chicksdaddy writes "More than six months after hacked Emergency Alert System (EAS) hardware allowed a phony warning about a zombie uprising to air in several U.S. states, a security consulting company is warning that serious issues persist in software from Monroe Electronics, whose equipment was compromised in the earlier attack. In a blog post, Mike Davis of the firm IOActive said patches issued by Monroe Electronics, the Lyndonville, New York firm that is a leading supplier of EAS hardware, do not adequately address problems raised earlier this year, including the use of 'bad and predictable' login credentials. Further inspection by Davis turned up other problems that were either missed in the initial code review or introduced by the patch. They include the use of “predictable and hard-coded keys and passwords,” as well as web-based backups that were publicly accessible and that contained valid user credentials. Monroe’s R-189 CAP-EAS product was the target of a hack in February during which EAS equipment operated by broadcasters in Montana, Michigan and other states was compromised and used to issue an alert claiming that the 'dead are rising from their graves,' and advising residents not to attempt to apprehend them. CAP refers to the Common Alerting Protocol, a successor to EAS. A recent search using the Shodan search engine by University of Florida graduate student Shawn Merdinger found more than 200 Monroe devices still accessible from the public Internet. 66% of those were running vulnerable versions of the Monroe firmware."
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
benonemusic writes "The commercially available D-Wave computer has demonstrated its ability to perform increasingly complex tasks. But is it a real quantum computer? A new round of research continues the debate over how much its calculations owe to exotic quantum-physics phenomena. 'One side argues there is too much noise in the D-Wave system, which prevents consistent entanglement. But in an adiabatic device, certain types of entanglement are not as vital as they are in the traditional model of a quantum computer. Some researchers are attempting to solve this conundrum by proving the presence or absence of entanglement. If they show entanglement is absent, that would be the end of the discussion. On the other hand, even if some of D-Wave's qubits are entangled, this doesn't mean the device is taking advantage of it. Another way to prove D-Wave's quantumness would be to confirm it is indeed performing quantum, and not classical, annealing. Lidar has published work to this effect, but that triggered opposition, and then a counter-point. The debate continues.'"
An anonymous reader writes "NFTables is queued up for merging into the Linux 3.13 kernel. NFTables is a four-year-old project by the creators of Netfilter to write a new packet filtering / firewall engine for the Linux kernel to deprecate iptables (though it now offers an iptables compatibility layer too). NFTables promises to be more powerful, simpler, reduce code complication, improve error reporting, and provide more efficient handling of packet filter rules. The code was merged into net-next for the Linux 3.13 kernel. Iptables will still be present until NFTables is finished, but it is possible to try it out now. LWN also has a writeup on NFTables."
UnknowingFool writes "After reports of update problems including bricking of some devices, Microsoft has pulled the 8.1 update for RT from their store while they investigate. 'Microsoft is investigating a situation affecting a limited number of users updating their Windows RT devices to Windows RT 8.1. As a result, we have temporarily removed the Windows RT 8.1 update from the Windows Store. We are working to resolve the situation as quickly as possible and apologize for any inconvenience. We will provide updates as they become available.' While update problems are not new to software, could this be a consequence of Microsoft not releasing 8.1 RTM to developers? Developers may have experienced problems earlier and alerted Microsoft before it went live."
jones_supa writes "If you want to find the computer geniuses of tomorrow, you could do worse than to check out which kids are playing Minecraft. In a Google+ post, the Google Quantum A.I. Lab Team says that they've released a mod called qCraft to enable kids (and adults) to play around with blocks that exhibit behaviors like quantum entanglement, superposition and observer dependency. qCraft obviously isn't a perfect scientific simulation, but it's a fun way for players to experience a few parts of quantum mechanics outside of thought experiments or dense textbook examples. The team doesn't know the full potential of what you can make with the mod, but they are excited to see what Minecraft's players can discover."
Hugh Pickens DOT Com writes "Rachel Oswald reports that the Union of Concerned Scientists, an independent science advocacy organization, says that the United States should cancel plans to build a multi-billion dollar plutonium research facility in New Mexico and criticizes Obama administration plans for nuclear facilities and weapons. They argue that the plans to build new fissile-material handling plants are unnecessarily ambitious given the expected future downward trajectory of the U.S. nuclear arsenal. The proposed Chemistry and Metallurgy Research Replacement plant (CMRR) building at Los Alamos would replace a Cold War-era site at a cost of $6 billion. It is intended to assist in ensuring new and existing plutonium pits are in working order absent a return by the country to nuclear-weapons testing. The 81-page UCS report, 'Making Smart Security Choices,' (PDF) says if the U.S. carries out limited reductions of its nuclear arsenal over the next-quarter century — as President Obama has said he would like to do — current facilities at Los Alamos can produce sufficient plutonium cores to maintain the warhead stockpile. The CMRR complex is designed to have the capacity to produce between 50 and 80 plutonium pits annually even though no more than 50 cores are needed yearly and Los Alamos currently has that production capability, says report co-author Lisbeth Gronlund. 'The idea that you would need to produce up to 80 [cores] is not warranted,' says Gronlund. 'We think it's time just to cancel the whole thing.'"
wabrandsma writes "New Scientist reports that 'A bacterium has had its genome recoded so that the standard language of life no longer applies. Instead, one of its words has been freed up to impart a different meaning, allowing the addition of genetic elements that don't exist in nature. ... The four letters of the genetic code are usually read by a cell's protein-production machinery, the ribosome, in sets of three letters called codons. Each codon "word" provides instructions about which amino acid to add next to a growing peptide chain. Although there are 64 ways of combining four letters, only 61 codons are used to encode the 20 amino acids found in nature. ... The three combinations left over, UAG, UAA and UGA, act like a full stop or period – telling the ribosome to terminate the process at that point. ... A team of synthetic biologists led by Farren Isaacs at Yale University have now fundamentally rewritten these rules (abstract). They took Escherichia coli cells and replaced all of their UAG stop codons with UAAs. They also deleted the instructions for making the release factor that usually binds to UAG, rendering UAG meaningless. Next they set about assigning UAG a new meaning, by designing molecules called tRNAs and accompanying enzymes that would attach an unnatural amino acid – fed to the cell – whenever they spotted this codon."
Daniel_Stuckey writes "We all know that Wikipedia can be subverted—it’s an inevitability of an open platform that some people will seek to abuse it, whether to gain some advantage or just for a laugh. Fortunately, the Wikipedia community has strong mechanisms in place to deal with this, from the famous cry of  to the rigorous checks and standards put in place by its hierarchy of editors and admins. In recent months though, Insiders have encountered something altogether more worrying: a concerted attack on the very fabric of Wikipedia by PR companies that have subverted the online encyclopedia's editing hierarchy to alter articles on a massive scale—perhaps tens of thousands of them. Wikipedia is the world's most popular source of cultural, historical, and scientific knowledge—if their fears are correct, its all-important credibility could be on the line... Adam Masonbrink, a founder and Vice-President of Sales at Wiki-PR, boasts of new clients including Priceline and Viacom. Viacom didn't respond ... but Priceline — a NASDAQ listed firm with over 5,000 employees and William Shatner as their official spokesman — did. Sadly, Priceline didn't choose to respond to us via Captain Kirk; instead Leslie Cafferty, vice president of corporate communications and public relations, admitted, 'We are using them to help us get all of our brands a presence because I don't have the resources internally to otherwise manage.'"
itwbennett writes "OCZ, one of the first commercial solid-state drive (SSD) makers has been blaming a shortage of NAND for its woes for some time now, but things have taken a precipitous turn for the worse: 'For its second fiscal quarter ended August 31, 2013, revenue was $33.5 million, a huge drop compared to revenue of $55.3 million for the first quarter of 2013 and revenue of $88.6 million for the second quarter of 2012. The net loss for this quarter was massive, $26 million, a doubling of the $13.1 million loss in the same quarter last year.' The company has burned through cash, its stock collapsed, and now so have sales. Meanwhile, other SSD makers are doing well. So what is happening here?"
dryriver sends this quote from the BBC: "Samsung has said that it will stop taking rivals to court [in the E.U.] over certain patent infringements for the next five years. The white flag in the patent battle has been raised because the South Korean electronics firm faces a huge fine for alleged abuses of the system. The move could help end a long-running patent war between the world's largest mobile makers. The E.U. said that a resolution would bring 'clarity to the industry'. 'Samsung has offered to abstain from seeking injunctions for mobile SEPs (standard essential patents) for a period of five years against any company that agrees to a particular licensing framework,' the European Commission said in a statement. Standard essential patents refer to inventions recognised as being critical to implementing an industry standard technology. Examples of such technologies include the Universal Mobile Telecommunications System (UMTS), a cellular standard at the heart of 3G data; and H.264, a video compression format used by YouTube, Blu-ray disks and Adobe Flash Player among others. The E.U. had accused the Samsung of stifling competition by bringing a series of SEP lawsuits against Apple and other rivals."
An anonymous reader writes "According to the Washington Post, 'Former Vice President Dick Cheney says he once feared that terrorists could use the electrical device that had been implanted near his heart to kill him and had his doctor disable its wireless function. Cheney has a history of heart trouble, suffering the first of five heart attacks at age 37. ... In an interview with CBS' 60 Minutes, Cheney says doctors replaced an implanted defibrillator near his heart in 2007. The device can detect irregular heartbeats and control them with electrical jolts. Cheney says that he and his doctor, cardiologist Jonathan Reiner, turned off the device's wireless function in case a terrorist tried to send his heart a fatal shock.' More at CBS News."
slack_justyb writes "In a blog post, Mark Shuttleworth sends his congrats to the Ubuntu developers for the recent release of 13.10 and talks about 14.04's codename (Trusty Tahr). He also takes aim at what he calls 'The Open Source Tea Party.' He writes, 'Mir is really important work. When lots of competitors attack a project on purely political grounds, you have to wonder what their agenda is. At least we know now who belongs to the Open Source Tea Party ;)' He cites all the complaints about Mir and even calls out Lennart Poettering's systemd, who is the past has pointed out Canonical's tendency to favor projects they control. Shuttleworth continues, 'And to put all the hue and cry into context: Mir is relevant for approximately 1% of all developers, just those who think about shell development. Every app developer will consume Mir through their toolkit. By contrast, those same outraged individuals have NIH’d just about every important piece of the stack they can get their hands on most notably SystemD, which is hugely invasive and hardly justified. What closely to see how competitors to Canonical torture the English language in their efforts to justify how those toolkits should support Windows but not Mir. But we'll get it done, and it will be amazing.' However, not all has earned Mark's scorn. He even goes so far to show some love for Linux Mint: 'So yes, I am very proud to be, as the Register puts it, the Ubuntu Daddy. My affection for this community in its broadest sense – from Mint to our cloud developer audience, and all the teams at Canonical and in each of our derivatives, is very tangible today.'"
Nerval's Lobster writes "Huawei Technologies, the Chinese telecom giant banned from selling to U.S. government agencies due to its alleged ties to Chinese intelligence services, is trying to turn the tables on its accusers by offering itself as a safe haven for customers concerned that the NSA has compromised their own IT vendors. 'We have never been asked to provide access to our technology, or provide any data or information on any citizen or organization to any Government, or their agencies,' Huawei Deputy Chairman Ken Hu said in the introduction to a 52-page white paper on cybersecurity published Oct. 18. Huawei was banned from selling to U.S. government entities and faced barriers to civilian sales following a 2012 report from the U.S. House of Representatives that concluded Huawei's management had not been forthcoming enough to convince committee members to disregard charges it had given Chinese intelligence services backdoors into its secure systems and allowed Chinese intelligence agents to pose as Huawei employees. But the company promises to create test centers where governments and customers can test its products and inspect its services as part of an 'open, transparent and sincere' approach to questions about its alleged ties, according to a statement in the white paper from Huawei CEO Ren Zhengfei. Can Huawei actually gain more customers by playing off the Snowden scandal?"
ananyo writes "A 1.8 million-year-old human skull dramatically simplifies the textbook story of human evolution, suggesting what were thought to be three distinct species of early human (Homo habilis, Homo rudolfensis and Homo erectus) was just one. 'Skull 5', along with four other skulls from the same excavation site at Dmanisi, Georgia, also shows that early humans were as physically diverse as we are today (paper abstract)."
New submitter rex.clts writes "In the IT security world, it is common practice to withhold specifics when announcing a newly discovered software vulnerability. The exact details regarding a buffer overflow or race condition are typically kept secret until a patch is available, to slow the proliferation of exploits against the hole. For the first time, this practice has been extended to medical publishing. A new form of Botulism has been identified, but its DNA sequence (the genetic code that makes up the toxin) has been withheld, until an antidote has been found. It seems that censorship in the name of "security" is spreading (with DHS involved this comes as no surprise.) Is this the right move?"