×
Medicine

Indian State Government Website Exposed COVID-19 Lab Test Results (techcrunch.com) 7

Posted by BeauHD from the website-bugs dept.
A security flaw in a website run by the government of West Bengal in India exposed the lab results of at least hundreds of thousands of residents, though likely millions, who took a COVID-19 test. TechCrunch reports: The website is part of the West Bengal government's mass coronavirus testing program. Once a COVID-19 test result is ready, the government sends a text message to the patient with a link to its website containing their test results. But security researcher Sourajeet Majumder found that the link containing the patient's unique test identification number was scrambled with base64 encoding, which can be easily converted using online tools. Because the identification numbers were incrementally sequenced, the website bug meant that anyone could change that number in their browser's address bar and view other patients' test results.

The test results contain the patient's name, sex, age, postal address and if the patient's lab test result came back positive, negative or inconclusive for COVID-19. Majumder told TechCrunch that he was concerned a malicious attacker could scrape the site and sell the data. "This is a privacy violation if somebody else gets access to my private information," he said. Majumder reported the vulnerability to India's CERT, the country's dedicated cybersecurity response unit, which acknowledged the issue in an email. He also contacted the West Bengal government's website manager, who did not respond. TechCrunch independently confirmed the vulnerability and also reached out to the West Bengal government, which pulled the website offline, but did not return our requests for comment.
Power

Turntide Technologies Rethinks Electric Motors To Slash Energy Consumption In Buildings (techcrunch.com) 38

Posted by BeauHD from the software-defined-hardware dept.
FrankOVD shares a report from TechCrunch: [F]irms backed by Robert Downey Jr. and Bill Gates are joining investors like Amazon and iPod inventor Tony Fadell to pour money into a company called Turntide Technologies that believes it has the next great innovation in the world's efforts to slow global climate change -- a better electric motor. The operation of buildings is responsible for 40% of CO2 emissions worldwide, Turntide noted in a statement. And, according to the U.S. Department of Energy (DOE), one-third of energy used in commercial buildings is wasted. Smart building technology adds an intelligent layer to eliminate this waste and inefficiency by automatically controlling lighting, air conditioning, heating, ventilation and other essential systems and Turntide's electric motors can add additional savings.

Turntide's basic innovation is a software-controlled motor, or switch reluctance motor, that uses precise pulses of energy instead of a constant flow of electricity. "In a conventional motor you are continuously driving current into the motor whatever speed you want to run it at," [CEO Ryan Morris] said. "We're pulsing in precise amounts of current just at the times when you need the torque... It's software-defined hardware."

He estimates that the technology is applicable to 95% of where electric motors are used today, but the initial focus will be on smart buildings because it's the easiest place to start and can have some of the largest immediate impact on energy usage. "The carbon impact of what we're doing is pretty massive," Morris told me last year. "The average energy reduction [in buildings] has been a 64% reduction. If we can replace all the motors in buildings in the U.S. that's the carbon equivalent of adding over 300 million tons of carbon sequestration per year."
Businesses

SpaceX Starlink Factory In Texas Will Speed Up Production of Dishy McFlatface (arstechnica.com) 37

Posted by BeauHD from the what-to-expect dept.
An anonymous reader quotes a report from Ars Technica: SpaceX says it is building a factory in Austin, Texas, to design systems that will help make satellite dishes, Wi-Fi routers, and other equipment for its Starlink satellite broadband network. The news comes from a job posting for an automation and controls engineer position flagged in a story Tuesday by local news channel KXAN. "To keep up with global demand, SpaceX is breaking ground on a new, state of the art manufacturing facility in Austin, TX," the job posting said. "The Automation & Controls Engineer will play a key role as we strive to manufacture millions of consumer facing devices that we ship directly to customers (Starlink dishes, Wi-Fi routers, mounting hardware, etc)."

The factory apparently won't make the dishes and routers on site but will instead design systems that improve the manufacturing process. "Specifically, they will design and develop control systems and software for production line machinery -- ultimately tackling the toughest mechanical, software, and electrical challenges that come with high-volume manufacturing, all while maintaining a focus on flexibility, reliability, maintainability, and ease of use," the job posting said. Starlink is in beta and is serving over 10,000 customers, and it has asked the Federal Communications Commission for permission to deploy up to 5 million user terminals in the US. SpaceX calls this piece of hardware "Dishy McFlatface," and it receives transmissions from SpaceX's low-Earth orbit satellites. Starlink has been charging $99 per month plus a one-time fee of $499 for the user terminal, mounting tripod, and router. Starlink recently began taking preorders for service that would become available in the second half of 2021.
Nintendo

Nintendo Plans Switch Model With Bigger Samsung OLED Display, 4K Output (bloomberg.com) 18

Posted by BeauHD from the new-and-improved dept.
According to Bloomberg, Nintendo is planning to unveil a model of its Switch gaming console equipped with a bigger Samsung OLED display and support for 4K. It's expected to arrive before Christmas. From the report: Samsung Display Co. will start mass production of 7-inch, 720p-resolution OLED panels as early as June with an initial monthly target of just under a million units. The displays are slated for shipment to assemblers around July. The gaming community has speculated online about the introduction of an OLED or organic light-emitting diode screen, but Nintendo has stayed mum and President Shuntaro Furukawa said in February his company has no plans to announce a new Switch "anytime soon." Samsung's involvement is the strongest indication that Nintendo is serious about updating the console, and on a large scale.

Nintendo decided to go with rigid OLED panels for the new model, the people said, a cheaper but less flexible alternative to the type commonly used for high-end smartphones. The latest model will also come with 4K ultra-high definition graphics when paired with TVs, they said. That could intensify a longstanding complaint of developers, who have struggled with the difference in resolution between handheld and TV modes and now face a bigger gap between the two.
Books

eBay To Remove Dr. Seuss Books From Sale Over Offensive Imagery (thehill.com) 241

Posted by BeauHD from the times-they-are-a-changin' dept.
Online retailer eBay has announced it is working to remove sales of some books from Dr. Seuss over offensive imagery. The Hill reports: A spokesperson for the company told The Wall Street Journal that it is "currently sweeping our marketplace to remove these items." The spokesperson further told the newspaper that it would take time to review seller listings, and the company was monitoring new listings.

The move comes after Dr. Seuss Enterprises announced on Tuesday, which was the late author's birthday, that it will stop the publication of 46 books over racially insensitive imagery. The company told the Associated Press that ending the publications was a move to "preserve the author's legacy." The books reportedly include "McElligot's Pool," "On Beyond Zebra!," "Scrambled Eggs Super!," "The Cat's Quizzer," "And to Think That I Saw It on Mulberry Street" and "If I Ran the Zoo."
Transportation

Honda Launches World's First Level 3 Self-Driving Car (nikkei.com) 51

Posted by BeauHD from the proceeding-cautiously dept.
Honda Motor will on Friday launch a new car equipped with the world's first certified level 3 autonomous driving technology. Nikkei Asia reports: Industry experts are cautiously watching to see if the Legend, a luxury sedan that operates without driver supervision under certain conditions but requires the driver to assume control of the vehicle within seconds when alerted, can capture enough demand to suggest a way forward for other manufacturers. Honda unveiled the Legend on Thursday at an online press event.

The new model's Traffic Jam Pilot system was approved by Japan's Ministry of Land, Infrastructure, Transport and Tourism in November. It can free drivers from driving in congested traffic on an expressway when traveling slower than 50 kilometers per hour. The system automatically accelerates, brakes and steers while monitoring the vehicle's surroundings, using data from high-definition mapping and external sensors. The driver, meanwhile, can enjoy the vehicle's infotainment using the navigation screen but must respond to the system's request for a handover when the vehicle speeds up after the traffic jam eases. The report says Honda is proceeding cautiously, only producing 100 units that will be available only for lease sales. The vehicle will also carry a steep price of $102,000.
Music

Turntable.fm Is Back From the Dead (theverge.com) 7

Posted by BeauHD from the back-and-better-than-ever dept.
An anonymous reader quotes a report from The Verge: It's rare that apps come back from the dead, but it seems like that may be what's happening with Turntable.fm, a site that let users create their own radio stations and DJ sets with music they curated before it got shuttered in 2014. Even rarer, it seems like there are two versions involved in the revival: the original Turntable.fm site is back up and running (with the involvement of its original founder, Billy Chasen), but there's also Turntable.org, which will reportedly be launching in beta this April.

The two sites seem to be taking different directions: Turntable.org, the new version, mentions there will be a subscription fee, while the original seems to be largely unchanged from the one that shut down in 2014. While the original founder has confirmed he's involved with the .fm version, the .org version also has OGs working on it: the Our Team section mentions an original Turntable founding member as well as the artist who designed the original avatars in 2011.

The original app, and the current Turntable.fm, lets you create a virtual room, then select what music you want to play for anyone listening. At the moment, the song selection seems to be limited to what's available on YouTube, so you probably won't be able to sneakily slide in your mixtape. There appears to be a SoundCloud integration that's not working yet. Also, the whole site seems to be phasing in and out of existence, perhaps due to word of its return getting around. Assuming you can find your way in, the audience can chat about your great (or awful) song selections. You can also co-DJ with collaborators, if you feel like riffing off a friend, or co-worker.
IOS

iOS 14.5 Won't Actually Let You Change a Default Music Service (engadget.com) 17

Posted by BeauHD from the such-a-tease dept.
It turns out that Apple's iOS 14.5 update won't actually let you change your default music service that you use with Siri. Engadget reports: Beta users had originally noticed that it appeared as if early versions of the update might allow you to change the default service that launches when you ask Siri to play a song. This meant that rather than specifying a third-party music app with each request, Siri would remember your preference and launch with the service you had originally specified.

While all that still seems to be the case, TechCrunch reports that Apple has apparently "clarified" that it "doesn't consider this feature the equivalent to 'setting a default.'" That's because the feature relies on "Siri intelligence," which can track your music-listening habits over time and predict which app you're more likely to want at that moment. For users, that may certainly feel as if you've changed your default music player, but there's still no way to do that on iOS.
Games

Programmer Got a Minecraft Server Running On His Canon DSLR (petapixel.com) 13

Posted by BeauHD from the because-why-not dept.
linuxwrangler shares a report from PetaPixel: A programmer who goes by the name Turtius has managed to install and run a Minecraft server on a Canon SL2 DSLR camera. Turtius was working on reverse-engineering Canon's network processor when he decided to try and see if it could be done. [You can view it in action here on YouTube].

It is important to note that the camera is just the server, not the client. The game itself is running on the computer, the "world" that is displayed in-game is simply connected to the camera. Theoretically, others could connect to the camera's network and join this same Minecraft server via their own computer. [...] The SL2 does seem to be at the limits of its capability, however, as Turtius says that it can barely make photos and videos in this state and sometimes will crash. He believes that if the camera processor were a bit more powerful, custom world generation could be supported. "It's avrcraft," Turtius explains on Reddit. "It's fully running on the camera. I reverse-engineered the network module used by Canon which just so happens to expose Unix-like sockets and integrated avrcraft with Magic Lantern. It's running a custom implementation provided by Canon's operating system and using custom code to interact with the stuff provided by Canon on a lower level."

You can find the full source code here on GitHub. Just be warned that you could brick your camera if you try this yourself.
Windows

Windows.com Bitsquatting Hack Can Wreak 'Unknown Havoc' On PCs (arstechnica.com) 45

Posted by BeauHD from the flipped-bits dept.
An anonymous reader quotes a report from Ars Technica: Bitflips are events that cause individual bits stored in an electronic device to flip, turning a 0 to a 1 or vice versa. Cosmic radiation and fluctuations in power or temperature are the most common naturally occurring causes. Research from 2010 estimated that a computer with 4GB of commodity RAM has a 96 percent chance of experiencing a bitflip within three days. An independent researcher recently demonstrated how bitflips can come back to bite Windows users when their PCs reach out to Microsoft's windows.com domain. Windows devices do this regularly to perform actions like making sure the time shown in the computer clock is accurate, connecting to Microsoft's cloud-based services, and recovering from crashes.

Remy, as the researcher asked to be referred to, mapped the 32 valid domain names that were one bitflip away from windows.com. Of the 32 bit-flipped values that were valid domain names, Remy found that 14 of them were still available for purchase. This was surprising because Microsoft and other companies normally buy these types of one-off domains to protect customers against phishing attacks. He bought them for $126 and set out to see what would happen.

Over the course of two weeks, Remy's server received 199,180 connections from 626 unique IP addresses that were trying to contact ntp.windows.com. By default, Windows machines will connect to this domain once per week to check that the time shown on the device clock is correct. What the researcher found next was even more surprising. "The NTP client for windows OS has no inherent verification of authenticity, so there is nothing stopping a malicious person from telling all these computers that it's after 03:14:07 on Tuesday, 19 January 2038 and wreaking unknown havoc as the memory storing the signed 32-bit integer for time overflows," he wrote in a post summarizing his findings. "As it turns out though, for ~30% of these computers doing that would make little to no difference at all to those users because their clock is already broken."
United States

Oakland Bans Leaf Blowers, Trimmers and Other Lawn Equipment That Rely on Combustion Engines (kron4.com) 268

Posted by msmash from the how-about-that dept.
Oakland has banned the use of leaf blowers, trimmers and other lawn equipment that rely on combustion engines, citing health and climate change concerns. From a report: The city says that the "significant health hazards" to users and residents from the discharge of particle matter and carbon monoxide lead to the decision, as well as unwanted noise pollution. The city recommends using electric or non-motorized options. The ban is included for commercial landscaping or gardening services as well as private usage.
Earth

After Third Large Quake Near New Zealand, Tsunami Warning Issued; Tsunami Watch in Hawaii (washingtonpost.com) 32

Posted by msmash from the breaking-news dept.
A major magnitude 8.0 earthquake struck roughly 600 miles northeast of New Zealand on Thursday afternoon, triggering concerns of a potentially damaging tsunami. From a report: It's the third major earthquake in less than eight hours on the Kermadec Fault, which passes east of New Zealand. A magnitude 7.3 hit near New Zealand early on Thursday, followed by a 7.4 about 560 miles to the north a few hours later. Tsunami waves of 10 feet or greater are possible in the Kermadec Islands, with 3 to 9 foot waves in French Polynesia. American Samoa, the Cook Islands , Fiji, New Zealand and the Pitcairn Islands can expect water levels fluctuating by up to three feet. A tsunami warning was issued for American Samoa as well. A tsunami warning is in effect for New Zealand. The country's National Emergency Management Agency tweeted "TSUNAMI WARNING issued following Kermadecs earthquake." DW adds: The Pacific Tsunami Warning Center (PTWC) had withdrawn an earlier tsunami warning after the first quake, saying the threat had passed, but authorities renewed the warning following the second and third quake. There were no immediate reports of serious damage or casualties.
Security

Three Top Russian Cybercrime Forums Hacked (krebsonsecurity.com) 25

Posted by msmash from the how-about-that dept.
tsu doh nimh shares a report: Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. In two of the intrusions, the attackers made off with the forums' user databases, including email and Internet addresses and hashed passwords. Members of all three forums are worried the incidents could serve as a virtual Rosetta Stone for connecting the real-life identities of the same users across multiple crime forums. On Tuesday, someone dumped thousands of usernames, email addresses and obfuscated passwords on the dark web apparently pilfered from Mazafaka (a.k.a. "Maza," "MFclub"), an exclusive crime forum that has for more than a decade played host to some of the most experienced and infamous Russian cyberthieves.

At the top of a 35-page PDF leaked online is a private encryption key allegedly used by Maza administrators. The database also includes ICQ numbers for many users. ICQ, also known as "I seek you," was an instant message platform trusted by countless early denizens of these older crime forums before its use fell out of fashion in favor of more private networks, such as Jabber and Telegram. This is notable because ICQ numbers tied to specific accounts often are a reliable data point that security researchers can use to connect multiple accounts to the same user across many forums and different nicknames over time. Cyber intelligence firm Intel 471 assesses that the leaked Maza database is legitimate.
Chrome

Chrome Switches Its Release Cycle for First Time in a Decade (droid-life.com) 26

Posted by msmash from the changing-cadence-cycle dept.
Google Chrome releases will soon arrive more frequently than ever. From a report:In an announcement today, Google said it is updating the Chrome release schedule for the first time in over a decade. For a cool 10+ years now, Chrome stable releases have shipped every 6 weeks with new features, security fixes, etc. With improvements to testing and release processes, Google has realized that it can shorten the release cycle and will do so in Q3 of this year. Starting with Chrome 94, Google will move to a 4-week milestone release cycle. Freaked out at the possibility that Google might break features, remove things you like, or cause other issues with so many releases? Don't worry, Google is also introducing an Extended Stable release that will see milestone updates every 8 weeks. Now, it will still get updates every 2 weeks to address "important issues," but none of the new features or all security fixes that the 4-week milestones see will be included.
Earth

Most Life on Earth Will Be Killed by Lack of Oxygen in a Billion Years (newscientist.com) 143

Posted by msmash from the alright-then dept.
One billion years from now, Earth's atmosphere will contain very little oxygen, making it uninhabitable for complex aerobic life. From a report: Today, oxygen makes up around 21 per cent of Earth's atmosphere. Its oxygen-rich nature is ideal for large and complex organisms, like humans, that require the gas to survive. But early in Earth's history, oxygen levels were much lower -- and they are likely to be low again in the distant future. Kazumi Ozaki at Toho University in Funabashi, Japan, and Chris Reinhard at the Georgia Institute of Technology in Atlanta modelled Earth's climatic, biological and geological systems to predict how atmospheric conditions on Earth will change. The researchers say that Earth's atmosphere will maintain high levels of oxygen for the next billion years before dramatically returning to low levels reminiscent of those that existed prior to what is known as the Great Oxidation Event of about 2.4 billion years ago. "We find that the Earth's oxygenated atmosphere will not be a permanent feature," says Ozaki. One central reason for the shift is that, as our sun ages, it will become hotter and release more energy.

The researchers calculate that this will lead to a decrease in the amount of carbon dioxide in the atmosphere as CO2 absorbs heat and then breaks down. Ozaki and Reinhard estimate that in a billion years, carbon dioxide levels will become so low that photosynthesising organisms -- including plants -- will be unable to survive and produce oxygen. The mass extinction of these photosynthetic organisms will be the primary cause of the huge reduction in oxygen. "The drop in oxygen is very, very extreme -- we're talking around a million times less oxygen than there is today," says Reinhard.

Slashdot Top Deals