Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×

Submission + - Javascript side-channel attack can bypass ASLR

ripvlan writes: A new attack proposed and demonstrated by researchers uses Javascript to do a "simple" attack thereby bypassing all of the security goodness of Address Space Layout Randomization. ASLR is a technique to make sure memory isn't where you expect it to be — thus making Stack overflows and Heap overwrites difficult to implement in a predictable manner.

Researchers showed how a Javascript program can implement a side-channel attack on the Memory Management Unit of any CPU and discover the layout of memory. Their sample can also be injected into a Drive-By attack — thus making future exploits reliable.

Submission + - Apple Will Fight 'Right To Repair' Legislation (

An anonymous reader writes: Apple is planning to fight proposed electronics "Right to Repair" legislation being considered by the Nebraska state legislature, according to a source within the legislature who is familiar with the bill's path through the statehouse. The legislation would require Apple and other electronics manufacturers to sell repair parts to consumers and independent repair shops, and would require manufacturers to make diagnostic and service manuals available to the public. Nebraska is one of eight states that are considering right to repair bills; last month, Nebraska, Minnesota, New York, Massachusetts, Kansas, and Wyoming introduced legislation. Last week, lawmakers in Illinois and Tennessee officially introduced similar bills. According to the source, an Apple representative, staffer, or lobbyist will testify against the bill at a hearing in Lincoln on March 9. AT&T will also argue against the bill, the source said. The source told me that at least one of the companies plans to say that consumers who repair their own phones could cause lithium batteries to catch fire. So far, Nebraska is the only state to schedule a hearing for its legislation.

Submission + - LIGO doesn't just detect gravitational waves. It makes them, too (

sciencehabit writes: The Laser Interferometer Gravitational-Wave Observatory (LIGO) is not only the most sensitive detector of ripples in spacetime. It also happens to be the world's best producer of gravitational waves, a team of physicists now calculates. Although these waves are far too feeble to detect directly, the researchers say, the radiation in principle could be used to try to detect weird quantum mechanical effects among large objects.

Submission + - New York Sues Charter Over Slow Internet Speeds (

An anonymous reader writes: New York filed a lawsuit on Wednesday accusing Charter Communications Inc of short-changing customers who were promised faster internet speeds than it could deliver. The lawsuit in State Supreme Court in Manhattan accused Charter's Spectrum unit, until recently known as Time Warner Cable, of systematically defrauding customers since 2012 by promising and charging for services it knew it could not offer. At least 640,000 subscribers signed up for high-speed plans but got slower speeds, and many subscribers were unable to access promised online content such as Facebook, Netflix, YouTube and various gaming platforms, the complaint said. The lawsuit seeks "full restitution" for customers, as well as hefty civil fines. Among the allegations in the complaint was an accusation that Time Warner Cable leased older-generation modems to 900,000 subscribers knowing that the modems could not achieve faster internet speeds.

Submission + - Deep Learning Algorithm Diagnoses Skin Cancer As Well As Seasoned Dermatologists (

An anonymous reader writes: Remember how that Google neural net learned to tell the difference between dogs and cats? It’s helping catch skin cancer now, thanks to some scientists at Stanford who trained it up and then loosed it on a huge set of high-quality diagnostic images. During recent tests, the algorithm performed just as well as almost two dozen veteran dermatologists in deciding whether a lesion needed further medical attention. The algorithm is called a deep convolutional neural net. It started out in development as Google Brain, using their prodigious computing capacity to power the algorithm’s decision-making capabilities. When the Stanford collaboration began, the neural net was already able to identify 1.28 million images of things from about a thousand different categories. But the researchers needed it to know a malignant carcinoma from a benign seborrheic keratosis. Dermatologists often use an instrument called a dermoscope to closely examine a patient’s skin. This provides a roughly consistent level of magnification and a pretty uniform perspective in images taken by medical professionals. Many of the images the researchers gathered from the Internet weren’t taken in such a controlled setting, so they varied in terms of angle, zoom, and lighting. But in the end, the researchers amassed about 130,000 images of skin lesions representing over 2,000 different diseases. They used that dataset to create a library of images, which they fed to the algorithm as raw pixels, each pixel labeled with additional data about the disease depicted. Then they asked the algorithm to suss out the patterns: to find the rules that define the appearance of the disease as it spreads through tissue. The researchers tested the algorithm’s performance against the diagnoses of 21 dermatologists from the Stanford medical school, on three critical diagnostic tasks: keratinocyte carcinoma classification, melanoma classification, and melanoma classification when viewed using dermoscopy. In their final tests, the team used only high-quality, biopsy-confirmed images of malignant melanomas and malignant carcinomas. When presented with the same image of a lesion and asked whether they would “proceed with biopsy or treatment, or reassure the patient,” the algorithm scored 91% as well as the doctors, in terms of sensitivity (catching all the cancerous lesions) and sensitivity (not getting false positives).

Submission + - SPAM: Russian Cybersecurity Expert Arrested Over Treason Charges

An anonymous reader writes: Cybersecurity expert Ruslan Stoyanov of Russia’s leading anti-virus company Kaspersky Lab has been arrested on charges of treason. The head of investigations at the multinational cybersecurity provider has been in pre-trial detention, alongside an official from Russia’s Federal Security Service (FSB), since December 2016. Stoyanov, an employee at Kaspersky since 2012, is an incident response specialist with particular expertise in distributed denial of service (DDoS) attacks. He is also thought to have held top positions within Moscow’s Ministry of Interior between 2000 and 2006. Kaspersky Lab has confirmed the arrest but has not revealed any further details on the probe.

Submission + - ASUS takes on Raspberry Pi with its 4K-capable, Kodi-ready Tinker Board (

BrianFagioli writes: If you love Raspberry Pi, but require a little more power for your projects, then ASUSâ(TM)s Tinker Board could be just what youâ(TM)re looking for.

Although thereâ(TM)s no shortage of Raspberry Pi alternatives, the low-cost Tinker Board is better than most because its quad-core 1.8GHz ARM Cortex-A17 processor has the oomph to handle 4K video and 24-bit audio, and it comes with twice as much RAM as the latest Pi.

Submission + - Eggs from Skin Cells? Why the Next Fertility Technology Will Open Pandora's Box (

schwit1 writes: Imagine you are Brad Pitt. After you stay one night in the Ritz, someone sneaks in and collects some skin cells from your pillow.

But that’s not all. Using a novel fertility technology, your movie star cells are transformed into sperm and used to make a baby. And now someone is suing you for millions in child support.

Such a seemingly bizarre scenario could actually be possible, say three senior medical researchers who today have chosen to alert the public to the social risks of in vitro gametogenesis, a technique they say could allow any type of cell to be reprogrammed into a sperm or egg.

Submission + - Carbon nanotube-based memory poised for commercialization in 2018 (

Lucas123 writes: Nano-RAM, which is based on carbon nanotubes and is claimed to have virtually a limitless number of write cycles and can achieve up to 3.2 billion data transfers per second or 2.4Gbps — more than twice as fast as NAND flash — is now being produced in seven fabrication plants around the world. Fujitsu plans to develop a custom embedded storage-class memory module using a DDR4 interface by the end of 2018, with the goal of expanding its product line-up into a stand-alone NRAM product family. A new report from BCC Research states the NRAM will likely challenge all other memory types for market dominance and is expected to be used in everything from IoT sensors to smartphone memory and embedded ASICS for automobiles.

Submission + - Enigma encryption machines could help create fraud-proof bank cards

randomErr writes: German's Enigma ciphering machines technology will be used to create ultra-secure encryption cards. The digital Enigma machines inside the cards will replace the existing three-digit CVV security number and could remove the need for a PIN. These new credit and debit cards will have a complex Enigma-based machine integrated into them that will regularly create new three digit number combinations. This new system will hopefully add an extra step for would-be fraudsters. Near Field Communication (NFC) and possibly WiFi aerial or Bluetooth may be integrated as well.

Submission + - T-Mobile Announces Digits: One Phone Number For All Your Devices (

An anonymous reader writes: T-Mobile just revealed its answer to AT&T’s NumberSync technology, which lets customers use one phone number across all their connected devices. T-Mobile’s version is called Digits and it will launch in a limited, opt-in customer beta beginning today before rolling out to everyone early next year. “You can make and take calls and texts on whatever device is most convenient,” the company said in its press release. “Just log in and, bam, your call history, messages and even voicemail are all there. And it’s always your same number, so when you call or text from another device, it shows up as you.” When it leaves beta, Digits will cost an extra monthly fee, but T-Mobile isn’t revealing pricing today. “This is not going to be treated as adding another line to your account,” said COO Mike Sievert. “Expect us to be disruptive here.” And while its main feature is one number for everything, Digits does offer T-Mobile customers another big perk: multiple numbers on the same device. This will let you swap between personal and work numbers without having to maintain separate lines and accounts. You can also give out an “extra set” of Digits in situations where you might be hesitant to give someone your primary number; this temporary number forwards to your devices like any other call. You can have multiple numbers for whatever purposes you want, based on T-Mobile’s promotional video.

Submission + - Tor Phone Is Antidote To Google 'Hostility' Over Android, Says Developer (

An anonymous reader writes: The Tor Project recently announced the release of its prototype for a Tor-enabled smartphone—an Android phone beefed up with privacy and security in mind, and intended as equal parts opsec kung fu and a gauntlet to Google. The new phone, designed by Tor developer Mike Perry, is based on Copperhead OS, the hardened Android distribution profiled first by Ars earlier this year. "The prototype is meant to show a possible direction for Tor on mobile," Perry wrote in a blog post. "We are trying to demonstrate that it is possible to build a phone that respects user choice and freedom, vastly reduces vulnerability surface, and sets a direction for the ecosystem with respect to how to meet the needs of high-security users." To protect user privacy, the prototype runs OrWall, the Android firewall that routes traffic over Tor, and blocks all other traffic. Users can punch a hole through the firewall for voice traffic, for instance, to enable Signal. The prototype only works on Google Nexus and Pixel hardware, as these are the only Android device lines, Perry wrote, that "support Verified Boot with user-controlled keys." While strong Linux geekcraft is required to install and maintain the prototype, Perry stressed that the phone is also aimed at provoking discussion about what he described as "Google's increasing hostility towards Android as a fully Open Source platform." Copperhead OS was the obvious choice for the prototype's base system, Perry told Ars. "Copperhead is also the only Android ROM that supports verified boot, which prevents exploits from modifying the boot, system, recovery, and vendor device partitions," said Perry in his blog post. "Copperhead has also extended this protection by preventing system applications from being overridden by Google Play Store apps, or from writing bytecode to writable partitions (where it could be modified and infected)." He added: "This makes Copperhead an excellent choice for our base system." The prototype, nicknamed "Mission Improbable," is now ready to download and install. Perry said he uses the prototype himself for his personal communications: "E-mail, Signal, XMPP+OTR, Mumble, offline maps and directions in OSMAnd, taking pictures, and reading news and books." He suggests leaving the prototype in airplane mode and connecting to the Internet through a second, less-trusted phone, or a cheap Wi-Fi cell router.

Submission + - Tesla's solar roof will cost less than a regular roof (

DirkDaring writes: Elon Musk, during the special shareholders meeting to approve the merger with SolarCity, said that he now feels confident that they could deliver their solar roof at a lower cost than a regular roof – even before energy production. The solar roof, according to Musk, would last twice as long a as a normal roof and cost less — including the labor installation costs and without subsidies. If true, it could be a shake-up of the multi-billion dollar roofing industry.

Submission + - Chinese Scientists Become First To Use CRISPR Gene-Editing On Humans (

An anonymous reader writes: A team of Chinese scientists from Sichuan University in Chengdu have become the first to inject a person with cells modified with the gene-editing tool CRISPR-Cas9. The trial involved modifying a patient's own immune system cells to make them more effective at combating cancer cells and then injecting them back into the patient. The Chinese trial was approved back in July, and United States medical scientists also plan to use CRISPR as an experimental treatment for cancer patients in early 2017. The CRISPR-Cas9 "tool" is a DNA construct that can be injected into any organism—in this case, human immune system T cells—to modify the genome of that organism. It works in three steps: an RNA sequence guides the CRISPR construct to the correct part of the organism's DNA, the Cas9 enzyme "cuts out" that segment of DNA, and then, as an optional third step, a new DNA sequence can be inserted to replace the deleted segment of the genome. In the case of the Chinese trial, conducted October 28 at the West China Hospital in Chengdu, only the first two steps of the CRISPR-Cas9 process were carried out. Immune system cells were extracted from a patient with metastatic lung cancer, and then the gene code that produces a protein called PD-1 was deleted by the Cas9 enzyme. PD-1 instructs T cells to stop or slow an immune system response, and cancer cells can take advantage of this protein to trick the body into responding to the ailment with less than full force. Once the PD-1 protein was removed with CRISPR, the edited cells were cultivated to increase their numbers and then injected back into the patient. This is the first of two injections for the patient, and an additional nine patients in the trial will receive between two and four injections of edited cells, depending on their individual conditions.

Submission + - How Stephen Wolfram Figured Out Interstellar Travel in One Night (

mirandakatz writes: "Arrival" hits theaters tomorrow, and it's heavy on the science. So how might an interstellar spacecraft actually work? Just ask Stephen Wolfram: he was deputized to figure it out. At Backchannel, he writes: "For the movie, I wanted to have a particular theory for interstellar travel. And who knows, maybe one day in the distant future it’ll turn out to be correct. But as of now, we certainly don’t know. In fact, for all we know, there’s just some simple “hack” in existing physics that’ll immediately make interstellar travel possible." Click through for the full (and lengthy) read.

Slashdot Top Deals

You know you've landed gear-up when it takes full power to taxi.