Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Submission + - Ghost Vulnerability in glibc Affects All Linux Systems->

msm1267 writes: A critical vulnerability has been found in glibc, the GNU C library, that affects all Linux systems dating back to 2000. Attackers can use this flaw to execute code and remotely gain control of Linux machines.

The issue stems from a heap-based buffer overflow found in the __nss_hostname_digits_dots() function in glibc. That particular function is used by the _gethostbyname function calls.

“A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application,” said an advisory from Linux distributor Red Hat.

The vulnerability, CVE-2015-0235, has already been nicknamed GHOST because of its relation to the _gethostbyname function. Researchers at Qualys discovered the flaw, and say it goes back to glibc version 2.2 in Linux systems published in November 2000.

According to Qualys, there is a mitigation for this issue that was published May 21, 2013 between patch glibc-2.17 versions and glibc-2.18. The patch, however, was not labeled a security fix at the time.

Link to Original Source

Submission + - High Severity Vulnerability Found in Linux GNU C Library

An anonymous reader writes: The Qualys security research team has found a critical vulnerability in the Linux GNU C Library (glibc), that allows attackers to remotely take control of an entire system without having any prior knowledge of system credentials. Qualys has worked closely with Linux distribution vendors in a coordinated effort to offer a patch for all distributions of Linux systems impacted, which is available today from the corresponding vendors.

Submission + - Remote exploit vulnerability found in bash->

kdryer39 writes: A remotely exploitable vulnerability has been discovered by Stephane Chazelas in bash on Linux and it is unpleasant. The vulnerability has the CVE identifier CVE-2014-6271. This affects Debian as well as other Linux distributions.

The major attack vectors that have been identified in this case are HTTP requests and CGI scripts. Another attack surface is OpenSSH through the use of AcceptEnv variables. As well through TERM and SSH_ORIGINAL_COMMAND. An environmental variable with an arbitrary name can carry a nefarious function which can enable network exploitation.

Link to Original Source

Submission + - Irish Girls Win Google Science Fair With Astonishing Crop Yield Breakthrough-> 1 1

An anonymous reader writes: Irish teenagers Ciara Judge, Émer Hickey and Sophie Healy-Thow, all 16, have won the Google Science Fair 2014. Their project, Combating the Global Food Crisis, aims to provide a solution to low crop yields by pairing a nitrogen-fixing bacteria that naturally occurs in the soil with cereal crops it does not normally associate with, such as barley and oats. The results were incredible: the girls found their test crops germinated in half the time and had a drymass yield up to 74 percent greater than usual.
Link to Original Source

Submission + - New eyeglasses translate languages on restaurant menus, street signs->

colinneagle writes: NTT Docomo introduced a new head-worn device that overlays the user's native language onto foreign-language text as the user looks at it during the recent Combined Exhibition of Advanced Technologies show in Japan.

The glasses will be the most useful when travelers are navigating a foreign country or trying to read text in a foreign language. Examples given in a statement provided to AFP include reading restaurant menus, although the ability to read foreign-language street signs may prove quite valuable as well. The report also mentions that "the glasses are likely to be ready for visitors attending the 2020 Tokyo Olympics," which explains why NTT Docomo developed the technology to begin with. Such a massive, international event is a great opportunity to introduce a product that bridges the langauge gap. It's similar to Twitter's presence at the 2007 South by Southwest conference, where the company mounted massive televisions that streamed attendees' Tweets and allowed them to communicate en masse.

Link to Original Source

Submission + - Scientists Discover Source of Imagination in Human Brain->

cold fjord writes: Science World Report reports, "Do you remember playing pretend when you were a child? ... This ability to use your imagination doesn't disappear after childhood, though; it persists when people create art, invent tools and think scientifically. Now, scientists have discovered the source of human imagination. In the past, researchers have theorized that the human imagination requires a widespread neural network in the brain. ... In their study, the researchers asked 15 participants to imagine specific abstract visual shapes and to mentally combine them into more complex figures or to mentally dismantle them into their separate parts. The scientists then measured the participants' brain activity with functional MRI. ... It turns out that a cortical and subcortical network over a large part of the brain was responsible for the imagery manipulations. This network closely resembled the "mental workspace" that scientists theorized might be responsible for imagination." Paywalled academic paper
Link to Original Source

Submission + - Boeing:Less than 30 days to design and fly DARPA competition drone ->

garymortimer writes: The Defense Advanced Research Projects Agency (DARPA) is looking for a vertical takeoff and landing (VTOL) aircraft that can fly fast, hover efficiently and carry a lot of cargo. Thanks to rapid prototyping, a team of Boeing Phantom Works engineers in Philadelphia designed and built a flying subscale model of the innovative Phantom Swift in time to be part of Boeing’s proposal for DARPA’s vertical takeoff and landing X-Plane competition.

The scaled model of the Phantom Swift went from being an idea to a flying prototype in less than a month. It will serve the team as a flying laboratory.

Link to Original Source

Submission + - Depletion of 'traitor' immune cells slows cancer growth in mice->

vinces99 writes: When someone has cancer, some of the body's cells have changed and are growing uncontrollably. Most cancer drugs try to treat the disease by killing those fast-growing cells, but another approach called immunotherapy tries to stimulate a person’s immune system to attack the cancer itself. Now, scientists at the University of Washington have developed a strategy to slow tumor growth and prolong survival in mice with cancer by targeting and destroying a type of cell that dampens the body’s immune response to cancer. The researchers published their findings this week (Sept. 16) in the Proceedings of the National Academy of Sciences. Our immune system normally patrols for and eliminates abnormal cells. Macrophages are a type of helpful immune cell that can be converted to the “dark side” by signals they receive from a tumor. When inside a tumor, macrophages can switch from helping the immune system to suppressing the body’s immune response to cancer. Several studies show a correlation between the number of macrophages in tumor biopsies and poor prognosis for patients, the researchers say. The UW team developed a method to target and eliminate the cancer-supporting macrophages in mouse tumors. This strategy, the researchers predict, could be used along with current treatments such as chemotherapy for cancer patients.
Link to Original Source

Submission + - Changing a single gene allows mice to live 20 percent longer->

An anonymous reader writes: A research team at the National Heart, Lung, and Blood Institute has been experimenting with changing mouse genes and seeing how it impacts their life. In a surprising discovery, when targeting just one gene change it was found they could extend the life of a mouse by 20 percent.
Link to Original Source

Submission + - Tor usage more than doubles in August->

hypnosec writes: The Tor (The Onion Router) network has witnessed over 100 per cent rise in the number of users connecting to it for the month of August and has reached record levels for the first time since the project has been collecting usage statistics. The privacy-enhancing network is known for providing anonymous browsing experience through the use of a series of encrypted relays and had as many has 500k users throughout this year so far. But if we check the latest statistics available through Tor Metrics Portal there has been a whopping 100 per cent increase in number of Tor clients and as many as 1,200,000 users are connecting to the network. The previous peak for the network was in January 2012 when it saw as many as 950,000 users.
Link to Original Source

Submission + - Carbyne: A Form of Carbon Even Stronger Than Graphene 1 1

Dialecticus writes: Sebastian Anthony at ExtremeTech has written an article about research into the physical properties of carbyne, an elusive form of carbon. A new mathematical analysis by Mingjie Liu and others at Rice University suggests that carbyne may achieve double the strength of graphene, stealing its crown and becoming the strongest material known to man.

Submission + - Moto X's Moto Maker: Designing the next two years of your life->

zacharye writes: There’s no question about it — we have reached a point where smartphones are as much a part of our lives as any device can be. One need only scroll down to the comments section on any tech news site or blog to see how passionate people can be when it comes to their smartphone of choice. But when buying such an important device, why should vendors have all the say when it comes to design? Unless you plan to swallow a penalty or pay a premium tied to a crafty new accelerated upgrade scheme, your smartphone is going to be a huge part of your life for the next two years. Giving users the ability to customize their handsets to speak to their individual styles seems like a big advantage, albeit a complicated and pricey endeavor — but that’s exactly what Motorola and Google have done with the Moto X...
Link to Original Source

Submission + - Amazon Selects Their Favorite Fake Customer Reviews-> 1 1

An anonymous reader writes: Amazon's just created a new web page where they're officially acknowledging fake reviews posted by their customers — and they've even selected their own favorites. ("I was very disappointed to have my uranium confiscated at the airport. It was a gift for my son for his birthday. Also, I’m in prison now, so that’s not good either...") On the front page of Amazon, in big orange letters, Amazon posted "You guys are really funny." And then — next to a funny picture of a rubber horse head mask — Amazon's linked to a list of some of the very best satirical reviews their customers have submitted over the years, noting fondly that "occasionally customer creativity goes off the charts in the best possible way..."
Link to Original Source

Submission + - US Horse Registry Forced to Accept Cloned Horses by Judge->

kdryer39 writes: U.S. District Court Judge Mary Lou Robinson said she will sign an order requiring the American Quarter Horse Association to begin allowing cloned animals to be placed on its registry, according to the organization. A jury last month ruled that the horse association violated anti-monopoly laws by banning cloned animals. The quarter horse association issues and maintains a pedigree registry of American quarter horses, a popular breed associated with cowboys riding on the range in the 19th and early 20th centuries.
Link to Original Source

The tree of research must from time to time be refreshed with the blood of bean counters. -- Alan Kay

Working...