Monday, 22 May 2017

F1 | Teams ‘exaggerating’ data to Pirelli

Pirelli has admitted some teams have “exaggerated” downforce values as the F1 supplier sets its tyre operating guidelines before grands...

Read the full article here by FormulaPassion.it

HTC et Google développent un casque de réalité virtuelle Daydream autonome

Humans May Have Accidentally Created a Radiation Shield Around Earth


 

NASA spends a lot of time researching the Earth and its surrounding space environment. One particular feature of interest are the Van Allen belts, so much so that NASA built special probes to study them! They’ve now discovered a protective bubble they believe has been generated by human transmissions in the VLF range.

VLF transmissions cover the 3-30 kHz range, and thus bandwidth is highly limited. VLF hardware is primarily used to communicate with submarines, often to remind them that, yes, everything is still fine and there’s no need to launch the nukes yet.  It’s also used for navigation and broadcasting time signals.

It seems that this human transmission has created a barrier of sorts in the atmosphere that protects it against radiation from space. Interestingly, the outward edge of this “VLF Bubble” seems to correspond very closely with the innermost edge of the Van Allen belts caused by Earth’s magnetic field. What’s more, the inner limit of the Van Allan belts now appears to be much farther away from the Earth’s surface than it was in the 1960s, which suggests that man-made VLF transmissions could be responsible for pushing the boundary outwards.

Overall, this seems like an accidental, but potentially positive effect of human activity – the barrier protects the Earth from potentially harmful radiation. NASA’s YouTube video on the topic suggests that understanding this mechanism better could enable us to protect our satellites and space vehicles from some of the harmful effects of the space environment.

NASA does a lot of high-end research – like the EM drive that’s got a lot of people very confused right now.

[Thanks bty!]



Read the full article here by Hack a Day

Arduino Cinque – The RISC-V, ESP32, WiFi, Bluetooth Arduino

This weekend at the Bay Area Maker Faire, Arduino in conjunction with SiFive, a fabless provider of the Open Source RISC-V micros, introduced the Arduino Cinque. This is a board running one of the fastest microcontrollers available, and as an added bonus, this board includes Espressif’s ESP32, another wonderchip that features WiFi and Bluetooth alongside a very, very powerful SoC.

Details on the Arduino Cinque are slim at the moment, but from what we’ve seen so far, the Cinque is an impressively powerful board featuring the RISC-V FE310 SoC from SiFive, an ESP32, and an STM32F103. The STM32 appears to be dedicated to providing the board with USB to UART translation, something the first RISC-V compatible Arduino solved with an FTDI chip. Using an FTDI chip is, of course, a questionable design decision when building a capital ‘O’ Open microcontroller platform, and we’re glad SiFive and Arduino found a better solution. It’s unknown if this STM32 can be used alongside the FE310 and ESP32 at this point.

We’ve taken a look at SiFive’s FE310 SoC, and it is an extremely capable chip. It was released first at the HiFive1, and our hands-on testing revealed this is a chip that outperforms the current performance champ of the Arduino world, the Teensy 3.6. Of course, with any new architecture, there will be a few problems porting the vast number of libraries over to the FE310, but SiFive has included an Arduino compatible SDK. It’s promising, and we can’t wait to see SiFive’s work in more boards.


Filed under: Arduino Hacks, news, slider

Read the full article here by Hack a Day

Friday, 19 May 2017

Four short links: 19 May 2017

Algorithmic Fallibility, AI Sketches, Traffic Obfuscation, and Engineer-Manager Pendulum

  1. Algorithmic Fallibility and Economic Organization -- algorithms have benefits (when they get the right answer) and costs (when they get the wrong answer). This article creates three scenarios and uses the tools of economics to analyze them.
  2. Google Releases Sketches -- Sketch-RNN, a generative model for vector drawings, is now available in Magenta. Comes with 50M drawings as training data.
  3. Bedlam -- Google Chrome extension to generate random web traffic/DNS requests to make your web traffic data less valuable for selling.
  4. The Engineer-Manager Pendulum (Charity Majors) -- The best frontline eng managers in the world are the ones who are never more than 2-3 years removed from hands-on work, full time down in the trenches. The best individual contributors are the ones who have done time in management.

Continue reading Four short links: 19 May 2017.



Read the full article here by Four Short Links - O'Reilly Media

Thursday, 18 May 2017

Many senior executives do not know GDPR is coming

More than four fifths (84 percent) of small business owners in the UK, and almost half (43 percent) of senior executives in large companies have no idea what GDPR is and that it’s coming. That's according to Shred-it’s Security Tracker research, which also found that roughly one in seven (14 percent) of small business owners, and 31 percent of senior executives know what the fines of not complying with the GDPR are. This is despite the fact that 95 percent of senior executives and 87 percent of small business owners claim to have some understanding of their industry’s legal requirements.… [Continue Reading]


Read the full article here by Betanews

Google's New Mobile OS Will Have a Distinctly Non-Linux Hue

Google's New Mobile OS Will Have a Distinctly Non-Linux Hue

May 17, 2017, 23:00 (0 Talkback[s])

Google has been developing a new open source operating system called "Fuchsia" for smartphones, tablets and other devices, which could be unveiled as early as this summer. Little has been revealed about the new OS since it first came to light last year.

Complete Story



Read the full article here by Linux Today

Google makes Firebase SDKs open source

Open_Source_Yellow_Red_Web

Today was day one of Google I/O and there was no shortage of news. To name a few, the search giant is bringing its assistant to iPhone, Smart Reply to Gmail on mobile, and voice-calling to Google Home. These things should be very interesting to consumers and technology enthusiasts.

With I/O being a developer conference, however, not all of the new is necessarily consumer-focused. Case in point, there was some rather big developer news that didn't get as much attention. You see, Google announces that it is making five of its "Firebase" SDKs open source.

"We are pleased to announce that we are taking our first steps towards open sourcing our client libraries. By making our SDKs open, we're aiming to show our commitment to greater transparency and to building a stronger developer community. To help further that goal, we'll be using GitHub as a core part of our own toolchain to enable all of you to contribute as well. As you find issues in our code, from inconsistent style to bugs, you can file issues through the standard GitHub issue tracker. You can also find our project in the Google Open Source directory. We're really looking forward to your pull requests," says Salman Qadri, Firebase Product Manager.

ALSO READ: Download Android 'Oreo' Beta from Google now

Qadri also says, "We're starting by open sourcing several products in our iOS, JavaScript, Java, Node.js and Python SDKs. We'll be looking at open sourcing our Android SDK as well. The SDKs are being licensed under Apache 2.0, the same flexible license as existing Firebase open source projects like FirebaseUI."

Google shares the now open source SDKs and associated GitHub links below.

What do you think of this open source news? Tell me in the comments.

Photo CreditESB Professional / Shutterstock



Read the full article here by Betanews

Wednesday, 17 May 2017

Android Go is streamlined for cheap phones

It's no secret that Google has been working on improving its apps and operating system for those using less-powerful devices or unreliable connections. It's optimized its apps to use less data and memory, but now it's expanding its focus OS-wide. At its developer conference today, Google previewed a version of something the company has been calling Android Go, and it's supposed to work well even on devices with less than 1GB of onboard memory. Google says Go will ship "as an experience" in 2018, which means manufacturers will potentially start making handsets with the lighter OS after that.

According to Google, "Android Go is designed with features relevant for people who have limited data connectivity and speak multiple languages." It's basically optimized to run smoothly on entry-level devices that are running at least Android O. This works in part by designing apps like Chrome, Gboard and YouTube Go so that they use "less memory, storage space and mobile data."

Gboard, in particular, will make it easier to type in several different languages via transliteration. You can type the phonetic spelling of words in other languages, and the software will show you characters in the native alphabet. This targets regional markets where low-cost phones thrive, such as India and South America.

Android Go will also include a version of the Play Store that will show the entire app catalog, but it will highlight apps that have developers have finetuned for Go. Considering most budget smartphones today boast at least 2GB of RAM, the new software will likely bring Android to even cheaper devices than before. According to Google, there are already two billion monthly active devices running Android, and making it easier to install on lower-end handsets will help the company reach "the next billion users."

For all the latest news and updates from Google I/O 2017, follow along here



Read the full article here by Engadget

Google launched a massive open AI division

Google CEO Sundar Pichai greeted the assembled press and developers with a news that the company would be focusing heavily on AI both for its services and research. The new Google.ai site and division will focus on artificial intelligence, deep learning and building the tools to make that work possbile.

To help accelerate AI research, Pichai announced that the Tensor Processing Units (TPUs) it uses to train machine-learning models is available in the Google Cloud Platform for anyone to use via the Google Compute Engine today. "We want it to be possible for hundreds of thousands of developers to use machine learning," Pichai said.

The CEO also announced that Google will be using the neural nets it creates to build other neural nets with AutoML. Pichai actually joked that this is like the movie Inception. The system takes a set of candidate neural nets (Pichai called them baby neural nets) and iterate them using a reinforcement training approach until the best one is found. The CEO said the results are promising. So Skynet isn't happening just yet.

All of this work will be used in Google's own products but also to help medical researchers. Pichai talked about using AI to help sequence DNA and helping pathologists locate things like the spread of cancer. It's not completely perfect, "there are important caveats, we do have higher false positives. But already getting this into the hands of pathologists they can improve diagnosis," Pichai said.

Google announced that it's already partnering with health care providers to put the technology into action to help improve care and prevent medical incidents.

For all the latest news and updates from Google I/O 2017, follow along here

Source: Google



Read the full article here by Engadget

Machine Learning

The pile gets soaked with data and starts to get mushy over time, so it's technically recurrent.

Read the full article here by xkcd.com

Tuesday, 16 May 2017

Google software engineer Jessica Frazelle on the life of a large scale open source project

Google software engineer Jessica Frazelle on the life of a large scale open source project

May 16, 2017, 13:00 (0 Talkback[s]) (Other stories by Anonymous)

Tips and tools for building and nurturing open source contributors, maintainers, and supporters, from Google software engineer Jessica Frazelle.

Complete Story



Read the full article here by Linux Today

Symantec successfully blocks more than 21 million 'WannaCrypt' ransomware attempts

Nerd_Man_glasses_Shirt

The 'WannaCrypt' ransomware has been worldwide dilemma, impacting many countries. Luckily, the malware only impacts older versions of Microsoft's operating system -- Windows 10 is not vulnerable. Also immune to WannaCrypt is macOS and Linux distributions. Unfortunately, many people run older versions of Windows, but Microsoft has been very active in issuing patches for them -- including for the now-unsupported XP.

Patches aside, security software can protect vulnerable computers too. In fact, today, Symantec announces that it has successfully blocked almost 22 million WannaCrypt attacks. The company even leveraged machine learning in its fight against the ransomware.

The company explains that it, "blocked nearly 22 million WannaCry infection attempts across 300,000 endpoints, providing full protection for Symantec customers through its advanced exploit protection technology. The WannaCry ransomware attacks targeted and affected users in various countries across the globe by encrypting data files on infected computers and demanding users pay a $300USD ransom in bitcoin to decrypt their files. The protection of Symantec customers was enabled in part due to the integration of real-time threat intelligence shared across both Symantec Endpoint Protection and the Blue Coat ProxySG, which provided real-time threat awareness across the endpoint, network and cloud."

Mike Fey, president and chief operating officer at Symantec explains, "The WannaCry ransomware attack is the largest we've ever seen of its kind and we're pleased to share that Symantec customers benefited from multiple layers of protection even before it happened, through innovations and new capabilities in our Integrated Cyber Defense Platform. Our proactive network protection and advanced machine learning technologies provided real-time, zero-day, protection for all SEP and Norton customers when WannaCry was released last week. And, our Global Intelligence Network automatically shares WannaCry intelligence between Symantec endpoint, email and Blue Coat network products, providing full protection across all control points, including the cloud."

While Symantec's announcement highlights the importance of security software for both home and business users, it shouldn't distract from the fact that it is also imperative to apply operating system updates in a timely matter. Also important is using supported software. Yes, Microsoft patched the unsupported Windows XP, but that OS should really not even be in use anymore.

Are you surprised that Symantec needed to block so many attacks? Tell me in the comments below.

Photo Credit: lukas_zb/Shutterstock



Read the full article here by Betanews

WannaCry Ransomware Shares Code With North Korean Malware, Says Researchers

New submitter unarmed8 quotes a report from CyberScoop: The ransomware known as WannaCry that spread rapidly to 300,000 machines in 150 countries over the past few days shares code with malware written by a group of North Korean hackers known as the Lazarus Group. While the shared code is important, experts warned that it's far from proof about who created and launched the ransomware attacks. Neel Mehta, a security researcher at Google, first pointed out the shared code on Monday on Twitter. The link was quickly echoed by numerous other experts. "From a technical point of view those two functions and their references are identical," said Matt Suiche, founder of United Arab Emirates-based cybersecurity firm Comaeio. "From an attribution point of view a ransomware would subscribe to the narrative of Lazarus Group, which is stealing money like we saw with multiple financial institutions with fraudulent SWIFT transactions -- having a nation-state powered ransomware leveraging crypto currency would be a first."
Share on Google+

Read more of this story at Slashdot.



Read the full article here by Slashdot

Monday, 15 May 2017

Microsoft should be applauded for its response to the WannaCrypt crisis

Applause

I’ve certainly been highly critical of Microsoft in the past, particularly last year when the company began forcing Windows 10 on to users.

But in the past couple of days I have to admit that I’ve been impressed by the software giant’s response to the global WannaCrypt/WannaCry crisis, and not just in patching Windows XP.

Issuing a security patch for XP, three years after it stopped supporting it, was absolutely the right thing for Microsoft to do, and it did it without question, explaining how "helping those affected needs to be our most immediate priority."

SEE ALSO: Microsoft blames US Government for 'WannaCrypt' ransomware disaster

In the past, Microsoft has taken every opportunity to push Windows 10, but here it hasn’t.

Brad Smith, Microsoft's president and chief legal officer, says:

As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems. Otherwise they’re literally fighting the problems of the present with tools from the past.

I would have expected Microsoft to take the opportunity to slip in a message about how upgrading to Windows 10 would have kept those affected safe from the threat -- after all, systems running Windows 10 aren’t at risk from WannaCrypt -- but to its credit it hasn’t.

Give that this is the company that last year snuck a Windows 10 advert into an Internet Explorer security patch, its response to the global crisis has been to look at the broader picture and consider how collective action can keep us all safe, rather than taking the opportunity to flog its new operating system.

WannaCrypt is the perfect example of why users and companies need to run a more modern/supported version of Windows, and keep it up to date, but Microsoft hasn’t chosen to capitalize on that, preferring instead to let users come to their own conclusions.

Businesses, especially cash strapped ones like health services, often prioritize other things over software and security -- some five percent of UK's NHS systems still run Windows XP -- and Microsoft has wisely realized that shouting "upgrade to Windows 10!" would be neither welcome, nor helpful.

Smith says:

More action is needed, and it’s needed now. In this sense, the WannaCrypt attack is a wake-up call for all of us. We recognize our responsibility to help answer this call, and Microsoft is committed to doing its part.

It will be interesting to see if those thoughtful words translate into helpful actions once the WannaCrypt threat begins to die down, and if Microsoft can find a way to help those users stuck on Windows XP to finally move on.

Photo Credit: SFIO CRACHO/Shutterstock



Read the full article here by Betanews

Microsoft blasts spy agencies for hoarding security exploits

Microsoft is hopping mad that leaked NSA exploits led to the "WannaCry" (aka "WannaCrypt") ransomware wreaking havoc on computers worldwide. Company President Brad Smith has posted a response to the attack that roasts the NSA, CIA and other intelligence agencies for hogging security vulnerabilities instead of disclosing them to be fixed. There's an "emerging pattern" of these stockpiles leaking out, he says, and they cause "widespread damage" when that happens. He goes so far as to liken it to a physical weapons leak -- it's as if the US military had "some of its Tomahawk missiles stolen."

To Smith, this is a "wake-up call." Officials ought to treat a mass of exploits with the same caution that they would a real-world weapons cache, he argues. Microsoft had already floated the concept of a "Digital Geneva Convention" that required governments to report security holes, but the idea has gained a new sense of urgency in light of the recent ransomware chaos. Will the NSA and other agencies listen? Probably not -- but Microsoft at least some has some evidence to back up its claims.

Smith's write-up also calls for a greater sense of "shared responsibility" in fighting online threats. While Microsoft makes its own efforts by rushing out patches and sharing concerns with other companies, it also chastises customers who could have closed the WannaCry hole two months earlier but didn't. If they don't get updates quickly, Smith contends, they're "fighting the problems of the present with tools from the past." He's being a bit unrealistic -- it's not so simple for companies to upgrade to the latest versions of Windows, especially if budgets are tight or there's must-have software that could break. At the same time, it's hard to escape the reality that many WannaCry victims are running outdated software.

Workers might not have to wait for their IT departments to get into gear, at least. Rendition Infosec as introduced a stopgap TearSt0pper tool that can thwart WannaCry without requiring a patch. You need to launch it every time you boot your PC (provided you're allowed to run apps like this), but it could mean the difference between a productive day or explaining why your system is out of commission.

Source: Microsoft on the Issues, Rendition Infosec



Read the full article here by Engadget

Car Security Experts Dump All Their Research and Vulnerabilities Online

Sunday, 14 May 2017

Global Cyber Attack Halted: Autopsy Time

Friday saw what looked like the most dangerous ransomware infection to date. The infection known as WannaCry was closing down vital hospital IT systems across the UK canceling major operations and putting lives at risk.

Spread Halted?

It spread further around the world and almost became a global pandemic. Although machines are still encrypted demanding Bitcoin, one security blogger [MalwareTech] halted the ransomware by accident. As he was analyzing the code he noticed that the malware kept trying to connect to an unregistered domain name “iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com”. So he decided to register the domain to see if he could get some analytics or any information the worm was trying to send home. Instead much to his surprise, this halted the spread of the ransomware. Originally he thought this was some kind of kill switch but after further analysis, it became clear that this was a test hard-coded into the malware which was supposed to detect if it was running in a virtual machine. So by registering the domain name, the ransomware has stopped spreading as it thinks the internet is a giant virtual machine.

Why was the UK’s NHS Hit So Badly?

According to the [BBC] Information obtained by software firm Citrix under Freedom of Information laws in December suggest up to 90% of NHS trusts were still using Windows XP, However NHS Digital says it is a “much smaller number”. Microsoft has rolled out a free security update to Windows XP, Windows 8, and Windows Server 2003 “to protect their customers”. There was much warning about XP no longer receiving updates etc, the 2001 operating system just needs to die however so many programs especially embedded devices rely upon the fact that the OS running is Windows XP, This is a problem that needs sorted sooner rather than later. There is still obvious problems facing the NHS as all outpatients appointment’s have been canceled at London’s Barts Health NHS Trust which happens to be the largest in the country. However [Amber Rudd], Home Secretary, said 97% of NHS trusts were “working as normal” and there was no evidence patient data was affected. Let’s just hope they update their systems and get back to fixing people as soon as they can.

Where Else Was Hit?

There was quite a few other places hit as well as the UK’s NHS including The Sunderland Nissan Plant also in the UK, Spanish telecoms giant Telefonica along with some gas companies in Spain. In the US FedEx was affected, France has seen production in some of it’s Renault factories halted. Finally, Russia reported 1000 governmental computer systems has been hit.

So is this the end for ransomware?

No, this infection was stopped by accident the infected are either still infected or have paid up, had they not included the sloppy code in the first place then who knows what would have happened. Microsoft had rolled out patches but some people/organizations/Governments are lazy and don’t bother to apply them. Keep your computers up to date, Good luck because we think we will be seeing a lot more ransomware malware in the coming years.

[Update WannaCry v. 2.0 has been released without the “kill switch”, We wonder what will happen now. Probably not a lot as the media attention has been quite intense so it may not be that big an infection however there is always a few who live in the land where news doesn’t exist and will go a long their day until BAM! Ransom Ware installed and pockets emptied.]


Filed under: news, security hacks

Read the full article here by Hack a Day

Saturday, 13 May 2017

Google Found Over 1,000 Bugs In 47 Open Source Projects

Orome1 writes: In the last five months, Google's OSS-Fuzz program has unearthed over 1,000 bugs in 47 open source software projects... So far, OSS-Fuzz has found a total of 264 potential security vulnerabilities: 7 in Wireshark, 33 in LibreOffice, 8 in SQLite 3, 17 in FFmpeg -- and the list goes on... Google launched the program in December and wants more open source projects to participate, so they're offering cash rewards for including "fuzz" targets for testing in their software. "Eligible projects will receive $1,000 for initial integration, and up to $20,000 for ideal integration" -- or twice that amount, if the proceeds are donated to a charity.
Share on Google+

Read more of this story at Slashdot.



Read the full article here by Slashdot

Oracle Is Working On Interrupt-Aware Scheduler For Linux

Rohit Jain of Oracle's Linux kernel team is working on an interrupt aware scheduler, which should improve performance for workloads with interrupt activity.

The less than 200 lines of code add interrupt awareness into the fair scheduling class and avoids CPU cores that might be busy with hardware interrupts.

This interrupt-aware scheduling has yielded around a 3% performance improvement in some workloads. The patch series for those interested -- along with more technical details -- can currently be found on

the kernel mailing list

.



Read the full article here by Phoronix