Slashdot Mirror

An anonymous reader sends an update on the trial of Ross Ulbricht, the man behind the Silk Road online black market. Sentencing is now complete, and Ulbricht has been given life in prison. He had been facing a 20-year minimum because of the charge of being a "drug kingpin," and prosecutors were asking for a sentence substantially higher than the minimum. Prior to the sentence being handed down today, Ulbricht spoke before the court for 20 minutes, asking for leniency and for the judge to leave him a "light at the end of the tunnel." The judge was unswayed, giving Ulbricht the most severe sentence possible. She said, "The stated purpose [of the silk road] was to be beyond the law. ... Silk Road's birth and presence asserted that its creator was better than the laws of this country. This is deeply troubling, terribly misguided, and very dangerous." Ulbricht's family plans to appeal.

Sparrowvsrevolution writes: The dark web has become the go-to corner of the Internet to buy drugs, stolen financial data, guns...and counterfeit coupons for Clif bars and condoms? The FBI indicted Beauregard Wattigney yesterday for wire fraud and trademark counterfeiting on digital black market sites Silk Road and Silk Road 2. Wattigney allegedly spoofed coupons for dozens of products and sold collections of them online in exchange for Bitcoin. The FBI accused him of doing $1 million worth of collective damage to the companies he made coupons for, but a fraud consultancy believes the total financial cost of his actions was much higher. Wattigney also offered expensive lessons that taught people how to make their own coupons. "In his tutorials, [he] explained the simple breakdown of barcode creation using the increasingly universal GS1 standard: GS1 codes begin with a 'company prefix' that can be copied from any of the company's products. The next six digits are the 'offer code,' which can be any random number for a counterfeit coupon, followed by the savings amount listed in cents and the required number of item purchases necessary to receive the discount."

Salo2112 writes with a followup to a story from April in which a security researcher was pulled off a plane by FBI agents seemingly over a tweet referencing a security weakness in one of the plane's systems. At the time, the FBI insisted he had actually tampered with core systems on an earlier flight, and now we have details. The FBI's search warrant application (PDF) alleges that the researcher, Chris Roberts, not only hacked the in-flight entertainment system, but also accessed the Thrust Management Computer and issued a climb command. "He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights. He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system." Roberts says the FBI has presented his statements out of their proper context.

Salo2112 writes with a followup to a story from April in which a security researcher was pulled off a plane by FBI agents seemingly over a tweet referencing a security weakness in one of the plane's systems. At the time, the FBI insisted he had actually tampered with core systems on an earlier flight, and now we have details. The FBI's search warrant application (PDF) alleges that the researcher, Chris Roberts, not only hacked the in-flight entertainment system, but also accessed the Thrust Management Computer and issued a climb command. "He stated that he thereby caused one of the airplane engines to climb resulting in a lateral or sideways movement of the plane during one of these flights. He also stated that he used Vortex software after comprising/exploiting or ‘hacking’ the airplane’s networks. He used the software to monitor traffic from the cockpit system." Roberts says the FBI has presented his statements out of their proper context.

An anonymous reader writes: Wired has a profile of Spanish company Vortex Bladeless and their unusual new wind turbine tech. "Their idea is the Vortex, a bladeless wind turbine that looks like a giant rolled joint shooting into the sky. The Vortex has the same goals as conventional wind turbines: To turn breezes into kinetic energy that can be used as electricity." Instead of relying on wind to push a propeller in a circular motion, these turbines rely on vorticity — how wind can strike an object in a particular way to generate spinning vortices of air. Engineers usually try to avoid this — it's what brought down the Tacoma Narrows Bridge. But this Spanish company designed the turbine computationally to have the vortices occur at the same time along its entire height. "In its current prototype, the elongated cone is made from a composite of fiberglass and carbon fiber, which allows the mast to vibrate as much as possible (an increase in mass reduces natural frequency). At the base of the cone are two rings of repelling magnets, which act as a sort of nonelectrical motor. When the cone oscillates one way, the repelling magnets pull it in the other direction, like a slight nudge to boost the mast's movement regardless of wind speed. This kinetic energy is then converted into electricity via an alternator that multiplies the frequency of the mast's oscillation to improve the energy-gathering efficiency."

An anonymous reader writes: Wired has a profile of Spanish company Vortex Bladeless and their unusual new wind turbine tech. "Their idea is the Vortex, a bladeless wind turbine that looks like a giant rolled joint shooting into the sky. The Vortex has the same goals as conventional wind turbines: To turn breezes into kinetic energy that can be used as electricity." Instead of relying on wind to push a propeller in a circular motion, these turbines rely on vorticity — how wind can strike an object in a particular way to generate spinning vortices of air. Engineers usually try to avoid this — it's what brought down the Tacoma Narrows Bridge. But this Spanish company designed the turbine computationally to have the vortices occur at the same time along its entire height. "In its current prototype, the elongated cone is made from a composite of fiberglass and carbon fiber, which allows the mast to vibrate as much as possible (an increase in mass reduces natural frequency). At the base of the cone are two rings of repelling magnets, which act as a sort of nonelectrical motor. When the cone oscillates one way, the repelling magnets pull it in the other direction, like a slight nudge to boost the mast's movement regardless of wind speed. This kinetic energy is then converted into electricity via an alternator that multiplies the frequency of the mast's oscillation to improve the energy-gathering efficiency."

stowie writes: According to the filing with the USPTO, the e-commerce giant's delivery drones will be able to communicate with each other, find the best flight path available, and update the delivery location as a customer changes location. Package delivery locations will be updated as customers move around, so a package can come to you at work or home, depending on where you are when your shipment is ready — including pulling location data from a smartphone. There will also be relay locations, allowing drones to drop off packages for further transport, or to recharge or swap batteries. Amazon even supplies a mockup of what its delivery drone could look like, including eight propellers, two removable power modules and much more.

SonicSpike writes with word that Cody Wilson, whose projects to create (and disseminate the plans for) printable guns have fascinated some and horrified others, is not going to quietly comply with the U.S. State Deparment's demand that he remove such plans from the internet. Wilson, says Wired, is picking a fight that could pit proponents of gun control and defenders of free speech against each other in an age when the line between a lethal weapon and a collection of bits is blurrier than ever before. Wilson's gun manufacturing advocacy group Defense Distributed, along with the gun rights group the Second Amendment Foundation, on Wednesday filed a lawsuit against the State Department and several of its officials, including Secretary of State John Kerry. In their complaint, they claim that a State Department agency called the Directorate of Defense Trade Controls (DDTC) violated their first amendment right to free speech by telling Defense Distributed that it couldn't publish a 3-D printable file for its one-shot plastic pistol known as the Liberator, along with a collection of other printable gun parts, on its website.

Sparrowvsrevolution writes: On Friday, WikiLeaks announced that it has finally relaunched a beta version of its leak submission system after a 4.5 year hiatus. That file-upload site, which once served as a central tool in WIkiLeaks' leak-collecting mission, runs on the anonymity software Tor to allow uploaders to share documents and tips while protecting their identity from any network eavesdropper, and even from WikiLeaks itself. In 2010 the original submission system went down amid infighting between WikiLeaks' leaders and several of its disenchanted staffers, including several who left to create their own soon-to-fail project called OpenLeaks. WikiLeaks founder Julian Assange says that the new system, which was delayed by his legal troubles and the banking industry blockade against the group, is the final result of "four competing research projects" WikiLeaks launched in recent years. He adds that it has several less-visible submission systems in addition to the one it's now revealed. "Currently, we have one public-facing and several private-facing submission systems in operation, cryptographically, operationally and legally secured with national security sourcing in mind," Assange writes.

An anonymous reader writes: The Apple Watch's release date has arrived: retailers around the world have quietly begun putting them on their shelves, and customers are beginning to receive their shipments. Reviews have been out for a while, including thoughtful ones from John Gruber and Nilay Patel. Apple has published a full user guide for the software, and iFixit has put up a full teardown to take a look at the hardware. They give it a repairability score of 5 out of 10, saying that the screen and battery are easily replaced, but not much else is. Though Apple designated the watch "water-resistant" rather than "waterproof", early tests show it's able to withstand a shower and a swim in the pool without failing. Ars has an article about the difficulty of making games for the Apple Watch, and Wired has a piece detailing its creation.

retroworks writes: Two stories appear today which feature close up photos of young African men surrounded by scrap metal in the city of Accra. The headlines state that this is where our computers go to die (Wired). The Daily Mail puts it in even starker terms, alleging "millions of tons" are dumped in Agbogbloshie.

The stories appear the same day as a press release by investigators who returned this week from 3 weeks at the site. The release claims that Agbogbloshie's depiction as the worlds "largest ewaste dump site" to be a hoax. It is a scrap automobile yard which accounts for nothing more than local scrap from Accra. Three Dagbani language speaking electronics technicians, three reporters, Ghana customs officials and yours truly visited the site, interviewed workers about the origins of the material, and assessed volumes. About 27 young men burn wire, mostly from automobile scrap harnesses. The electronics — 20 to 50 items per day — are collected from Accra businesses and households. The majority of Accra (population 5M) have had televisions since the 1990s, according to World Bank metadata (over 80% by 2003).

The investigation did confirm that most of the scrap was originally imported used, and that work conditions were poor. However, the equipment being recycled had been repaired and maintained, typically for a decade (longer than the original OECD owner). It is a fact that used goods will, one day, eventually become e-waste. Does that support a ban on the trade in used goods to Africa? Or, as the World Bank reports, is the affordable used product essential to establish a critical mass of users so that investment in highways, phone towers, and internet cable can find necessary consumers?

Sparrowvsrevolution writes Over the last month, a marketplace calling itself TheRealDeal Market has emerged on the dark web, with a focus on sales of hackers' zero-day attack methods. Like the Silk Road and its online black market successors like Agora and the recently defunct Evolution, TheRealDeal runs as a Tor hidden service and uses bitcoin to hide the identities of its buyers, sellers, and administrators. But while some other sites have sold only basic, low-level hacking tools and stolen financial details, TheRealDeal's creators say they're looking to broker premium hacker data like zero-days, source code, and hacking services, often offered on an exclusive, one-time sale basis.

Currently an iCloud exploit is being offered for sale on the site with a price tag of $17,000 in bitcoin, claiming to be a new method of hacking Apple iCloud accounts. "Any account can be accessed with a malicious request from a proxy account," reads the description. "Please arrange a demonstration using my service listing to hack an account of your choice." Others include a technique to hack WordPress' multisite configuration, an exploit against Android's Webview stock browser, and an Internet Explorer attack that claims to work on Windows XP, Windows Vista and Windows 7, available for around $8,000 in bitcoin. None of these zero days have yet been proven to be real, but an escrow system on the site using bitcoin's multisignature transaction feature is designed to prevent scammers from selling fake exploits.

itwbennett writes The list of products designed to be security enhanced that turned out to be anything but seems to get longer by the day. In just the latest instance, reported by Wired last week, the crowd-funded privacy-enhancing home router Anonabox had to be recalled after an independent researcher discovered serious security flaws in the product. But security experts caution that the real problem may be bigger than vulnerabilities hidden in application code: "Designed for security products don't just have to be good. They have to be beyond reproach," explains John Dickson, a Principal at the Denim Group. "All it takes is one guy with a grudge to undo you."

Nerval's Lobster writes Wired has an excerpt from a new book of Google-centric workplace advice, written by Laszlo Bock, the search-engine giant's head of "People Operations" (re: Human Resources). In an interesting twist, Bock kicks off the excerpt by describing the brainteaser questions that Google is famous for tossing at job candidates as "useless," before suggesting that some hiring managers at the company might still use them. ("Sorry about that," he offered.) Rather than ask candidates to calculate the number of golf balls that can fit inside a 747 (or why manhole covers are round), Google now runs its candidates through a battery of work-sample tests and structured interviews, which its own research and data-crunching suggest is best at finding the most successful candidates. Google also relies on a tool (known as qDroid), which automates some of the process—the interviewer can simply input which job the candidate is interviewing for, and receive a guide with optimized interview questions. It was only a matter of time before people got sick of questions like, "Why are manhole covers round?"

Sparrowvsrevolution writes: It turns out all those critics of the controversial Tor router project Anonabox might have been on to something. Late last month, Anonabox began contacting the first round of customers who bought its tiny, $100 privacy gadget to warn them of serious security flaws in the device, and to offer to ship them a more secure replacement free of charge. While the miniature routers do direct all of a user's Internet traffic over Tor as promised, the company says that its first batch lacked basic password protection, with no way to keep out unwanted users in Wi-Fi range. And worse yet, the faulty Anonaboxes use the hardcoded root password 'admin,' which allows any of those Wi-Fi intruders to completely hijack the device, snooping on or recording all of a user's traffic.

Anonabox's parent company, Sochutel, says that only 350 of the devices lacked that password protection, and that it's fixed the gaping security oversights in newer version of the router.

The initial security criticisms of Anonabox helped to convince Kickstarter to freeze the proejct's $600,000 crowdfunding campaign in October. But Anonabox relaunched on Indiegogo and was later acquired by the tech firm Sochutel. Sochutel claims that the security flaws in the routers developed prior to its acquisition of Anonabox were out of its control, and that it's now hiring outside auditors to check its products' security.

Press2ToContinue writes with this news from Wired: Nine days after leaving San Francisco, a blue car packed with tech from a company you've probably never heard of rolled into New York City after crossing 15 states and 3,400 miles to make history. The car did 99 percent of the driving on its own, yielding to the carbon-based life form behind the wheel only when it was time to leave the highway and hit city streets. This amazing feat, by the automotive supplier Delphi, underscores the great leaps this technology has taken in recent years, and just how close it is to becoming a part of our lives. Yes, many regulatory and legislative questions must be answered, and it remains to be seen whether consumers are ready to cede control of their cars, but the hardware is, without doubt, up to the task." That last one percent is a bear, though.

An anonymous reader writes: Speaking at ChefCon, Microsoft Technical Fellow Mark Russinovich talked briefly about the prospect of some or all of Windows going open source. He said, "It's definitely possible. It's a new Microsoft." Russinovich acknowledged the reality that most developers and IT workers have embraced open source software to run some or all of their machines, and that means Microsoft needs to adapt. He also noted that Microsoft is beginning to adopt a strategy familiar to open source vendors: give away the software, and then sell support and related products. "It lifts them up and makes them available for our other offerings, where otherwise they might not be. If they're using Linux technologies that we can't play with, they can't be a customer of ours."

An anonymous reader writes Guests at hundreds of hotels around the world are susceptible to serious hacks because of routers that many hotel chains depend on for their Wi-Fi networks. Researchers have discovered a vulnerability in the systems, which would allow an attacker to distribute malware to guests, monitor and record data sent over the network, and even possibly gain access to the hotel's reservation and keycard systems. The vulnerability, which was discovered by Justin W. Clarke of the security firm Cylance, gives attackers read-write access to the root file system of the ANTlabs devices. The discovery of the vulnerable systems was particularly interesting to them in light of an active hotel hacking campaign uncovered last year by researchers at Kaspersky Lab. In that campaign, which Kaspersky dubbed DarkHotel.

An anonymous reader writes Ben-Gurion University of the Negev (BGU) researchers have discovered a new method to breach air-gapped computer systems called "BitWhisper," which enables two-way communications between adjacent, unconnected PC computers using heat. BitWhisper bridges the air-gap between the two computers, approximately 15 inches apart that are infected with malware by using their heat emissions and built-in thermal sensors to communicate. It establishes a covert, bi-directional channel by emitting heat from one PC to the other in a controlled manner. Also at Wired.

MojoKid writes Google has co-developed a tablet device for use by workers battling Ebola in Sierra Leone. The modified Sony Xperia tablet comes with an extra protective shell, and can withstand chlorine dousing as well as exposure to the high humidity and storms that are typical of life in West Africa. It can even be used by workers wearing protective gloves. Since even a single piece of paper leaving a high-risk zone poses a risk of passing on the infection, doctors on site at the height of the current outbreak of the disease were reduced to shouting patient notes to workers on the other side of a protective zone fence. Those workers would then enter the information into patient records. Medecins Sans Frontieres (MSF) technology advisor Ivan Gayton said this practice was "error prone, exhausting, and it wasted five or 10 minutes of the hour medics can spend fully dressed inside the protective zone before they collapse from heat exhaustion." To address the issue, MSF challenged a number of technology volunteers to create an "Ebola-proof tablet" to improve efficiency. This collective, which included Whitespell's Pim de Witte and Hack4Good's Daniel Cunningham, grew to include a member of Google's Crisis Response Team, and it was this group that co-developed the device.

An anonymous reader writes with news that Delphi Automotive is undertaking the longest test of a driverless car yet, from the Golden Gate Bridge to midtown Manhattan. "Lots of people decide, at one point or another, to drive across the US. College kids. Beat poets. Truckers. In American folklore, it doesn't get much more romantic than cruising down the highway, learning about life (or, you know, hauling shipping pallets). Now that trip is being taken on by a new kind of driver, one that won't appreciate natural beauty or the (temporary) joy that comes from a gas station chili dog: a robot. On March 22, an autonomous car will set out from the Golden Gate Bridge toward New York for a 3,500-mile drive that, if all goes according to plan, will push robo-cars much closer to reality. Audi's taken its self-driving car from Silicon Valley to Las Vegas, Google's racked up more than 700,000 autonomous miles, and Volvo's preparing to put regular people in its robot-controlled vehicles. But this will be one of the most ambitious tests yet for a technology that promises to change just about everything, and it's being done not by Google or Audi or Nissan, but by a company many people have never heard of: Delphi."

jrepin writes Free software is a matter of freedom, not price; broadly speaking, it means that users are free to use the software and to copy and redistribute the software, with or without changes. Applying the same concept directly to hardware, free hardware means hardware that you are free to use and to copy and redistribute with or without changes. But, since there are no copiers for hardware, is the concept of free hardware even possible? The concept we really need is that of a free hardware design. That's simple: it means a design that permits users to use the design (i.e., fabricate hardware from it) and to copy and redistribute it, with or without changes. The design must provide the same four freedoms that define free software. Then "free hardware" means hardware with an available free design.

Sparrowvsrevolution writes A new Wired magazine story goes inside the North Korean rebel movement seeking to overthrow Kim Jong-un by smuggling USB drives into the country packed with foreign television and movies. As the story describes, one group has stashed USB drives in Chinese cargo trucks. Another has passed them over from tourist boats that meet with fishermen mid-river. Others arrange USB handoffs at the Chinese border in the middle of the night with walkie talkies, laser pointers, and bountiful bribes. Even Kim assassination comedy The Interview, which the North Korean government allegedly hacked Sony to prevent from being released, has made it into the country: Chinese traders' trucks carried 20 copies of the film across the border the day after Christmas, just two days after its online release.

linuxwrangler writes The government has fought hard to keep details about use and effects of the controversial Stingray device secret. But this Wired article points to recently released documents in which the government admits that the device can cause collateral damage to other network users. The controversy has heated to the point that Florida senator Bill Nelson has made statements that such devices will inevitably force lawmakers to come up with new ways to protect privacy — a comment that is remarkable considering that the Stingray is produced by Harris Corporation which is headquartered in Nelson's home state.

linuxwrangler writes The government has fought hard to keep details about use and effects of the controversial Stingray device secret. But this Wired article points to recently released documents in which the government admits that the device can cause collateral damage to other network users. The controversy has heated to the point that Florida senator Bill Nelson has made statements that such devices will inevitably force lawmakers to come up with new ways to protect privacy — a comment that is remarkable considering that the Stingray is produced by Harris Corporation which is headquartered in Nelson's home state.

neanderslob writes: In 2013, Elon Musk told us about a theoretical transportation system he'd been thinking about for a while. It was called "hyperloop," and it was a tube-based system capable of sending people and things at speeds of up to 800mph. Now, a company called Hyperloop Transportation Technologies plans to start construction on an actual hyperloop next year. The idea is to build it to serve Quay Valley (a proposed 75,000-resident solar power city in Kings County, California). The project will be paid for with $100 million the company expects to raise through a direct public offering in the third quarter of this year. The track itself will be a 5-mile loop and won't reach anywhere close to the 800mph Musk proposed in his white paper — but it's a start.

donniebaseball23 writes: Thanks to a glut of titles, hardware and precious little innovation, the Guitar Hero and Rock Band craze all but died out by 2010. Now, however, strong rumors are swirling that one if not both franchises will be making a return on the new consoles. But will players care? And will the market once again support these games? Charles Huang, co-creator of Guitar Hero, weighed in, outlining some of the challenges. "First, the music genre attracts a more casual and female audience versus other genres. But the casual gamer has moved from console to mobile," he warned. "Second, the high price point of a big peripheral bundle might be challenging. Casual gamers have a lot of free-to-play options." That said, there could be room for a much smaller guitar games market now, analyst Michael Pachter noted: "It was a $2 billion market in 2008, so probably a $200 million market now. The games are old enough that they might be ready for a re-fresh, and I would imagine there is room for both to succeed if they don't oversaturate the way they did last time."

An anonymous reader writes Last fall, Defense Distributed — the company created by Cody Wilson of 3D-printed gun fame — announced a DIY gunsmithing machine called the Ghost Gunner. Now, FedEx is refusing to ship the device, saying there are laws or regulations that would prohibit them from shipment. A FedEx spokesperson said, "This device is capable of manufacturing firearms, and potentially by private individuals. We are uncertain at this time whether this device is a regulated commodity by local, state or federal governments. As such, to ensure we comply with the applicable law and regulations, FedEx declined to ship this device until we know more about how it will be regulated." Wilson argues, "They’re acting like this is legal when in fact it’s the expression of a political preference. The artifact that they’re shipping is a CNC mill. There’s nothing about it that is specifically related to firearms except the hocus pocus of the marketing."

An anonymous reader writes Citing a report from the Gartner Group estimating $100 billion in intellectual property losses within five years, Joshua Greenbaum warns of "the threat of a major surge in counterfeiting" as cheap 3-D printers get more sophisticated materials. Writing for Wired, Greenbaum argues that preventing counterfeiting "promises to be a growth market," and suggests that besides updating IP laws, possible solutions include nanomaterials for "watermarking" authentic copies or even the regulation of 3-D printing materials. Major retailers like Amazon are already offering 3-D print-on-demand products — though right now their selection is mostly limited to novelties like customized bobbleheads and Christmas ornaments shaped like cannabis leaves. Apropos: Smithonian Magazine has an article that makes a good companion piece to this one on the long political history of the copy machine, which raised many of the same issues being rediscovered in the context of 3-D printing.

BarbaraHudson writes Researchers at the University of Kansas and Harvard are working to give men more choices for avoiding unwanted pregnancies. From the article: "H2-gamendazole keeps sperm from maturing. The unfinished sperm fragments are then reabsorbed into the testis, never ending up in the semen. 'If there's no sperm, the egg's not going to get fertilized,' says Joseph Tash, a reproductive biologist at the University of Kansas Medical Center. Almost two years ago, the FDA reviewed the compound, and now the agency wants Tash to investigate if the compound remains in the semen and whether that would harm a woman if it ends up in the vagina. Jay Bradner, working with other anti-cancer researchers at Harvard, discovered that the JQ1 molecule blocked a bromodomain in cancer cells, causing them to forget how to be cancer. One side effect is that JQ1 also obstructed a testicle-specific bromodomain called BRDT, making the sex cells that would otherwise produce sperm non-functional — mice treated with JQ1 can hump with abandon yet generate zero mouselings. Researchers are looking for a version of the molecule that works on the testicle protein only, to avoid any weird side effects."

theodp writes: Gottfried Sehringer asks Should We Really Try to Teach Everyone to Code? He writes, "While everyone today needs to be an app developer, is learning to code really the answer? Henry Ford said that, 'If I had asked people what they wanted, they would have said faster horses.' I view everyone learning to code as app development's version of a faster horse. What we all really want — and need — is a car. The industry is falling back on code because for most people, it's the only thing they know. If you want to build an application, you have to code it. And if you want to build more apps, then you have to teach more people how to code, right? Instead, shouldn't we be asking whether coding is really the best way to build apps in the first place? Sure, code will always have a place in the world, but is it the language for the masses? Is it what we should be teaching everyone, including our kids?" President Obama thinks so, telling Re/code at Friday's Cyber Security Summit that 'everybody's got to learn to code early' (video). But until domestic girls (including his daughters) and underrepresented groups get with the program(ming), the President explained he's pushing tech immigration reform hard and using executive action to help address tech's "urgent need" for global talent.

New submitter Dharkfiber sends an article about the Hardened Anti-Reverse Engineering System (HARES), which is an encryption tool for software that doesn't allow the code to be decrypted until the last possible moment before it's executed. The purpose is to make applications as opaque as possible to malicious hackers trying to find vulnerabilities to exploit. It's likely to find work as an anti-piracy tool as well. To keep reverse engineering tools in the dark, HARES uses a hardware trick that’s possible with Intel and AMD chips called a Translation Lookaside Buffer (or TLB) Split. That TLB Split segregates the portion of a computer’s memory where a program stores its data from the portion where it stores its own code’s instructions. HARES keeps everything in that “instructions” portion of memory encrypted such that it can only be decrypted with a key that resides in the computer’s processor. (That means even sophisticated tricks like a “cold boot attack,” which literally freezes the data in a computer’s RAM, can’t pull the key out of memory.) When a common reverse engineering tool like IDA Pro reads the computer’s memory to find the program’s instructions, that TLB split redirects the reverse engineering tool to the section of memory that’s filled with encrypted, unreadable commands.

Vaccination rates across the U.S. don't neatly correlate with religiosity or wealth; Wired reports that one conspicuous pocket of low vaccination rates, according to California's state database of daycare records, is a place where you might not expect it: Silicon Valley — specifically, the daycare centers at some large tech companies. A WIRED investigation shows that some children attending day care facilities affiliated with prominent Silicon Valley companies have not been completely vaccinated against preventable infectious diseases. At least, that’s according to a giant database from the California Department of Public Health, which tracks the vaccination rates at day care facilities and preschools in the state. We selected more than 20 large technology and health companies in the Bay Area and researched their day care offerings. Of 12 day care facilities affiliated with tech companies, six—that’s half—have below-average vaccination rates, according to the state’s data. ... And those six have a level of measles vaccination that does not provide the “herd immunity” critical to the spread of the disease. Now, this data has limitations—most critically, it might not be current. But it also suggests an incursion of anti-science, anti-vaccine thinking in one of the smartest regions on Earth.

HughPickens.com writes: Russell Berman writes at The Atlantic that the government may have won its case against Silk Road's Ross Ulbricht, but the high-profile trial gave a lot of publicity to the dark web. Both the number of sites and the volume of people using them have increased since Silk Road was shuttered. "Just as on the rest of the internet, users on the dark net are very quick to move on to new things and move away from those products and websites that seem stale and old," says Adam Benson. The cat-and-mouse game between users of the dark web and law enforcement appears to be shifting as well. Newer dark sites (two major ones are Agora and Evolution) are likely to protect their servers by basing them in countries "hostile to U.S. law enforcement," says Nicholas Weaver. "The markets will keep moving overseas, but law enforcement will keep going after the dealers," Weaver says, referring to the people who actually ship and deliver the drugs sold online.

Evolution Marketplace is a much different animal than Silk Road, according to Dan Palumbo. Evolution sells "weapons, stolen credit cards, and more nefarious items that were forbidden on both versions of Silk Road. Silk Road sold a lot of dangerous things, but operators drew the line at their version of 'victimless crimes,' i.e. no child pornography, weapons, or identity theft. Now, four of the top five DarkNet Marketplaces sell weapons while three of the top five sell stolen financial data." This is a darker DarkNet and it speaks to the challenge facing law enforcement as they knock one set of bad actors offline, another comes along with bigger and bolder intentions.

eldavojohn writes: If you didn't partake in the DDOS attack on Dragonmount as fans tried to figure out just what the %&#% was going on last night, you should probably prepare yourself for Billy Zane filled disappointment and watch a curious pilot covering the prologue of The Eye of the World by Robert Jordan that apparently aired around 01:30 AM Eastern time on FXX. The reviews of said pilot are unkind and appear to contain question marks all the way down starting with Jordan's Widow disavowing its authorization.

The world of film and TV development is a confusing one, but it appears that NBC initially bought options to turn it into a mini series which were then optioned by Universal/Red Eagle Entertainment in conjunction with Red Eagle Games to do a coordinated release. Red Eagle games announced a combined effort with Jet Set games and around 2012 began releasing information on an "Aiel War" project to target mobile gaming platforms. But that appeared to die with its failed kickstarter attempt. It is suspected that Red Eagle Entertainment is behind the odd FXX airing last night. Was this an eleventh hour "use it or lose it" move by Red Eagle Entertainment without Universal's knowledge? In any case, it was a secretive, odd, low-budget, disappointing start to The Wheel of Time in film.

An anonymous reader writes: Farming is a difficult profession. One of the constants throughout the generations is that if you're working out in the field all day, machinery eventually breaks down. Farmers tend to deal with this harsh reality by becoming handy at basic repair — but that strategy is starting to fail in the digital age. Kyle Wiens, founder of iFixit, writes about the new difficulties in repairing your broken tractors and other equipment. Not only do you often need experience in computer software, but proprietary technology actively blocks you from making repairs.

"Dave asked me if there was some way to bypass a bum sensor while waiting for the repairman to show up. But fixing Dave's sensor problem required fiddling around in the tractor's highly proprietary computer system—the tractor's engine control unit (tECU): the brains behind the agricultural beast. One hour later, I hopped back out of the cab of the tractor. Defeated. I was unable to breach the wall of proprietary defenses that protected the tECU like a fortress. I couldn't even connect to the computer. Because John Deere says I can't." Wiens also tells us about Farm Hack, a community that has sprung up to build a library of open source tools and knowledge for dealing with high-tech modification and repair in agriculture.

An anonymous reader writes: FCC Chairman Tom Wheeler has published an op-ed explaining how and why the FCC will "use its Title II authority to implement and enforce open internet protections." He says, "These enforceable, bright-line rules will ban paid prioritization, and the blocking and throttling of lawful content and services. I propose to fully apply—for the first time ever—those bright-line rules to mobile broadband. My proposal assures the rights of internet users to go where they want, when they want, and the rights of innovators to introduce new products without asking anyone's permission. ... To preserve incentives for broadband operators to invest in their networks, my proposal will modernize Title II, tailoring it for the 21st century, in order to provide returns necessary to construct competitive networks. For example, there will be no rate regulation, no tariffs, no last-mile unbundling. Over the last 21 years, the wireless industry has invested almost $300 billion under similar rules, proving that modernized Title II regulation can encourage investment and competition."

New submitter BenBoy points out an article at Wired about the most recent developments in the trial of Ross Ulbricht, alleged to be the man behind the Silk Road digital black market, going by the alias Dread Pirate Roberts. The prosecution has now rested its case, but one of their last presentations was a series of communications between DPR and a supposed member of the Hell's Angels motorcycle club in which he arranged for hitmen to kill five different people. Wired notes, Ulbricht, who the prosecutors have sought to prove is that Dread Pirate Roberts, hasn't been charged with murder-for-hire in his Southern District of New York case, though he faces charges that include conspiracies to sell narcotics, launder money and more. (He does, however, face murder-for-hire charges in a separate case in Baltimore.) In fact, the prosecution admitted in court that the purported victims of the Silk Road killings were never found, and that Canadian police couldn't even locate records for anyone with their names. ... Even so, the prosecution took pains to read the entire conversation to the jury because it’s intended to show them the darkest side of the Silk Road’s short history. If genuine, the transcript shows that members of the Hell's Angels organization are familiar with using encryption to shield their communications from law enforcement. Forbes has a detailed update on how the rest of the case has progressed, and Ars has a brief article on today's closing arguments.

An anonymous reader writes: China is putting into place a new set of regulations for how banks interact with technology, and it has many companies worried. While the rules might enhance security for the Chinese government, they devastate it for everyone else. For example, not only will China require that companies turn over source code for any software sold to banks, the companies building the software (and hardware) must also build back doors into their systems. The bad news for us is that most companies can't afford to simply refuse the rules and write China off. Tech industry spending is estimated to reach $465 billion in 2015, and it's projected for a huge amount of growth.

Jason Koebler writes: Leslie Caldwell, an assistant attorney general at the Justice Department, said Tuesday that the department is "very concerned" by the Google's and Apple's decision to automatically encrypt all data on Android and iOS devices.

"We understand the value of encryption and the importance of security," she said. "But we're very concerned they not lead to the creation of what I would call a 'zone of lawlessness,' where there's evidence that we could have lawful access through a court order that we're prohibited from getting because of a company's technological choices.

TechCurmudgeon sends this excerpt from an article at Wired: Aaron Foss won a $25,000 cash prize from the Federal Trade Commission for figuring out how eliminate all those annoying robocalls that dial into your phone from a world of sleazy marketers. ... Using a little telephone hackery, Foss found a way of blocking spammers while still allowing the emergency alert service and other legitimate entities to call in bulk. Basically, he re-routed all calls through a service that would check them against a whitelist of legitimate operations and a blacklist of spammers, and this little trick was so effective, he soon parlayed it into a modest business. Last year, his service, called Nomorobo, blocked 15.1 million robocalls.

First time accepted submitter mkukuluk writes Forget Google Glass — Jessi Hempel describes the amazing experience she had with the new Holographic goggles from Microsoft. From the article: "The headset is still a prototype being developed under the codename Project Baraboo, or sometimes just “B.” [inventor Alex] Kipman, with shoulder-length hair and severely cropped bangs, is a nervous inventor, shifting from one red Converse All-Star to the other. Nervous, because he’s been working on this pair of holographic goggles for five years. No, even longer. Seven years, if you go back to the idea he first pitched to Microsoft, which became Kinect. When the motion-sensing Xbox accessory was released, just in time for the 2010 holidays, it became the fastest-selling consumer gaming device of all time. Right from the start, he makes it clear that Baraboo will make Kinect seem minor league."

HughPickens.com writes Cade Metz writes that last week Parisa Tabriz, head of Google's Chrome security team, helped arrange an early screening of Michael Mann's Blackhat in San Francisco for 200-odd security specialists from Google, Facebook, Apple, Tesla, Twitter, Square, Cisco, and other parts of Silicon Valley's close-knit security community, and their response to the film was shockingly positive. "Judging from the screening Q&A—and the pointed ways this audience reacted during the screening—you could certainly argue Blackhat is the best hacking movie ever made," writes Metz. "Many info-sec specialists will tell you how much they like Sneakers—the 1992 film with Robert Redford, Sidney Poitier, Dan Ackroyd, Ben Kingsley, and River Phoenix—but few films have so closely hewed to info-sec reality as Mann's new movie, fashioned in his characteristic pseudo-documentary style." "Unlike others, this is a film about a real person, not a stereotype—a real guy with real problems thrust into a real situation," says Mark Abene. "The technology—and the disasters—in the film were real, or at least plausible.

Director Michael Mann worked closely with Kevin Poulsen in researching, writing, and shooting the film. Like Hemsworth's character, Poulsen spent time in prison for his hacking exploits, and Mann says his input was invaluable. "It's the first crime-thriller to hinge so heavily on hacking without becoming silly." says Poulson. "We put a lot of work into finding plausible ways that malware and hosting arrangements and all these other things could be used to advance the plot and all of that I think turned out pretty nice." I'm a fan of Michael Mann, and the previews I've seen of Blackhat make it look at least like a passable thriller. For anyone who's seen the film already, what did you think?

HughPickens.com writes The death of the mainframe has been predicted many times over the years but it has prevailed because it has been overhauled time and again. Now Steve Lohr reports that IBM has just released the z13, a new mainframe engineered to cope with the huge volume of data and transactions generated by people using smartphones and tablets. "This is a mainframe for the mobile digital economy," says Tom Rosamilia. "It's a computer for the bow wave of mobile transactions coming our way." IBM claims the z13 mainframe is the first system able to process 2.5 billion transactions a day and has a host of technical improvements over its predecessor, including three times the memory, faster processing and greater data-handling capability. IBM spent $1 billion to develop the z13, and that research generated 500 new patents, including some for encryption intended to improve the security of mobile computing. Much of the new technology is designed for real-time analysis in business. For example, the mainframe system can allow automated fraud prevention while a purchase is being made on a smartphone. Another example would be providing shoppers with personalized offers while they are in a store, by tracking their locations and tapping data on their preferences, mainly from their previous buying patterns at that retailer.

IBM brings out a new mainframe about every three years, and the success of this one is critical to the company's business. Mainframes alone account for only about 3 percent of IBM's sales. But when mainframe-related software, services and storage are included, the business as a whole contributes 25 percent of IBM's revenue and 35 percent of its operating profit. Ronald J. Peri, chief executive of Radixx International was an early advocate in the 1980s of moving off mainframes and onto networks of personal computers. Today Peri is shifting the back-end computing engine in the Radixx data center from a cluster of industry-standard servers to a new IBM mainframe and estimates the total cost of ownership including hardware, software and labor will be 50 percent less with a mainframe. "We kind of rediscovered the mainframe," says Peri.

An anonymous reader writes "Facebook unveiled its rumored "at Work" service to a handful of partners today. Facebook at Work puts co-workers into a standalone social network and allows them to share posts and images appropriate for the workplace but looks and acts just like regular Facebook. "We have found that using Facebook as a work tool makes our work day more efficient," Lars Rasmussen, Facebook's director of engineering, tells WIRED. "You can get more stuff done with Facebook than any other tool that we know of, and we'd like to make that available to the whole world.""

New submitter TechCurmudgeon writes: According to a story at Wired, towns in Mexico that aren't served by the nation's telecom monopoly are taking matters in their own hands with the help of a non-profit and open source technology. "Strategically ignored by Mexico's major telecoms, Yaee is putting itself on the mobile communications grid with the help of a Oaxaca-based telecommunications non-profit called Rhizomatica." A locally-made tower is the backbone of Yaee's first cellular network. The town's network is composed of two antennas and an open-source base station from a Canadian company called NuRAN. Once Yaee gets the tower installed and the network online, its 500 citizens will, for the first time, be able to make cell phone calls from home, and for cheaper rates than almost anywhere else in Mexico.

twitnutttt writes Customers of Bistamp, the successor (until recently) to MtGox as the highest-volume dollar-denominated Bitcoin exchange, and still the preferred source of trading data for many technical analysts, sent an email at about 4:00 UTC today warning that, "Today our transaction processing server detected problems with our hot wallet and stopped processing withdrawals." They also instructed users to stop sending any deposits immediately or they may be lost. The Bitstamp website has now also suspended all exchange/trading services, and the homepage contains only a maintenance message warning users of a "compromised" wallet. Numerous references to security imply that this is a hacking attack, but Bitstamp reassures that they maintain "more than enough offline reserves to cover the compromised bitcoins."

An anonymous reader writes Wired recounts the story of Hal Finney, one of the very first adopters of Bitcoin. Finney died earlier this year after a long fight with Lou Gehrig's disease. But for months before his death, he was a victim of constant harassment from somebody trying to extort his Bitcoins. He and his family faced a variety of threats, and had a SWAT team called on their residence. And it turns out Finney is not alone — other early adopters are being targeted with similar threats. "That's when someone using the names Nitrous and Savaged hacked into [early adopter Roger Ver's] email accounts and demanded that he cough up 37 bitcoins—about $20,000 at the time—in order to prevent his private information from being published online. Ver refused, and the hacker apparently backed off after Ver put a 37 bitcoin bounty on his head. Ver, who was himself sentenced to 10 months in federal prison for illegally shipping explosive across state lines, believes that Savaged is not only the same person who swatted Hal Finney, but also the person who gained access to Satoshi Nakamoto's email account earlier this year."

theodp (442580) writes That President Obama became the first President to write a line of code (as a top Microsoft lobbyist looked on) is #1 on the White House's Top 9 science and technology highlights from 2014. To kick off this year's Hour of Code, the President 'learned to code' by moving a Disney Princess Elsa character 100 pixels on a screen, first by dragging-and-dropping Blockly puzzle pieces and then by coding 1 line of JavaScript. Interestingly, Bill Clinton might have been The First President To Write Code had Microsoft seen fit to use its patented, circa-1995 Graphical Programming System and Method for Enabling a Person to Learn Text-Based Programming — which describes how kids as young as 8-12 years of age can be taught to program by progressing from creating a program using graphical objects to doing so using text-based programming — to teach President Clinton to code some 20 years ago!

An anonymous reader writes: Cory Doctorow has an article in Wired explaining why crafting laws to restrict software is going to hurt us in the long run. The reason? Because we're on an irreversible trajectory toward integrating technology with our cars and houses, bodies and brains. If we don't control the software, then at some point, we won't control parts of our homes and our selves. Doctorow writes, "Any law or regulation that undermines computers' utility or security also ripples through all the systems that have been colonized by the general-purpose computer. And therein lies the potential for untold trouble and mischief.

Code always has flaws, and those flaws are easy for bad guys to find. But if your computer has deliberately been designed with a blind spot, the bad guys will use it to evade detection by you and your antivirus software. That's why a 3-D printer with anti-gun-printing code isn't a 3-D printer that won't print guns—the bad guys will quickly find a way around that. It's a 3-D printer that is vulnerable to hacking by malware creeps who can use your printer's 'security' against you: from bricking your printer to screwing up your prints to introducing subtle structural flaws to simply hijacking the operating system and using it to stage attacks on your whole network."