Nerval's Lobster writes "The U.S. Army Research Laboratory has awarded as much as $48 million to researchers trying to build computer-security systems that can identify even the most subtle human-exploit attacks and respond without human intervention. The more difficult part of the research will be to develop models of human behavior that allow security systems decide, accurately and on their own, whether actions by humans are part of an attack (whether the humans involved realize it or not). The Army Research Lab (ARL) announced Oct. 8 a grant of $23.2 million to fund a five-year cooperative effort among a team of researchers at Penn State University, the University of California, Davis, Univ. California, Riverside and Indiana University. The five-year program comes with the option to extend it to 10 years with the addition of another $25 million in funding. As part of the project, researchers will need to systematize the criteria and tools used for security analysis, making sure the code detects malicious intrusions rather than legitimate access, all while preserving enough data about any breach for later forensic analysis, according to Alexander Kott, associate director for science and technology at the U.S. Army Research Laboratory. Identifying whether the behavior of humans is malicious or not is difficult even for other humans, especially when it's not clear whether users who open a door to attackers knew what they were doing or, conversely, whether the "attackers" are perfectly legitimate and it's the security monitoring staff who are overreacting. Twenty-nine percent of attacks tracked in the April 23 2013 Verizon Data Breach Investigations Report could be traced to social-engineering or phishing tactics whose goal is to manipulate humans into giving attackers access to secured systems."
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Jah-Wren Ryel writes "Florida's hanging chads ain't going nothing on Azerbaijan. Fully a day before the polls were to open, election results were accidentally released via an official smartphone app, confirming what everybody already knew — the election was rigged from the beginning. The official story is that the app's developer had mistakenly sent out the 2008 election results as part of a test. But that's a bit flimsy, given that the released totals show the candidates from this week, not from 2008."
Lucas123 writes "Engineers at Disney Research in Pittsburgh have developed an algorithm that creates the illusion of a 3D surface on touch screens. Using electrical impulses, the touch screen technology offers the sensation of ridges, edges, protrusions and bumps and any combination of those textures. While Disney is not alone in developing tactile response touchscreens, its researchers said the traditional approach has been to use a library of 'canned effects,' that are played back when someone touches a screen. Disney's algorithm doesn't just playback one or two responses, but it offers a set of controls that make it possible to tune tactile effects to a specific visual artifact on the fly. 'Our algorithm is concise, light and easily applicable on static images and video streams,' the researchers stated." This summer Disney unveiled AIREAL, a system designed to give tactile sensations to people using motion control devices.
alphadogg writes "If you think your house has bad cellular coverage, Verizon Wireless has you beat: A small, windowless room high up in a San Francisco office building gets no service at all. That's not because carriers are neglecting the bustling South of Market business district where the room is located. Instead, it's because Verizon is paying so much attention to what's going on there. The room with zero bars is in the heart of the Verizon Innovation Center, where Verizon network and business experts help developers of new wireless devices and apps to turn their ideas into products."
An anonymous reader writes "A day after TEPCO workers mistakenly turned off cooling pumps serving the spent pool at reactor #4 at the crippled nuclear plant comes a new accident — 6 workers apparently removed the wrong pipe from a primary filtration system and were doused with highly radioactive water. They were wearing protection yet such continuing mishaps and 'small mistakes' are becoming a pattern at the facility."
ananyo writes "Fusion unleashes vast amounts of energy that might one day be used to power giant electrical grids. But the laboratory systems that seem most promising produce radiation in the form of fast-moving neutrons, and these present a health hazard that requires heavy shielding and even degrades the walls of the fusion reactor. Physicists have now produced fusion at an accelerated rate in the laboratory without generating harmful neutrons (abstract). A team led by Christine Labaune, research director of the CNRS Laboratory for the Use of Intense Lasers at the Ecole Polytechnique in Palaiseau, France, used a two-laser system to fuse protons and boron-11 nuclei. One laser created a short-lived plasma, or highly ionized gas of boron nuclei, by heating boron atoms; the other laser generated a beam of protons that smashed into the boron nuclei, releasing slow-moving helium particles but no neutrons. Previous laser experiments that generated boron fusion aimed the laser at a boron target to initiate the reaction. In the new experiment, the laser-generated proton beam produces a tenfold increase of boron fusion because protons and boron nuclei are instead collided together directly."
Hugh Pickens DOT Com writes "NBC reports that flying instructors at Humberside Airport, near the city of Hull in northeast England, told a passenger who had never flown before how to land a four-seater Cessna 172 after the pilot collapsed and died at the controls. Passenger John Wildey explained to air traffic controllers that he had no flying experience and that the pilot could not control the plane. 'It came down with a bump, a bump, a bump, hit the front end down, I heard some crashing and it's come to a halt,' said Stuart Sykes. 'There were a few sparks and three or four crashes, that must have been the propeller hitting the floor. Then it uprighted again and it came to a stop.' Roads around the airport were closed while two incoming flights to the airport, from Scotland and the Netherlands, were delayed as a result of the incident. The passenger took four passes of the runway, and there were cheers from the control tower when it finally came to a halt on the ground. 'For somebody who is not a pilot but has been around airfields and been a passenger on several occasions to take control is nothing short of phenomenal," said Richard Tomlinson. "He made quite a good landing, actually,' added flight instructor Murray. 'He didn't know the layout of the airplane. He didn't have lights on so he was absolutely flying blind as well.'"
SmartAboutThings writes "Mozilla has officially introduced the first update to its mobile Firefox OS. The very first update to Firefox OS adds some important new features, performance improvements and additional language support. Some of the most important changes include MMS support, Push Notifications API, Contact Management enhancements, Firefox browser downloads, Keyboard improvements and much more. In a separate announcement, Mozilla also said that new launches of Firefox OS smartphones will begin soon with more devices and in more markets around the world."
An anonymous reader writes "More than 90% of nuclear regulators are being sent home due to the Federal Government shutdown, as the agency announced today that it was out of funds. Without Congressional appropriations, the nuclear watchdog closes its doors for what appears to be the first time in U.S. history. CNN reports that while a skeleton crew remains to monitor the nation's 100 nuclear reactors, regulatory efforts to prevent a Fukushima-like incident in the United States have ceased."
iONiUM writes "Samsung today unveiled the Galaxy Round phone with a curved 5.7" display. It comes with a hefty $1,000 USD price tag. This is a follow-up to the 55" curved TVs it began selling in June, and is most likely an intermediate form in the development of fold-able phones. Considering the recent LG announcement of mass OLED flexible screen production, it seems we are getting close to flexible phones. One question I wonder: will Apple follow suit? So far there has been no indication they are even attempting flexible/bendable screens."
says Wikipedia, "is a writer and advocate for free and open source software, writing for LinuxWorld and Linux Today." This is an obsolete description. Don has moved on and broadened his scope. He still thinks, he still writes, and what he writes is still worth reading even if it's not necessarily about Linux or Free Software. For instance, he wrote a piece titled Targeted Advertising Considered Harmful, and has written lots more at zgp.org that might interest you. But even just sticking to the ad biz, Don has had enough to say recently that we ended up breaking this video conversation into two parts, with one running today and the other one running tomorrow.
jones_supa writes "A new major version of the classic GNU Make software has been released. First of all, Make 4.0 has integration support for GNU Guile Scheme. Guile is the extension system of the GNU project that is a Scheme programming language implementation and now in the Make world will be the embedded extension language. 4.0 also features a new 'output-sync' option, 'trace-enables' for tracing of targets, a 'none' flag for the 'debug' argument, and the 'job server' and .ONESHELL features are now supported under Windows. There are also new assignment operators, a new function for writing to files, and other enhancements. It's been reported that Make 4.0 also has more than 80 bug-fixes. More details can be found from their release announcement on the mailing list."
Nerval's Lobster writes "Nest (based in Palo Alto, and headed by former Apple executive Tony Fadell) is out to reinvent the ugly, blocky devices—starting with the thermostat—that we bolt to our walls and ceilings out of necessity. Its new Nest Protect, looks more like something for streaming music or movies than a smoke detector; inside its chic shell, the device packs an embedded system-on-a-chip and a handful of sensors, capable of connecting to other devices via wireless. 'Would this be a cherished product? Can it be more than a rational purchase — can it be an emotional one?' is the thought process that Fadell uses when evaluating new products for Nest-ification, according to Wired. That sounds like something Apple designer Jony Ive would say about the latest iDevice; your own mileage may vary on whether you consider that a good thing. Whether or not Nest actually succeeds, its emphasis on friendly design and function could serve as a template for helping popularize the so-called 'Internet of Things,' or the giant networks of interconnected devices that everybody seems to think is coming in a few short years: by giving stodgy hardware an iPhone-like sheen, complete with all sorts of bells and whistles, you could potentially change consumer mindsets from 'Do I really need to buy this thing?' to 'I want to buy this thing.' Some privacy advocates are already crying foul ('My dear privacy enthusiast: activity sensors?' The Kernel's Greg Stevens wrote, tongue somewhat in cheek, about Nest Protect in a recent blog posting. 'Ladies and gentlemen, how can you possibly stay silent about the possible abuses of such a device?'), but since when have concerns over privacy prevented people from buying the next 'cool' device?"
Lucas123 writes "There are efforts underway within the auto industry to create a standard, Linux-based platform for In-Vehicle Infotainment (IVI) systems so that cars will act more like smartphones instead of having only about 10% of that functionality today. For example, Tesla's Model S IVI system, which is based on Linux, is designed to allow drivers to navigate using Google Maps with live traffic information, listen to streaming music from any online radio station and have access to an Internet browser for news or restaurant reviews. Having an industry-wide open-source IVI operating system would create a reusable platform consisting of core services, middleware and open application layer interfaces that eliminate the redundant efforts to create separate proprietary systems by automakers and their tier 1 suppliers like Microsoft. By developing an open-source platform, carmakers can share upgrades as they arrive."
An anonymous reader writes "The South African Education Department has effectively banned the use of FOSS software in state-run schools by forcing all candidates writing the Computer Applications Technology examination to use Microsoft's Office 2010 or 2013 as the only supported options. In the same circular, the state has mandated that all schools use Delphi, instead of Java, as the programming language for the country's Information Technology practical paper. South Africa, notorious for its poor performance in Maths and Science and for having vastly over-crowded and underfunded schools, are now locked into costly Microsoft licensing because of this decision."
ananyo writes "One day, computers may be able to simulate exactly how enzymes, ion channels, viruses, DNA and other complex biological molecules react with each other inside a cell. And if such a software package is ever written, it will owe its development to three researchers who today won the Nobel Prize in Chemistry: Martin Karplus, of Harvard University and the University of Strasbourg, Michael Levitt, of Stanford University, and Arieh Warshel, of the University of Southern California in Los Angeles. Starting in the 1970s — working with computers far less powerful than today's smartphones — the three theorists made advances in computer modeling that laid the foundations for modern software used to simulate protein folding, design drugs and even artificial enzymes, and understand the workings of complex catalysts. In essence, says Sven Lidin, the chairman of the Nobel committee, they 'took the chemical experiment to cyberspace.'"
Hugh Pickens DOT Com writes "Ed Felton writes about an incident, in 2003, in which someone tried to backdoor the Linux kernel. Back in 2003 Linux used BitKeeper to store the master copy of the Linux source code. If a developer wanted to propose a modification to the Linux code, they would submit their proposed change, and it would go through an organized approval process to decide whether the change would be accepted into the master code. But some people didn't like BitKeeper, so a second copy of the source code was kept in CVS. On November 5, 2003, Larry McAvoy noticed that there was a code change in the CVS copy that did not have a pointer to a record of approval. Investigation showed that the change had never been approved and, stranger yet, that this change did not appear in the primary BitKeeper repository at all. Further investigation determined that someone had apparently broken in electronically to the CVS server and inserted a small change to wait4: 'if ((options == (__WCLONE|__WALL)) && (current->uid = 0)) ...' A casual reading makes it look like innocuous error-checking code, but a careful reader would notice that, near the end of the first line, it said '= 0' rather than '== 0' so the effect of this code is to give root privileges to any piece of software that called wait4 in a particular way that is supposed to be invalid. In other words it's a classic backdoor. We don't know who it was that made the attempt—and we probably never will. But the attempt didn't work, because the Linux team was careful enough to notice that that this code was in the CVS repository without having gone through the normal approval process. 'Could this have been an NSA attack? Maybe. But there were many others who had the skill and motivation to carry out this attack,' writes Felton. 'Unless somebody confesses, or a smoking-gun document turns up, we'll never know.'"
First time accepted submitter eekee writes "The targets are high, but so is the goal: releasing Verilog source code for a GPU implementation. The source will be open source, LGPL-licensed, and suitable for loading onto an FPGA. The first target is for a 2D GPU with PCI interface; perhaps not terribly interesting in itself, but the first stretch goal is much more exciting: full OpenGL and Direct3D graphics." Unlike the Open Graphics Project, this is starting from a working 2D accelerator and mostly working 3D accelerator cloning the features of the Number Nine Ticket to Ride hardware. If they get a meelion bucks they'll overhaul the chip to support something other than PCI (although you can bridge between PCI and PCIe) and implement a modern programmable rather than fixed-function chip. Also unlike OGP, they do not appear interested in producing hardware, instead focusing entirely on the core itself for use in FPGAs (anyone want to dust off the OGD1 design?)
sciencehabit writes "It seemed like the perfect forensic tale. Earlier this year, a geneticist concluded that the remains of a blood-soaked cloth stored for centuries in an 18th century gourd likely belonged to the severed head of the last French king, Louis XVI — a conclusion supported by the fact that the DNA matched that taken from a mummified head belonging to his direct ancestor, King Henry IV. So confident were some people about the findings that a company now offers a blood test for anyone who wants to see if they, too, are descendants of this royal family. But new research released today calls into question the identities of both the blood and the head, arguing that the DNA in those samples does not match the DNA in living relatives of these kings."
itwbennett writes "Google launched the citywide Wi-Fi network with much fanfare in 2006 as a way for Mountain View residents and businesses to connect to the Internet at no cost. It covers most of the Silicon Valley city and worked well until last year, as Slashdot readers may recall, when connectivity got rapidly worse. As a result, Mountain View is installing new Wi-Fi hotspots in parts of the city to supplement the poorly performing network operated by Google. Both the city and Google have blamed the problems on the design of the network. Google, which is involved in several projects to provide Internet access in various parts of the world, said in a statement that it is 'actively in discussions with the Mountain View city staff to review several options for the future of the network.'"
An anonymous reader writes "vBulletin is a popular proprietary CMS that was recently reported to be vulnerable to an unspecified attack vector. Although vBulletin has not disclosed the root cause of the vulnerability or its impact, we determined the attacker's methods. The identified vulnerability allows an attacker to abuse the vBulletin configuration mechanism in order to create a secondary administrative account. Once the attacker creates the account, they will have full control over the exploited vBulletin application, and subsequently the supported site."
An anonymous reader writes "NASA's Juno mission to Jupiter will perform a close 'fly-by' of the Earth in a few hours. To assist with its radio and plasma wave experiment, the mission is asking amateur radio operators to send a 'Morse Code' message to the probe as it passes." The page has all the info you need: "The activity will begin at 18:00 UTC on October 9, 2013 and continue until 20:40 UTC. This page will clearly indicate when you should key up or key down to transmit 'HI' to Juno in Morse Code (see examples below). The Morse code pattern below can also act as a guide. The 'HI' message will be repeated every 10 minutes, beginning at 18:00, 18:10, 18:20, etc. "
An anonymous reader writes "Last week authorities shut down Silk Road, an online black market that made use of Tor to hide activity. They also arrested the site's primary operator, Ross Ulbricht, and seized his possessions. Now, an AP report indicates at least 8 more arrests have been made on people suspected to have sold drugs through the site. Four of the arrests happened in the U.K., two were in the U.S. and two were in Sweden. It looks like they're gearing up for more arrests, as well. Keith Bristow of Britain's National Crime Agency said, 'These latest arrests are just the start; there are many more to come.' Authorities are reportedly mining the site's customer review system, which contains months worth of transaction data, for further leads."
alphadogg writes "Vendor tests and very early 802.11ac customers provide a reality check on 'gigabit Wi-Fi' but also confirm much of its promise. Vendors have been testing their 11ac products for months, yielding data that show how 11ac performs and what variables can affect performance. Some of the tests are under ideal laboratory-style conditions; others involve actual or simulated production networks. Among the results: consistent 400M to 800Mbps throughput for 11ac clients in best-case situations, higher throughput as range increases compared to 11n, more clients serviced by each access point, and a boost in performance for existing 11n clients."
beckman101 writes "Two years ago the Gameduino brought retro-style gaming to the Arduino. This week its successor launched on Kickstarter, still fully open-source but with a video that shows it running some contemporary-looking demos. Plus, it has a touch screen and a pretty decent 3-axis accelerometer. Farewell to the retro?"
mattydread23 writes "Most gamification efforts fail. But when DirecTV wanted to encourage its IT staff to be more open about sharing failures, it created a massive internal game called F12. Less than a year later, it's got 97% participation and nearly everybody in the IT group actually likes competing. So what did DirecTV do right? The most important thing was to devote a full-time staffer to the game, and to keep updating it constantly."