NASA

NASA's Cassini Probe Begins Its 'Grand Finale' Through Saturn's Atmosphere (space.com) 42

An anonymous reader quotes Space.com: After orbiting Saturn for more than 13 years, NASA's Cassini spacecraft is getting ready to say goodbye. On Monday (August 14), Cassini made the first of five passes through Saturn's upper atmosphere, kicking off the last phase of the mission's "Grand Finale." After completing those five dives, Cassini will come back around again one last time, plunging into Saturn's atmosphere on September 15. This will be a suicide maneuver: Cassini will burn up in the ringed planet's thick air, turning into a meteor in the Saturn sky...

Cassini's radar will be able to look into the atmosphere and see features as small as 16 miles (25 km) wide, about 100 times smaller than what it could see from its usual orbital positions. The Grand Finale will include one final swing by Saturn's largest moon, Titan, on Sept. 11. Titan's gravity will slow Cassini's orbit around Saturn and bend its path to send the spacecraft toward its September 15 encounter with the planet... Cassini will keep sending back data on September 15 until it gets to an altitude where atmospheric density is about twice what it encountered during its final five passes, NASA officials said. At that point, mission controllers will lose contact with the probe because its thrusters won't be able to keep Cassini's antenna pointed toward Earth; there will simply be too much air to push against.

The second dip happens this weekend, and NASA has created a special web page tracking Cassini's current location for its final 28 days.
Communications

Atlas 5 Rocket Launches $400 Million NASA Satellite Into Space (spaceflightnow.com) 51

A new communications hub has been successfully deployed in space today thanks to the United Launch Alliance Atlas 5 rocket. "TDRS is a critical national asset have because of its importance to the space station and all of our science missions, primarily the Hubble Space Telescope and Earth science missions that use TDRS," said Tim Dunn, NASA's TDRS-M launch director. Spaceflight Now reports: With its main engine running at full throttle, the Atlas 5 booster lifted off at 8:29 a.m. EDT (1229 GMT) from Complex 41 at Cape Canaveral. The 191-foot-tall rocket, generating 860,000 pounds of thrust, aimed eastward and accelerated out of the atmosphere with NASA's TDRS-M spacecraft. Within just five minutes, the rocket had shed 92 percent of its liftoff weight and transitioned to the high-energy Centaur upper stage. An elliptical parking orbit was achieved within 18 minutes of takeoff, beginning a 90-minute quiescent coast higher through space to reach the optimum conditions for the second burn by Centaur. That minute-long boost over the Indian Ocean propelled the 7,610-pound payload into a customized high-perigee geosynchronous transfer orbit. The spacecraft was deployed by the launcher at T+plus 1 hour, 53 minutes to cheers and handshakes all around.

The $408 million TDRS-M was built and launched with the sole purpose to extend the useful life of NASA's constant communications infrastructure, supporting the astronauts around-the-clock aboard the International Space Station, supplying contact with the Hubble Space Telescope and transmitting the data from almost 40 science spacecraft studying Earth's environment and space.

Power

Samsung Galaxy Note 4 Batteries Are Being Recalled For Overheating Risk (theverge.com) 76

According to The Verge, over 10,000 batteries for the Galaxy Note 4 are being recalled for risk of overheating that could lead to burns or fires. Given last year's Note 7 fiasco, this recall sure doesn't sound good. It is, however, far more limited than the Note 7 recall and doesn't appear to be Samsung's fault. The Verge reports: Only phones refurbished through AT&T's insurance program and handled by FedEx Supply Chain are impacted by the recall. Some of the refurbished phones apparently ended up with "counterfeit" batteries that include anomalies that could make them overheat. Fortunately, the Note 4 has a replaceable battery, so this recall isn't as big of a deal. Owners can just buy a new battery to use in their phone until the recall is taken care of. FedEx is currently sending out replacement batteries as well as boxes for returning the recalled phones. "FedEx Supply Chain is conducting this recall of non-genuine Samsung batteries as some of them are counterfeit," the spokesperson said. "The refurbishment program was managed by FedEx Supply Chain and operated independently of Samsung. Any affected owners should contact FedEx Supply Chain at 1-800-338-0163 or go online at www.exchangemybattery.com for more information." There's only been one report of a phone overheating and no damage to people or property because of it.
Government

Justice Department Demands 1.3 Million IP Addresses Related To Anti-Trump Website (theverge.com) 392

An anonymous reader quotes a report from The Verge: In a blog post today, online web hosting provider DreamHost disclosed that it has been involved in a months-long legal battle with the Justice Department over records on visitors to an anti-Trump website. The dispute focuses on a Justice Department demand for information on data related to disruptj20.org, which describes itself as a group of activists "building the framework needed for mass protests to shut down the inauguration of Donald Trump and planning widespread direct actions to make that happen." DreamHost is taking issue with a warrant issued by the department for "all files" related to the website, which DreamHost says would compel them to turn over electronic data like visitor logs. That would include IP addresses and other information that could be used to identify anyone who visited the site. "The request from the DOJ demands that DreamHost hand over 1.3 million visitor IP addresses -- in addition to contact information, email content, and photos of thousands of people -- in an effort to determine who simply visited the website," the company said in its blog post. The warrant, DreamHost argues, would also require it to hand over any communications that are even tangentially related to the website.

"In essence, the Search Warrant not only aims to identify the political dissidents of the current administration, but attempts to identify and understand what content each of these dissidents viewed on the website," the company said in a legal filing arguing against the warrant. A hearing on the situation is set for Friday in Washington, DC Superior Court.

Communications

iOS 10 Quietly Deprecated A Crucial API For VoIP and Communication Apps (apple.com) 122

neutrino38 warns that iOS 10 includes a significant change "overlooked by the general public": It deprecates an API that is crucial for VoIP and other instant messaging applications that enable keeping one socket active despite the fact that the application would run in the background. As a replacement, developers need to use PushKit: when an incoming call is to be forwarded to an iOS VoIP client, the VoIP infrastructure needs to:

- withold the call
- contact Apple push infrastructure using a proprietary protocol to wake up the client app remotely
- wait for the application to reconnect to the infrastructure and release the call when it is ready

This "I know better than you" approach is meant to further optimize battery life on iOS devices by avoiding the use of resources by apps running in background. It has also the positive effect of forcing developers to switch to a push model and remove all periodic pollings that ultimately use mobile data and clog the Internet. However, the decision to use an Apple infrastructure has many consequences for VoIP providers:

- the reliability of serving incoming calls is directly bound to Apple service
- Apple may revoke the PushKit certificate. It thus has life and death decision power over third-party communication infrastructures
- organizations wanting to setup IPBX and use iOS client have no option but to open access for the push services of Apple in their firewall
- It is not possible to have iOS VoIP or communication clients in network disconnected from the Internet - Pure standard SIP clients are now broken on iOS

The original submission argues that Apple is creating "the perfect walled garden," adding that "Ironically, the only VoIP 'app' that is not affected is the (future?) VoLTE client that will be added to iOS one day."
Privacy

Game of Thrones Hackers Demand Ransom (bbc.com) 70

An anonymous reader shares a report: Hackers who have leaked Game of Thrones scripts and other data from entertainment company HBO have released a note demanding a ransom payment. In a new dump, they also published a script for the as yet unbroadcast fifth episode of the current series. Company documents and video episodes of other HBO shows were also shared. The hackers claim to have 1.5TB of data in total, but HBO has said it does not believe its email system has been compromised. Documents in the latest leak were marked "HBO is falling," according to the Wired news site, and included legal information, employment agreements and other company files. The Associated Press reports that some documents appeared to contain personal contact information for Game of Thrones actors.
AMD

AMD Confirms Linux 'Performance Marginality Problem' On Ryzen (phoronix.com) 120

An anonymous reader writes: Ryzen customers experiencing segmentation faults under Linux when firing off many compilation processes have now had their problem officially acknowledged by AMD. The company describes it as a "performance marginality problem" affecting some Ryzen customers and only on Linux. AMD confirmed Threadripper and Epyc processors are unaffected; they will be dealing with the issue on a customer-by-customer basis, and their future consumer products will see better Linux testing/validation. Ryzen customers believed to be affected by the problem can contact AMD Customer Care. Michael Larabel writes via Phoronix: "With the Ryzen segmentation faults on Linux they are found to occur with many, parallel compilation workloads in particular -- certainly not the workloads most Linux users will be firing off on a frequent basis unless intentionally running scripts like ryzen-test/kill-ryzen. As I've previously written, my Ryzen Linux boxes have been working out great except in cases of intentional torture testing with these heavy parallel compilation tasks. [AMD's] analysis has also found that these Ryzen segmentation faults aren't isolated to a particular motherboard vendor or the like, contrary to rumors/noise online due to the complexity of the problem."
Android

Google Now Permits Android Apps That Facilitate Gambling With Real Money (betanews.com) 44

Mark Wilson shares a report from BetaNews: Google has relaxed its rules surrounding real-money gambling apps in Google Play -- in some countries, at least. There has been a ban on apps and games that allow users to gamble with real money since 2013, but that has now changed. While there was previously a ban in place due to the difficulty in policing ages and complying with different gambling laws around the world, real-money gambling apps are now permitted in the UK, France and Ireland. The new rules stipulate that developers must submit their gambling apps for a special vetting process, and they must have an IARC content rating. Other rules include a ban on the use of Google payment services, a requirement to display information about responsible gambling, and a requirement to block underage use. The full list of requirements [can be viewed here].
Businesses

Amazon's New Refunds Policy Will 'Crush' Small Businesses, Outraged Sellers Say (cnbc.com) 335

Amazon sellers are up in arms over a new returns policy that will make it easier for consumers to send back items at the merchant's expense. From a report: Marketplace sellers who ship products from their home, garage or warehouse -- rather than using Amazon's facilities -- were told this week by email that starting Oct. 2, items they sell will be "automatically authorized" for return. That means a buyer will no longer need to contact the seller before sending an item back, and the merchant won't have the opportunity to communicate with the customer. If a consumer is returning an electronic device because it's difficult to use, for example, the seller won't be able to offer help before being forced to pay a refund. "Customers will be able to print a prepaid return shipping label via the Online Return Center instantly," the email said. Additionally, Amazon said that it's introducing "returnless refunds," a feature that the company said is "highly requested by sellers." The change enables sellers to offer a refund without taking back an item that may be expensive to ship and hard to resell.
EU

Company Gets 45,000 Bad Facebook Reviews After Teenaged Hacker's Unjust Arrest (bleepingcomputer.com) 295

An anonymous reader quotes BleepingComputer: Over 45,000 users have left one-star reviews on a company's Facebook page after the business reported a security researcher to police and had him arrested in the middle of the night instead of fixing a reported bug. The arrest took place this week in Hungary after an 18-year-old found a flaw in the online ticket-selling system of Budapesti Közlekedési Központ, Budapest's public transportation authority. The young man discovered that he could access BKK's website, press F12 to enter the browser's developer tools mode, and modify the page's source code to alter a ticket's price. Because there was no client or server-side validation put in place, the BKK system accepted the operation and issued a ticket at a smaller price...

The teenager -- who didn't want his name revealed -- reported the issue to BKK, but the organization chose to contact the police and file a complaint, accusing the young man of hacking their systems... BKK management made a fatal mistake when they brazenly boasted in a press conference about catching the hacker and declaring their systems "secure." Since then, other security flaws in BKK's system have surfaced on Twitter. As details of the case emerged, public outrage grew against BKK and its manager Kálmán Dabóczi, especially after it was revealed that BKK was paying around $1 million per year for maintenance of its IT systems, hacked in such a ludicrously simple manner.

Microsoft

Microsoft Launches A Counterattack Against Russia's 'Fancy Bear' Hackers (thedailybeast.com) 97

Kevin Poulsen writes on the Daily Beast: It turns out Microsoft has something even more formidable than Moscow's malware: Lawyers. Last year attorneys for the software maker quietly sued the hacker group known as Fancy Bear in a federal court outside Washington DC, accusing it of computer intrusion, cybersquatting, and infringing on Microsoft's trademarks... Since August, Microsoft has used the lawsuit to wrest control of 70 different command-and-control points from Fancy Bear... Rather than getting physical custody of the servers, which Fancy Bear rents from data centers around the world, Microsoft has been taking over the Internet domain names that route to them. These are addresses like "livemicrosoft[.]net" or "rsshotmail[.]com" that Fancy Bear registers under aliases for about $10 each. Once under Microsoft's control, the domains get redirected from Russia's servers to the company's, cutting off the hackers from their victims, and giving Microsoft a omniscient view of that servers' network of automated spies. "In other words," Microsoft outside counsel Sten Jenson explained in a court filing last year, "any time an infected computer attempts to contact a command-and-control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server."
Android

Some OnePlus 5s Are Reportedly Rebooting After Dialing 911 (theverge.com) 59

The OnePlus 5, dubbed "the best sub-$500 phone you can buy" when it launched, is having a few problems. Earlier this month, some owners of the new device complained about a weird jelly-like effect that appears when scrolling through apps. OnePlus went on to claim that the effect is normal and not the result of any manufacturing issues. Now, a handful of users are reporting that the OnePlus 5 will reboot itself once 911 is called, preventing them from reaching emergency services. The Verge reports: Reddit user Nick Morrelli noticed the glitch after he tried to call 911 to report a building fire in Seattle, and other users have reported that the OnePlus 5 is unable to dial 911 (or 999 in the UK, as another user reported) without rebooting. While most users haven't reported having the issue, any percentage of devices not being able to reach emergency services is a major issue for OnePlus. In a statement to The Verge, OnePlus says it's looking into the problem. "We have contacted the customer and are currently looking into the issue. We ask anyone experiencing a similar situation to contact us at support@oneplus.net."
Google

Google's Life Sciences Unit Is Releasing 20 Million Bacteria-Infected Mosquitoes in Fresno (techcrunch.com) 115

Earlier this week, a white Mercedes Sprinter van began a delivery route along the streets of Fancher Creek, a residential neighborhood on the southeastern edge of Fresno, California. Its cargo? 100,000 live mosquitoes, all male, all incapable of producing offspring. As it crisscrossed Fancher Creek's 200 acres, it released its payload, piping out swarms of sterile Aedes aegypti into the air. It'll do the same thing tomorrow, and the next day, from now until the end of December. From a report: Verily, the life science's arm of Google's parent company Alphabet, has hatched a plan to release about 20 million lab-made, bacteria-infected mosquitoes upon Fresno, California -- and that's a good thing! You see, the Zika-carrying Aedes aegypti mosquito is prevalent in the area. Earlier this year, a woman contracted the first confirmed case of Zika in Fresno through sexual contact with a partner who had been traveling. Now there's the fear of the inevitable mosquito-meets-patient if we don't do something about it. Verily's plan, called the Debug Project, hopes to now wipe out this potential Zika-carrying mosquito population to prevent further infections.
Crime

Google Home Ends A Domestic Dispute By Calling The Police (gizmodo.com) 256

An anonymous reader quotes Gizmodo: According to ABC News, officers were called to a home outside Albuquerque, New Mexico this week when a Google Home called 911 and the operator heard a confrontation in the background. Police say that Eduardo Barros was house-sitting at the residence with his girlfriend and their daughter. Barros allegedly pulled a gun on his girlfriend when they got into an argument and asked her: "Did you call the sheriffs?" Google Home apparently heard "call the sheriffs," and proceeded to call the sheriffs. A SWAT team arrived at the home and after negotiating for hours, they were able to take Barros into custody... "The unexpected use of this new technology to contact emergency services has possibly helped save a life," Bernalillo County Sheriff Manuel Gonzales III said in a statement.
"It's easy to imagine police getting tired of being called to citizen's homes every time they watch the latest episode of Law and Order," quips Gizmodo. But they also call the incident "a clear reminder that smart home devices are always listening."
Security

Hacker Behind Massive Ransomware Outbreak Can't Get Emails From Victims Who Paid (vice.com) 182

Joseph Cox, reporting for Motherboard: On Tuesday, a new, worldwide ransomware outbreak took off, infecting targets in Ukraine, France, Spain, and elsewhere. The hackers hit everything from international law firms to media companies. The ransom note demands victims send bitcoin to a predefined address and contact the hacker via email to allegedly have their files decrypted. But the email company the hacker happened to use, Posteo, says it has decided to block the attacker's account, leaving victims with no obvious way to unlock their files. [...] The hacker tells victims to send $300 worth of bitcoin. But to determine who exactly has paid, the hacker also instructs people to email their bitcoin wallet ID, and their "personal installation key." This is a 60 character code made up of letters and digits generated by the malware, which is presumably unique to each infection of the ransomware. That process is not possible now, though. "Midway through today (CEST) we became aware that ransomware blackmailers are currently using a Posteo address as a means of contact," Posteo, the German email provider the hacker had an account with, wrote in a blog post. "Our anti-abuse team checked this immediately -- and blocked the account straight away.
Security

How Hollywood Got Hacked: Studio at Center of Netflix Leak Breaks Silence (variety.com) 79

Earlier this year, hackers obtained and leaked the episodes of TV show Orange Is the New Black. In a candid interview, Larson Studios' chief engineer David Dondorf explained how the audio post-production business allowed the hacker group to gain access to the Netflix original content. Dandorf says the company hired private data security experts to find how it was breached. The investigation found that the hacker group had been searching the internet for PCs running older versions of Windows and stumbled across an old computer at Larson Studios still running Windows 7. From the report: Larson's employees just didn't know all that much about it. Having a computer running an ancient version of Windows on the network was clearly a terrible lack of oversight, as was not properly separating internal servers from the internet. "A lot of what went on was ignorance," admitted Rick Larson. "We are a small company. Did we even know what the content security departments were at our clients? Absolutely not. I couldn't have told you who to call. I can now." It's a fascinating story about how the hacker group first made contact and tried to threaten Larson Studios' president and his wife, and how they responded. Worth a read.
Security

Russian Malware Communicates Using Britney Spears's Instagram Account (welivesecurity.com) 54

JustAnotherOldGuy writes: A key weakness in malicious software is the "Command and Control" (C&C) system -- a central server that the malware-infected systems contact to receive updates and instructions, and to send stolen data. Anti-malware researchers like to reverse engineer malicious code, discover the C&C server's address, and then shut it down. Turla is an "advanced persistent threat" hacking group based in Russia with a long history of attacking states in ways that advance Russian state interests. A new analysis by Eset shows that Turla is solving its C&C problems by using Britney Spears' Instagram account as a cut-out for its C&C servers. Turla moves the C&C server around, then hides the current address of the server in encrypted comments left on Britney Spears's image posts. The compromised systems check in with Spears' Instagram whenever they need to know where the C&C server is currently residing.
Facebook

Facebook Unveils New Tools To Help Elected Officials Reach Constituents (techcrunch.com) 52

An anonymous reader quotes a report from TechCrunch: Facebook this year has launched a number of features that make it easier for people to reach their government representatives on its social network, including "Town Hall," and related integrations with News Feed, as well as ways to share reps' contact info in your own posts. Today, the company is expanding on these initiatives with those designed for elected officials themselves. The new tools will help officials connect with their constituents, as well as better understand which issues their constituents care about most. Specifically, the social network is rolling out three new features: constituent badges, constituent insights, and district targeting. Constituent badges are a new, opt-in feature that allow Facebook users to identify themselves as a person living in the district the elected official represents. A second feature called Constituent Insights is designed to help elected officials learn which local news stories and content is popular in their district, so they can share their thoughts on those matters. The third new feature -- District Targeting -- is arguably the most notable. This effectively gives elected officials the means of gathering feedback from their constituents through Facebook directly, using either posts or polls that are targeted only towards those who actually live in their particular district. That means the official can post to Facebook to ask for feedback from constituents about an issue, and these posts will only be viewable by those who live in their district.
Government

Trump Misunderstood MIT Climate Research, University Officials Say (reuters.com) 361

MIT officials said U.S. President Donald Trump badly misunderstood their research when he cited it on Thursday to justify withdrawing the United States from the Paris Climate Agreement. From a report: Trump announced during a speech at the White House Rose Garden that he had decided to pull out of the landmark climate deal, in part because it would not reduce global temperatures fast enough to have a significant impact. "Even if the Paris Agreement were implemented in full, with total compliance from all nations, it is estimated it would only produce a two-tenths of one degree Celsius reduction in global temperature by the year 2100," Trump said. "Tiny, tiny amount." That claim was attributed to research conducted by MIT, according to White House documents seen by Reuters. The Cambridge, Massaschusetts-based research university published a study in April 2016 titled "How much of a difference will the Paris Agreement make?" showing that if countries abided by their pledges in the deal, global warming would slow by between 0.6 degree and 1.1 degrees Celsius by 2100. "We certainly do not support the withdrawal of the U.S. from the Paris agreement," said Erwan Monier, a lead researcher at the MIT Joint Program on the Science and Policy of Global Change, and one of the study's authors. "If we don't do anything, we might shoot over 5 degrees or more and that would be catastrophic," said John Reilly, the co-director of the program, adding that MIT's scientists had had no contact with the White House and were not offered a chance to explain their work.
Government

Investigation Demanded Over Fake FCC Comments Submitted By Dead People (bbc.com) 140

An anonymous reader writes: Fight for the Future has found another issue with the fake comments submitted to the FCC opposing net neutrality. "The campaign group says that some of the comments were posted using the names and details of dead people," according to the BBC. The exact same comment was also submitted more than 7,000 times using addresses in Colorado, where a reporter discovered that contacting the people at those addresses drew reactions which included "I have never seen this before in my life" and "No, I did not post this comment. In fact, I disagree with this comment." Fight for the Future also knocked on doors in Tampa, Florida, where the few people who answered "were shocked to hear that their name and address were publicly listed alongside a political message they did not necessarily understand or agree with." An alleged commenter in Montana told a reporter she didn't even know what net neutrality was.

14 people have already signed Fight for the Future's official complaint to the FCC, which calls for notification of all people affected, an investigation, and the immediate removal of all fake comments from the public docket. "Based on numerous media reports, nearly half a million Americans may have been impacted by whoever impersonated us," states the letter, "in a dishonest and deceitful campaign to manufacture false support for your plan to repeal net neutrality protections."

Fight for the Future says they've already verified "dozens" of instance of real people discovering a fake comment was submitted in their name -- and that in addition, more than 2,400 people have already used their site to contact their state Attorneys General demanding an investigation. They note the FCC has taken no steps to remove the fake comments from its docket, "risking the safety and privacy of potentially hundreds of thousands of people," while a campaign director at Fight for the Future added, "For the FCC's process to have any legitimacy, they simply cannot move forward until an investigation has been conducted."

Slashdot Top Deals