Submission + - The 2017 Hugo Awards

Dave Knott writes: The Hugo Awards, the most prestigious awards in science fiction, had their 2017 ceremony today, at WorldCon 75 in Helsinki, Finland.
The winners are:

Best Novel: The Obelisk Gate by N.K. Jemisin
Best Novella: "Every Heart a Doorway" by Seanan McGuire
Best Novelette: "The Tomato Thief" by Ursula Vernon
Best Short Story: "Seasons of Glass and Iron", by Amal El-Mohtar
Best Related Work: Words Are My Matter: Writings About Life and Books, 2000-2016 by Ursula K Le Guin
Best Graphic Story: Monstress, Volume 1: Awakening , written by Marjorie Liu, illustrated by Sana Takeda
Best Dramatic Presentation: Arrival , screenplay by Eric Heisserer based on a short story by Ted Chiang, directed by Denis Villeneuve
Best Dramatic Presentation: The Expanse: Leviathan Wakes , written by Mark Fergus and Hawk Ostby, directed by Terry McDonough
Best Series: The Vorkosigan Saga, by Lois McMaster Bujold (Baen)
John W Campbell Award for Best New Writer: Ada Palmer

Just as they did last year, female creators have dominated the awards, with women taking home awards in the major categories—including N. K. Jemisin, who became the first woman to win the Hugo for Best Novel twice in a row since Lois McMaster Bujold did in 1991 and 1992.
This year’s slate of nominees, unlike the drama surrounding the 2016 and 2015 Hugos, was less impacted by the ballot-stuffing tactics of the “Rabid Puppies”, thanks to a change in the way nominees were voted for this year (including the fact no work could appear in more than one category) in an attempt to avoid tactical slate picks.

Submission + - A New Report Raises Big Questions About Last Year's DNC Hack (thenation.com) 4

Bartles writes: This story from The Nation raises questions about the feasibility of transferring the 2 gigbaytes of data that were stolen from the DNC last year. Was it possible in 2016 to transfer 2 gigabytes of data from DC to Romania through a VPN in 87 seconds?



Forensicator’s first decisive findings, made public in the paper dated July 9, concerned the volume of the supposedly hacked material and what is called the transfer rate—the time a remote hack would require. The metadata established several facts in this regard with granular precision: On the evening of July 5, 2016, 1,976 megabytes of data were downloaded from the DNC’s server. The operation took 87 seconds. This yields a transfer rate of 22.7 megabytes per second.


Submission + - Deserialization Issues Also Affect .NET, Not Just Java (bleepingcomputer.com)

An anonymous reader writes: The .NET ecosystem is affected by a deserialization flaw that has wreaked havoc among Java apps and apps and developers in 2016. The issue at hand is in how some .NET libraries deserialize JSON or XML data, doing it in a total unsecured way, but also how developers handle deserialization operations when working with libraries that offer optional secure systems to prevent deserialized data from accessing and running certain methods automatically. The issue is similar to a flaw known as Mad Gadget (or Java Apocalypse) that came to light in 2015 and 2016. The flaw rocked the Java ecosystem in 2016, as it affected the Java Commons Collection and 70 other Java libraries, and was even used to compromise PayPal's servers.

Organizations such as Apache, Oracle, Cisco, Red Hat, Jenkins, VMWare, IBM, Intel, Adobe, HP, and SolarWinds , all issued security patches to fix their products. The Java deserialization flaw was so dangerous that Google engineers banded together in their free time to repair open-source Java libraries and limit the flaw's reach, patching over 2,600 projects. Now a similar issue was discovered in .NET. This research has been presented at the Black Hat and DEF CON security conferences. On page 5, researchers included reviews for all the .NET and Java apps they analyzed, pointing out which ones are safe and how developers should use them to avoid deserialization attacks when working with JSON data.

Submission + - FBI Says Islamic State Used eBay, PayPal To Channel Money To the US (theverge.com)

An anonymous reader writes: Islamic State allegedly used PayPal and fake eBay transactions to channel money to an operative in the US, The Wall Street Journal reports. The man who allegedly received the money was American citizen Mohamed Elshinawy, who was arrested last year in Maryland. The FBI claims that Elshinawy, in his early 30s, sold computer printers on eBay as a front in order to receive the payments through PayPal. The details have come to light because of a recently unsealed FBI affidavit, which alleges Elshinawy was part of a worldwide network that used such channels to fund ISIS. Elshinawy received $8,700 from ISIS, including five PayPal payments from senior ISIS official Siful Sujan through his technology company. Those funds were used to buy a laptop, a cellphone, and a VPN to communicate with IS, according to the affidavit. Sujan was killed in a drone strike in 2015.

Submission + - Silicon Valley Billionaire Fails to Prevent Access to Public Beach

Robotron23 writes: Vinod Khosla, a Silicon Valley venture capitalist, has lost his appeal to privatize Martins Beach; a publicly-owned strip of coastline in California. Having previously fenced off the land in a bid to render the area private, Khosla has been ordered to restore access by a California court. Khosla had previously demanded the government pay him $30 million to reopen the gate to the beachfront.

Submission + - FCC Extends Net Neutrality Comment Period By Two Weeks (theverge.com)

An anonymous reader writes: You’ll have two extra weeks to file your thoughts with the FCC on its plan to get rid of net neutrality. The proposal’s comment period was originally scheduled to end next week, on August 16th, but the commission just pushed the date out to August 30th. The extension was granted in response to 10 groups asking for more time to respond. They had been looking for an additional eight weeks, but the commission said an additional two weeks would be more in line with the type of extensions granted in the past. The commission didn’t signal that disruptions to its filing system, caused by an apparent DDOS attack, factored into the decision at all. Granting a two week extension gives people more time to file “reply comments,” which are meant to respond to what people filed during the first phase of the comment period, which closed in July. That comment period had been much longer than usual, because the commission released the proposal a month before it was voted on.

Submission + - North Korea's "not quite" ICBM can't hit the lower 48 states

Lasrick writes: Theodore A. Postol,,Markus Schiller, and Robert Schmucker publish an analysis in the Bulletin of the Atomic Scientists explaining that the missiles North Korea launched this week are not quite ICBMs after all, and probably can't carry a nuclear warhead to the mainland United States. The main article is accompanied by further notes from Ted Postal and a slide show of some of the data they used. In his comments, Postol points out: 'Although the findings that my colleagues and I reach indicate that the United States is still many years away from potentially being under threat from North Korean nuclear-armed ballistic missiles, North Korea clearly has substantial resources for advancing its ballistic missile programs and is definitely learning how to adapt and control the Russian liquid propellant rocket motors it obtained roughly 30 years ago.' Worth reading.

Submission + - DNC Leaks not a Russian Hack Says Former NSA Experts (thenation.com) 1

Tulsa_Time writes: Former NSA experts say it wasn’t a hack at all, but a leak—an inside job by someone with access to the DNC’s system.

"There was no hack of the Democratic National Committee’s system on July 5 last year—not by the Russians, not by anyone else. Hard science now demonstrates it was a leak—a download executed locally with a memory key or a similarly portable data-storage device. In short, it was an inside job by someone with access to the DNC’s system. This casts serious doubt on the initial “hack,” as alleged, that led to the very consequential publication of a large store of documents on WikiLeaks last summer.
Forensic investigations of documents made public two weeks prior to the July 5 leak by the person or entity known as Guccifer 2.0 show that they were fraudulent: Before Guccifer posted them they were adulterated by cutting and pasting them into a blank template that had Russian as its default language. Guccifer took responsibility on June 15 for an intrusion the DNC reported on June 14 and professed to be a WikiLeaks source—claims essential to the official narrative implicating Russia in what was soon cast as an extensive hacking operation. To put the point simply, forensic science now devastates this narrative."

Submission + - NASA looks at reviving atomic rocket program (newatlas.com)

Big Hairy Ian writes: When the first manned mission to Mars sets out, it may be on the tail of an atomic rocket engine. The Space Race vintage technology could have a renaissance at NASA after the space agency's Marshall Space Flight Center in Huntsville, Alabama signed a contract with BWXT Nuclear Energy to develop updated Nuclear Thermal Propulsion (NTP) concepts and new fuel elements to power them.

The Apollo missions to the Moon demonstrated many things. They showcased human ingenuity, determination, and courage. They proved what American engineering and industry could accomplish in short order when let loose on a goal and demonstrated that humankind need no longer be confined to a single planet.

Unfortunately, it also showed the fact that chemical rockets, even at the dawn of the conquest of space, had reached their technical limits. True, they could send astronauts to the Moon, but only by using a disposable rocket the size of a skyscraper of which only a capsule with the roominess of an SUV returned. And even this was in no shape for anything except a museum.

At the very least it looks much more feasible than Project Orion https://en.wikipedia.org/wiki/...

Slashdot Top Deals