Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Ford Engineers Test 'Predictive Logic' To Improve Cruise Control
cartechboy writes "Sometimes what we think of as 'car tech' is colored by sensational coverage of things like autonomous cars. But real engineers are working behind the scenes every day to make existing auto technologies more efficient. Take cruise control: Today, even adaptive cruise systems just throttle up when the car's speed drops and ease off when speed rises or a car gets too close. Today's cruise-control systems aren't predictive--meaning they don't plan ahead. At all. Now, engineers at Ford are adding predictive algorithms and more sophisticated powertain mapping to reduce the built-in overcompensation that ends up wasting fuel. Ford has mapped each vehicle's powertrain in much greater detail, and their prototype control systems look at grade steepness, load on the engine, and other variables every few seconds to predict what's likely coming up. Will the hill level off soon? Will the driver ask for more gas, or let up on the accelerator? Down the road, connected-vehicle and cloud-based data will build on these predictive developments--as will those autonomous vehicles you hear so much about. Think of this as a building block to the future." -
Big Buck Bunny In 4K, 60 Fps and 3D-stereo
An anonymous reader writes "Blender Foundation open movie projects like Sintel and Tears of Steel have been mentioned on Slashdot in the recent years. Now an old-timer, their open movie Big Buck Bunny from 2008, has been getting a make-over in a new release: The entire movie has been recreated in 3D stereo with a resolution of 4K (3840x2160) at 60fps. It took years to rework the movie because the original Big Buck Bunny was created for 2D. Most of the scenes had to be modified to work well in 3D stereo. Furthermore, the original movie was made for cinemas and was 24fps; a lot of changes to the animations had to be made to get the correct results. The creator of the reworked version explains about it on BlenderNation where he also talks about the fact that the entire movie was rendered via an online collaborative renderfarm, BURP, where volunteers provided spare CPU cycles to make it happen. If you want to see how your computer measures up to playing 4K content in 60 fps you can download the reworked movie from the official homepage — lower resolutions are also available." -
Big Buck Bunny In 4K, 60 Fps and 3D-stereo
An anonymous reader writes "Blender Foundation open movie projects like Sintel and Tears of Steel have been mentioned on Slashdot in the recent years. Now an old-timer, their open movie Big Buck Bunny from 2008, has been getting a make-over in a new release: The entire movie has been recreated in 3D stereo with a resolution of 4K (3840x2160) at 60fps. It took years to rework the movie because the original Big Buck Bunny was created for 2D. Most of the scenes had to be modified to work well in 3D stereo. Furthermore, the original movie was made for cinemas and was 24fps; a lot of changes to the animations had to be made to get the correct results. The creator of the reworked version explains about it on BlenderNation where he also talks about the fact that the entire movie was rendered via an online collaborative renderfarm, BURP, where volunteers provided spare CPU cycles to make it happen. If you want to see how your computer measures up to playing 4K content in 60 fps you can download the reworked movie from the official homepage — lower resolutions are also available." -
Kdenlive Developer Jean-Baptiste Mardelle Has Been Found
jones_supa writes "A month ago there was worry about Kdenlive main developer being missing. Good news guys, Jean-Baptiste Mardelle has been finally reached and is doing fine. In a new mailing list post by Vincent Pinon, he says he managed to find Mardelle's phone number and contacted the longtime KDE developer. It was found out that Mardelle took a break over the summer but then lost motivation in Kdenlive under the burden of the ongoing refactoring of the code. Pinon agreed that there are 'so many things to redo almost from scratch just to get the 'old' functionalities'. The full story can be read from the kdenlive-devel mailing list. After talking with Jean-Baptiste, Vincent has called upon individual developers interested in Kdenlive to come forward. Among the actions called for is putting the Git master code-base back in order, ensuring the code is in good quality, provide new communication about the project, integrate new features like GPU-powered effects and a Qt5 port, and progressively integrate the new Kdenlive design." -
Neglect Causes Massive Loss of 'Irreplaceable' Research Data
Nerval's Lobster writes "Research scientists could learn an important thing or two from computer scientists, according to a new study (abstract) showing that data underpinning even groundbreaking research tends to disappear over time. Researchers also disappear, though more slowly and only in terms of the email addresses and the other public contact methods that other scientists would normally use to contact them. Almost all the data supporting studies published during the past two years is still available, as are at least some of the researchers, according to a study published Dec. 19 in the journal Current Biology. The odds that supporting data is still available for studies published between 2 years and 22 years ago drops 17 percent every year after the first two. The odds of finding a working email address for the first, last or corresponding author of a paper also dropped 7 percent per year, according to the study, which examined the state of data from 516 studies between 2 years and 22 years old. Having data available from an original study is critical for other scientists wanting to confirm, replicate or build on previous research – goals that are core parts of the evolutionary, usually self-correcting dynamic of the scientific method on which nearly all modern research is based. No matter how invested in their own work, scientists appear to be 'poor stewards' of their own work, the study concluded." -
BlackBerry Posts $4.4 Billion Loss, Will Outsource To Foxconn
iONiUM writes "Today BlackBerry announced a $4.4 billion loss, and a deal with Foxconn to outsource hardware manufacturing. One interesting stat is that 75% of sales were actually older BB7 devices. That said, CEO John Chen says, 'We are very much alive, thank you.' He adds, 'Our "for sale" sign has been taken down and we are here to stay. BlackBerry recently announced it has entered into an agreement to receive a strategic investment from Fairfax Financial and other institutional investors, which represents a vote of confidence in the future of BlackBerry.'" -
NSA Metadata Collection Program Has Stopped Zero Attacks
Antipater writes "According to a member of the White House panel that recently called for the NSA's metadata-collection program to be curtailed, that program has not stopped any terrorist actions at all. This runs counter to the stories we've heard for months, which claimed as many as fifty prevented attacks. 'Stone declined to comment on the accuracy of public statements by U.S. intelligence officials about the telephone collection program, but said that when they referred to successes they seemed to be mixing the results of domestic metadata collection with the intelligence derived from the separate, and less controversial, NSA program, known as 702, to intercept communications overseas.'" -
Tesla Says Garage Fire Not Charger's Fault; Firemen Less Sure
cartechboy writes "It looks like Elon Musk and Tesla Motors find themselves in another PR war over the cause of a fire involving a Tesla Model S. Authorities in Irvine, CA are currently investigating the reason for a fire in a garage that, yes, contained a Tesla Model S. While the actual cause of the fire remains unknown, Tesla Motors and the Orange County Fire Authority are already publicly disputing possible causes, thought to center around the Tesla charging system. Tesla says the fire was not caused by any part of the car nor its charging system, reports Reuters. For what its worth — we've seen a version of this movie before. In 2011, investigators determined that a garage fire that destroyed a Chevrolet Volt had started away from the car, later spreading to engulf and destroy the car." -
Comparing G++ and Intel Compilers and Vectorized Code
Nerval's Lobster writes "A compiler can take your C++ loops and create vectorized assembly code for you. It's obviously important that you RTFM and fully understand compiler options (especially since the defaults may not be what you want or think you're getting), but even then, do you trust that the compiler is generating the best code for you? Developer and editor Jeff Cogswell compares the g++ and Intel compilers when it comes to generating vectorized code, building off a previous test that examined the g++ compiler's vectorization abilities, and comes to some definite conclusions. 'The g++ compiler did well up against the Intel compiler,' he wrote. 'I was troubled by how different the generated assembly code was between the 4.7 and 4.8.1 compilers—not just with the vectorization but throughout the code.' Do you agree?" -
Using Supercomputers To Find a Bacterial "Off" Switch
Nerval's Lobster writes "The comparatively recent addition of supercomputing to the toolbox of biomedical research may already have paid off in a big way: Researchers have used a bio-specialized supercomputer to identify a molecular 'switch' that might be used to turn off bad behavior by pathogens. They're now trying to figure out what to do with that discovery by running even bigger tests on the world's second-most-powerful supercomputer. The 'switch' is a pair of amino acids called Phe396 that helps control the ability of the E. coli bacteria to move under its own power. Phe396 sits on a chemoreceptor that extends through the cell wall, so it can pass information about changes in the local environment to proteins on the inside of the cell. Its role was discovered by a team of researchers from the University of Tennessee and the ORNL Joint Institute for Computational Sciences using a specialized supercomputer called Anton, which was built specifically to simulate biomolecular interactions among proteins and other molecules to give researchers a better way to study details of how molecules interact. 'For decades proteins have been viewed as static molecules, and almost everything we know about them comes from static images, such as those produced with X-ray crystallography,' according to Igor Zhulin, a researcher at ORNL and professor of microbiology at UT, in whose lab the discovery was made. 'But signaling is a dynamic process, which is difficult to fully understand using only snapshots.'" -
Target Has Major Credit Card Breach
JoeyRox writes "Target experienced a system-wide breach of credit card numbers over the Black Friday holiday shopping season. What's unique about this massive breach is that it didn't involve compromising a centralized data center or website but instead represented a distributed attack at individual Target stores across the country. Investigators believe customer account numbers were lifted via software installed on card readers at checkout." Also at Slash BI. -
Police Pull Over More Drivers For DNA Tests
schwit1 sends this news from the Washington Times: "Pennsylvania police this week were pulling people to the side of the road, quizzing them on their driving habits, and asking if they'd like to provide a cheek swap or a blood sample — the latest in a federally contracted operation that's touted as making roads safer. The same operation took place last month at a community in Texas. Then, drivers were randomly told to pull off the road into a parking lot, where white-coated researchers asked if they'd like to provide DNA samples for a project that determines what percentage of drivers are operating under the influence of drugs or alcohol at given times. With uniformed police in the background, the researchers also offered the motorists money — up to $50 or so — for the blood or saliva samples." -
Interview: Ask Bruce Sterling What You Will
One of the founders of the cyberpunk genre, Bruce Sterling needs little introduction to science fiction fans. You can read what "Chairman Bruce" has to say at Beyond the Beyond on Wired and the Sterling tumblr. He has agreed to to sit down and answer any questions you may have. As usual, ask as many as you'd like, but please, one question per post. -
NASA Schedules Space Walks to Fix ISS Pumps; Orbital Sciences Launch Delayed
The ISS has been operating at partial capacity after a coolant pump malfunctioned last week. NASA has now announced the repair mission: "NASA currently plans for two Expedition 38 astronauts to venture outside the space station Dec. 21, 23, and 25. NASA astronauts Rick Mastracchio and Mike Hopkins will remove a pump module that has a failed valve. They will replace it with an existing spare that is stored on an external stowage platform. The pump is associated with one of the station's two external cooling loops, which circulate ammonia outside the station to keep both internal and external equipment cool. Each of the three spacewalks will begin at 7:10 a.m. and is scheduled to last six and a half hours. NASA TV coverage will begin at 6:15 a.m." NASA TV will be airing a preview of the space walks at 3 p.m. EST. As a result of the coolant pump malfunction and the repairs, NASA has also delayed the launch of Orbital Sciences' cargo resupply mission until at least mid-January. -
Ted Nelson's Passionate Eulogy for Douglas Engelbart
theodp writes "Speaking at a memorial event for the legendary Douglas Engelbart at the Computer History Museum, Ted Nelson was pissed-with-a-capital-P. Nelson in effect gave two powerful eulogies — one for his friend Dr. Engelbart, who left this Earth in July, and a second for Engelbart's career, which essentially began 'dying' four decades earlier due to short-sighted organizations' failure to fund the brilliant guy who gave the world The Mother of All Demos in 1968. 'Let us never forget that Doug Engelbart was dumped by ARPA,' Nelson laments. 'Doug Engelbart was dumped by SRI, Doug Engelbart was snubbed by Xerox PARC, and for the rest of his working life he had no chance to take us further...Just as we can only guess what John Kennedy might have done, we can only guess what Doug Engelbart might have done had he not been cut down in his prime.' It's a very moving and passionate speech (despite some oddly inappropriate audience laughter). And, alas, a very sad one in a world that throws $4 billion at the likes of Snapchat and Pinterest." -
Ted Nelson's Passionate Eulogy for Douglas Engelbart
theodp writes "Speaking at a memorial event for the legendary Douglas Engelbart at the Computer History Museum, Ted Nelson was pissed-with-a-capital-P. Nelson in effect gave two powerful eulogies — one for his friend Dr. Engelbart, who left this Earth in July, and a second for Engelbart's career, which essentially began 'dying' four decades earlier due to short-sighted organizations' failure to fund the brilliant guy who gave the world The Mother of All Demos in 1968. 'Let us never forget that Doug Engelbart was dumped by ARPA,' Nelson laments. 'Doug Engelbart was dumped by SRI, Doug Engelbart was snubbed by Xerox PARC, and for the rest of his working life he had no chance to take us further...Just as we can only guess what John Kennedy might have done, we can only guess what Doug Engelbart might have done had he not been cut down in his prime.' It's a very moving and passionate speech (despite some oddly inappropriate audience laughter). And, alas, a very sad one in a world that throws $4 billion at the likes of Snapchat and Pinterest." -
Tech Leaders Push Back Against Obama's Efforts To Divert Discussion From NSA
Hugh Pickens DOT Com writes "The Guardian reports that while President Obama tried to portray a meeting with tech leaders as a wide-ranging discussion of broader priorities including ways of improving the functionality of the troubled health insurance website Healthcare.gov, senior executives from Apple, Yahoo, Google, Comcast, Facebook, Microsoft, Twitter, and Netflix said they were determined to keep the discussion focused on the NSA. 'We are there to talk about the NSA,' said one executive who was briefed on the company's agenda before the event. After meeting Obama and vice president Joe Biden for two-and-a-half hours, the companies issued a one-line statement. 'We appreciated the opportunity to share directly with the president our principles on government surveillance that we released last week and we urge him to move aggressively on reform.' Many of the senior tech leaders had already made public their demand for sweeping surveillance reforms in an open letter that specifically called for a ban on the kind of bulk data collection that a federal judge ruled on Monday was probably unlawful. Obama seemed sympathetic to the idea of allowing more disclosure of government surveillance requests by technology companies, according to a tech industry official who was briefed on the meeting. Marissa Mayer brought up concerns about the potentially negative impact that could be caused if countries, such as Brazil, move forward with legislation that would require service providers to ensure that data belonging to a citizen of a certain country remain in the country it originates, the official said. That would require technology companies to build data centers in each country — a costly problem for American Internet companies. The decision by the tech giants to press their case in such a public and unified way poses a problem for the White House. The industry is an increasingly influential voice in Washington, a vital part of the US economy and many of its most successful leaders are prominent Democratic political donors." -
Tech Leaders Push Back Against Obama's Efforts To Divert Discussion From NSA
Hugh Pickens DOT Com writes "The Guardian reports that while President Obama tried to portray a meeting with tech leaders as a wide-ranging discussion of broader priorities including ways of improving the functionality of the troubled health insurance website Healthcare.gov, senior executives from Apple, Yahoo, Google, Comcast, Facebook, Microsoft, Twitter, and Netflix said they were determined to keep the discussion focused on the NSA. 'We are there to talk about the NSA,' said one executive who was briefed on the company's agenda before the event. After meeting Obama and vice president Joe Biden for two-and-a-half hours, the companies issued a one-line statement. 'We appreciated the opportunity to share directly with the president our principles on government surveillance that we released last week and we urge him to move aggressively on reform.' Many of the senior tech leaders had already made public their demand for sweeping surveillance reforms in an open letter that specifically called for a ban on the kind of bulk data collection that a federal judge ruled on Monday was probably unlawful. Obama seemed sympathetic to the idea of allowing more disclosure of government surveillance requests by technology companies, according to a tech industry official who was briefed on the meeting. Marissa Mayer brought up concerns about the potentially negative impact that could be caused if countries, such as Brazil, move forward with legislation that would require service providers to ensure that data belonging to a citizen of a certain country remain in the country it originates, the official said. That would require technology companies to build data centers in each country — a costly problem for American Internet companies. The decision by the tech giants to press their case in such a public and unified way poses a problem for the White House. The industry is an increasingly influential voice in Washington, a vital part of the US economy and many of its most successful leaders are prominent Democratic political donors." -
Healthcare IT's Achilles' Heel: Sensors
Nerval's Lobster writes "Tech publications and pundits alike have crowed about the benefits we're soon to collectively reap from healthcare analytics. In theory, sensors attached to our bodies (and appliances such as the fridge) will send a stream of health-related data — everything from calorie and footstep counts to blood pressure and sleep activity — to the cloud, which will analyze it for insight; doctors and other healthcare professionals will use that data to tailor treatments or advise changes in behavior and diet. But the sensors still leave a lot to be desired: 'smart bracelets' such as Nike's FuelBand and FitBit can prove poor judges of physical activity, and FitBit's associated app still requires you to manually input records of daily food intake (the FuelBand is also a poor judge of lower-body activity, such as running). FDA-approved ingestible sensors are still being researched, and it'd be hard to convince most people that swallowing one is in their best interests. Despite the hype about data's ability to improve peoples' health, we could be a long way from any sort of meaningful consumer technology that truly makes that happen." -
Former Microsoft Exec To Lead HealthCare.gov
Antipater writes "NBCNews reports that Kurt DelBene, former head of Microsoft's Office division, will take over operations of Healthcare.gov on Wednesday. DelBene will replace Jeffrey Zients, who stepped in to lead the team fixing the health insurance website when it crashed and burned on its Oct. 1 launch. Zients is set to take over next month as senior White House economic adviser from Gene Sperling.'" -
Datawind Not Blowing Smoke: $38 Tablet Coming To the US
BigVig209 writes "In a follow-up to a story we discussed in May, the Chicago Tribune is reporting that London-based Datawind it will begin selling its $38 UbiSlate tablet computer in the U.S. early next year. 'The $38 7-inch touchscreen UbiSlate 7Ci tablet runs on Google's Android 4.0 and features a 1-gigahertz, single-core processor. It has 4 gigabytes of storage with microSD card slots for additional storage. The 7-inch display offers a resolution of 800x480 pixels.' The specs aren't the greatest, fastest, or most powerful, but, for under $50, they're still pretty decent." -
Google Nabs Bing Maps Architect
theodp writes "In another case of Microsoft's-loss-is-Google's-gain, GeekWire reports that Google has made a big hire from Microsoft, bringing aboard TED crowd-pleaser Blaise Agüera y Arcas, the well-known software architect and designer who was among the Redmond company's elite ranks of distinguished engineers. Known for his work on services including Photosynth and Bing Maps, Agüera y Arcas called the move 'the hardest decision of my life'. A stunning preview of Photosynth was released by Microsoft last week, and TED just released a video of Agüera y Arcas demonstrating the technology at a conference earlier this year." -
Interview: Ask Forrest Mims About Rockets, Electronics, and Engineering
With his popular Getting Started in Electronics, and Engineer's Mini-Notebook series and a number of different electronics kits sold at Radio Shack, Forrest Mims inspired countless scientists and engineers. Even though he received no formal academic training in science, Forrest has appeared in 70 magazines and scientific journals. He has worked as a consultant for the National Geographic Society, the National Science Teachers Association, and NASA’s Goddard Space Flight Center. Today, Mims works on many scientific projects including climate change research. He's agreed to answer all your questions about science and engineering. As usual, ask as many as you'd like, but please, one question per post. -
GM's CEO Rejects Repaying Feds for Bailout Losses
PolygamousRanchKid writes with news that GM's outgoing CEO doesn't agree with the National Law and Policy Center's call for GM to repay the loss made by the Treasury from their bailout. From the article: "GM CEO Dan Akerson rejects any suggestion that the company should compensate for the losses. He says Treasury officials took the same risk assumed by anyone who purchases stock. Akerson said that GM repaid all the debt issued by the government beginning in December 2008 when George W. Bush was still president and extending into the first year of Barack Obama's presidency. He added that it was the Treasury's decision ... to take an ownership stake in the form of company shares." -
Google Seeks To Throw Out UK Safari Tracking Suit
judgecorp writes "In the latest twist to the saga of Google's tracking of Safari users, the tech giant has asked to have a U.K. lawsuit dismissed. Google says it is bound by California laws, so plaintiffs will have to come to the U.S. and sue there. Law firm Olswang is bringing the suit on behalf of British users whose Safari browser settings were overridden to help Google target ads; it argues that international organizations should respect the laws that apply where their customers live." -
Army Laser Passes Drone-Killing Test
Nerval's Lobster writes "Commercial package-delivery drones such as those revealed by Amazon and DHL could face danger from more than shotgun-toting, UAV-hunting yahoos following the successful test of a drone-killing laser by the U.S. Army. Though it's more likely to take aim at enemy observation drones than Amazon's package-deliver 'copters, the U.S. Army's High Energy Laser Mobile Demonstrator (HEL-MD) did prove itself in tests last week by shooting down 90 incoming mortars and a series of Unmanned Aerial Vehicles (UAV). The original goal during the test at White Sands Missile Range in New Mexico was to burn out or blow up mortar rounds and blind the cameras or other sensors carried by drones. The laser proved capable enough to damage or slice off the tails of target drones, which brought them down, according to Terry Bauer, HEL MD program manager, as quoted in the Dec. 11 Army announcement of the test. The quarter-sized beam of super-focused light set off the explosives in the 60-millimeter mortars in mid-flight, leaving the rest to fall 'like a rock,' Bauer said. The laser could target only one mortar at a time, but could switch targets quickly enough to bring down several mortars fired in a single volley. The laser and its power source are contained in a single 500-horsepower, four-axle truck but was directed by a separate Enhanced Multi Mode Radar system. The next step is a move from New Mexico to a testing range in Florida early next year 'to test it in rain and fog and things like that,' according to Bauer." -
Interview: Ask Alan Adler About Flying Toys and the Perfect Cup of Coffee
When he's not lecturing at Stanford or NASA, Alan Adler is working on brewing the perfect cup of coffee and engineering flying toys. His AeroPress is one of the most popular coffee brewing systems available and one of his Aerobie Pro Rings set the world record for the farthest thrown object at 1,333 feet. Alan has agreed to sit down and answer any questions you may have. As usual, ask as many as you'd like, but please, one question per post. -
NZ Developers Win 'Koha' Trademark Case
An anonymous reader writes "Horowhenua Libraries Trust has successfully challenged a 2011 decision to let American company Liblime PTFS trademark in New Zealand the word Koha, the name of its library management system. That application was approved by the then Ministry of Economic Development, a decision appealed by the Horowhenua Library Trust and software firm Catalyst IT. A judgment delivered by assistant commissioner of trademarks Jennie Walden found the two pieces of software were largely the same and that it was likely a 'substantial number' of people would be confused or deceived if Liblime used the Koha trademark." Here's a previous Slashdot article discussing the PTFS/Liblime's trademark application. -
Theo De Raadt Says FreeBSD Is Just Catching Up On Security
An anonymous reader writes "The OpenBSD project has no reason to follow the steps taken by FreeBSD with regard to hardware-based cryptography because it has already been doing this for a decade, according to Theo de Raadt. 'FreeBSD has caught up to what OpenBSD has been doing for over 10 years,' the OpenBSD founder told iTWire. 'I see nothing new in their changes. Basically, it is 10 years of FreeBSD stupidity. They don't know a thing about security. They even ignore relevant research in all fields, not just from us, but from everyone.'" -
Code.org Stats: 507MM LOC, 6.8MM Kids, 2K YouTube Views
theodp writes "On the final day of Computer Science Education Week, the Hour of Code bravado continues. Around 12:30 a.m. Sunday (ET), Code.org was boasting that in just 6 days, students of its tutorials have "written" more than 10x the number of lines of code in Microsoft Windows. "Students of the Code.org tutorials have written 507,152,775 lines of code. Is this a lot? By comparison, the Microsoft Windows operating system has roughly 50 million lines of code." Code.org adds, "In total, 15,481,846 students have participated in the Hour of Code. Of this group, 6,872,757 of them used the tutorials by Code.org, and within the Code.org tutorial, they've written 507,152,775 lines of code." On YouTube, however, a playlist of the Code.org tutorial videos has distinctly lower numbers, with only 2,246 views of the Code.org Wrap Up video reported as of this writing. So, any thoughts on why the big disconnect, and how close the stats might reflect reality? Code.org does explain that an 'Hour of Code' is not necessarily an 'hour of code' ("Not everybody finishes an Hour of Code tutorial. Some students spend one hour. Some spend 10 minutes. Some spend days. Instead of counting how many students 'finish one hour'; or how much time they spent, this [LOC] is our simplest measure of progress"). So, with millions being spent on efforts to get Code.org into the nation's schools — New York and Chicago have already committed their 1.5 million K-12 students — is it important to get a better understanding of what the Hour of Code usage stats actually represent — and what their limitations might be — and not just accept as gospel reports like AllThingsD's 15 Million Students Learned to Program This Week, Thanks to Hour of Code ("every other school family in the U.S. has a child that has done the Hour of Code")?" -
Programming Molecules To Let Chemicals Make Decisions
Nerval's Lobster writes "Computer scientists at Harvard University have come up with a way to convert algorithms that teach machines to learn into a form that would allow artificial intelligence to be programmed into complex chemical reactions. The ultimate result could be smart drugs programmed to react differently depending on which of several probable situations they might encounter – without the need to use nano-scale electronics to carry the instructions. 'This kind of chemical-based AI will be necessary for constructing therapies that sense and adapt to their environment,' according to Ryan P. Adams, assistant professor of computer science at Harvard's School of Engineering and Applied Sciences (SEAS), who co-wrote the paper explaining the technique (PDF). 'The hope is to eventually have drugs that can specialize themselves to your personal chemistry and can diagnose or treat a range of pathologies.' The techniques are part of a larger effort to program the behavior of molecules in manufacturing, decision-making and diagnostics, using both nano-scale electronics and the still-relatively-new study of bionanotechnology." -
Chinese Lunar Probe Lands Successfully
China's Chang'e 3 moon probe made its intended landing earlier today, setting down softly in the moon's Sinus Iridum, as reported by Reuters. From the article: "The Chang'e 3, a probe named after a lunar goddess in traditional Chinese mythology, is carrying the solar-powered Yutu, or Jade Rabbit buggy, which will dig and conduct geological surveys. ... China Central Television (CCTV) broadcast images of the probe's location on Saturday and a computer generated image of the probe on the surface of the moon on its website. The probe and the rover are expected to photograph each other tomorrow. ... The Bay of Rainbows was selected because it has yet to be studied, has ample sunlight and is convenient for remote communications with Earth, Xinhua said. The rover will be remotely controlled by Chinese control centers with support from a network of tracking and transmission stations around the world operated by the European Space Agency (ESA)." -
Chang'e-3 Lunar Rover Landing Slated For 13:40 UTC Saturday
savuporo writes "The Chinese Chang'e-3 probe will be landing on the moon [Saturday], 13:40 UTC. CCTV is likely to carry the event live as they did for initial launch. According to technical overview of the mission scenario and instruments, the landing will be fully autonomous with active landing hazard avoidance, which is the first time this has been attempted on any planetary landing. More real-time updates can be found on Twitter with ChangE3 hash tag and NASASpaceFlight forums live event section." -
Valve Releases Debian-Based SteamOS Beta
An anonymous reader writes that, as promised, "Valve has put out their first SteamOS Linux operating system beta. SteamOS 1.0 'Alchemist' Beta is forked from Debian Wheezy and features its own graphics compositor along with other changes. Right now SteamOS 1.0 is only compatible with NVIDIA graphics cards and uses NVIDIA's closed-source Linux driver. SteamOS can be downloaded from here, but the server seems to be offline under the pressure." -
Oculus Raises $75 Million To Make VR Headset
An anonymous reader writes "The company making the VR headset that has John Carmack and many others in the gaming industry excited has just received another $75 million in funding to make it happen. Netscape founder Marc Andreessen is joining the company's board, along with fellow investor Chris Dixon. Dixon had seen a prototype earlier this year, but it wasn't good enough to spark his interest. After recently seeing how the device has progressed since then, he was blown away, comparing it to early demos of the iPhone. 'The dimensions where you need to improve this kind of VR are latency, resolution and head tracking, and they have really nailed those things.' Now that the device is in good shape, Oculus is going to work on turning it into a product they can produce and ship for gamers." -
Oculus Raises $75 Million To Make VR Headset
An anonymous reader writes "The company making the VR headset that has John Carmack and many others in the gaming industry excited has just received another $75 million in funding to make it happen. Netscape founder Marc Andreessen is joining the company's board, along with fellow investor Chris Dixon. Dixon had seen a prototype earlier this year, but it wasn't good enough to spark his interest. After recently seeing how the device has progressed since then, he was blown away, comparing it to early demos of the iPhone. 'The dimensions where you need to improve this kind of VR are latency, resolution and head tracking, and they have really nailed those things.' Now that the device is in good shape, Oculus is going to work on turning it into a product they can produce and ship for gamers." -
Senators Propose Bill Prohibiting Phone Calls On Planes
SonicSpike writes with news that two U.S. Senators, Lamar Alexander (R-TN) and Dianne Feinstein (D-CA), have proposed legislation to ban cell phone calls while aboard an airplane. This follows a recent announcement from the FAA increasing the range of electronic gadgets travelers can use while flying, and a vote by the FCC to consider allowing phone calls during flight. However, even as those government agencies work to lift regulations on in-flight technology, the Department of Transportation is pondering a in-flight call ban of its own, saying it might not be "fair" to consumers to have to listen to other passengers talk on the phone throughout a long flight. FCC commissioner Jessica Rosenworcel said, "If we move beyond what we do here today and actually update our rules to allow voice calls on planes we can see a future where our quiet time is monetized and seating in the silent section comes at a premium." -
YouTube Expands Live Streaming To All Channels
An anonymous reader writes "YouTube today announced it is expanding its live streaming service to all YouTube channels. The Google-owned company now only has two requirements: your account must be verified and it has to be in good standing. If you have both, but don't see the feature yet, don't worry as it's rolling out 'over the next few weeks.' YouTube Live was previously only available to a small number of individuals and YouTube partners whom Google deemed worthy to test it out. The video site then opened up the feature to channels with at least 1,000 subscribers, and then at least 100 subscribers. Now it's available to all." -
Engineering the Perfect Coffee Mug
Nerval's Lobster writes "From the annals of Really Important Science comes word that a research assistant who picked up his B.S. just seven months ago has invented a coffee mug designed to keep java at just the right piping-hot temperature for hours. Logan Maxwell, who got his undergraduate degree in chemical engineering from North Carolina State University in May, created the "Temperfect" mug as part of his senior design project for the College of Engineering. Most insulated mugs have two walls separated by a soft vacuum that insulates the temperature of a liquid inside from the temperature of the air outside. Maxwell's design has a third layer of insulation in a third wall wrapped around the inner basin of the mug. Inside is a chemical insulator that is solid at room temperature but melts into a liquid at 140 degrees Fahrenheit. The insulator – which Maxwell won't identify but swears is non-toxic – turns to liquid as it absorbs the extra heat of coffee poured into the mug at temperatures higher than 140 F, cooling it to a drinkable temperature quickly. As the heat of the coffee escapes, the insulating material releases heat through the inner wall of the mug to keep it hot as long as possible; a graph mapping the performance of a prototype shows it could keep a cup of coffee at between 128 F and 145 F for as long as 90 minutes. "Phase-change" coffee-mug insulation was patented during the 1960s, but has never been marketed because they are difficult and expensive to manufacture compared to simpler forms of insulation. While working on the Temperfect design, Maxwell met Belgian-born industrial designer Dean Verhoeven, president of consulting form Ancona Research, Inc., who had been working on a similar design and had already worked out how to manufacture a three-walled insulated mug cost effectively. The two co-founded a company called Joevo to manufacture the mugs." According to the Joevo Kickstarter page, you can get one starting at $40. For that much, I'd like a clever lid like this Contigo has. -
Google Fixes Credit Card Security Hole, But Snubs Discoverer
Frequent contributor Bennett Haselton writes: "Google has fixed a vulnerability, first discovered by researcher Gergely Kalman, which let users search for credit card numbers by using hex number ranges. However, Google should have acknowledged or at least responded to the original bug finder (and possibly even paid him a bounty for it), and should have been more transparent about the process in general." Read on for the rest of the story.Back in 2007, I wrote that it was possible to find credit card numbers on Google by searching for the first 8 digits of your credit card number with a space in the middle, e.g. "1234 5678". Some users pointed out in the comments that it was even easier to find card numbers by searching for a number range such as
4147000000000000..4147999999999999
At some point after that discovery was posted, Google altered their search filters so that using number ranges to search for credit cards, was no longer allowed. If you search for that range, you get a denial page which reads
Our systems have detected unusual traffic from your computer network. Please try your request again later.
According to security researcher Gergely Kalman, he had read my 2007 article and thought about the issue occasionally for a few years, then in December 2012 discovered a loophole in Google's search filter: He could search for number ranges matching credit cards by searching using hexadecimal numbers. So that instead of searching for
4060000000000000..4060999999999999
he could search for the same number range in hexadecimal:
0xe6c8c69c9c000..0xe6d753e6ecfff
and Google would allow the search, and return a list of matching pages (most of which contained credit card numbers).
Gergely sent an email to security@google.com on December 28, 2012 (which he later showed to me), describing the vulnerability in detail. After describing the simple trick, his email stated: "I don't know if this qualifies as a bug bounty bug, but I think it's certainly not in your interest to let these queries through. Using this method one can bypass all your numerical query filters, filters for SSN, TFN, credit cards, maybe DoS prevention and others I can not think of at the moment."
Gergely sent them a follow-up email on August 23, 2013. In both cases he said he received no response except for an auto-reply.
Then on November 8, 2013, I wrote another article bringing up the fact that the original "1234 5678" trick still made it easy to find credit card numbers through Google, and generally wondering if that particular issue was ever going to be fixed (while remaining unaware of Gergely's discovery).
Gergely saw the article, and subsequently posted his discovery publicly on November 12, along with disclosing the fact that he had written to Google and never received a response:
"So I notified Google, and waited. After a month without a response, I notified them again to no avail. With a minor tweak on Haselton's old trick, I was able to Google Credit Card numbers, Social Security numbers, and any other sensitive information."
Gergely emailed me about my article and sent me a link to his blog post. With Gergely's permission, I posted a message in Google's product forums on November 14th, describing the problem and trying to bring it to the attention of a Google employee:
"This is a security issue that I'm trying to bring to the attention of a Google employee. I'm not sure if it fits under 'malware,' but I couldn't find a better place to post it. The original discoverer already emailed security@google.com twice and says he received no response.
[...]
The original discoverer posted about this trick here:
http://www.toptal.com/web/with-a-filter-bypass-credit-card-numbers-are-still-still-google-able
Can we get confirmation from someone at Google that they're aware of this issue, regardless of what they decide to do about it?
Thanks!"At the same time, I became curious if Google would fix the bug any time in the next couple of days, so I set up a daily reminder on my computer to click the hex-search-link every morning and see if it was blocked. So I checked every morning from November 15th until about November 20th, and then didn't bother for a few days after that. When I checked again on November 26th, the bug had been fixed, and searching on Google for a hexadecimal-number range matching credit card numbers, now gives the denial message:
Our systems have detected unusual traffic from your computer network. Please try your request again later.
Since Google didn't fix the bug for 11 months after first being notified by Gergely, but then fixed it within 2 weeks after Gergely's blog post and my forum question, it seems pretty certain that the blog post or the forum question was what triggered the fixing of the bug. But, then, why not acknowledge either with a response, or a bounty award for Gergely? According to the chart on Google's Application Security bounty program page, it should probably qualify for a $500 reward in the category "XSRF, XSSI and other common web flaws" under "Normal Google applications."
If Google had ignored the discovery completely -- or if they had replied and said that it was too low of a security priority to fix -- that probably would have settled the issue, whether we agreed or not. This is, after all, not exactly a sky-is-falling security hole -- in any case not as long as the "1234 5678" security hole allows people to find credit cards almost as easily.
But once Google decided to fix the bug, there would seem to be no excuse for snubbing the person who discovered it. Even though the fix was probably simple at the code level, pushing a code change through to the almighty Google search engine, is presumably not cheap. If they're going to incur the costs of fixing the bug, what could be the reason for not crediting the discoverer and paying the bounty, which would also establish a good future relationship with a smart bug hunter? (Presumably that's one of the reasons the program exists.)
Maybe both of the original emails to security@google.com got lost, and maybe that has to do with the high volume of emails that the email address receives. I have no idea how those emails are processed internally at Google, but I assume it's likely that there is a pool of security experts to review the incoming emails, and each incoming mail is randomly assigned to one of those experts. If Google wants to reduce the chance of a legitimate bug slipping through the cracks without spending any extra money, my suggestion would be:
Instead of having each email be reviewed by one person chosen at random from a pool of highly paid security experts, have each email be reviewed by five people chosen from a low-paid pool of smart but inexperienced employees. The group of five would each independently vote "Yes" or "No" on whether the security issue needed to be bumped up, with a majority making the decision.
This recommendation is based on two principles. First, if you do a majority vote from a group of five, this reduces the chance of a legitimate issue being mis-categorized by a fluke. If a single "expert" categorizes an issue report correctly 90% of the time, and an intern categorizes an issue correctly 80% of the time, then taking a majority vote from a group of five interns will yield the right answer more often than a single expert. (I'm hand-waving over a few details -- I'm assuming that the probability of the different interns categorizing the issue correctly, are independent, and I'm not weighing the relative cost of missing a legitimate issue versus raising a false alarm -- but the general principle still applies.)
Second, while it may take an experienced security researcher to understand the deeper implications of a bug and the cost of fixing it, in my experience most smart people can quickly see what constitutes a legitimate security hole and what is merely a decoy, even without a lot of coding experience. So it would be ideal work for interns or new employees who want to learn more about the kinds of security reports that come in.
That suggested fix is just based on my assumption that incoming emails to security@google.com are each reviewed by a single person, so that one oversight can cause an email to slip through the cracks.
On the other hand, when someone at Google did read the blog post or the forum question and discover the bug, I have no idea what sequence of events that kicked off, which led to the security hole being plugged without acknowledging the discoverer. That's another process that should be fixed.
Google, of course, deserves credit for fixing the bug, and generally for taking on the issue of filtering credit card searches in the first place. Blocking these searches, after all, mainly prevents harm to others by averting identity theft, without really benefitting Google directly; presumably they filter these searches due to some combination of (1) wanting to be a good corporate netizen and (2) not wanting their search tool abused by script kiddiez searching for credit cards (a class of users who would be singularly unlikely to click on the ads). But since they did fix the bug, they should pay the discoverer, or at least give Gergely a shout-out. If they ever decide to implement my intern-majority-rules idea for emails to security@google.com, a shout-out for that would be fine too.
-
Google Fixes Credit Card Security Hole, But Snubs Discoverer
Frequent contributor Bennett Haselton writes: "Google has fixed a vulnerability, first discovered by researcher Gergely Kalman, which let users search for credit card numbers by using hex number ranges. However, Google should have acknowledged or at least responded to the original bug finder (and possibly even paid him a bounty for it), and should have been more transparent about the process in general." Read on for the rest of the story.Back in 2007, I wrote that it was possible to find credit card numbers on Google by searching for the first 8 digits of your credit card number with a space in the middle, e.g. "1234 5678". Some users pointed out in the comments that it was even easier to find card numbers by searching for a number range such as
4147000000000000..4147999999999999
At some point after that discovery was posted, Google altered their search filters so that using number ranges to search for credit cards, was no longer allowed. If you search for that range, you get a denial page which reads
Our systems have detected unusual traffic from your computer network. Please try your request again later.
According to security researcher Gergely Kalman, he had read my 2007 article and thought about the issue occasionally for a few years, then in December 2012 discovered a loophole in Google's search filter: He could search for number ranges matching credit cards by searching using hexadecimal numbers. So that instead of searching for
4060000000000000..4060999999999999
he could search for the same number range in hexadecimal:
0xe6c8c69c9c000..0xe6d753e6ecfff
and Google would allow the search, and return a list of matching pages (most of which contained credit card numbers).
Gergely sent an email to security@google.com on December 28, 2012 (which he later showed to me), describing the vulnerability in detail. After describing the simple trick, his email stated: "I don't know if this qualifies as a bug bounty bug, but I think it's certainly not in your interest to let these queries through. Using this method one can bypass all your numerical query filters, filters for SSN, TFN, credit cards, maybe DoS prevention and others I can not think of at the moment."
Gergely sent them a follow-up email on August 23, 2013. In both cases he said he received no response except for an auto-reply.
Then on November 8, 2013, I wrote another article bringing up the fact that the original "1234 5678" trick still made it easy to find credit card numbers through Google, and generally wondering if that particular issue was ever going to be fixed (while remaining unaware of Gergely's discovery).
Gergely saw the article, and subsequently posted his discovery publicly on November 12, along with disclosing the fact that he had written to Google and never received a response:
"So I notified Google, and waited. After a month without a response, I notified them again to no avail. With a minor tweak on Haselton's old trick, I was able to Google Credit Card numbers, Social Security numbers, and any other sensitive information."
Gergely emailed me about my article and sent me a link to his blog post. With Gergely's permission, I posted a message in Google's product forums on November 14th, describing the problem and trying to bring it to the attention of a Google employee:
"This is a security issue that I'm trying to bring to the attention of a Google employee. I'm not sure if it fits under 'malware,' but I couldn't find a better place to post it. The original discoverer already emailed security@google.com twice and says he received no response.
[...]
The original discoverer posted about this trick here:
http://www.toptal.com/web/with-a-filter-bypass-credit-card-numbers-are-still-still-google-able
Can we get confirmation from someone at Google that they're aware of this issue, regardless of what they decide to do about it?
Thanks!"At the same time, I became curious if Google would fix the bug any time in the next couple of days, so I set up a daily reminder on my computer to click the hex-search-link every morning and see if it was blocked. So I checked every morning from November 15th until about November 20th, and then didn't bother for a few days after that. When I checked again on November 26th, the bug had been fixed, and searching on Google for a hexadecimal-number range matching credit card numbers, now gives the denial message:
Our systems have detected unusual traffic from your computer network. Please try your request again later.
Since Google didn't fix the bug for 11 months after first being notified by Gergely, but then fixed it within 2 weeks after Gergely's blog post and my forum question, it seems pretty certain that the blog post or the forum question was what triggered the fixing of the bug. But, then, why not acknowledge either with a response, or a bounty award for Gergely? According to the chart on Google's Application Security bounty program page, it should probably qualify for a $500 reward in the category "XSRF, XSSI and other common web flaws" under "Normal Google applications."
If Google had ignored the discovery completely -- or if they had replied and said that it was too low of a security priority to fix -- that probably would have settled the issue, whether we agreed or not. This is, after all, not exactly a sky-is-falling security hole -- in any case not as long as the "1234 5678" security hole allows people to find credit cards almost as easily.
But once Google decided to fix the bug, there would seem to be no excuse for snubbing the person who discovered it. Even though the fix was probably simple at the code level, pushing a code change through to the almighty Google search engine, is presumably not cheap. If they're going to incur the costs of fixing the bug, what could be the reason for not crediting the discoverer and paying the bounty, which would also establish a good future relationship with a smart bug hunter? (Presumably that's one of the reasons the program exists.)
Maybe both of the original emails to security@google.com got lost, and maybe that has to do with the high volume of emails that the email address receives. I have no idea how those emails are processed internally at Google, but I assume it's likely that there is a pool of security experts to review the incoming emails, and each incoming mail is randomly assigned to one of those experts. If Google wants to reduce the chance of a legitimate bug slipping through the cracks without spending any extra money, my suggestion would be:
Instead of having each email be reviewed by one person chosen at random from a pool of highly paid security experts, have each email be reviewed by five people chosen from a low-paid pool of smart but inexperienced employees. The group of five would each independently vote "Yes" or "No" on whether the security issue needed to be bumped up, with a majority making the decision.
This recommendation is based on two principles. First, if you do a majority vote from a group of five, this reduces the chance of a legitimate issue being mis-categorized by a fluke. If a single "expert" categorizes an issue report correctly 90% of the time, and an intern categorizes an issue correctly 80% of the time, then taking a majority vote from a group of five interns will yield the right answer more often than a single expert. (I'm hand-waving over a few details -- I'm assuming that the probability of the different interns categorizing the issue correctly, are independent, and I'm not weighing the relative cost of missing a legitimate issue versus raising a false alarm -- but the general principle still applies.)
Second, while it may take an experienced security researcher to understand the deeper implications of a bug and the cost of fixing it, in my experience most smart people can quickly see what constitutes a legitimate security hole and what is merely a decoy, even without a lot of coding experience. So it would be ideal work for interns or new employees who want to learn more about the kinds of security reports that come in.
That suggested fix is just based on my assumption that incoming emails to security@google.com are each reviewed by a single person, so that one oversight can cause an email to slip through the cracks.
On the other hand, when someone at Google did read the blog post or the forum question and discover the bug, I have no idea what sequence of events that kicked off, which led to the security hole being plugged without acknowledging the discoverer. That's another process that should be fixed.
Google, of course, deserves credit for fixing the bug, and generally for taking on the issue of filtering credit card searches in the first place. Blocking these searches, after all, mainly prevents harm to others by averting identity theft, without really benefitting Google directly; presumably they filter these searches due to some combination of (1) wanting to be a good corporate netizen and (2) not wanting their search tool abused by script kiddiez searching for credit cards (a class of users who would be singularly unlikely to click on the ads). But since they did fix the bug, they should pay the discoverer, or at least give Gergely a shout-out. If they ever decide to implement my intern-majority-rules idea for emails to security@google.com, a shout-out for that would be fine too.
-
Chimpanzee "Personhood" Lawsuits Fail In New York Courts
sciencehabit writes "Three lawsuits filed last week that attempted to achieve 'legal personhood' for four chimpanzees living in New York have been struck down. The suits, brought by the animal rights group the Nonhuman Rights Project (NhRP), targeted two chimps on private property and two in a research lab at Stony Brook University in New York. NhRP says it will now appeal each lawsuit to a higher court, and that it will continue its campaign to grant chimpanzees, dolphins, and other cognitively advanced animals legal personhood nationwide." -
Sci-fi Author Charles Stross Cancels Trilogy: the NSA Is Already Doing It
doom writes "Charles Stross has announced that there won't be a third book in the Halting State trilogy because reality (in a manner of speaking) has caught up to him too fast The last straw was apparently the news that the NSA planted spies in networked games like WoW. Stross comments: 'At this point, I'm clutching my head. Halting State wasn't intended to be predictive when I started writing it in 2006. Trouble is, about the only parts that haven't happened yet are Scottish Independence and the use of actual quantum computers for cracking public key encryption (and there's a big fat question mark over the latter-- what else are the NSA up to?).'" -
California Man Arrested for Running 'Revenge Porn' Website
cold fjord writes "Yahoo reports, 'A California man was arrested on Tuesday on accusations he ran a 'revenge porn' website, one that featured nude pictures of women often posted by jilted or angry ex-lovers ... The San Diego arrest, the latest action by the state to crack down on such websites, comes after California Governor Jerry Brown signed a first-in-the-nation law in October specifically targeting revenge porn. The law defines revenge porn as the posting of private, explicit photos of other people on the Internet to humiliate them. But authorities did not charge 27-year-old Kevin Bollaert under that law, because it is geared to those who post the incriminating pictures and not those who run websites that feature them .... Bollaert's site, which is no longer operational, had featured over 10,000 sexually explicit photos, and he charged women up to $350 each to remove their photos, officials said. ... Bollaert was charged under a California identity theft law that prohibits using identifying information of a person without their permission, and under anti-extortion legislation, according to court documents. Unlike many other revenge porn websites, Bollaert's site had required users post the photo subject's full name, location, age and a link to the person's Facebook profile, the Attorney General's Office said in a statement.'" -
Nokia Still Experimenting With Android Smartphone
Nerval's Lobster writes "According to unnamed sources, Nokia is working on an Android-based smartphone. The test versions of the device, which is codenamed 'Normandy,' run a heavily modified version of Android. In late November, @evleaks posted an alleged image of the phone, which (if accurate) includes many of the Nokia design hallmarks, such as a brightly colored shell and prominent rear camera. Exactly how the software differs from the 'standard' version of Android is an open question, although other companies that have forked the operating system (most notably Amazon, with its Kindle tablets) haven't been shy about modifying the user interface in radical ways. According to AllThingsD, Nokia's 'low-end mobile phone unit' is overseeing the project. 'Normandy aims to repurpose the open-source version of Android into a better entry-level smartphone than Nokia has had with its current Asha line,' the publication explained, 'which is based on the aging Series 40 operating system.' But here's the rub: Nokia's phone unit is well on its way to becoming a Microsoft subsidiary. Microsoft competes against Google in many arenas, including mobile and search. The idea of a Microsoft ancillary producing an Android-based phone to compete in lower-end markets — where cheap Android phones dominate — is liable to provoke a burst of surprised laughter from anyone in tech: surely such a project would never hit store-shelves, given Microsoft's very public backing of Windows Phone as its sole mobile OS. And yet, there's also reason to think Microsoft might actually take a chance on an alternative OS. Over the past few years, the company's legal team has cornered the majority of Android manufacturers worldwide into a stark deal: agree to pay a set fee for every Android device produced, or face a costly patent-infringement lawsuit. As a result of that arm-twisting, Microsoft already makes quite a bit of money off Android (more, perhaps, than it earns selling Windows Phone), which could acclimate it to the idea of taking the leap and actually selling Android devices." -
Pirate Bay Founder Warg Being Held in Solitary Confinement
From Torrent Freak comes news that one of the Pirate Bay founders is now being held in solitary confinement after Sweden turned him over to Denmark. From the article: "In a recent letter sent to Amnesty and shared with TorrentFreak, Gottfrid’s mother Kristina explains her son’s plight. She says that Gottfrid is being kept in solitary and treated as if he were a 'dangerous, violent and aggressive criminal' even though his only crime — if any — is hacking. Gottfrid’s lawyer Luise Høi says the terms of his confinement are unacceptable and are being executed without the correct legal process. 'It is the case that Danish authorities are holding my client in solitary confinement without a warrant,' Høi explains, noting that if the authorities wish to exclude Gottfrid from access to anyone except his lawyer and prison staff, they need to apply for a special order." -
NSA Uses Google Cookies To Pinpoint Targets For Hacking
Hugh Pickens DOT Com writes "For years, privacy advocates have raised concerns about the use of commercial tracking tools to identify and target consumers with advertisements. The online ad industry has said its practices are innocuous and benefit consumers by serving them ads that are more likely to be of interest to them. Now the Washington Post reports that the NSA secretly piggybacks on the tools that enable Internet advertisers to track consumers, using 'cookies' and location data to pinpoint targets for government hacking and to bolster surveillance. The agency uses a part of a Google-specific tracking mechanism known as the 'PREF' cookie to single out an individual's communications among the sea of Internet data in order to send out software that can hack that person's computer. 'On a macro level, "we need to track everyone everywhere for advertising" translates into "the government being able to track everyone everywhere,"' says Chris Hoofnagle. 'It's hard to avoid.' Documents reviewed by the Post indicate cookie information is among the data NSA can obtain with a Foreign Intelligence Surveillance Act order. Google declined to comment for the article, but chief executive Larry Page joined the leaders of other technology companies earlier this week in calling for an end to bulk collection of user data and for new limits on court-approved surveillance requests." -
Watch Out, Amazon: DHL Tests Drug-Delivery Drone
Nerval's Lobster writes "Amazon is apparently not alone in its desire to use miniature drones to deliver packages. On the morning of Monday, Dec. 9, employees at the Bonn, Germany headquarters of package-delivery giant DHL challenged Amazon's plan for dominance of the skies by having medicine delivered from a local pharmacy via a mustard-yellow package-carrying helicopter the Germans dubbed 'Paketkopter.' The quad-rotored mini-drone flew a box of medicines from a launching point near the pharmacy, above traffic and across the Rhine River to DHL's headquarters just over a kilometer away. It made the flight in about two minutes, was unloaded quickly and returned to the launch team near the pharmacy. Amazon has owned total mindshare of the still-imaginary drone-based package delivery market since CEO Jeff Bezos gushed about his plans for Amazon PrimeAir during a TV interview last week. The plan generated immediate controversy due to the negative image of drones following heavy use for surveillance and targeted anti-personnel strikes by the U.S. military in Afghanistan and Iraq. Within the United States, the FAA, FTC and a host of consumer-protection groups objected to the possibility that thousands of autonomous drones would be hovering over U.S. cities, potentially invading the privacy and endangering the lives of those who might run afoul of either cameras or rotors." -
AllSeen Alliance Wants To Open-Source the 'Internet of Things'
Nerval's Lobster writes "The so-called "Internet of Things" has rapidly become a buzzword du jour, with everyone from tech-giant CEOs to analysts rhapsodizing about the benefits of connecting everyday objects and appliances to the Web. Despite all the hype, some significant obstacles remain to fulfilling that vision of a massively interconnected world. For starters, all the players involved need to agree on shared frameworks for building compatible software—something that seems well on its way with the just-announced AllSeen Alliance, which includes Sharp, Cisco, LG Electronics, Qualcomm, Panasonic, D-Link, and the Linux Foundation (among many others). In theory, the AllSeen Alliance's combined software and engineering resources will result in open-source systems capable of seamless communication with one another. The Alliance will base its initial framework on AllJoyn, an open-source framework first developed by Qualcomm and subsequently elaborated upon by other firms. Applications and services that support AllJoyn can communicate "regardless of manufacturer or operating system and without the need for Internet access," according to the Alliance, whose Website offers the initial codebase. "Open source is the ideal, neutral staging area for collaboration that can provide the interoperability layer needed to make the Internet of Everything a reality," read a Dec. 10 note on the Linux Foundation's official blog. "When everyone jointly develops and uses the same freely available code, companies can develop innovative services on top of it and get them to market faster." However, not all companies interested in exploring the Internet of Things have joined the AllSeen Alliance. For example, Intel isn't a partner, despite having recently created a new division, the Internet of Things Solutions Group, to explore how to best make devices and networks more connected and aware." -
Interview: Ben Heck Answers Your Questions
A while ago you had the chance to ask gamer and console modder extraordinaire Ben Heck about his favorite mods, hacks, and what he sees coming in the future. Below you'll find his answers to your questions. Closed ecosystem
by i kan reed
By attempting to inject openness into an intentionally closed ecosystem, do you see yourself as an enabler to that closed ecosystem?
That is to say, open standards are the default on modular personal computers, and almost invariably not present on video game consoles. By giving people who want flexibility a means to use consoles, do you see yourself as inflating those markets and doing long-term harm to actual open systems?
Ben: In terms of consoles, there is a reason the system is closed. Having a closed system is a strength, really, because even when a console comes out, the tech is already a year or two old. By making a closed system, developers know exactly what they can get out of it. It is not a moving target like a PC or a Mac and there is nothing inherently wrong with that.
As far as hacking is concerned, we are just physically hacking things, not changing the file system or putting in strange mods. The system itself has not inherently changed; therefore, the act of hacking is not as harmful or potentially dangerous.
Design Workflow
by HideyoshiJP
Ben, When you're generally designing enclosures for your hacked consoles, do you tend to start with an overall design first, or do you start designing around the mainboards and then attempt to make things look nice later in the design process?
Ben: The first thing I do is design the component going inside of it. A hacked console can only be as small as its largest component. Usually, a console will contain a large component, or problem part, like a disk drive or hard drive so I find that part and work around it. Then I make it look nice. If the design is not perfect, I try to make the limitations look like features.
Ever get any Law suits / DMCA / banned issues with
by Joe_Dragon
Ever get any Law suits / DMCA / banned issues with the hacks?
Ben: This hasn’t been an issue.
What's missing from consoles?
by Anonymous Coward
What new features or technologies do you do see missing from the current gaming systems that you believe would beneficial, and why?
Ben: I don’t know how much is missing, but it would be great if the new gaming consoles had mouse and keyboard control. Currently, mouse and keyboard control lies strictly in the realm of PCs.
Some sort of expandability might be nice, but the consoles do quite a lot of cool stuff as they are. When the 360 and the PS3 were launched, all they really did was play games and now, eight years later, you can rent movies and stream things from your other devices. A ton of functionality has been added. Other than that, it might be nice to have a better way to charge the controllers.
Ultimately, and more generally, consoles need to be cognizant of smartphones and tablets. Devices like those have a certain functionality that people enjoy. Consumers have higher expectations now and consoles need to live up to those expectations. For example, my Android phone updates apps automatically so that, when I need to open something, I don’t need to wait around. Consoles could benefit from having something like that, although I believe they have made strides in this area.
Best input device?
by martiniturbide
What do you think it is the best input device that you used for consoles? Why?
Ben: There are certain types of games that I like playing on consoles and certain types that I like playing on a PC. Fast, twitchy shooter games are better on a PC because you have a mouse and the control is much better. A mouse is a fixed point so in a shooter game, for example, you can aim up and hold the position. Trying to replicate that sensation in the living room with a controller or joystick in your hand is more difficult because it calls for larger motions which exert more energy.
Valve has a new controller that they are trying but ultimately bringing a mouse into the living room, in terms of offering the same sort of position control, would be the Holy Grail.
Weirder/non-common Input device?
by martiniturbide
Which one is the weirder/non-common input device that you used? Any comments about it, why did you like it or not?
Ben: Well, I remember all of the weird stuff that we had in the late 80s and early 90s such as the Power Glove and UForce. The Power Glove was this ridiculous glove that you put on and played your Nintendo with but it had some interesting tech. The Wii, for example, uses some of that same sensor tech.
UForce, which was a device that you used to punch in the air and play Mike Tyson’s Punch Out, sort of reminds me of Leap Motion. It’s interesting to see the technology behind the weird things I remember playing with come back around.
space
by freeze128
When adding functionality to existing products that are made of molded plastic, what do you do when you just don't have enough room?
Ben: You make it bigger! No, but seriously, you can use smaller components, such as surface mounts or smaller wires, that normally would not be used. You have to think of different ways to solve the problem. Change the design or develop a clever work around. If that doesn’t work, you could always remove extra things from the component, like a rumble pack, or shave down the circuit boards. There is almost always something you can remove.
Generally, though, I wouldn’t start something unless I knew that I could finish it.
Any plans to improve your current designs?
by twocows
I looked into the Access Controller a while back for my mom (she doesn't get out much and she has a tremor in her right hand), it looks like it might be good for turn-based games, but the design doesn't seem like it would work well for anything requiring real time input on both analogs. I don't know if it's even possible to improve on that design in that way, but more generally, I was just wondering if you have any plans to go back and look at ways of improving some of the older hacks and designs you've done?
Ben: Right now, I’m working on some accessibility controller mods for the next generation. I’m using my 3D printer to develop better ways to make them, but a lot of the hacks for the old media consoles have become irrelevant and are not worth going back to.
There are some projects I’ve done on element14’s The Ben Heck Show that I would like to revisit. I would love to get the automatic can crusher to work. The Raspberry Pi portable gaming system is one that I would go back and revisit. If anything, though, I prefer to keep going forward rather than go back and re-do things – to take my good ideas and progress them.
clay + sculpting...
by Fubari
About the "clay" you use for sculpting (I've always thought of you as an artist + sculptor): Any tech you wished was mainstream, or maybe soon to invented, that you'd like to sculpt with? Any older more retro components that are limiting what projects you'd like to do? p.s. Love your work, followed for a while here & Engadget.
Ben: I wish there would some sort of printable circuit board, like a desktop printer for circuit boards or something that a 3D printer would make. Making PCBs is still a matter of sending away to get the boards. Some people etch boards themselves but that is a lot of work. I would like to push a button and make a circuit board right on my desk.
In terms of older, more retro components that get in the way, maybe the larger through-hole things. For example, if you’re trying to hack down a motherboard and you have an Ethernet port stacked on top of two USB ports, something like that takes up a lot of space. If anything, things keep getting smaller and smaller so it’s less of a problem.
Effect of new hardware design trends
by Sockatume
Computer hardware is tending to be more and more integrated and consolidated, not just within each console generation (the first PS2 eventually consolidated the GPU and CPU in one component) but between generations (the PS4 launches with a single component for GPU and CPU). Does this help you hack by giving you a smaller device, or does it hinder you by giving you less flexibility?
Ben: It sounds obvious but I would say, to some extent, both. If you look at the new video game consoles, they both have combined GPU and CPU, called APUS, so they are already consolidated quite a bit. Hacking gives insight because it allows you to see the evolution between different generations. Even if a new generation does not necessarily look different on the outside, it does inside. From what I’ve seen from these new consoles, they are quite efficiently built.
In a way, it makes it easier because the consoles are more compact and more power efficient when combining functionality.
The major thing that has changed that makes it harder to hack is the inclusion of lead-free solder. Lead-free solder is a lot harder to work with, especially if you are trying to remove components, because you need so much more heat to work with. There are times when I’ve actually used a blowtorch or hot air gun; versus 30 years ago when the old, leaded solder would come out easily from, say, a Nintendo motherboard.
Generally, though, I like how compact the consoles have become.