Comment Land of the free (Score 1) 310
Hello China II !
Submission + - JavaScript Attack Breaks ASLR on 22 CPU Architectures (bleepingcomputer.com)
An anonymous reader writes: Five researchers from the Vrije University in the Netherlands have put together an attack that can be carried out via JavaScript code and break ASLR protection on at least 22 microprocessor architectures from vendors such as Intel, AMD, ARM, Allwinner, Nvidia, and others. The attack, christened ASLRCache, or AnC, focuses on the memory management unit (MMU), a lesser known component of many CPU architectures, which is tasked with improving performance for cache management operations.
What researchers discovered was that this component shares some of its cache with untrusted applications, including browsers. This meant that researchers could send malicious JavaScript that specifically targeted this shared memory space and attempted to read its content. In layman's terms, this means an AnC attack can break ASLR and allow the attacker to read portions of the computer's memory, which he could then use to launch more complex exploits and escalate access to the entire OS.
Researchers have published two papers [1, 2] detailing the AnC attack, along with two videos[1, 2] showing the attack in action.
What researchers discovered was that this component shares some of its cache with untrusted applications, including browsers. This meant that researchers could send malicious JavaScript that specifically targeted this shared memory space and attempted to read its content. In layman's terms, this means an AnC attack can break ASLR and allow the attacker to read portions of the computer's memory, which he could then use to launch more complex exploits and escalate access to the entire OS.
Researchers have published two papers [1, 2] detailing the AnC attack, along with two videos[1, 2] showing the attack in action.
Submission + - Ethicists debating CRISPR stop short of supporting human enhancement (washingtonpost.com)
Baron_Yam writes: From the Washington Post:
For some ethicists, that represents a slippery slope. At the conclusion of a gene-editing summit in Washington at the National Academy of Sciences in December 2015, scientists said that although some basic research could proceed, it would be irresponsible to use genetically modified germline cells for the purpose of establishing a pregnancy.
But the new report takes a slightly more permissive, forward-thinking position, saying that, if and when such interventions are proved safe — which could be in the near future — and if numerous criteria are met to ensure that such gene editing is regulated and limited, it could potentially be used to treat rare, serious diseases.
“We say proceed with all due caution, but we don’t prohibit germline, after considerable discussion and debate,” said Richard Hynes, an MIT biologist and one of the leaders of the new study. “We’re talking only about fixing diseases.”
For some ethicists, that represents a slippery slope. At the conclusion of a gene-editing summit in Washington at the National Academy of Sciences in December 2015, scientists said that although some basic research could proceed, it would be irresponsible to use genetically modified germline cells for the purpose of establishing a pregnancy.
But the new report takes a slightly more permissive, forward-thinking position, saying that, if and when such interventions are proved safe — which could be in the near future — and if numerous criteria are met to ensure that such gene editing is regulated and limited, it could potentially be used to treat rare, serious diseases.
“We say proceed with all due caution, but we don’t prohibit germline, after considerable discussion and debate,” said Richard Hynes, an MIT biologist and one of the leaders of the new study. “We’re talking only about fixing diseases.”
Comment Re:mathematica? (Score 1) 216
The "tour" is probably a loop, but the paint instruction doens't connect the last capital to the first.
Also weird is the choice of capitals for Western Europe. Gibraltar, a capital ? Athens more western than say ljubljana ?
Comment Re:It's not a full node (Score 1) 150
From the end of TFA:
Most of the code is in pretty good shape however some pieces are incomplete. Within 2 weeks we should have enough core functionality written and at that point we are going to release parts of the code to the general community.
But I agree that there is not a lot available to play with yet.
Submission + - Sunstone Unearthed From Sixteenth Century Shipwreck (sciencemag.org)
sciencehabit writes: In 1592, a British ship sank near the island of Alderney in the English Channel carrying an odd piece of cargo: a small, angular crystal. Once it was brought back to land, a few European scientists began to suspect the mysterious object might be a calcite crystal, a powerful "sunstones" referred to in Norse legends which they believe Vikings and other European seafarers used to navigate before the introduction of the magnetic compass. Now, after subjecting the object to a battery of mechanical and chemical tests, the team has determined that the Alderman crystal is indeed a calcite and, therefore, could have been the ship's optical compass. Today, similar calcite crystals are used by astronomers to analyze the atmospheres of exoplanets—perhaps setting the stage for a whole new age of exploration.
Submission + - Giant database of school children. What could go wrong? (reuters.com) 1
asjk writes: The database includes millions of children and documents their names, addresses, disabilities and other statistics and demographics.Federal law, the article reports, allows for files to be shared with private companies. This, it is further reported, is already underway.
Comment Re:Pro Exploitation CEO (Score 1) 1313
+1, good troll
Comment Re:Except it isn't their latest game. (Score 1) 386
Well, he did write "Other wise", didn't he ?
Comment Re:Arduino, AVR, RPi, Beaglebone (Score 1) 228
I second the AVR. Great docs, good community. The chips are really cheap, and most of them have PDIP versions, which means that you can just plug them into a breadboard or solder them onto a stripboard. You need no extra components to make them run from a 5V supply (like USB), and they can run at up to 16MHz with an external oscillator (even 20MHz for some). You can program them with the STK500 USB programmer which costs about 20 bucks iirc, and which is supported by the free avrdude software.
As an example, the ATTiny26 is about 3 dollars, and powerful enough to build a MIDI controller with 6 analog inputs that communicates through software USB even though it has only 128 bytes of RAM and 2kB of flash memory.
An Arduino might be even simpler to use, but I have no experience with those. Have fun !
As an example, the ATTiny26 is about 3 dollars, and powerful enough to build a MIDI controller with 6 analog inputs that communicates through software USB even though it has only 128 bytes of RAM and 2kB of flash memory.
An Arduino might be even simpler to use, but I have no experience with those. Have fun !
Submission + - What Will NASA Do with Its Gifted Spy 'Scopes? (discovery.com)
astroengine writes: "NASA has begun surveying scientists on what they would like to do with two Hubble-class space telescopes donated to the civilian space agency by its secretive sibling, the National Reconnaissance Office (NRO) — which operates the nation's spy satellites. But the gifts have some formidable strings attached, including costs to develop instruments and launch the observatories. The telescopes, though declassified, also are subject to export regulations.
"We need to retain possession and control," NASA's astrophysics division director Paul Hertz told Discovery News. "That doesn't preclude us from partnering (with other countries). It just sets boundaries on the nature of the partnership." NASA also isn't allowed to use the telescopes for any Earth-observing missions. Topping the list of possible missions for the donor hardware is a remake of NASA's planned Wide-Field Infrared Survey Telescope, known as WFIRST. The mission, estimated to cost between $1.5 billion and $2 billion, is intended to answer questions about dark energy, a relatively recently discovered phenomenon that is believed to be speeding up the universe's rate of expansion."
"We need to retain possession and control," NASA's astrophysics division director Paul Hertz told Discovery News. "That doesn't preclude us from partnering (with other countries). It just sets boundaries on the nature of the partnership." NASA also isn't allowed to use the telescopes for any Earth-observing missions. Topping the list of possible missions for the donor hardware is a remake of NASA's planned Wide-Field Infrared Survey Telescope, known as WFIRST. The mission, estimated to cost between $1.5 billion and $2 billion, is intended to answer questions about dark energy, a relatively recently discovered phenomenon that is believed to be speeding up the universe's rate of expansion."
Slashdot Top Deals
"Oh what wouldn't I give to be spat at in the face..." -- a prisoner in "Life of Brian"
