to CNN's coverage, "CNN affiliate Seven Network said that at least 13 people are being held at the Lindt Chocolate Cafe. It published a photograph of people inside the cafe holding a black flag with Arabic writing on it. The flag reads: "There is no God but God and Mohammed is the prophet of God." From The New York Times' coverage: The police have shut down parts of the city’s transport system, and closed off the mall area. They would not confirm how many people were being held hostage inside the cafe, nor whether those inside are armed. Local media reports said that the airspace over Sydney had been closed and the famed Sydney Opera House evacuated. Television images showed heavily armed officers with their weapons trained on the cafe.

+ - Google Suggests Schools Ban Students With 'Some CS Knowledge' from Classrooms 1

Submitted by theodp
theodp (442580) writes "To address the challenge of rapidly increasing CS enrollments and increasing diversity, reports the Computing Education Blog, Google in November put out an RFP to universities for its invite-only 3X in 3 Years: CS Capacity Award program, which aims "to support faculty in finding innovative ways to address the capacity problem in their CS courses." In the linked-to RFP document, Google suggests that "students that have some CS background" should not be allowed to attend in-person intro CS courses where they "may be more likely to create a non-welcoming environment," and recommends that they instead be relegated to online courses. According to a recent NSF press release, this recommendation would largely exclude Asian and White boys from classrooms, which seems to be consistent with a Google-CodeCademy award program that offers $1,000 bonuses to teachers who get 10 or more high school kids to take a JavaScript course, but only counts students from "groups traditionally underrepresented in computer science (girls, or boys who identify as African American, Latino, American Indian or Alaska Native)." The project suggested in the Google RFP — which could be worth $1.5 million over 3 years to a large CS department — seems to embrace-and-extend a practice implemented at Harvey Mudd College years ago under President Maria Klawe, which divided the intro CS offering into separate sections based upon prior programming experience to — as the NY Times put it — reduce the intimidation factor of young men, already seasoned programmers, who dominated the class. Google Director of Education and University Relations Maggie Johnson, whose name appears on the CS Capacity RFP, is also on the Board of Code.org (where Klawe is coincidentally an Advisory Board member), the K-12 learn-to-code nonprofit that has received $3+ million from Google and many millions more from other tech giants and their execs. Earlier this week, Code.org received the blessing of the White House and NSF to train 25,000 teachers to teach CS, stirring unease among some educators concerned about the growing influence of corporations in public schools."

+ - Taping K-Cup Lid to Keurig hacks its DRM permanently->

Submitted by Anonymous Coward
An anonymous reader writes ""If you haven’t actually used a Keurig coffee machine, then you’ve probably at least seen one. They are supposed to make brewing coffee simple. You just take one of the Keurig “k-cups” and place it into the machine. The machine will punch a hole in the foil top and run the water through the k-cup. Your flavored beverage of choice comes out the other side. It’s a simple idea, run by a more complex machine. A machine that is complicated enough to have a security vulnerability.

Unfortunately newer versions of these machines have a sort of DRM, or lockout chip. In order to prevent unofficial k-cups from being manufactured and sold, the Keurig machines have a way to detect which cups are legitimate and which are counterfeit. It appears as though the machine identifies the lid specifically as being genuine.

It turns out this “lockout” technology is very simple to defeat. All one needs to do is cut the lid off of a legitimate Keurig k-cup and place it on top of your counterfeit cup. The system will read the real lid and allow you to brew to your heart’s content. A more convenient solution involves cutting off just the small portion of the lid that contains the Keurig logo. This then gets taped directly to the Keurig machine itself. This way you can still easily replace the cups without having to fuss with the extra lid every time."

It’s a simple hack, but it’s interesting to see that even coffee machines are being sold with limiting technology these days. This is the kind of stuff we warned people about five or ten years ago. Yet here we are, with a coffee machine made more useable through its security vulnerability."

Link to Original Source

Comment: Re:"Expected" to release methane (Score 4, Informative) 329

by gmuslera (#48563069) Attached to: Warmer Pacific Ocean Could Release Millions of Tons of Methane
Is the sort of things that happens with very complex and interrelated systems. We make models, and sometimes don't know how many factors plays in or the importance of some of them. But impredictability is something that should scare you more than dismiss this as a potential danger. If a big possitive feedback mechanism is not yet discovered or understood for global warming (a bit like this big methane release, but maybe worse/faster/whatever) once global climate hit a critical point, things can go wrong very fast, very global, and in a very irrevocable way.

Comment: Re:This actually sounds pretty cool. (Score 1) 149

by gmuslera (#48561429) Attached to: Ubuntu Gets Container-Friendly "Snappy" Core

Docker is not just containers, but image/container fs management is a key element too. Union fs with copy-on-write makes a big difference against traditional containers. And the image ecosystem, the easy creation with dockerfiles and a good api/powerful cmdline command are pretty important elements too.

Other containers technologies could learn/adapt that other docker ideas, and even VMs could get a bit closer to them. No matter if Docker is the dominant implementation there in the future or not, with those core ideas we all will win.

Comment: The first few comments are awfully pessimistic (Score 5, Insightful) 105

by NitsujTPU (#48560753) Attached to: Seeking Coders, Tech Titans Turn To K-12 Schools

You know, it may sound like a cliche, but the world is becoming more and more reliant on computer technology. You shouldn't look at this as Microsoft looking to churn out cheap help to build Word 2025. That's just not what they're doing. Microsoft engineers aren't poorly compensated for their efforts. Their among the most highly-compensated coders out there.

These are folks who have seen computers completely transform the world around them, and they foresee this trend continuing (probably wisely). There will always be gluts here and there, or shortages here and there, but the fact is that if you want an army of super-intelligent robots cleaning our oceans, helping feed the planet, and maintaining our future space stations, then you're going to need many many more capable coders than we have now.

+ - Ubuntu Gets Container Friendly "Snappy" Core ->

Submitted by judgecorp
judgecorp (778838) writes "Canonical just announced a new Ubuntu Core which uses containers instead of packages. It's the biggest Ubuntu shakeup for 20 years, says Canonical's Mark Shuttleworth, and is based on a tiny core, which will run Docker and other container technology better, quicker and with greater security than other Linuxes. Delivered as alpha code today, it's going to become a supported product, designed to compete with both CoreOS and Red Hat Atomic, the two leading container-friendly Linux approaches. Shuttleworth says it came about because Canonical found it had solved the "cloud" problems (delivering and updating apps and keeping security) by accident — in its work on a mobile version of Ubuntu"
Link to Original Source

Those who can, do; those who can't, write. Those who can't write work for the Bell Labs Record.

Working...