Slashdot: Your Rights Online

Subscribe to Slashdot: Your Rights Online feed Slashdot: Your Rights Online
News for nerds, stuff that matters
Updated: 2 hours 11 min ago

Apple Explores Using An iPhone, iPad To Power a Laptop

Thu, 03/23/2017 - 20:45
According to the U.S. Patent and Trademark Office, Apple has filed a patent for an "Electronic accessory device." It describes a "thin" accessory that contains traditional laptop hardware like a large display, physical keyboard, GPU, ports and more -- all of which is powered by an iPhone or iPad. The device powering the hardware would fit into a slot built into the accessory. AppleInsider reports: While the accessory can take many forms, the document for the most part remains limited in scope to housings that mimic laptop form factors. In some embodiments, for example, the accessory includes a port shaped to accommodate a host iPhone or iPad. Located in the base portion, this slot might also incorporate a communications interface and a means of power transfer, perhaps Lightning or a Smart Connector. Alternatively, a host device might transfer data and commands to the accessory via Wi-Fi, Bluetooth or other wireless protocol. Onboard memory modules would further extend an iOS device's capabilities. Though the document fails to delve into details, accessory memory would presumably allow an iPhone or iPad to write and read app data. In other cases, a secondary operating system or firmware might be installed to imitate a laptop environment or store laptop-ready versions of iOS apps. In addition to crunching numbers, a host device might also double as a touch input. For example, an iPhone positioned below the accessory's keyboard can serve as the unit's multitouch touchpad, complete with Force Touch input and haptic feedback. Coincidentally, the surface area of a 5.5-inch iPhone 7 Plus is very similar to that of the enlarged trackpad on Apple's new MacBook Pro models. Some embodiments also allow for the accessory to carry an internal GPU, helping a host device power the larger display or facilitate graphics rendering not possible on iPhone or iPad alone. Since the accessory is technically powered by iOS, its built-in display is touch-capable, an oft-requested feature for Mac. Alternatively, certain embodiments have an iPad serving as the accessory's screen, with keyboard, memory, GPU and other operating guts located in the attached base portion. This latter design resembles a beefed up version of Apple's Smart Case for iPad.

Read more of this story at Slashdot.

Categories: Research

The Compulsive Patent Hoarding Disorder

Thu, 03/23/2017 - 18:40
An anonymous reader shares an article: It takes money to make money. CSIR-Tech, the commercialisation arm of the Council of Scientific and Industrial Research (CSIR), realised this the hard way when it had to shut down its operations for lack of funds. CSIR has filed more than 13,000 patents -- 4,500 in India and 8,800 abroad -- at a cost of $7.6 million over the last three years. Across years, that's a lot of taxpayers' money, which in turn means that the closing of CSIR-Tech is a tacit admission that its work has been an expensive mistake -- a mistake that we tax-paying citizens have paid for. Recently, CSIR's Director-General Girish Sahni claimed that most of CSIR's patents were "bio-data patents", filed solely to enhance the value of a scientist's resume and that the extensive expenditure of public funds spent in filing and maintaining patents was unviable. CSIR claims to have licensed a percentage of its patents, but has so far failed to show any revenue earned from the licences. This compulsive hoarding of patents has come at a huge cost. If CSIR-Tech was privately run, it would have been shut down long ago. Acquiring Intellectual Property Rights (IPR) comes out of our blind adherence to the idea of patenting as an index of innovation. The private sector commercializes patents through the licensing of technology and the sale of patented products to recover the money spent in R&D. But when the funds for R&D come from public sources, mimicking the private sector may not be the best option.

Read more of this story at Slashdot.

Categories: Research

Feds: We're Pulling Data From 100 Phones Seized During Trump Inauguration

Thu, 03/23/2017 - 17:20
An anonymous reader quotes a report from Ars Technica: In new filings, prosecutors told a court in Washington, DC that within the coming weeks, they expect to extract all data from the seized cellphones of more than 100 allegedly violent protesters arrested during the inauguration of President Donald Trump. Prosecutors also said that this search is validated by recently issued warrants. The court filing, which was first reported Wednesday by BuzzFeed News, states that approximately half of the protestors prosecuted with rioting or inciting a riot had their phones taken by authorities. Prosecutors hope to uncover any evidence relevant to the case. Under normal judicial procedures, the feds have vowed to share such data with defense attorneys and to delete all irrelevant data. "All of the Rioter Cell Phones were locked, which requires more time-sensitive efforts to try to obtain the data," Jennifer Kerkhoff, an assistant United States attorney, wrote. Such phone extraction is common by law enforcement nationwide using hardware and software created by Cellebrite and other similar firms. Pulling data off phones is likely more difficult under fully updated iPhones and Android devices.

Read more of this story at Slashdot.

Categories: Research

Senate Votes To Kill FCC's Broadband Privacy Rules

Thu, 03/23/2017 - 13:40
The Senate voted 50-48 along party lines Thursday to repeal an Obama-era law that requires internet service providers to obtain permission before tracking what customers look at online and selling that information to other companies. PCWorld adds: The Senate's 50-48 vote Thursday on a resolution of disapproval would roll back Federal Communications Commission rules requiring broadband providers to receive opt-in customer permission to share sensitive personal information, including web-browsing history, geolocation, and financial details with third parties. The FCC approved the regulations just five months ago. Thursday's vote was largely along party lines, with Republicans voting to kill the FCC's privacy rules and Democrats voting to keep them. The Senate's resolution, which now heads to the House of Representatives for consideration, would allow broadband providers to collect and sell a "gold mine of data" about customers, said Senator Bill Nelson, a Florida Democrat. Kate Tummarello, writing for EFF: [This] would be a crushing loss for online privacy. ISPs act as gatekeepers to the Internet, giving them incredible access to records of what you do online. They shouldn't be able to profit off of the information about what you search for, read about, purchase, and more without your consent. We can still kill this in the House: call your lawmakers today and tell them to protect your privacy from your ISP.

Read more of this story at Slashdot.

Categories: Research

Australia Shelves Copyright Safe Harbor For Google, Facebook

Thu, 03/23/2017 - 13:20
In a surprise setback for companies such as Google and Facebook that leverage user-generated content, Australia has dropped plans to extend its copyright safe harbor provisions. From a report: In a blow to Google, Facebook and others, the government dropped the amendments before they were due to be introduced to parliament yesterday. That came as a big surprise, particularly as Prime Minister Malcolm Turnbull had given the proposals his seal of approval just last week. "Provisions relating to safe harbor were removed from the bill before its introduction to enable the government to further consider feedback received on this proposal whilst not delaying the passage of other important reforms," Communications Minister Mitch Fifield said in a statement. There can be little doubt that intense lobbying from entertainment industry groups played their part, with a series of articles published in News Corp-owned The Australian piling on the pressure in favor of rightsholders.

Read more of this story at Slashdot.

Categories: Research

WikiLeaks' New Dump Shows How The CIA Allegedly Hacked Macs and iPhones Almost a Decade Ago

Thu, 03/23/2017 - 12:00
WikiLeaks said on Thursday morning it will release new documents it claims are from the Central Intelligence Agency which show the CIA had the capability to bug iPhones and Macs even if their operating systems have been deleted and replaced. From a report on Motherboard: "These documents explain the techniques used by CIA to gain 'persistenc'' on Apple Mac devices, including Macs and iPhones and demonstrate their use of EFI/UEFI and firmware malware," WikiLeaks stated in a press release. EFI and UEFI is the core firmware for Macs, the Mac equivalent to the Bios for PCs. By targeting the UEFI, hackers can compromise Macs and the infection persists even after the operating system is re-installed. The documents are mostly from last decade, except a couple that are dated 2012 and 2013. While the documents are somewhat dated at this point, they show how the CIA was perhaps ahead of the curve in finding new ways to hacking and compromising Macs, according to Pedro Vilaca, a security researcher who's been studying Apple computers for years. Judging from the documents, Vilaca told Motherboard in an online chat, it "looks like CIA were very early adopters of attacks on EFI."

Read more of this story at Slashdot.

Categories: Research

SpaceX Disappointed In Lack of NASA Mars Funding; Starts Looking For Landing Sites For Its Own Mars Missions

Thu, 03/23/2017 - 06:00
frank249 writes: Elon Musk says that the new NASA authorization legislation "changes almost nothing about what NASA is doing. Existing programs stay in place and there is no added funding for Mars." From a report via Ars Technica: "Musk is absolutely correct on two counts. First, an 'authorization' bill does not provide funding. That comes from appropriations committees. Secondly, while Congress has been interested in building rockets and spacecraft, it is far less interested in investing in the kinds of technology and research that would actually enable a full-fledged Mars exploration program." In other news, SpaceNews reports that "SpaceX has been working with NASA to identify potential landing sites on Mars for both its Red Dragon spacecraft (starting in 2020) and future human missions." From the report: "Paul Wooster of SpaceX said the company, working with scientists at NASA's Jet Propulsion Laboratory and elsewhere, had identified several potential landing sites, including one that looks particularly promising -- Arcadia Planitia. Those landing sites are of particular interest, he said, for SpaceX's long-term vision of establishing a human settlement on Mars, but he said the company wouldn't rule out sending Red Dragon spacecraft elsewhere on the planet to serve other customers. 'We're quite open to making use of this platform to take various payloads to other locations as well,' he said. 'We're really looking to turn this into a steady cadence, where we're sending Dragons to Mars on basically every opportunity.' The Red Dragon spacecraft, he said, could carry about one ton of useful payload to Mars, with options for those payloads to remain in the capsule after landing or be deployed on the surface. 'SpaceX is a transportation company,' he said. 'We transport cargo to the space station, we deliver payloads to orbit, so we're very happy to deliver payloads to Mars.'" Fans of the book/movie "The Martian" would be happy if SpaceX does select Arcadia Planitia for their first landing site as that was the landing site of the Ares 3.

Read more of this story at Slashdot.

Categories: Research

A Lithuanian Phisher Tricked Two Big US Tech Companies Into Wiring Him $100 Million

Wed, 03/22/2017 - 23:30
According to a recent indictment from the U.S. Department of Justice, a 48-year-old Lithuanian scammer named Evaldas Rimasauskas managed to trick two American technology companies into wiring him $100 million. He was able to perform this feat "by masquerading as a prominent Asian hardware manufacturer," reports The Verge, citing court documents, "and tricking employees into depositing tens of millions of dollars into bank accounts in Latvia, Cyprus, and numerous other countries." From the report: What makes this remarkable is not Rimasauskas' particular phishing scam, which sounds rather standard in the grand scheme of wire fraud and cybersecurity exploits. Rather, it's the amount of money he managed to score and the industry from which he stole it. The indictment specifically describes the companies in vague terms. The first company is "multinational technology company, specializing in internet-related services and products, with headquarters in the United States," the documents read. The second company is a "multinational corporation providing online social media and networking services." Both apparently worked with the same "Asia-based manufacturer of computer hardware," a supplier that the documents indicate was founded some time in the late '80s. What's more important is that representatives at both companies with the power to wire vast sums of money were still tricked by fraudulent email accounts. Rimasauskas even went so far as to create fake contracts on forged company letterhead, fake bank invoices, and various other official-looking documents to convince employees of the two companies to send him money. Rimasauskas has been charged with one count of wire fraud, three counts of money laundering, and aggravated identity theft. In other words, he faces serious prison time of convicted -- each charge of wire fraud and laundering carries a max sentence of 20 years. The court documents don't reveal the names of the two companies. Though, one could surely think of a few candidates that would fit the descriptions provided in the court documents.

Read more of this story at Slashdot.

Categories: Research

LastPass Bugs Allow Malicious Websites To Steal Passwords

Wed, 03/22/2017 - 20:45
Earlier this month, a Slashdot reader asked fellow Slashdotters what they recommended regarding the use of password managers. In their post, they voiced their uncertainty with password managers as they have been hacked in the past, citing an incident in early 2016 where LastPass was hacked due to a bug that allowed users to extract passwords stored in the autofill feature. Flash forward to present time and we now have news that three separate bugs "would have allowed a third-party to extract passwords from users visiting a malicious website." An anonymous Slashdot reader writes via BleepingComputer: LastPass patched three bugs that affected the Chrome and Firefox browser extensions, which if exploited, would have allowed a third-party to extract passwords from users visiting a malicious website. All bugs were reported by Google security researcher Tavis Ormandy, and all allowed the theft of user credentials, one bug affecting the LastPass Chrome extension, while two impacted the LastPass Firefox extension [1, 2]. The exploitation vector was malicious JavaScript code that could be very well hidden in any online website, owned by the attacker or via a compromised legitimate site.

Read more of this story at Slashdot.

Categories: Research

W3C Erects DRM As Web Standard

Wed, 03/22/2017 - 20:05
The World Wide Web Consortium (W3C) has formally put forward highly controversial digital rights management as a new web standard. "Dubbed Encrypted Media Extensions (EME), this anti-piracy mechanism was crafted by engineers from Google, Microsoft, and Netflix, and has been in development for some time," reports The Register. "The DRM is supposed to thwart copyright infringement by stopping people from ripping video and other content from encrypted high-quality streams." From the report: The latest draft was published last week and formally put forward as a proposed standard soon after. Under W3C rules, a decision over whether to officially adopt EME will depend on a poll of its members. That survey was sent out yesterday and member organizations, who pay an annual fee that varies from $2,250 for the smallest non-profits to $77,000 for larger corporations, will have until April 19 to register their opinions. If EME gets the consortium's rubber stamp of approval, it will lock down the standard for web browsers and video streamers to implement and roll out. The proposed standard is expected to succeed, especially after web founder and W3C director Sir Tim Berners-Lee personally endorsed the measure, arguing that the standard simply reflects modern realities and would allow for greater interoperability and improve online privacy. But EME still faces considerable opposition. One of its most persistent vocal opponents, Cory Doctorow of the Electronic Frontier Foundation, argues that EME "would give corporations the new right to sue people who engaged in legal activity." He is referring to the most recent controversy where the W3C has tried to strike a balance between legitimate security researchers investigating vulnerabilities in digital rights management software, and hackers trying to circumvent content protection. The W3C notes that the EME specification includes sections on security and privacy, but concedes "the lack of consensus to protect security researchers remains an issue." Its proposed solution remains "establishing best practices for responsible vulnerability disclosure." It also notes that issues of accessibility were ruled to be outside the scope of the EME, although there is an entire webpage dedicated to those issues and finding solutions to them.

Read more of this story at Slashdot.

Categories: Research

'Dig Once' Bill Could Bring Fiber Internet To Much of the US

Wed, 03/22/2017 - 19:20
An anonymous reader quotes a report from Ars Technica: If the U.S. adopts a "dig once" policy, construction workers would install conduits just about any time they build new roads and sidewalks or upgrade existing ones. These conduits are plastic pipes that can house fiber cables. The conduits might be empty when installed, but their presence makes it a lot cheaper and easier to install fiber later, after the road construction is finished. The idea is an old one. U.S. Rep. Anna Eshoo (D-Calif.) has been proposing dig once legislation since 2009, and it has widespread support from broadband-focused consumer advocacy groups. It has never made it all the way through Congress, but it has bipartisan backing from lawmakers who often disagree on the most controversial broadband policy questions, such as net neutrality and municipal broadband. It even got a boost from Rep. Marsha Blackburn (R-Tenn.), who has frequently clashed with Democrats and consumer advocacy groups over broadband -- her "Internet Freedom Act" would wipe out the Federal Communications Commission's net neutrality rules, and she supports state laws that restrict growth of municipal broadband. Blackburn, chair of the House Communications and Technology Subcommittee, put Eshoo's dig once legislation on the agenda for a hearing she held yesterday on broadband deployment and infrastructure. Blackburn's opening statement (PDF) said that dig once is among the policies she's considering to "facilitate the deployment of communications infrastructure." But her statement did not specifically endorse Eshoo's dig once proposal, which was presented only as a discussion draft with no vote scheduled. The subcommittee also considered a discussion draft that would "creat[e] an inventory of federal assets that can be used to attach or install broadband infrastructure." Dig once legislation received specific support from Commerce Committee Chairman Greg Walden (R-Ore.), who said that he is "glad to see Ms. Eshoo's 'Dig Once' bill has made a return this Congress. I think that this is smart policy and will help spur broadband deployment across the country."

Read more of this story at Slashdot.

Categories: Research

Hackers Claim Access To 300 Million iCloud Accounts, Demand $75,000 From Apple To Delete the Cache of Data

Wed, 03/22/2017 - 18:40
A hacker or group of hackers calling themselves the "Turkish Crime Family" claim they have access to at least 300 million iCloud accounts, and will delete the alleged cache of data if Apple pays a ransom by early next month. Motherboard is reporting that the hackers are demanding "$75,000 in Bitcoin or Ethereum, another increasingly popular crypto-currency, or $100,000 worth of iTunes gift cards in exchange for deleting the alleged cache of data." From the report: The hackers provided screenshots of alleged emails between the group and members of Apple's security team. One also gave Motherboard access to an email account allegedly used to communicate with Apple. "Are you willing to share a sample of the data set?" an unnamed member of Apple's security team wrote to the hackers a week ago, according to one of the emails stored in the account. (According to the email headers, the return-path of the email is to an address with the @apple.com domain). The hackers also uploaded a YouTube video of them allegedly logging into some of the stolen accounts. The hacker appears to access an elderly woman's iCloud account, which includes backed-up photos, and the ability to remotely wipe the device. Now, the hackers are threatening to reset a number of the iCloud accounts and remotely wipe victim's Apple devices on April 7, unless Apple pays the requested amount. According to one of the emails in the accessed account, the hackers claim to have access to over 300 million Apple email accounts, including those use @icloud and @me domains. However, the hackers appear to be inconsistent in their story; one of the hackers then claimed they had 559 million accounts in all. The hackers did not provide Motherboard with any of the supposedly stolen iCloud accounts to verify this claim, except those shown in the video.

Read more of this story at Slashdot.

Categories: Research

Patents Are A Big Part Of Why We Can't Own Nice Things

Wed, 03/22/2017 - 10:40
An anonymous reader shares an EFF article: Today, the Supreme Court heard arguments in a case that could allow companies to keep a dead hand of control over their products, even after you buy them. The case, Impression Products v. Lexmark International, is on appeal from the Court of Appeals for the Federal Circuit, who last year affirmed its own precedent allowing patent holders to restrict how consumers can use the products they buy. That decision, and the precedent it relied on, departs from long established legal rules that safeguard consumers and enable innovation. When you buy something physical -- a toaster, a book, or a printer, for example -- you expect to be free to use it as you see fit: to adapt it to suit your needs, fix it when it breaks, re-use it, lend it, sell it, or give it away when you're done with it. Your freedom to do those things is a necessary aspect of your ownership of those objects. If you can't do them, because the seller or manufacturer has imposed restrictions or limitations on your use of the product, then you don't really own them. Traditionally, the law safeguards these freedoms by discouraging sellers from imposing certain conditions or restrictions on the sale of goods and property, and limiting the circumstances in which those restrictions may be imposed by contract. But some companies are relentless in their quest to circumvent and undermine these protections. They want to control what end users of their products can do with the stuff they ostensibly own, by attaching restrictions and conditions on purchasers, locking down their products, and locking you (along with competitors and researchers) out. If they can do that through patent law, rather than ordinary contract, it would mean they could evade legal limits on contracts, and that any one using a product in violation of those restrictions (whether a consumer or competitor) could face harsh penalties for patent infringement.

Read more of this story at Slashdot.

Categories: Research

Why American Farmers Are Hacking Their Tractors With Ukrainian Firmware

Wed, 03/22/2017 - 06:00
Tractor owners across the country are reportedly hacking their John Deere tractors using firmware that's cracked in Easter Europe and traded on invite-only, paid online forums. The reason is because John Deere and other manufacturers have "made it impossible to perform 'unauthorized' repair on farm equipment," which has obviously upset many farmers who see it "as an attack on their sovereignty and quite possibly an existential threat to their livelihood if their tractor breaks at an inopportune time," reports Jason Koebler via Motherboard. As is the case with most modern-day engineering vehicles, the mechanical problems experienced with the newer farming tractors are often remedied via software. From the report: The nightmare scenario, and a fear I heard expressed over and over again in talking with farmers, is that John Deere could remotely shut down a tractor and there wouldn't be anything a farmer could do about it. A license agreement John Deere required farmers to sign in October forbids nearly all repair and modification to farming equipment, and prevents farmers from suing for "crop loss, lost profits, loss of goodwill, loss of use of equipment [...] arising from the performance or non-performance of any aspect of the software." The agreement applies to anyone who turns the key or otherwise uses a John Deere tractor with embedded software. It means that only John Deere dealerships and "authorized" repair shops can work on newer tractors. "If a farmer bought the tractor, he should be able to do whatever he wants with it," Kevin Kenney, a farmer and right-to-repair advocate in Nebraska, told me. "You want to replace a transmission and you take it to an independent mechanic -- he can put in the new transmission but the tractor can't drive out of the shop. Deere charges $230, plus $130 an hour for a technician to drive out and plug a connector into their USB port to authorize the part." "What you've got is technicians running around here with cracked Ukrainian John Deere software that they bought off the black market," he added.

Read more of this story at Slashdot.

Categories: Research

Microsoft's Edge Was Most Hacked Browser At Pwn2Own 2017, While Chrome Remained Unhackable

Tue, 03/21/2017 - 20:45
At the Pwn2Own 2017 hacking event, Microsoft's Edge browser proved itself to be the least secure browser at the event, after it was hacked no less than five times. Google's Chrome browser, on the other hand, remained unhackable during the contest. Tom's Hardware reports: On the first day, Team Ether (Tencent Security) was the first to hack Edge through an arbitrary write in the Chakra JavaScript engine. The team also used a logic bug in the sandbox to escape that, as well. The team got an $80,000 prize for this exploit. On the second day, the Edge browser was attacked fast and furious by multiple teams. However, one was disqualified for using a vulnerability that was disclosed the previous day. (The teams at Pwn2Own are supposed to only use zero-day vulnerabilities that are unknown to the vendor. Two other teams withdrew their entries against Edge. However, Team Lance (Tencent Security) successfully exploited Microsoft's browser using a use-after-free (UAF) vulnerability in Chakra, and then another UAF bug in the Windows kernel to elevate system privileges. The exploit got the team $55,000. Team Sniper (Tencent Security) also exploited Edge and the Windows kernel using similar techniques, which gained this team the same amount of money, as well. The most impressive exploit by far, and also a first for Pwn2Own, was a virtual machine escape through an Edge flaw by a security team from "360 Security." The team leveraged a heap overflow bug in Edge, a type confusion in the Windows kernel, and an uninitialized buffer in VMware Workstation for a complete virtual machine escape. The team hacked its way in via the Edge browser, through the guest Windows OS, through the VM, all the way to the host operating system. This impressive chained-exploit gained the 360 Security team $105,000. The fifth exploit against Edge was done by Richard Zhu, who used two UAF bugs--one in Edge and one in a Windows kernel buffer overflow--to complete the hack. The attack gained Zhu $55,000. At last year's Pwn2Own 2016, Edge proved to be more secure than Internet Explorer and Safari, but it still ended up getting hacked twice. Chrome was only partially hacked once, notes Tom's Hardware.

Read more of this story at Slashdot.

Categories: Research

Burglars Can Easily Make Google Nest Security Cameras Stop Recording

Tue, 03/21/2017 - 18:40
Orome1 quotes a report from Help Net Security: Google Nest's Dropcam, Dropcam Pro, Nest Cam Outdoor and Nest Cam Indoor security cameras can be easily disabled by an attacker that's in their Bluetooth range. The vulnerabilities are present in the latest firmware version running on the devices (v5.2.1). They were discovered by researcher Jason Doyle last fall, and their existence responsibly disclosed to Google, but have still not been patched. The first two flaws can be triggered and lead to a buffer overflow condition if the attacker sends to the camera a too-long Wi-Fi SSID parameter or a long encrypted password parameter, respectively. Triggering one of these flaws will make the devices crash and reboot. The third flaw is a bit more serious, as it allows the attacker to force the camera to temporarily disconnect from the wireless network to which it is connected by supplying it a new SSID to connect to. If that particular SSID does not exist, the camera drops its attempt to associate with it and return to the original Wi-Fi network, but the whole process can last from 60 to 90 seconds, during which the camera won't be recording. Nest has apparently already prepared a patch but hasn't pushed it out yet. (It should be rolling out "in the coming days.")

Read more of this story at Slashdot.

Categories: Research

Trump Adds To NASA Budget, Approves Crewed Mission To Mars

Tue, 03/21/2017 - 17:20
An anonymous reader quotes a report from NBC News: President Donald Trump signed a law on Tuesday authorizing funding for a crewed NASA mission to Mars. The new bill (S.442) adds a crewed mission to the red planet as a key NASA objective and authorizes the space agency to direct test human space flight programs that will enable more crewed exploration in deep space. The space agency has $19.5 billion in funding for the 2018 fiscal year, which starts this October. Trump had allocated $19.1 billion for NASA in his budget, which is slightly down from the current year, but still an improvement from the past decade, which saw the end of the space shuttle program. The commander in chief signed the bill surrounded by astronauts and his former Republican rivals, Senator Ted Cruz of Texas and Senator Marco Rubio of Florida, who both sponsored the bill. Getting to Mars, though, isn't expected to happen during the Trump presidency. NASA has its sights set on getting to the red planet in the 2030s. In the near term, NASA plans to test its Orion spacecraft and Space Launch System rocket, in addition to visiting an asteroid and redirecting a chunk of it into orbit around the moon. Astronauts could later visit the boulder and use the mission to test some of the tools needed for a Mars mission.

Read more of this story at Slashdot.

Categories: Research

Twitter Suspended Hundreds of Thousands of Accounts Amid 'Violent Extremism'

Tue, 03/21/2017 - 14:00
Twitter said on Tuesday it had suspended more than half a million accounts since the middle of 2015 as the company steps up efforts to tackle "violent extremism" on its microblogging platform. From a report: The company shut down a total of 376,890 accounts in the last six months of 2016, Twitter said in its latest transparency report.

Read more of this story at Slashdot.

Categories: Research

New Technology Combines Lip Motion and Passwords For User Authentication

Tue, 03/21/2017 - 06:00
An anonymous reader writes: "Scientists from the Hong Kong Baptist University (HKBU) have developed a new user authentication system that relies on reading lip motions while the user speaks a password out loud," reports BleepingComputer. Called "lip password" the system combines the best parts of classic password-based systems with the good parts of biometrics. The system relies on the uniqueness of someone's lips, such as shape, texture, and lip motions, but also allows someone to change the lip motion (password), in case the system ever gets compromised. Other biometric solutions, such as fingerprints, iris scans, and facial features, become eternally useless once compromised.

Read more of this story at Slashdot.

Categories: Research

IBM Unveils Blockchain As a Service Based On Open Source Hyperledger Fabric Technology

Mon, 03/20/2017 - 21:25
IBM has unveiled its "Blockchain as a Service," which is based on the open source Hyperledger Fabric, version 1.0 from The Linux Foundation. "IBM Blockchain is a public cloud service that customers can use to build secure blockchain networks," TechCrunch reports, noting that it's "the first ready-for-primetime implementation built using that technology." From the report: Although the blockchain piece is based on the open source Hyperledger Fabric project of which IBM is a participating member, it has added a set of security services to make it more palatable for enterprise customers, while offering it as a cloud service helps simplify a complex set of technologies, making it more accessible than trying to do this alone in a private datacenter. The Hyperledger Fabric project was born around the end of 2015 to facilitate this, and includes other industry heavyweights such as State Street Bank, Accenture, Fujitsu, Intel and others as members. While the work these companies have done to safeguard blockchain networks, including setting up a network, inviting members and offering encrypted credentials, was done under the guise of building extra safe networks, IBM believes it can make them even safer by offering an additional set of security services inside the IBM cloud. While Jerry Cuomo, VP of blockchain technology at IBM, acknowledges that he can't guarantee that IBM's blockchain service is unbreachable, he says the company has taken some serious safeguards to protect it. This includes isolating the ledger from the general cloud computing environment, building a security container for the ledger to prevent unauthorized access, and offering tamper-responsive hardware, which can actually shut itself down if it detects someone trying to hack a ledger. What's more, IBM claims their blockchain product is built in a highly auditable way to track all of the activity that happens within a network, giving administrators an audit trail in the event something did go awry.

Read more of this story at Slashdot.

Categories: Research

Pages