Comment Re: Why PINs? (Score 1) 67
I have wondered this myself. Maybe somebody who knows "security" will enlighten us.
Submission + - Brother Printer Bug In 689 Models Exposes Millions To Hacking (securityweek.com)
An anonymous reader writes: Hundreds of printer models from Brother and other vendors are impacted by potentially serious vulnerabilities discovered by researchers at Rapid7. The cybersecurity firm revealed on Wednesday that its researchers identified eight vulnerabilities affecting multifunction printers made by Brother. The security holes have been found to impact 689 printer, scanner and label maker models from Brother, and some or all of the flaws also affect 46 Fujifilm Business Innovation, five Ricoh, six Konica Minolta, and two Toshiba printers. Overall, millions of enterprise and home printers are believed to be exposed to hacker attacks due to these vulnerabilities.
The most serious of the flaws, tracked as CVE-2024-51978 and with a severity rating of ‘critical’, can allow a remote and unauthenticated attacker to bypass authentication by obtaining the device’s default administrator password. CVE-2024-51978 can be chained with an information disclosure vulnerability tracked as CVE-2024-51977, which can be exploited to obtain a device’s serial number. This serial number is needed to generate the default admin password. “This is due to the discovery of the default password generation procedure used by Brother devices,” Rapid7 explained. “This procedure transforms a serial number into a default password. Affected devices have their default password set, based on each device’s unique serial number, during the manufacturing process.”
Having the admin password enables an attacker to reconfigure the device or abuse functionality intended for authenticated users. The remaining vulnerabilities, which have severity ratings of ‘medium’ and ‘high’, can be exploited for DoS attacks, forcing the printer to open a TCP connection, obtain the password of a configured external service, trigger a stack overflow, and perform arbitrary HTTP requests. Six of the eight vulnerabilities found by Rapid7 can be exploited without authentication.
The most serious of the flaws, tracked as CVE-2024-51978 and with a severity rating of ‘critical’, can allow a remote and unauthenticated attacker to bypass authentication by obtaining the device’s default administrator password. CVE-2024-51978 can be chained with an information disclosure vulnerability tracked as CVE-2024-51977, which can be exploited to obtain a device’s serial number. This serial number is needed to generate the default admin password. “This is due to the discovery of the default password generation procedure used by Brother devices,” Rapid7 explained. “This procedure transforms a serial number into a default password. Affected devices have their default password set, based on each device’s unique serial number, during the manufacturing process.”
Having the admin password enables an attacker to reconfigure the device or abuse functionality intended for authenticated users. The remaining vulnerabilities, which have severity ratings of ‘medium’ and ‘high’, can be exploited for DoS attacks, forcing the printer to open a TCP connection, obtain the password of a configured external service, trigger a stack overflow, and perform arbitrary HTTP requests. Six of the eight vulnerabilities found by Rapid7 can be exploited without authentication.
Submission + - Swarms of Tiny Nose Robots Could Clear Infected Sinuses, Researchers Say (theguardian.com)
An anonymous reader writes: Swarms of tiny robots, each no larger than a speck of dust, could be deployed to cure stubborn infected sinuses before being blown out through the nose into a tissue, researchers have claimed. The micro-robots are a fraction of the width of a human hair and have been inserted successfully into animal sinuses in pre-clinical trials by researchers at universities in China and Hong Kong. Swarms are injected into the sinus cavity via a duct threaded through the nostril and guided to their target by electromagnetism, where they can be made to heat up and catalyse chemical reactions to wipe out bacterial infections. There are hopes the precisely targeted technology could eventually reduce reliance on antibiotics and other generalised medicines.
[...] The latest breakthrough, based on animal rather than human trials, involves magnetic particles “doped” with copper atoms which clinicians insert with a catheter before guiding to their target under a magnetic field. The swarms can be heated up by reacting to light from an optical fibre that is also inserted into the body as part of the therapy. This allows the micro-robots to loosen up and penetrate viscous pus that forms a barrier to the infection site. The light source also prompts the micro-robots to disrupt bacterial cell walls and release reactive oxygen species that kill the bacteria.
The study, published in Nature Robotics, showed the robots were capable of eradicating bacteria from pig sinuses and could clear infections in live rabbits with “no obvious tissue damage." The researchers have produced a model of how the technology could work on a human being, with the robot swarms being deployed in operating theatre conditions, allowing doctors to see their progress by using X-rays. Future applications could include tackling bacterial infections of the respiratory tract, stomach, intestine, bladder and urethra, they suggested. “Our proposed micro-robotic therapeutic platform offers the advantages of non-invasiveness, minimal resistance, and drug-free intervention,” they said.
[...] The latest breakthrough, based on animal rather than human trials, involves magnetic particles “doped” with copper atoms which clinicians insert with a catheter before guiding to their target under a magnetic field. The swarms can be heated up by reacting to light from an optical fibre that is also inserted into the body as part of the therapy. This allows the micro-robots to loosen up and penetrate viscous pus that forms a barrier to the infection site. The light source also prompts the micro-robots to disrupt bacterial cell walls and release reactive oxygen species that kill the bacteria.
The study, published in Nature Robotics, showed the robots were capable of eradicating bacteria from pig sinuses and could clear infections in live rabbits with “no obvious tissue damage." The researchers have produced a model of how the technology could work on a human being, with the robot swarms being deployed in operating theatre conditions, allowing doctors to see their progress by using X-rays. Future applications could include tackling bacterial infections of the respiratory tract, stomach, intestine, bladder and urethra, they suggested. “Our proposed micro-robotic therapeutic platform offers the advantages of non-invasiveness, minimal resistance, and drug-free intervention,” they said.
Submission + - Linux can cause seizures if youâ(TM)re not careful (nerds.xyz)
BrianFagioli writes: KDE just pushed out Plasma 6.4.1, and while itâ(TM)s technically a bug-fix release, it includes a surprisingly major change: the âoehighlight windowâ effect is now disabled by default. This is the visual effect where other windows fade away when you hover over a Task Manager thumbnail.
Why the sudden shift? It turns out this flashy feature could do more than just annoy you. Believe it or not, under the right (or wrong) circumstances, it might trigger seizures. No, really.
Developers discovered that if you open several full-screen windows from the same app and then rapidly move your mouse across their thumbnails, it could cause full-screen flickering faster than 3 Hz. Thatâ(TM)s enough to be a medical hazard for people with photosensitive epilepsy.
Why the sudden shift? It turns out this flashy feature could do more than just annoy you. Believe it or not, under the right (or wrong) circumstances, it might trigger seizures. No, really.
Developers discovered that if you open several full-screen windows from the same app and then rapidly move your mouse across their thumbnails, it could cause full-screen flickering faster than 3 Hz. Thatâ(TM)s enough to be a medical hazard for people with photosensitive epilepsy.
Submission + - Smallest Alien World Ever Seen Spotted by JWST in Stunning First (sciencealert.com)
alternative_right writes: Around a newly formed star just 111 light-years away, the powerful space telescope has officially discovered its first exoplanet. It's called TWA-7b, and it's the smallest world that humanity has ever directly imaged.
TWA-7b is a cold gas giant with about a third of the mass of Jupiter, orbiting its red dwarf host star at a staggering distance – 52 times farther than Earth orbits the Sun. In our Solar System, that distance would place TWA-7b out in the Kuiper Belt, far beyond the orbit of Pluto.
TWA-7b is a cold gas giant with about a third of the mass of Jupiter, orbiting its red dwarf host star at a staggering distance – 52 times farther than Earth orbits the Sun. In our Solar System, that distance would place TWA-7b out in the Kuiper Belt, far beyond the orbit of Pluto.
Submission + - Scientists May Have Finally Figured Out How Bats Avoid Cancer (sciencealert.com)
alternative_right writes: Several bats species have been found to possess multiple copies of a known tumor-suppressing gene called p53. Humans have just a single copy, while other cancer-resistant animals, like elephants, boast up to 20. Mutations in this gene are linked to more than half of all human cancers
But a mechanism that's too aggressive at killing cells is obviously not desirable either. Thankfully, bats compensate with an overactive enzyme called telomerase, which allows their cells to continue to proliferate.
But a mechanism that's too aggressive at killing cells is obviously not desirable either. Thankfully, bats compensate with an overactive enzyme called telomerase, which allows their cells to continue to proliferate.
Submission + - Casino Lights Could Be Warping Your Brain to Take Risks, Scientists Warn (sciencealert.com)
alternative_right writes: Casino lighting could be nudging gamblers to be more reckless with their money, according to a new study, which found a link between blue-enriched light and riskier gambling behavior.
Submission + - A Cracked Piece of Metal Self-Healed in Experiment That Stunned Scientists (sciencealert.com)
alternative_right writes: "We certainly weren't looking for it. What we have confirmed is that metals have their own intrinsic, natural ability to heal themselves, at least in the case of fatigue damage at the nanoscale."
While the observation is unprecedented, it's not wholly unexpected. In 2013, Texas A&M University materials scientist Michael Demkowicz worked on a study predicting that this kind of nanocrack healing could happen, driven by the tiny crystalline grains inside metals essentially shifting their boundaries in response to stress.
While the observation is unprecedented, it's not wholly unexpected. In 2013, Texas A&M University materials scientist Michael Demkowicz worked on a study predicting that this kind of nanocrack healing could happen, driven by the tiny crystalline grains inside metals essentially shifting their boundaries in response to stress.
Comment Re: Also absolutely everything is currently (Score 1) 136
FWIW I rather enjoy rsilvergun's posts. He skewers the right so badly that he makes getting out of bed worthwhile.
Comment Re: Gnome is a credible competitor to Apple? (Score 2) 105
You're right. Nicely summarized.
Comment Re: Where have I seen this before...? (Score 1) 22
I loved that show.
Comment Re:uh'oh (Score 1) 71
I never have mod points when i need them.
Comment Re: PKI ~= Broken Trust (Score 1) 61
A lot of talent gets wasted in America.
Comment There are stromatalite fossils (Score 1) 55
The media doesn't talk about it much, but many rock formations that are almost certainly stromatalite fossils have been found. Here is one example. You can find many more with Google. The stromatalite-like formations are why NASA keeps sending rovers to dry lake beds. https://www.hindawi.com/journa...
Comment Re: I'm on one right now! (Score 1) 171
Your description of the Economist's point of view is right on.
Slashdot Top Deals
Keep the number of passes in a compiler to a minimum. -- D. Gries
