Slashdot

3년 전

Researchers Run Unsigned Code on Intel ME By Exploiting USB Ports

Slashdot bongey writes:

A pair of security researchers in Russia are claiming to have compromised the Intel Management Engine just using one of the computer's USB ports. The researchers gained access to a fully functional JTAG connection to Intel CSME via USB DCI. The claim is different from previous USB DCI JTAG examples from earlier this year. Full JTAG access to the ME would allow making permanent hidden changes to the machine.

"Getting into and hijacking the Management Engine means you can take full control of a box," reports the Register, "underneath and out of sight of whatever OS, hypervisor or antivirus is installed."
They add that "This powerful God-mode technology is barely documented," while The Next Web points out that USB ports are "a common attack vector."

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/iNekf3_ofNg/researchers-run-unsigned-code-on-intel-me-by-exploiting-usb-ports

Magazine For Museums Publishes Its 2040 Issue -- 23 Years Early

A nonprofit founded in 1906 is now offering a glimpse at 2040, according to an anonymous reader: The Alliance of American Museums has just published an ambitious Nov/Dec 2040 issue of Museum, the Alliance's magazine. The columns, reviews, articles, awards, and even the ads describe activities from a 2040 perspective, based on a multi-faceted consensus scenario.

Besides virtual reality centers (and carbon-neutral cities), it envisions de-extinction biologists who resurrect lost species. It also predicts a 2040 with orbiting storehouses to preserve historic artifacts (as well as genetic materials) as part of a collaboration with both NASA and a new American military branch called the US Space Corps. And of course, by 2040 musuems have transformed into hybrid institutions like "museum schools" and "well-being and cognitive health centers" that are both run by museums.
It also predicts for-profit museums that have partnered with corporations.

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/fftub5wb-hs/magazine-for-museums-publishes-its-2040-issue----23-years-early

Study Finds Robot Surgeons Are Actually Slower and More Expensive

"Robot-assisted surgery costs more time and money than traditional methods, but isn't more effective, for certain types of operations," reports the Register, in an article shared by schwit1: In a study of almost 24,000 laparoscopic surgeries just published in The Journal of American Medicine, researchers from Stanford University School of Medicine analyzed data from 416 hospitals around the U.S. from 2003 to 2015. Robotic assistance provides 3D-visualization, a broader range of motion for instruments, and better ergonomics for physicians, according to the study. While it has advantages in scenarios where a high-degree of precision is required or where improved outcomes have been demonstrated (like radical prostatectomy), it appears to be a waste of resources for the two operations examined... But the patient outcomes were more or less the same. A thematically-related economic study presented by the National Bureau for Economic Research on Monday suggests that while AI and machine learning have received substantial investment over the past five years and have been widely touted as a transformative technologies, "there is little sign that they have yet affected aggregate productivity statistics... The simplest possibility is that the optimism about the potential technologies is misplaced and unfounded," muse Erik Brynjolfsson and Daniel Rock (MIT), Chad Syverson (University of Chicago) in the paper. But instead the paper's author suggest that fully realizing the benefits of AI "will require effort and entrepreneurship to develop the needed complements, and adaptability at the individual, organizational, and societal levels to undertake the associated restructuring."

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/1GuQt_6JJ_s/study-finds-robot-surgeons-are-actually-slower-and-more-expensive

'Starcraft II' Goes Free-to-Play on Tuesday

An anonymous reader quotes TechCrunch: It was only in April that Blizzard made the original StarCraft free to play, and now the company has done the same for its sequel. StarCraft 2: Wings of Liberty, which is certainly the most-played real-time strategy game ever made, will be free for anyone to play starting on November 14. Of course there's a catch, but nothing nefarious. The game was divided into three episodes, each focusing on one of the three playable races (Human, Zerg and Protoss -- but you knew that), and only the first (the human one) will be available for free. If you already own Wings of Liberty (as the episode is called) you can also get the Heart of the Swarm chapter for free by logging in and claiming it before December 8.

TechCrunch calls it "a good way to onboard new players who just never wanted to pay full price to find out if they liked it."

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/cIzcrLe9mXw/starcraft-ii-goes-free-to-play-on-tuesday

H1-B Administrators Are Challenging An Unusually Large Number of Applications

Long-time Slashdot reader decaffeinated quotes Bloomberg: Starting this summer, employers began noticing that U.S. Citizenship and Immigration Services was challenging an unusually large number of H-1B applications. Cases that would have sailed through the approval process in earlier years ground to a halt under requests for new paperwork. The number of challenges -- officially known as "requests for evidence" or RFEs -- are up 44 percent compared to last year, according to statistics from USCIS...

"We're entering a new era," said Emily Neumann, an immigration lawyer in Houston who has been practicing for 12 years. "There's a lot more questioning, it's very burdensome." She said in past years she's counted on 90 percent of her petitions being approved by Oct. 1 in years past. This year, only 20 percent of the applications have been processed. Neumann predicts she'll still have many unresolved cases by the time next year's lottery happens in April 2018.

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/BBKiVzJMtrw/h1-b-administrators-are-challenging-an-unusually-large-number-of-applications

Crowdfunded 'PowerWatch' Runs on Body Heat, Never Needs Charging

Engadget reports on a new watch that suggests the possibility of a future without chargers:

This thermal-powered wearable doesn't need one -- it gets energy by converting your body heat into electricity. It's been a year since I saw an early prototype of the PowerWatch -- a smart(ish) watch that tracks basic fitness metrics. Now, the self-proclaimed energy-harvesting company is finally ready to ship PowerWatches to the early adopters who backed its Indiegogo campaign...
Because its functions are pretty basic and its LCD screen is relatively low-powered, it doesn't take too much electricity to keep the watch running... The PowerWatch can not only tell the time, set alarms and timers but also track your activity and sleep... Matrix co-founder Douglas Tham said the PowerWatch will keep running for up to 12 months if you don't wear it, and a PowerSave mode kicks in to conserve energy by killing non-timekeeping functions.

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/mxgRnJwzSqw/crowdfunded-powerwatch-runs-on-body-heat-never-needs-charging

Text Adventure Competition Reports A 36% Spike In Entries

There's just four days left to vote for the winner of the 23rd Annual Interactive Fiction Competition. An anonymous reader writes: This year's contest set a record, drawing 79 new text adventures -- 36% more entries than the previous year's 58. All of this year's games are available online, furthering the competition's goal of "making them freely available in order to encourage the creation, play, and discussion of interactive fiction." (And they're also available in a 236-megabyte .zip archive.)

Each game's developer is competing for $4,800 in cash prizes, to be shared among everyone who finishes in the top two-thirds (including a $247 prize to the first-place winner). Authors of the top-rated games will also get to choose from a 38-prize pool (which includes another $200 cash prize donated by Asymmetric Publications, as well as a "well-loved" used Wii console). But the most important thing is there's a bunch of fun new text adventures to play. Reviews are already appearing online, lovingly collected by the Interactive Fiction Wiki. And one game designer even livestreamed their text adventure-playing on Twitch.

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/jOrN1mnSlaY/text-adventure-competition-reports-a-36-spike-in-entries

One Bitcoin Transaction Now Uses As Much Energy As Your House In a Week

Long-time Slashdot reader SlaveToTheGrind quotes Motherboard: Bitcoin's incredible price run to break over $7,000 this year has sent its overall electricity consumption soaring, as people worldwide bring more energy-hungry computers online to mine the digital currency. An index from cryptocurrency analyst Alex de Vries, aka Digiconomist, estimates that with prices the way they are now, it would be profitable for Bitcoin miners to burn through over 24 terawatt-hours of electricity annually as they compete to solve increasingly difficult cryptographic puzzles to "mine" more Bitcoins. That's about as much as Nigeria, a country of 186 million people, uses in a year.

This averages out to a shocking 215 kilowatt-hours (KWh) of juice used by miners for each Bitcoin transaction (there are currently about 300,000 transactions per day). Since the average American household consumes 901 KWh per month, each Bitcoin transfer represents enough energy to run a comfortable house, and everything in it, for nearly a week.

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/0KVKZvce0SE/one-bitcoin-transaction-now-uses-as-much-energy-as-your-house-in-a-week

How Two Scientists Accurately Predicted Global Warming in 1967

Slashdot reader Layzej shares an article from this spring marking the 50th anniversary of the first accurate climate model: Astrophysicist Ethan Siegel looks at a climate model (MW67) published in 1967 and finds "50 years after their groundbreaking 1967 paper, the science can be robustly evaluated, and they got almost everything exactly right."

An analysis on the "Climate Graphs" blog shows exactly how close the prediction has proven to be: "The slope of the CO2-vs-temperature regression line in the 50 years of actual observations is 2.57, only slightly higher than MW67's prediction of 2.36" They also note that "This is even more impressive when one considers that at the time MW67 was published, there had been no detectable warming in over two decades. Their predicted warming appeared to mark a radical change with the recent past:"

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/jgsvmeCZ9s0/how-two-scientists-accurately-predicted-global-warming-in-1967

The Computer Scientist Who Prefers Voting With Paper

Geoffrey.landis writes: The Atlantic profiles a computer scientist: Barbara Simons, who has been on the forefront of the pushback against electronic voting as a technology susceptible to fraud and hacking. When she first started writing articles about the dangers of electronic voting with no paper trail, the idea that software could be manipulated to rig elections was considered a fringe preoccupation; but Russia's efforts to influence the 2016 presidential election have reversed Simons's fortunes. According to the Department of Homeland Security, those efforts included attempts to meddle with the electoral process in 21 states; while a series of highly publicized hacks -- at Sony, Equifax, the U.S. Office of Personnel Management -- has driven home the reality that very few computerized systems are truly secure. Simons is a former President of the Association for Computing Machinery (ACM); and the group she helps run, Verified Voting, has been active in educating the public about the dangers of unverified voting since 2003.

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/wviwHWvWXk0/the-computer-scientist-who-prefers-voting-with-paper

Nintendo Reportedly Plans To Double Switch Production In 2018

An anonymous reader quotes a report from Engadget: The Switch, Nintendo's latest hybrid console is doing pretty well for the company, which expects it to outdo the Wii U's lifetime sales within a year. The company obviously thinks so, too, according to a new report at The Wall Street Journal, which says that Nintendo plans to ramp up production of the hardware itself, beginning in April 2018. The report claims that Nintendo is planning to make 25 million to 30 million more units of its successful Switch console over the next fiscal year. Further, Nintendo may plan for even more if this year's holiday sales are strong, according to the WSJ's sources. The company has already built almost 8 million Switches, total, as of its latest earnings report.

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/KJB6BnHUXCA/nintendo-reportedly-plans-to-double-switch-production-in-2018

NASA Discovers Mantle Plume That's Melting Antarctica From Below

schwit1 shares a report from Newsweek: Researchers at NASA have discovered a huge upwelling of hot rock under Marie Byrd Land, which lies between the Ross Ice Shelf and the Ross Sea, is creating vast lakes and rivers under the ice sheet. The presence of a huge mantle plume could explain why the region is so unstable today, and why it collapsed so quickly at the end of the last Ice Age, 11,000 years ago. Mantle plumes are thought to be part of the plumbing systems that brings hot material up from Earth's interior. Once it gets through the mantle, it spreads out under the crust, providing magma for volcanic eruptions. The area above a plume is known as a hotspot.

[I]n a study published in the Journal of Geophysical Research: Solid Earth, Seroussi and colleagues looked at one of the most well studied magma plumes on Earth -- the Yellowstone hotspot. The team developed a mantle plume model to look at how much geothermal heat would be needed to explain what is seen at Marie Byrd Land. They then used the Ice Sheet System Model (ISSM), which shows the physics of ice sheets, to look at the natural sources of heating and heat transport. This model enabled researchers to place "powerful constraint" on how much melt rate was allowable, meaning they could test out different scenarios of how much heat was being produced deep beneath the ice. Their findings showed that generally, the energy being generated by the mantle plume is no more than 150 milliwatts per square meter -- any more would result in too much melting. The heat generated under Yellowstone National Park, on average, is 200 milliwatts per square meter.

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/9aGvrNTPijY/nasa-discovers-mantle-plume-thats-melting-antarctica-from-below

Paradise Papers Expose Canadian Scalper's Multimillion-Dollar StubHub Scheme

An anonymous reader quotes a report from CBC.ca: When Adele fans went online to buy tickets to the pop superstar's world tour last year, they had no idea what exactly they were up against. An army of tech-savvy resellers that included a little-known Canadian superscalper named Julien Lavallee managed to vacuum up thousands of tickets in a matter of minutes in one of the quickest tour sellouts in history. The many fans who were shut out would have to pay scalpers like Lavallee a steep premium if they still wanted to see their favorite singer. An investigation by CBC/Radio-Canada and the Toronto Star, based in part on documents found in the Paradise Papers, rips the lid off Lavallee's multimillion-dollar operation based out of Quebec and reveals how ticket website StubHub not only enables but rewards industrial-scale scalpers who gouge fans around the world.

Lavallee's name appears over and over in the records, alongside the names of his wife, his father and other friends and family. The records show them somehow buying tickets from different locations around the world at the same time, placing orders from cities like Chicago, Los Angeles, London and Montreal. Lavallee, who got his start in his early 20s reselling hockey and concert tickets while living at home with his parents, now runs an international ticket harvesting operation. Financial records detail $7.9 million in gross sales in 2014 alone. [T]he CBC/Star investigation also discovered a password-protected portal exclusively for StubHub's top sellers who prove they can move more than $50,000 worth of tickets a year. The company offers them special software to upload and manage huge inventories of tickets. StubHub said in a statement: "StubHub agrees that the use of bots to procure tickets is unfair and anti-consumer. StubHub has always supported anti-bots legislation and encourages policy-makers to look comprehensively at the host of factors that impact a fan's ability to fairly access, buy, resell, or even give away tickets in a competitive ticket market."

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/95vv8sMQPG8/paradise-papers-expose-canadian-scalpers-multimillion-dollar-stubhub-scheme

Ford Pilots a New Exoskeleton To Lessen Worker Fatigue

Ford is partnering with California-based exoskeleton maker Ekso Bionics to trial a non-powered upper body exoskeletal tool called EksoVest in two of the carmaker's U.S. plants. The goal is to lessen the fatigue factory workers experience in Ford's car manufacturing plants. Futurism reports: Designed to fit workers from five feet to six feet four inches tall, the EksoVest adds some 3 to 6 kilograms (5 to 15 pounds) of adjustable lift assistance to each arm. This exoskeleton is also comfortable enough to wear while providing free arm movement thanks to its lightweight construction. "Collaboratively working with Ford enabled us to test and refine early prototypes of the EksoVest based on insights directly from their production line workers," Ekso Bionics co-founder and CTO Russ Angold said in a Ford press release. "The end result is a wearable tool that reduces the strain on a worker's body, reducing the likelihood of injury, and helping them feel better at the end of the day -- increasing both productivity and morale." The U.S. trial, made possible with the help of the United Automobile Workers, has already demonstrated the wonders that the exoskeleton can offer in reducing fatigue from high-frequency tasks. As such, Ford plans to expand their EksoVest pilot program to other regions, which include Europe and South America.

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/LLxz8Qncmp4/ford-pilots-a-new-exoskeleton-to-lessen-worker-fatigue

Sex Toy Company Admits To Recording Users' Remote Sex Sessions, Calls It a 'Minor Bug'

According to Reddit user jolioshmolio, Hong Kong-based sex toy company Lovense's remote control vibrator app (Lovense Remote) recorded a use session without their knowledge. "An audio file lasting six minutes was stored in the app's local folder," reports The Verge. "The user says he or she gave the app access to the mic and camera but only to use with the in-app chat function and to send voice clips on command -- not constant recording when in use." The app's behavior appears to be widespread as several others confirmed it too. From the report: A user claiming to represent Lovense responded and called this recording a "minor bug" that only affects Android users. Lovense also says no information or data was sent to the company's servers, and that this audio file exists only temporarily. An update issued today should fix the bug. This isn't Lovense's first security flub. Earlier this year, a butt plug made by the company -- the Hush -- was also found to be hackable. In the butt plug's case, the vulnerability had to do with Bluetooth, as opposed to the company spying on users.

Share on Google+

Read more of this story at Slashdot.


Source: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/qIZiLma0G04/sex-toy-company-admits-to-recording-users-remote-sex-sessions-calls-it-a-minor-bug

Source: https://slashdot.org/
Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
STEEMKR.COM IS SPONSORED BY
ADVERTISEMENT
Sort Order:  trending

Warning! This user is on my black list, likely as a known plagiarist, spammer or ID thief. Please be cautious with this post!
To get off this list, please chat with us in the #steemitabuse-appeals channel in steemit.chat.

Hello & Cheers!! I'm a content detection and information bot. You are receiving this reply because a short link or links have been detected in your post/comment. The purpose of this message is to inform your readers and yourself about the use of and dangers of short links.

To the readers of the post: Short links are provided by url shortening services. The short links they provide can be useful in some cases. Generally their use is benign. But as with all useful tools there are dangers. Short links can be used to hide all sorts of things. Quite frequently they are used to hide referral links for instance. While not dangerous this can be deceptive. They can also be used to hide dangerous links such as links to phishing sites, sites loaded with malware, scam sites, etc. You should always be extremely cautious before clicking on one. If you don't know and trust the poster don't click. Even if you do you should still be cautious and wary of any site you are sent to. It's always better to visit the site directly and not through a short link.

To the author of the post: While short links may be useful on some sites they are not needed on steemit. You can use markdown to format your links such as this link to steemit. It's as simple as [steemit](https://steemit.com) Unlike short links this allows the reader to see where they are going by simply hovering over the link before they click on it.

This message was created by a bot. It is part of the ongoing fight against spam and phishing attacks on steemit. If you did not use short links in your post and feel you have received this message in error you can contact @fubar-bdhr on discord or @fubar.bdhr on steemit chat to report the issue.