Comment Re: Everything always goes lowest bidder (Score 1) 89
Who wants to bet the insurance company cancelled the policy or refused to pay when they discovered the attack vector was a sub-contractor giving out the keys to the kingdom?
Comment Re:Sounds mostly like a good idea ... (Score 1) 66
what happens in 20 years when the "Internet-connected" part of the seatbelt becomes hopelessly outdated and unusable?
You buy a new car because it won't drive without the verification that the seatbelts are worn.
Comment Re:Not tracking "customers" (Score 1) 57
Not to mention that some people still won't eat at restaurants after the pandemic, but will do carry-out.
Comment Re:And nobody cares (Score 1) 14
Freevee, never heard of it.
But I'm glad I don't have to shutter another sunsetting. Do these VPs just make up these words to impress each other?
Freevee was originally IMDb Freedive and then IMDbTV.
Submission + - Scientist recover text from charred scrolls of Vesuvius (sciencealert.com)
davidone writes: Thanks to X-ray tomography and machine learning, carbonized scrolls found in Villa of Papyri – an ancient Roman mansion destroyed by the eruption of Mount Vesuvius — can now be read, after being buried since 79 CE.
Comment Re: Printing as a service (Score 1) 166
Brother says not to use third party consumables. I don't know that they brick your printer if you do, though.
Comment Re: Printing as a service (Score 1) 166
Brother does it, too.
Comment Printing as a service (Score 1) 166
While HP was the first to bring ink subscriptions to the market, the other printer manufacturers have embraced it, too.
Submission + - Chicago Public Schools lost over $20 million in electronics in one year, report (cbsnews.com)
An anonymous reader writes: In all, more than $20 million were lost – as about students failed to return 77,505 laptops and other electronic devices within a year. This is even though the district spends millions to track such devices.
The underlying concern is that taxpayer dollars will be used to replace them.
The underlying concern is that taxpayer dollars will be used to replace them.
Submission + - Judges given approval to use AI to write legal opinions (apnews.com)
Press2ToContinue writes: From the "What-Could-Possibly-Go-Wrong" department:
LONDON (AP) — England’s 1,000-year-old legal system — still steeped in traditions that include wearing wigs and robes — has taken a cautious step into the future by giving judges permission to use artificial intelligence to help produce rulings.
The Courts and Tribunals Judiciary last month said AI could help write opinions but stressed it shouldn’t be used for research or legal analyses because the technology can fabricate information and provide misleading, inaccurate and biased information.
“Judges do not need to shun the careful use of AI,” said Master of the Rolls Geoffrey Vos, the second-highest ranking judge in England and Wales. “But they must ensure that they protect confidence and take full personal responsibility for everything they produce.”
At a time when scholars and legal experts are pondering a future when AI could replace lawyers, help select jurors or even decide cases, the approach spelled out Dec. 11 by the judiciary is restrained. But for a profession slow to embrace technological change, it’s a proactive step as government and industry — and society in general — react to a rapidly advancing technology alternately portrayed as a panacea and a menace.
LONDON (AP) — England’s 1,000-year-old legal system — still steeped in traditions that include wearing wigs and robes — has taken a cautious step into the future by giving judges permission to use artificial intelligence to help produce rulings.
The Courts and Tribunals Judiciary last month said AI could help write opinions but stressed it shouldn’t be used for research or legal analyses because the technology can fabricate information and provide misleading, inaccurate and biased information.
“Judges do not need to shun the careful use of AI,” said Master of the Rolls Geoffrey Vos, the second-highest ranking judge in England and Wales. “But they must ensure that they protect confidence and take full personal responsibility for everything they produce.”
At a time when scholars and legal experts are pondering a future when AI could replace lawyers, help select jurors or even decide cases, the approach spelled out Dec. 11 by the judiciary is restrained. But for a profession slow to embrace technological change, it’s a proactive step as government and industry — and society in general — react to a rapidly advancing technology alternately portrayed as a panacea and a menace.
Submission + - Side channel attack against post-quantum encryption algorithm (thehackernews.com) 1
jd writes: Crystals-Kyber was chosen to be the US government's post-quantum cryptography system of choice last year, but a side-channel attack has been identified.
From TFA, NIST says that this is an implementation-specific attack (the reference implementation) and not a vulnerability in Kyber itself.
From TFA:
The exploit relates to "side-channel attacks on up to the fifth-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU," Elena Dubrova, Kalle Ngo, and Joel Gärtner of KTH Royal Institute of Technology said in a paper.
CRYSTALS-Kyber is one of four post-quantum algorithms selected by the U.S. National Institute of Standards and Technology (NIST) after a rigorous multi-year effort to identify a set of next-generation encryption standards that can withstand huge leaps in computing power.
One of the popular countermeasures to harden cryptographic implementations against physical attacks is masking, which randomizes the computation and detaches the side-channel information from the secret-dependent cryptographic variables.
The attack method devised by the researchers involves a neural network training method called recursive learning to help recover message bits with a high probability of success.
The researchers also developed a new message recovery method called cyclic rotation that manipulates ciphertexts to increase the leakage of message bits, thereby boosting the success rate and making it possible to extract the session key.
"Such a method allows us to train neural networks that can recover a message bit with the probability above 99% from high-order masked implementations," they added.
When reached for comment, NIST told The Hacker News that the approach does not break the algorithm itself and that the findings don't affect the standardization process of CRYSTALS-Kyber.
On the mailing list, D. J. Bernstein added this:
Ive been recently carrying out code analysis for some of the KEM implementations submitted to SUPERCOP. In the case of kyber*/ref, I noticed various "/KYBER_Q" occurrences with variable inputs. In at least one case, line 190 of crypto_kem/kyber768/ref/poly.c, this is clearly a secret input. I'd expect measurable, possibly exploitable, timing variations
From TFA, NIST says that this is an implementation-specific attack (the reference implementation) and not a vulnerability in Kyber itself.
From TFA:
The exploit relates to "side-channel attacks on up to the fifth-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU," Elena Dubrova, Kalle Ngo, and Joel Gärtner of KTH Royal Institute of Technology said in a paper.
CRYSTALS-Kyber is one of four post-quantum algorithms selected by the U.S. National Institute of Standards and Technology (NIST) after a rigorous multi-year effort to identify a set of next-generation encryption standards that can withstand huge leaps in computing power.
One of the popular countermeasures to harden cryptographic implementations against physical attacks is masking, which randomizes the computation and detaches the side-channel information from the secret-dependent cryptographic variables.
The attack method devised by the researchers involves a neural network training method called recursive learning to help recover message bits with a high probability of success.
The researchers also developed a new message recovery method called cyclic rotation that manipulates ciphertexts to increase the leakage of message bits, thereby boosting the success rate and making it possible to extract the session key.
"Such a method allows us to train neural networks that can recover a message bit with the probability above 99% from high-order masked implementations," they added.
When reached for comment, NIST told The Hacker News that the approach does not break the algorithm itself and that the findings don't affect the standardization process of CRYSTALS-Kyber.
On the mailing list, D. J. Bernstein added this:
Ive been recently carrying out code analysis for some of the KEM implementations submitted to SUPERCOP. In the case of kyber*/ref, I noticed various "/KYBER_Q" occurrences with variable inputs. In at least one case, line 190 of crypto_kem/kyber768/ref/poly.c, this is clearly a secret input. I'd expect measurable, possibly exploitable, timing variations
Comment Re: No doubt... (Score 1) 269
Sure, 6 licenses for outdated software and 1 for the current release.
Comment Re: No doubt... (Score 1) 269
Exactly. Most people seem to have forgotten just how much Adobe was charging for CS back in the days of perpetual licenses. At first, Adobe was releasing a new version of CS every other year, but starting with CS5.5 they went to a yearly release. In total, there were 7 CS releases over a period of about 9 years. Assuming $2500/release, that's $17,500 compared to $5400 for 9 years of a CC subscription at $600/year.
Comment Re: No doubt... (Score 1) 269
The Abode CreativeCloud is ~ 50USD/month for access to everything if you sign up for a year. It's expensive, but significantly less than what it used to cost to chase the latest release of CS.
Submission + - Tesla unveils dual motor and performance specs for Model 3; deliveries in July
Rei writes: Yesterday evening, Elon Musk announced the pricing and specs for two of the Model 3's most in-demand options — dual motor and performance versions. The base dual motor config adds an AC induction front motor to the current partial-PM reluctance rear motor for $5k; in addition to AWD and allowing the car to drive with either motor out, this cuts the 0-60 time from 5,1s to 4,5s. The performance package is available as a bundle, including the long-range pack, premium interior, 20" wheels, carbon fibre spoiler and a new black-and-white interior. The vehicle will cost $78k; 0-60 times are further cut to 3,5s and the top speed increases from 140mph to 155mph.
While these options have consistently polled as the most in-demand options not yet available, several still remain and are variously due late this year / early next year: cream interior, non-PUP, tow hitch, SR battery, and air suspension. EU-spec and China-spec are also due early next year. Production is currently over 3,5k/wk, rumoured to be 4,3k/wk, and will be undergoing a shutdown from 26-31 May to raise production to the Q2 target of 5-6k.
While these options have consistently polled as the most in-demand options not yet available, several still remain and are variously due late this year / early next year: cream interior, non-PUP, tow hitch, SR battery, and air suspension. EU-spec and China-spec are also due early next year. Production is currently over 3,5k/wk, rumoured to be 4,3k/wk, and will be undergoing a shutdown from 26-31 May to raise production to the Q2 target of 5-6k.
Slashdot Top Deals
The next person to mention spaghetti stacks to me is going to have his head knocked off. -- Bill Conrad
