schwit1 shared an interesting article from Bloomberg: Though genetic tests are frequently marketed as family-friendly entertainment, they sometimes wind up surfacing life-altering surprises. And when those surprises show up in someone's test results, the first move is often a call to customer service.... At 23andMe, those types of calls are so frequent that preparing for them is integrated into the company's months-long training program.... "We always try to steer the conversation toward the data, tell them that this is science," said Kent Hillyer, head of customer care for the genetic-testing firm 23andMe...

Lindsay Grove, a customer-care representative at 23andMe, still remembers one call in particular years later, a dad who took the test only to find out that his child was not, in fact, his child. At first, like most, he was just trying to figure out whether the results were accurate. So Grove explained the science behind the data. The customer then became somber and quiet. He questioned whether he should talk to his wife, and, if he did, how.... "That process of figuring out what to do next is very difficult for customers...."

Such emotional calls can take a toll on employees, too. That's perhaps inevitable when technology interfaces with such sensitive, personal information.... At 23andMe, Hillyer often encourages representatives to go for a walk after an intense call, or cracks open a bottle of wine to help them decompress. "We kind of do these internal therapy sessions,'' he said. "Here, maybe more so than most places, you have to be really supportive of each other."

quantic_oscillation7 shares a report: The latest notes from the Debian anti-harassment team on Wednesday caught my attention when reading, "We were requested to advice on the appropriateness of a certain package in the Debian archive. Our decision resulted in the package pending removal from the archive." Curiosity got the best of me... What package was deemed too inappropriate for the Debian archive?

When digging further, the package raised to the Debian Anti-Harassment Team was "Weboob." Weboob is short for "Web Outside of Browsers" as it's an open-source collection of software to script and automate the parsing/scraping/gathering-via-API of web data so that it can be consumed by different modules/applications. Weboob.org describes itself as "Weboob is a collection of applications able to interact with websites, without requiring the user to open them in a browser. It also provides well-defined APIs to talk to websites lacking one."

Weboob is Python-based and offers Qt-based user interfaces for accessing these different modules for reading data from different web-sites outside of any conventional web browser. Those interested can learn more about the software at Weboob.org. But, yes, the name is juvenile and likely inappropriate in most professional/corporate environments.

Facebook has disbanded its secretive research lab, where the company developed new hardware like its Portal speakers and researched moonshot projects like brain computer interfaces. "Building 8, the division Facebook created in 2016 to house some of its most ambitious projects, has been disbanded and the projects have been redistributed to other groups within the social media company," reports Mashable. From the report: The change, which was first reported by Business Insider, marks the end of the "Building 8" brand, though the group's work will continue on. Now, thanks to BI, we know that behind the scenes Facebook has separated the Portal team into its own group, which oversees Facebook's other "unannounced hardware projects." Meanwhile, Building 8's researchers have been shuffled to Facebook Reality Labs (FRL), another new group at Facebook lead by Facebook's top VR researcher, Michael Abrash. The FRL group was created in May, around the same time Facebook announced a bigger reorganization among its top executives.

A Facebook spokesperson confirmed to BI that the Building 8 brand was no more, but said it continues to work on the same projects and hasn't laid off any employees as a result of the re-structuring: "Building 8 was the early name of the team building consumer hardware at Facebook. Building 8 is part of Facebook's AR/VR organization. Now that we're shipping, it's the Portal team. And Rafa Camargo is still leading the team; that has not changed. We also unified research looking at longer terms projects under one team, which became Facebook Reality Labs, which is also part of our AR/VR organization. This includes research projects like the Brain Computer Interface."

Nearly 30 years after Microsoft Office came on the scene, it's in the DNA of just about every productivity app. Even if you use Google's G Suite or Apple's iWork, you're still following the Microsoft model. But that way of thinking about work has gotten a little dusty, and new apps offering a different approach to getting things done are popping up by the day. GeekWire: There's a new war on over the way we work, and the old "office suite" is being reinvented around rapid-fire discussion threads, quick sharing and light, simple interfaces where all the work happens inside a single window. In recent years, the buzzwords in tech have been "AI" and "mobile." Today, you can add "collaboration" to that list -- these days, everybody wants to build Slack-like communication into their apps.

For notes and docs, there's Quip, Notejoy, Slite, Zenkit, Notion and Agenda. For spreadsheets, there's Bellevue, Wash.-based Smartsheet, as well as Airtable, Coda and, although it's a very different take on the spreadsheet, Trello. The list goes on seemingly ad infinitum, largely thanks to the relative ease with which developers can launch software in the cloud. "Work has totally changed," said Aaron Levie, the co-founder and CEO of Box, the online storage company that is building its strategy around unifying data and messaging from a dizzying mix of cloud apps. "Employees were lucky to have two, three, five modern applications in the 90s. Now they have almost unlimited ways of being productive."

An anonymous reader quotes a report from Phys.Org: Hydrogels are physical and chemical polymer networks capable of retaining large quantities of liquid in aqueous conditions without losing their dimensional stability. They are used in a whole host of applications, and in combination with other components and they acquire specific properties such as electrical conductivity. The Materials + Technology research group in the Department of Chemical Engineering and Environment of the UPV/EHU's Faculty of Engineering selected a biopolymer that had not previously been used for applications of this type: starch. They created the hydrogel for use in neural interfaces. "Due to the fact that electrodes of neural interfaces made of platinum or gold are rigid, they require conductive polymer coatings to bring their flexibility closer to that of neural tissue. Right now, however, smaller devices are required that offer better mechanical, electrical and biological properties," explained the researcher.

The hydrogels "address these demands very well." To provide the hydrogel with electrical conductivity, they used graphene. "It provides electrical properties that are highly suited to the hydrogel, but this also has a drawback: It is not easily stabilized in water. We used extracts of salvia to overcome this obstacle and to render the graphene stable in an aqueous medium. These extracts also make the hydrogel even more suitable, if that is possible, for use in medicine as it also has antimicrobial and anti-inflammatory properties." The researchers used "click chemistry" to produce the hydrogel. "Unlike other means of synthesis, click chemistry does not tend to use catalysts in the reactions; in addition, no by-products are generated and they are high-performance reactions."

PHP 7.3 RC6 was released earlier this week. Phoronix ran some benchmarks and compared the performance of v7.3 RC6 with releases going back to the v5.5 series. From the story: I ran some fresh benchmarks over the past day on PHP 5.5.38, PHP 5.6.38, PHP 7.0.32, PHP 7.1.24, PHP 7.2.12, and the PHP 7.3.0-RC6 test release. All of the PHP5/PHP7 builds were configured and built in the same manner. All tests happened from the same Dell PowerEdge R7425 dual EPYC server running Ubuntu 18.10 Linux.

Besides continuing to evolve the performance of PHP7, the PHP 7.3 release is also delivering on FFI (the Foreign Function Interface) to access functions / variables / data structures from the C language, a platform-independent manner for obtaining information on network interfaces, an is_countable() call, WebP support within GD's image create from string, updated SQLite support, improved PHP garbage collection performance, and many other enhancements. PHP 7.3 is just shy of 10% faster than PHP 7.2 in the popular PHPBench. PHP 7.3 is 31% faster than PHP 7.0 or nearly 3x the speed of PHP5.

An anonymous reader shares a report: As the holiday shopping season approaches, voice-powered smart speakers are again expected to be big sellers, adding to the approximately one-quarter to one-third of the U.S. population that already owns a smart speaker and uses a voice assistant at least once a month. Voice interfaces have been adopted faster than nearly any other technology in history.

While some of this will likely come to pass, the hype might be disguising where we really are with voice technology: Earlier than we think. About a third of smart speaker owners end up using them less after the first month, according to an NPR and Edison Research report earlier this year. Just a little more than half said they wouldn't want to go back to life without a smart speaker. While people are certainly enthusiastic about the new technology, it's not exactly life-changing yet. Today, voice assistants and smart speakers have proven to be popular ways to turn on the radio or dim the lights or get weather information. But to be revolutionary, they will need to find a greater calling -- a new, breakout application.

Smart speakers, like training wheels, are getting people more used to talking to their devices. However, the future of voice probably won't be on speakers at all. The major speaker makers have all added screens to their assistants. Samsung, smartly, is putting its voice assistant Bixby on its TVs, which have the potential to become the smart assistant hub of choice. The key element is the voice assistant, regardless of what device it resides in. Smart assistants will creep into every aspect of our lives and will be available at home and away.

The Register reports that a new security bug in systemd "can be exploited over the network to, at best, potentially crash a vulnerable Linux machine, or, at worst, execute malicious code on the box" by a malicious host on the same network segment as the victim. According to one Red Hat security engineer, "An attacker could exploit this via malicious DHCP server to corrupt heap memory on client machines, resulting in a denial of service or potential code execution." According to the bug description, systemd-networkd "contains a DHCPv6 client which is written from scratch and can be spawned automatically on managed interfaces when IPv6 router advertisements are received."

OneHundredAndTen shared this article from the Register: In addition to Ubuntu and Red Hat Enterprise Linux, systemd has been adopted as a service manager for Debian, Fedora, CoreOS, Mint, and SUSE Linux Enterprise Server. We're told RHEL 7, at least, does not use the vulnerable component by default.

Systemd creator Leonard Poettering has already published a security fix for the vulnerable component -- this should be weaving its way into distros as we type. If you run a systemd-based Linux system, and rely on systemd-networkd, update your operating system as soon as you can to pick up the fix when available and as necessary.

Pete Warden, an engineer and CTO of Jetpac, writes: When I talk to people about machine learning on phones and devices I often get asked "What's the killer application?". I have a lot of different answers, everything from voice interfaces to entirely new ways of using sensor data, but the one I'm most excited about in the near-team is compression. Despite being fairly well-known in the research community, this seems to surprise a lot of people, so I wanted to share some of my personal thoughts on why I see compression as so promising.

I was reminded of this whole area when I came across an OSDI paper on "Neural Adaptive Content-aware Internet Video Delivery". The summary is that by using neural networks they're able to improve a quality-of-experience metric by 43% if they keep the bandwidth the same, or alternatively reduce the bandwidth by 17% while preserving the perceived quality. There have also been other papers in a similar vein, such as this one on generative compression [PDF], or adaptive image compression. They all show impressive results, so why don't we hear more about compression as a machine learning application?

All of these approaches require comparatively large neural networks, and the amount of arithmetic needed scales with the number of pixels. This means large images or video with high frames-per-second can require more computing power than current phones and similar devices have available. Most CPUs can only practically handle tens of billions of arithmetic operations per second, and running ML compression on HD video could easily require ten times that. The good news is that there are hardware solutions, like the Edge TPU amongst others, that offer the promise of much more compute being available in the future. I'm hopeful that we'll be able to apply these resources to all sorts of compression problems, from video and image, to audio, and even more imaginative approaches.

An anonymous reader quotes ScienceAlert: Neuroscientists have successfully hooked up a three-way brain connection to allow three people share their thoughts -- and in this case, play a Tetris-style game. The team thinks this wild experiment could be scaled up to connect whole networks of people, and yes, it's as weird as it sounds. It works through a combination of electroencephalograms (EEGs), for recording the electrical impulses that indicate brain activity, and transcranial magnetic stimulation, where neurons are stimulated using magnetic fields.

The researchers behind the new system have dubbed it BrainNet, and say it could eventually be used to connect many different minds together, even across the web.... For now it's very slow and not fully reliable, and this work has yet to be peer-reviewed by the neuroscience community, but it's a glimpse at some fanciful ways we could be getting our thoughts across to each other in the future -- maybe even pooling mental resources to try and tackle major problems. "Our results raise the possibility of future brain-to-brain interfaces that enable cooperative problem solving by humans using a 'social network' of connected brains," writes the team.

Microsoft Research has pre-published a new paper to be presented at the IEEE Cybersecurity Development Conference 2018 describing their progress on Checked C, "an extension to C designed to support spatial safety, implemented in Clang and LLVM."

From "Checked C: Making C Safe By Extension": Checked C's design is distinguished by its focus on backward-compatibility, incremental conversion, developer control, and enabling highly performant code... Any part of a program may contain, and benefit from, checked pointers. Such pointers are binary-compatible with legacy, unchecked pointers but have explicitly annotated and enforced bounds. Code units annotated as checked regions provide guaranteed safety: The code within may not use unchecked pointers or unsafe casts that could result in spatial safety violations.

Checked C's bounds-safe interfaces provide checked types to unchecked code, which is useful for retrofitting third party and standard libraries. Together, these features permit incrementally adding safety to a legacy program, rather than making it an all-or-nothing proposition. Our implementation of Checked C as an LLVM extension enjoys good performance, with relatively low run-time and compilation overheads. It is freely available at https://github.com/Microsoft/checkedc and continues to be actively developed.
The extension is enabled as a flag passed to Clang -- the average run-time overhead introduced by adding dynamic checks was 8.6%, though in more than half of the benchmarks the overhead was less than 1%. They also note that from 2012 to 2018, buffer overruns were the leading single cause of CVEs.

Microsoft Research says they're now evaluating Checked C, formalizing a proof of its safety guarantee -- and developing a tool to semi-automatically rewrite legacy C programs.

"Some x86 CPUs have hidden backdoors that let you seize root by sending a command to an undocumented RISC core that manages the main CPU," Tom's Hardware reports, citing a presentation by security researcher Christopher Domas at the Black Hat Briefings conference in Las Vegas. The command -- ".byte 0x0f, 0x3f" in Linux -- "isn't supposed to exist, doesn't have a name, and gives you root right away," Domas said, adding that he calls it "God Mode." The backdoor completely breaks the protection-ring model of operating-system security, in which the OS kernel runs in ring 0, device drivers run in rings 1 and 2, and user applications and interfaces ("userland") run in ring 3, furthest from the kernel and with the least privileges. To put it simply, Domas' God Mode takes you from the outermost to the innermost ring in four bytes. "We have direct ring 3 to ring 0 hardware privilege escalation," Domas said. "This has never been done.... It's a secret, co-located core buried alongside the x86 chip. It has unrestricted access to the x86."

The good news is that, as far as Domas knows, this backdoor exists only on VIA C3 Nehemiah chips made in 2003 and used in embedded systems and thin clients. The bad news is that it's entirely possible that such hidden backdoors exist on many other chipsets. "These black boxes that we're trusting are things that we have no way to look into," he said. "These backdoors probably exist elsewhere." Domas discovered the backdoor, which exists on VIA C3 Nehemiah chips made in 2003, by combing through filed patents.
"Some of the VIA C3 x86 processors have God Mode enabled by default," Domas adds. "You can reach it from userland. Antivirus software, ASLR and all the other security mitigations are useless."

Apple's new patent applications hint at more touch-sensitive surfaces and virtual keyboards. From a report: In the wake of user complaints and multiple lawsuits concerning problems with the "butterfly switch" keyboard Apple has used in its laptops since 2016, the company may be developing new user interfaces that depend less on moving mechanical parts. The company has filed three new keyboard-related patents, Mashable reported on Monday. One of the patent applications describes a laptop with a digital panel where a keyboard traditionally sits. This could be interpreted as a plan to replace the conventional keyboard with technology similar to the Touch Bar -- the row of virtual, customizable buttons that Apple debuted on the Macbook Pro in 2016. The patent also includes information about sensors and haptics embedded beneath the envisioned digital panel, which would allow it to detect and respond to user inputs such as keystrokes, taps and clicks.

TechCrunch's Lucas Matney describes the Lumin operating system that will power Magic Leap's upcoming Magic Leap One mixed reality headset: Alright, first, this is what the Magic Leap One home screen will apparently look like, it's worth noting that it appears that Magic Leap will have some of its own stock apps on the device, which was completely expected but they haven't discussed much about. Also worth noting is that Magic Leap's operating system by and large looks like most other operating systems, they seem to be well aware that flat interfaces are way easier to navigate so you're not going to be engaging with 3D assets just for the sake of doing so. The company seems to be distinguishing between two basic app types for developers: immersive apps and landscape apps. Landscape apps like what you see in the image above, appear to be Magic Leap's version of 2D where interfaces are mostly flat but have some depth and live inside a box called a prism that fits spatially into your environment. It seems that you'll be able to have several of these running simultaneously. Immersive apps, on the other hand, like the game title, Dr. Grordbort -- which Magic Leap has been teasing for years -- respond to the geometry of the space that you are in and is thus called an immersive app.

Moving beyond apps, the company also had a good deal to share about how you interact with what's happening in the headset. Magic Leap will have a companion smartphone app that you can type into, you can connect a bluetooth keyboard and there will also be an onscreen keyboard with dictation capabilities. One of the big highlights of Magic Leap tech is that you'll be able to share perspectives of these apps in a multi-player experience which we now know is called "casting," apps that utilize these feature will just have a button that you can press to share an experience with a contact.

New submitter Paige.Bennett writes: Up till now, graphene has been produced in small batches in labs. But MIT just found a way to mass-produce graphene in large sheets using a process that rolls out five centimeters of graphene each minute. The longest span so far was nearly four hours, which produced about 10 meters of graphene. According to MIT, here's how their conveyor belt system works: "The first spool unfurls a long strip of copper foil, less than one centimeter wide. When it enters the furnace, the foil is fed through first one tube and then another, in a 'split-zone' design. While the foil rolls through the first tube, it heats up to a certain ideal temperature, at which point it is ready to roll through the second tube, where the scientists pump in a specified ratio of methane and hydrogen gas, which are deposited onto the heated foil to produce graphene." The work has been published in the journal Materials and Interfaces.

An anonymous reader quotes a report from The Verge: NASA may make some big changes to the first couple flights of its future deep-space rocket, the Space Launch System, after getting a recent funding boost from Congress to build a new launch platform. When humans fly on the rocket for the first time in the 2020s, they might ride on a less powerful version of the vehicle than NASA had expected. If the changes move forward, it could scale down the first crewed mission into deep space in more than 45 years. The SLS has been in development for the last decade, and when complete, it will be NASA's main rocket for taking astronauts to the Moon and Mars. NASA has long planned to debut the SLS with two crucial test missions. The first flight, called EM-1, will be uncrewed, and it will send the smallest planned version of the rocket on a three-week long trip around the Moon. Three years later, NASA plans to launch a bigger, more powerful version of the rocket around the Moon with a two-person crew -- a mission called EM-2.

But now, NASA may delay that rocket upgrade and fly the same small version of the SLS for the crewed flight instead. If that happens, NASA would need to come up with a different type of mission for the crew to do since they won't be riding on the more powerful version of the vehicle. "If EM-2 flies that way, we would have to change the mission profile because we can't do what we could do if we had the [larger SLS]," Robert Lightfoot, NASA's acting administrator, said during a Congressional hearing yesterday. NASA clarified that astronauts would still fly around the Moon on the second flight. However, the rocket would not be able to carry extra science payloads as NASA had originally planned. "The primary objective for EM-2 is to demonstrate critical functions with crew aboard, including mission planning, system performance, crew interfaces, and navigation and guidance in deep space, which can be accomplished on a Block 1 SLS," a NASA spokesperson said in a statement to The Verge.

Google says it is working on a big refresh for Gmail on the web. From a report: The upgrade was revealed in a message from Google to administrators of G Suite accounts -- G Suite being the suite of Google services that organizations can use on their own web domains, rather than Google's. The message stated that the changes would be coming to consumer Gmail accounts, as well as G Suite accounts. Google said the refresh would include not only a "fresh, clean look for Gmail on the web," but also easy ways to access other Google services, such as Google Calendar, from the Gmail web app. The company recently started winding down its Chrome apps for all platforms but Google's own Chrome OS. Windows, Mac and Linux users are now being encouraged to instead use Google's web apps, and it's only logical that those interfaces are now getting upgraded to include the functionality that would otherwise be lost. The Verge has screenshots of the new interface.

Google could owe Oracle billions of dollars after an appeals court said it didn't have the right to use the Oracle-owned Java programming code in its Android operating system on mobile devices. From a report: Google's use of Java shortcuts to develop Android went too far and was a violation of Oracle's copyrights, the U.S. Court of Appeals for the Federal Circuit ruled. The case was remanded to a federal court in California to determine how much the Alphabet unit should pay.

The dispute is over pre-written directions known as application program interfaces, or APIs, which can work across different types of devices and provide the instructions for things like connecting to the internet or accessing certain types of files. By using the APIs, programmers don't have to write new code from scratch to implement every function in their software or change it for every type of device. The case has divided Silicon Valley for years, testing the boundaries between the rights of those who develop interface code and those who rely on it to develop software programs.

An anonymous reader writes: Even if Twitter hasn't invested much in anti-bot software, some of its most technically proficient users have. They're writing and refining code that can use Twitter's public application programming interface, or API, as well as Google and other online interfaces, to ferret out fake accounts and bad actors. The effort, at least among the researchers I spoke with, has begun with hunting bots designed to promote pornographic material -- a type of fake account that is particularly easy to spot -- but the plan is to eventually broaden the hunt to other types of bots. The bot-hunting programming and research has been a strictly volunteer, part-time endeavor, but the efforts have collectively identified tens of thousands of fake accounts, underlining just how much low-hanging fruit remains for Twitter to prune.

Among the part-time bot-hunters is French security researcher and freelance Android developer Baptiste Robert, who in February of this year noticed that Twitter accounts with profile photos of scantily clad women were liking his tweets or following him on Twitter. Aside from the sexually suggestive images, the bots had similarities. Not only did these Twitter accounts typically include profile photos of adult actresses, but they also had similar bios, followed similar accounts, liked more tweets than they retweeted, had fewer than 1,000 followers, and directed readers to click the link in their bios.

BrianFagioli writes: GNOME 3.28 is the latest version of GNOME 3, and is the result of 6 months' hard work by the GNOME community. It contains several major new features, as well as many smaller improvements and bug fixes. In total, the release incorporates 24105 changes, made by approximately 778 contributors.

The Project explains, "GNOME 3.28 comes with more beautiful things! First, and most significantly, GNOME's default interface font (called Cantarell) has undergone a significant update. Character forms and spacing have been evolved, so that text is more readable and attractive. Several new weights have also been added -- light and extra bold -- which are being used to produce interfaces that are both modern and beautiful. Other beautiful things include GNOME's collection of background wallpapers, which has been updated to include a lovely set of photographs, and the selection of profile pictures, which has been completely updated with attractive new images to pick from."

Unfortunately, you can't just click on a button and upgrade to GNOME 3.28 today. Actually, for the most part, you will need to wait for it to become available for your operating system. Sadly, this can take a while. Fedora users, for instance, will have to wait for a major OS upgrade for it to become available.