92664273
submission
sciencehabit writes:
True blue flowers are a rarity in nature—they occur only in select species like morning glories and delphiniums. Now, researchers have created a genuinely blue chrysanthemum by adding two genes to the normally pink or reddish flower. The advance could be applied to other species—and it may mean that florists wanting to hawk blooms of blue will no longer have to dye them.
89841777
submission
drunkdrone writes:
Police in China are being equipped with new high-tech weaponry to help them fight back against illegal drone use. Officers in the central Chinese city of Wuhan have been issued rifles that emit radio-jamming signals to knock quadcopters and similar unmanned aerial vehicles (UAVs) out of the sky.
Rather than disabling the drones completely — which would cause them to fall out of the sky and potentially injure people on the ground — the scoped rifles put the drones into a controlled decent so they can land without being damaged.
It does this by emitting radio frequencies that are the same as the ones drones use to communicate with the operator's control unit, commonly in the 2.4GHz and 5.8GHz ranges.
89841685
submission
Trailrunner7 writes:
year after flaws in SS7, one of the underlying protocols in the cell network came to the public’s attention, two powerful members of Congress are asking the secretary of Homeland Security how DHS has addressed the threat and whether the department has sufficient resources to detect and defeat SS7-related attacks.
The flaws in SS7, a protocol that’s designed to connect various telecom carriers, can enable anyone with access to the system to carry out discreet surveillance against a victim, knowing only the target’s phone number. Many people at each of the carriers have access to the system, and security researchers have been warning about the problem for years. Last year, researchers demonstrated an attack on the phone of Rep. Ted Lieu (D-Calif.) using this technique, prompting Lieu to call on congressional leaders to address the issue.
Now, a year later, Lieu and Sen. Ron Wyden (D-Ore.) have sent a letter to John F. Kelly, secretary of Homeland Security, to detail what the department has done to address the SS7 problem and whether the federal government understands how this vulnerability could be used for surveillance.
“We are deeply concerned that the security of America’s telecommunications infrastructure is not getting the attention it deserves. Although there have been a few news stories about this topic, we suspect that most Americans simply have no idea how easy it is for a relatively sophisticated adversary to track their movements, tap their calls, and hack their smartphones. We are also concerned that the government has not adequately considered the counterintelligence threat posed by SS7-enabled surveillance,” the letter says.
89777195
submission
Pig Hogger writes:
The recent assertion that, given the recent CIA/Wikileaks dump about “encryption really working” makes encryption much more desirable.
So, if you decide to implement server-level encryption accross all your servers, how do you manage the necessary keys/passwords/passphrases to insure that you both have maximum uptime (you can access your data if you need to reboot your servers), yet that the keys cannot be compromised, as if the password is known by many different people, because, once the server is seized, you can’t change the password?
What are established practices to address this issue?
87445327
submission
dcblogs writes:
The U.S believes it will be ready to seek vendor proposals to build two exascale supercomputers — costing roughly $200 to $300 million each — by 2019. The two systems will be built at the same time and be ready for use by 2023, although it's possible one of the systems could be ready a year earlier, according to U.S. Department of Energy officials. The U.S. will award the exascale contracts to vendors with two different architectures. But the scientists and vendors developing exascale systems do not yet know whether President-Elect Donald Trump's administration will change directions. The incoming administration is a wild card. Supercomputing wasn't a topic during the campaign, and Trump's dismissal of climate change as a hoax, in particular, has researchers nervous that science funding may suffer. At the annual supercomputing conference SC16 last week in Salt Lake City, a panel of government scientists outlined the exascale strategy developed by President Barack Obama's administration. When the session was opened to questions, the first two were about Trump. One attendee quipped that "pointed-head geeks are not going to be well appreciated."
87367981
submission
cold fjord writes:
James Clapper, Director of National Intelligence, resigned last night. Clapper spent 30 years in military intelligence at the National Imagery and Mapping Agency. He was selected to be the Director of National Intelligence in 2010 with responsibility for 17 US intelligence agencies. Clapper was DNI during the monumental Snowden leaks of documents from NSA and various allied intelligence agencies as well as the release by WikiLeaks of the documents provided by (at the time) Private Bradley Manning. Besides the Snowden and Manning leaks, Clapper was engulfed in controversy over testimony to Congress in which he is alleged to have lied about NSA data collection in responding to a question from Senator Wyden. Clapper had previously stated he would leave at the end of the Obama administration. Clapper's resignation clears the way for incoming president-elect Trump to appoint his own Director of National Intelligence.
86949901
submission
Krystalo writes:
It’s been more than a year since our last browser benchmark battle, and the competition remains fierce. Google Chrome, Mozilla Firefox, and Microsoft Edge have all gained a variety of new features and improvements over the past year. It’s time to see if any of them have managed to pull ahead of the pack. It appears that Edge has made the biggest gains since last year. That said, browser performance is improving at a very rapid pace, and it shouldn’t be your only consideration when picking your preferred app for consuming Internet content.
86869561
submission
operator_error writes:
Lurking in the kernel for nine years, flaw gives untrusted users unfettered root access.
By Dan Goodin — 10/20/2016
A serious vulnerability that has been present for nine years in virtually all versions of the Linux operating system is under active exploit, according to researchers who are advising users to install a patch as soon as possible.
While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.
"It's probably the most serious Linux local privilege escalation ever," Dan Rosenberg, a senior researcher at Azimuth Security, told Ars. "The nature of the vulnerability lends itself to extremely reliable exploitation. This vulnerability has been present for nine years, which is an extremely long period of time."
The underlying bug was patched this week by the maintainers of the official Linux kernel. Downstream distributors are in the process of releasing updates that incorporate the fix. Red Hat has classified the vulnerability as "important."
84625535
submission
An anonymous reader writes:
The fast food giant Wendy's has reported today that hackers were able to steal customers' credit and debit card information at 1,025 of its U.S. restaurants. The company said Thursday hackers were able to obtain card numbers, names, expiration dates and codes on the card, beginning in late fall. Some customers' cards were used to make fraudulent purchases at other stores. Wendy's first announced it was investigating a possible hack in January. In May, it found malware in fewer than 300 restaurants; two types of malware were found two months later and the number of restaurants affected was "considerably higher." There are more than 5,700 Wendy's restaurants in the U.S. Customers can check to see which locations were affected via Wendy's website. The company said it is offering free one-year credit monitoring to people who paid with a card at any of those restaurants.
84624947
submission
An anonymous reader writes:
Researchers from Microsoft and the University of Washington said Thursday that they had successfully encoded about 200 megabytes of data onto synthetic DNA molecules. The information included more than 100 books, translations of the Universal Declaration of Human Rights, and a high-definition music video from the band OK Go. Previously, the record was 22 megabytes encoded and decoded on DNA, said the researchers. Microsoft's lead researcher on the project, Karin Strauss, said DNA storage of the type demonstrated in the UW lab could, theoretically, store an exabyte (one billion gigabytes) of data in about one cubic inch of DNA material. "Our goal is really to build systems to show that it is possible," she said. DNA is also very durable. If stored in the right conditions, data encoded on DNA could be readable for thousands of years, compared to typical hard disks or flash drives that can fail in a few years.
