RogueScientist - Slashdot User

Submission + - Researchers create Mac "firmworm" that spreads via Thunderbolt Ethernet adapters

Submitted by BIOS4breakfast on Monday August 03, 2015 @10:45AM

BIOS4breakfast writes: Wired reports that later this week at BlackHat and Defcon, Trammel Hudson will show the Thunderstrike 2 update to his Thunderstrike attack on Mac firmware (previously covered on Slashdot). Trammel teamed up with Xeno Kovah and Corey Kallenberg from LegbaCore, who have previously shown numerous exploits for PC firmware. They found that multiple vulnerabilities that were already publicly disclosed were still present in Mac firmware. This allows a remote attacker to break into the Mac over the network, and infect its firmware. The infected firmware can then infect Apple Thunderbolt to Ethernet adapters' PCI Option ROM. And then those adapters can infect the firmware of any Mac they are plugged into — hence creating the self-propagating Thunderstrike 2 "firmworm". Unlike worms like Stuxnet, it never exists on the filesystem, it only ever lives in firmware (which no one ever checks.) A video showing the proof of concept attack is posted here.

Submission + - CollegeBoard: Analyses of CS Study Benefits Shouldn't be Interpreted as Causal

Submitted by theodp on Sunday August 02, 2015 @09:06PM

theodp writes: Code.org, backed by some of tech's wealthiest individuals and their companies, is this close to getting computer science declared a 'core subject' in K-12 public schools. So, when the non-profit recently asked CollegeBoard for more evidence that learning computer science is linked to improved learning in other subjects, it must have been disheartened by the study results. "The purpose of this brief note," wrote the CollegeBoard, "is to document some exploratory analyses linking participation in AP Computer Science to subsequent performance in SAT Mathematics and AP Calculus and Statistics. None of these analyses should be interpreted as causal. Although there appears to be a relationship between AP CS participation and subsequent outcomes, it is highly likely that this is the result of one or more omitted and confounding characteristics of students that are not able to be controlled for given this research design."

Comment Motorized Equatorial Telescope mount free. (Score 1) 85

by RogueScientist on Monday August 02, 2010 @01:28PM (#33112558) Attached to: Equatorial Mounts For Budget Astrophotography?

I have a motorized equatorial mount that is of very hefty precision design. You would have to pick it up from Santa Fe NM, but its perfect for astrophotography. -Simon.

Equatorial Mounts For Budget Astrophotography? 85

Posted by timothy on Monday August 02, 2010 @08:36AM from the rubber-band-and-hope dept.

Timoris writes "With the Perseids approaching rapidly, I am looking for a good beginner's motorized equatorial mount for astrophotography. I have seen a few for $150 to $200, but apparently the motor vibrations make for poor photographs. Orion makes good mounts, but are out of my price range ($350) and the motor is sold separately, adding to the price half over again. Does anyone have any good experience with any low- or mid-priced mounts?"

Autodesk Suing to Keep Format Closed 365

Posted by CmdrTaco on Wednesday December 20, 2006 @12:37PM from the haven't-we-been-through-this-before dept.

An anonymous reader writes "AutoCAD is by far the industry standard CAD tool for engineering drawings. When I was an engineering student it was on every computer in the college of engineering. Autodesk, the makers of the AutoCAD software, are attempting to quash an effort to reverse-engineer the proprietary binary format used by AutoCAD. Looking at the court order, their whole argument revolves around something called TrustedDWG that basically looks like a digital signature that verifies the file was created by an Autodesk product."

Comment method of digitizing a laser disk (Score 2, Interesting) 92

by RogueScientist on Saturday July 31, 2004 @06:33PM (#9854757) Attached to: Extracting Digital Video from LaserDiscs?

A laser disk has pits on the disk that vary in length and position in the sequence. So essentially you have a time and amplitude domain that generates a analog waveform. Why would it not be possible to construct a special apparatus that reads the length of the pits as accurately as possible and store that information in a data file with a 64 bit number for each pit with a time? Once you have this the data you have captured is digital and can use the necessary analysis to generate the image information from that data? It seems a lot better than dealing with disk players that are taking this information doing various filtering on the information and working with the generated analog frequency waveform.

Slashdot Top Deals