From a CNET report: Next to DJ Tiesto's loud image on Wet Republic's website sits a photo of a bikini model with a beard and an eye patch, with a simple message: "It's all out war." Not exactly the type of message you'd expect from a spot that advertises itself as a dance club that doubles as a pool party, but when hackers are in town for Defcon, everything seems to be fair game. The hacker convention, which is in its 25th year in Las Vegas, typically has hotels on alert for its three days of Sin City talk, demos and mischief. Guests are encouraged not to pick up any flash drives lying around, and employees are trained to be wary of social engineering -- that is, bad guys pretending to be someone innocent and in need of just a little help. Small acts of vandalism pop up around town. At Caesars Palace, where Defcon is happening, the casino's UPS store told guests it was not accepting any print requests from USB drives or links, and only printing from email attachments. Hackers who saw this laughed, considering that emails are hardly immune from malware. But the message is clear: During these next few days, hackers are going to have their fun, whether it's through a compromised Wi-Fi network or an open-to-mischief website. Wet Republic's site had two images vandalized, both for the "Hot 100" party with DJ Shift. The digital graffiti popped up early Friday morning, less than 24 hours after Defcon kicked off.
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's now on IFTTT. Check it out! Check out the new SourceForge HTML5 Internet speed test! ×
An anonymous reader shares a report:It may seem like Silicon Valley is populated entirely with celebrity college dropouts, but in fact, they're the exception to the rule. Going to college pays off, and to land a job at one of the most coveted tech employers, you'll need to stay in school. Data analysis site Paysa looked at over 8,200 job posting and over 70,000 resumes at tech "titans" (companies worth at least $100 billion with an IPO more than 10 years ago) and "tech disruptors" (companies worth at least $10 billion with an IPO within the last 10 years) and found that employees at these companies are highly educated, not dropouts. A disproportionate number of employees at these sought-after companies actually have advanced degrees, and one company stood out as employing the highest percentage of workers with Ph.D.s -- Google. A whopping 16 percent of positions at Google require a doctorate degree. Less than 2 percent of Americans have earned a doctoral degree and an even smaller percentage have studied topics that are relevant to Google's work.
An anonymous reader shares a report: A researcher at Carnegie Mellon University has developed an intelligent system that is helping the U.S. Coast Guard to distinguish and weed out prank mayday calls that cost it up to millions of dollars a year when it flies or motors out on pointless rescue missions, per Govtech.com. The program, created by Carnegie Mellon's Rita Singh, creates a barcode of a person's voice, deciphering whether the caller really is on a boat or actually in a house somewhere. It can unmask repeat pranksters since it can pick up telltale markers and match them up.
Usama Jawad, writing for Neowin: A few weeks ago, we reported that Microsoft's Calibri font has been used as evidence against Prime Minister Nawaz Sharif and his family in a corruption case. Today, Sharif has been disqualified from his position as a part of the court's final verdict of the case. The case concerns the "Panama Papers", which is a collection of 11.5 million documents detailing information related to over 200,000 offshore accounts. Ever since the Panama Papers were anonymously leaked back in 2015, there has been a major shift in the political situation in many countries. One such country is Pakistan, where the names of numerous members of the Prime Minister Nawaz Sharif's family were spotted in the papers. If you aren't aware of the Calibri controversy, it is as follows: Nawaz Sharif's daughter Maryam Nawaz submitted photocopies of several documents in order to deny any corruption, but it appears that the documents contained Microsoft's Calibri font, even though they were dated February 6, 2006. It is important to note that the font wasn't commercially available until much later. Despite being created in 2004, the font did not reach the general public until January 30, 2007.
The surge in far-flung and destructive cyber attacks is not good for national security, but for an increasing number of hackers and researchers, it is great for job security. From a report: The new reality is on display in Las Vegas this week at the annual Black Hat and Def Con security conferences, which now have a booming side business in recruiting. "Hosting big parties has enabled us to meet more talent in the community, helping fill key positions and also retain great people," said Jen Ellis, a vice president with cybersecurity firm Rapid7 Inc, which filled the hip Hakkasan nightclub on Wednesday at one of the week's most popular parties. Twenty or even 10 years ago, career options for technology tinkerers were mostly limited to security firms, handfuls of jobs inside mainstream companies, and in government agencies. But as tech has taken over the world, the opportunities in the security field have exploded.
mi writes: When American spies capture our communications with foreigners, the identities of Americans on the other side of the conversation are generally protected -- if not by bona-fide laws, then certainly by rules and regulations. A transcript of the conversation should have their name replaced with labels like "U.S. person 1". The citizen involved can only be "unmasked" with a good reason. In 2011, Obama relaxed these rules, making it much simpler even for officials without any intelligence role to obtain the identities. Predictably, certain top officials of the Obama Administration abused their access to get this information: "The [House Intelligence] committee has learned that one official, whose position had no apparent intelligence related function, made hundreds of unmasking requests during the final year of the Obama administration," [Intelligence Chairman Devin] Nunes wrote. "Of those requests, only one offered a justification that was not boilerplate."
An anonymous reader quotes a report from The Verge: Elon Musk's aerospace company SpaceX is now valued at $21.2 billion, knocking off WeWork as the fourth most valuable privately held tech company in America. This skyrocket in valuation comes after another round of funding that raised $351 million for the company. According to Equidate, a marketplace for trading private tech company stocks, SpaceX's price per share is now $135, up from $96.42 prior to the new funding round. The latest valuation makes SpaceX one of the top five most valuable private, venture-backed tech companies in the US, joining Uber ($69.8B), Airbnb ($31B), WeWork ($20.8B), and the less consumer-facing analytics company Palantir ($21.3B). (SpaceX previously held the sixth spot before Snap, Inc. went public in March.) All five companies are disruptive forces in their respective industries, and also top the world's most valuable startups alongside Didi Chuxing and Xiaomi, as first pointed out by The New York Times. Last year, SpaceX was valued at $14.6 billion.
For those planning to watch the solar eclipse on August 21st, you're going to want to make sure you have some specialized, ultra-dark glasses to see safely, especially if you're not in the "path of totality." If you're on the hunt for said glasses, please be on the lookout to make sure you buy glasses that meet NASA's safety standards. Quartz is reporting that there are many "fly-by-night manufacturers looking to turn a quick profit by selling subpar and potentially dangerous goods to unsuspecting Americans." From the report: The first stop for most seeking a pair of eclipse glasses is likely to be Amazon, where there are literally thousands of listings for the devices, ranging in materials from cardboard to bronze. I, too, went on Amazon to scout out a pair. I picked more or less at random: I chose a cheap pack of 10 cardboard glasses with five different designs, at least two of which were not garishly jingoistic. About a week after I bought them, I had a thought: Maybe I should double-check to make sure they met safety standards set by the scientific community. Next stop: NASA. NASA, of course, has a website dedicated to the 2017 eclipse, and on it, they have a section dedicated to eclipse-viewing safety. The site says that eclipse-viewing glasses must meet a few basic criteria: Have ISO 12312-2 certification (that is, having been certified as passing a particular set of tests set forth by the International Organization of Standardization); Have the manufacturer's name and address printed somewhere on the product; Not be older than three years, or have scratched or wrinkled lenses.
wiredmikey writes from a report via Security Week: Researchers have discovered multiple unpatched vulnerabilities in radiation monitoring devices that could be leveraged by attackers to reduce personnel safety, delay detection of radiation leaks, or help international smuggling of radioactive material. Ruben Santamarta, a security consultant at Seattle-based IOActive, at the Black Hat conference on Wednesday, saying that radiation monitors supplied by Ludlum, Mirion and Digi contain multiple vulnerabilities. There are many kinds of radiation monitors used in many different environments. IOActive concentrated its research on portal monitors, used at airports and seaports; and area monitors, used at Nuclear Power Plants (NPPs). However, little effort was required for the portal monitors: "the initial analysis revealed a complete lack of security in these devices, so further testing wasn't necessary to identify significant vulnerabilities," Santamarta explained in his report (PDF). In the Ludlum Model 53 personnel portal, IOActive found a backdoor password, which could be used to bypass authentication and take control of the device, preventing the triggering of proper alarms.
An anonymous reader shares a report from National Geographic: If climate change continues to progress, increased precipitation could mean detrimental outcomes for water quality in the United States, a major new study warns. An intensifying water cycle can substantially overload waterways with excess nitrogen runoff -- which could near 20 percent by 2100 -- and increase the likelihood of events that severely impair water quality, according to a new study published by Science. When rainfall washes nitrogen and phosphorus from human activities like agriculture and fossil fuel combustion into rivers and lakes, those waterways are overloaded with nutrients, and a phenomenon called "eutrophication" occurs. This can be dangerous for both people and animals. Toxic algal blooms can develop, as well as harmful low-oxygen dead zones known as hypoxia, which can cause negative impacts on human health, aquatic ecosystems, and the economy. In the new study, researchers predict how climate change might increase eutrophication and threats to water resources by using projections from 21 different climate models, each of which was run for three climate scenarios and two different time periods (near future, 2031-2060, and far-future, 2071-2100).
YouTube's head of music, Lyor Cohen, confirmed that the company is planning on merging its Google Play Music service with YouTube Red to create a new streaming offering. "The important thing is combining YouTube Red and Google Play Music, and having one offering," Cohen said. The Verge reports: Right now, YouTube's music ecosystem is unnecessarily complicated. There's YouTube Red, which removes ads from videos and lets you save them offline, while also giving you access to Google Play Music for free. Then there's YouTube Music, which anyone can use, but it gets better if you're signed up for YouTube Red. And YouTube TV is also a thing -- an entirely separate thing -- but it's not available everywhere yet. The merger has been rumored within the industry for months, and recently picked up steam after Google combined the teams working on the two streaming services earlier this year. In a statement to The Verge, Google said it will notify users of any changes before they happen. "Music is very important to Google and we're evaluating how to bring together our music offerings to deliver the best possible product for our users, music partners and artists. Nothing will change for users today and we'll provide plenty of notice before any changes are made."
schwit1 shares a report from Reuters: A U.S. jury indicted a Russian man on Wednesday as the operator of a digital currency exchange he allegedly used to launder more than $4 billion for people involved in crimes ranging from computer hacking to drug trafficking. Alexander Vinnik was arrested in a small beachside village in northern Greece on Tuesday, according to local authorities, following an investigation led by the U.S. Justice Department along with several other federal agencies and task forces. U.S. officials described Vinnik in a Justice Department statement as the operator of BTC-e, an exchange used to trade the digital currency bitcoin since 2011. They alleged Vinnik and his firm "received" more than $4 billion in bitcoin and did substantial business in the United States without following appropriate protocols to protect against money laundering and other crimes. U.S. authorities also linked him to the failure of Mt. Gox, a Japan-based bitcoin exchange that collapsed in 2014 after being hacked. Vinnik "obtained" funds from the hack of Mt. Gox and laundered them through BTC-e and Tradehill, another San Francisco-based exchange he owned, they said in the statement.
An anonymous reader quotes a report from Science Magazine: There is no doubt that Sci-Hub, the infamous -- and, according to a U.S. court, illegal -- online repository of pirated research papers, is enormously popular. But just how enormous is its repository? That is the question biodata scientist Daniel Himmelstein at the University of Pennsylvania and colleagues recently set out to answer, after an assist from Sci-Hub. Their findings, published in a preprint on the PeerJ journal site on July 20, indicate that Sci-Hub can instantly provide access to more than two-thirds of all scholarly articles, an amount that Himmelstein says is "even higher" than he anticipated. For research papers protected by a paywall, the study found Sci-Hub's reach is greater still, with instant access to 85% of all papers published in subscription journals. For some major publishers, such as Elsevier, more than 97% of their catalog of journal articles is being stored on Sci-Hub's servers -- meaning they can be accessed there for free. In a chat with ScienceInsider, Himmelstein concludes that the results of his study could mark "the beginning of the end" for paywalled research.
Billly Gates writes: Linux is not the only free open-source operating system. FreeBSD, which is based off of the historical BSD Unix in which TCP/IP was developed on from the University of California at Berkeley, has been updated. It does not include systemd nor PulseAudio and is popular in many web server installations and networking devices. FreeBSD 11.1 is out with improvements in UEFI and Amazon cloud support in addition to updated userland programs. EFI improvements including a new utility efivar(8) to manage UEFI variables, EFI boot from TFTP or NFS, as well as Microsoft Hyper-V UEFI and Secure Boot for generation 2 virtual machines for both Windows Server and Windows 10 Professional hosts. FreeBSD 11.1 also has extended support Amazon Cloud features. A new networking stack for Amazon has been added with the ena(4) driver, which adds support for Amazon EC2 platform. This also adds support for using Amazon EC2 NFS shares and support for the Amazon Elastic Filesystem for NFS. For application updates, FreeBSD 11.1 Clang, LLVM, LLD, LLDB, and libc++ to version 4.0.0. ZFS has been updated too with a new zfsbootcfg with minor performance improvements. Downloads are here which include Sparc, PowerPC, and even custom SD card images for Raspberry Pi, Beagle-bone and other devices.
randomErr shares a report from MIT Technology Review: The first known attempt at creating genetically modified human embryos in the United States has been carried out by a team of researchers in Portland, Oregon, MIT Technology Review has learned. The effort, led by Shoukhrat Mitalipov of Oregon Health and Science University, involved changing the DNA of a large number of one-cell embryos with the gene-editing technique CRISPR. Until now, American scientists have watched as scientists elsewhere were first to explore the controversial practice. To date, three previous reports of editing human embryos were all published by scientists in China. Now Mitalipov is believed to have broken new ground both in the number of embryos experimented upon and by demonstrating that it is possible to safely and efficiently correct defective genes that cause inherited diseases. In altering the DNA code of human embryos, the objective of scientists is to show that they can eradicate or correct genes that cause inherited disease, like the blood condition beta-thalassemia. The process is termed "germline engineering" because any genetically modified child would then pass the changes on to subsequent generations via their own germ cells -- the egg and sperm. Reached by Skype, Mitalipov declined to comment on the results, which he said are pending publication. But other scientists confirmed the editing of embryos using CRISPR.