17,000 times the average distance to the moon. Raw images: http://pluto.jhuapl.edu/soc/UltimaThule-Encounter/ - of course, it's not worth trying to convince the kind of people who believe Earth is flat and humans have never gone to Moon that these are real. In the linked article, the short version: Left image is color picture, middle image is higher-resolution black and white one, and the rightmost is a composite with colors from the color image and finer features from the black and white one.
It's worth remembering that at that distance from the Sun there's barely any light, and at the closest approach 2014 MU69 passes the probe's field of vision in less than 3 seconds at their incident speeds - and due to the distance they weren't even sure which three seconds! It's a remarkable feat all in all, there's higher resolution images hopefully yet to come during the almost two year data-return window, but it isn't going to be perfectly in focus long-exposure HDR photography.
I'll just miss the point the other way around, and point out that they could've got usable data by using crash test dummies. And indeed, observational studies of people who fell without parachute vs. those who fell with would easily point both the expected safety benefits and the folly of running a controlled trial. This same problem exists for a lot of automotive safety issues (Not that there aren't a LOT of willing people to test not using a helmet on bike, seatbelt on car etc. but studies don't just hurl people at a wall at high speed with and without helmets and compare the results). Any medical studies are generally interrupted if the difference is so overwhelming that it would be unethical to continue, and prior observational studies would fit that bill.
23andMe, which this article deals with, does not (voluntarily) co-operate with law-enforcement. Of course, if they get a court order, they will have to, but to do date they've never been asked for DNA data and haven't had to give out any personal data requested: https://www.23andme.com/transparency-report/ 23andMe also does not allow comparison of samples tested outside 23andMe against their own database, the same goes for AncestryDNA. The only reason the GSK case was solved was because those people had purposefully transferred their DNA data into GEDMatch, whose technology and terms of service specifically allowed for matching against this sort of data. It's alleged that many users of GEDMatch had not read or understood the Term of Service (likely) but others had uploaded their DNA data into GEDMatch specifically for these kinds of purposes. It remains a controversial topic in DNA testing circles not the least because it can implicate distant relatives, but to date merely testing at 23andMe or AncestryDNA hasn't caused anybody to become "police informant", they've had to take complicated actions where they're warned of this sort of possibility every step along the way (Or allowed somebody else to do it for them) to participate in law enforcement DNA searches. On the other hand, in most of the world USA included law enforcement can legally collect DNA samples from pretty much everybody and construct their own, private DNA database. The law enforcement DNA databases even currently dwarf 23andMe's database in size. The only reason consumer DNA tests were useful in GSK case were because the culprit was beyond suspicion due to being an ex cop and had never had his DNA taken by law enforcement.
But anyway, the short answer is that no, 23andMe does not "deal" with law enforcement unless forced to, which they've never yet been.
It says "Sunspot Observatory", I had to Google it and turns out that's actually it's name, but it IS a solar observatory, one that's dedicated to observation of the closest star to our planet. Ie. the Sun. This makes it exceedingly unlikely they would have anything to do with any alien discovery, unless they're some sort of Sun-dwelling variety, it'd be more likely to run into one at a Walmart.
It also should go without saying (But I'll say it anyway) that it isn't the world's only solar observatory, and the world includes many more countries than USA, so any discovery relating to Sun couldn't be hidden by shutting down this one, nor would it make sense as it'd stop further observations.
According to article I quickly skimmed, the observatory was founded for radio observations of the sun, and there's mentions of the feds being very interested in the "antennas", so the espionage angle seems almost certain and would necessitate evacuation to prevent tampering with evidence (Perhaps not allowing them to pack their stuff when leaving though, as one article claimed) and continued espionage. Main argument against this is that all sensitive communications would be encrypted nowadays, but still just the existence of certain communications would be a security issue.
Washington Post doing a bit of sensationalist journalism. Existing DNA testing companies have already been following these guidelines which are in their terms of service, and large part of them indeed are the law, or their interpretation. The reporting on these companies is weird, because every existing practice and action is always reported as brand new, never happened before. Industry self-regulating is a good idea, but of course there's additional motivation for the companies to cast doubt on those companies not involved in the guidelines. In essence they're saying "Here's what WE have been doing, and what every competitor should do, too".
It would also be pretty dumb move for them to break their promises in an industry where the whole business model is based on gaining people's trust.
In most cases, like this, an NFC chip is correctly described as transponder, not transmitter. It's a passive device that responds to magnetic field, at lengths around half a feet. So the "transmitter" headline is clickbait unfit for a (former) tech-site. It also seems like classic red herring, nobody knows if the ball was equipped with other toys by Russia, focusing on a known passive transponder distracts from that. On the other hand I get the joke potential as world leaders tend to receive gifts at every meeting, and there are certainly existing protocols to protect them from eavesdropping, bombs etc. Of particular note in this context, the briefcase that follows POTUS around and contains all the nuclear missile launch codes etc. is known as the "nuclear football" making things weird for this particular analogy.
According to the translation he's saying "A new generation of technology... is accelerating breakthrough applications". You know what this means? Party time! Blockchain mentioned! Actually, it's called one of many new generation technologies. I also agree with comments noting it sounds basically a list of buzzwords with no specific meaning, although if you look at the list, they're all immensely useful technologies for ubiquitous surveillance. But he said "breakthrough applications", that can only mean one thing... Cryptocurrency mentioned, party time!
Yep, I'm trying to keep the bitching on articles down to minimum, but how does this even pass for news? And I'm saying that because major news sources broke the story long before SlashDot, so apparently it IS news. Out of seven reasonable, reachable-goals Kickstarters (Which is supposed to be the verified, trustable projects) I've participated in, ONE delivered what they promised, after one delivered my "Beta Tester Ultimate Package" in a broken state after the product was already being delivered at lower price through their own web-store. Really, it should be big news if a crowdfunded project delivers as promised. But this is also largely by design.
What I have more problems is that all of the crowdfunding projects basically grab your money & disappear going totally incommunicado with no feedback either direction, whether they will or don't deliver the project at the end, if there's any backer-updates at all they will be late and clearly showing their contempt for providing any feedback at all. I can't find the statement now (Was it actually removed?) but I remember Kickstarter stressing this was supposed to be a common journey to create something new. Now they're working exactly like (and, in most cases, worse than) traditional closed up development projects with free funding.
But the bitcoin price has no connection to real value. If one Satoshi trades hands at the price of one million per Bitcoin, it could be argue that the price has hit one million. There's no need to guarantee that ALL Bitcoin need to be able to change hands at that price; indeed, as many are lost of thought to be lost, this is provably impossible, to say nothing of the price crash if everybody attempted to "cash out". Since a Satoshi is one hundred millionth of a full Bitcoin, a million dollar per Biitcoin price would come to just one cent per Satoshi, which surely has already happened. The problem with the "reputable experts" is that according to this, they differ on the correct price by factor of 20. They can't all be right! Take it just as it is though, an anonymous submission of "It's going to hit a million, quick everybody buy so mine go up in value!". As always, the only thing that is certain in stock values is that it is going to go up and down. The thing that is surprising is that it hasn't been prohibited in most countries, and it's actually starting to cross into a point where significant legal restrictions aren't imaginable.
The issue I pointed out wasn't that this wouldn't be useful, but that P3P is a W3C officially recommended protocol/standard started 20 years ago that already does this but much better. However, it never really caught on, and I suspect one main reason is companies don't really want accountability. For the legal defense, the only solution would be a law unequivocally granting immunity if you disclose a vulnerability in responsible manner. A security.txt file isn't worth the paper it's printed on (ie. none) in that regard. I grant P3P is mainly geared towards "privacy" rather than "security", but it does allow specifying the entity in charge as well as any and all dispute-resolution practices, along the intended privacy (Ie. so they don't get flooded by security complaints about showing e-mail addresses when that's intentional, for example).
It's almost like https://www.w3.org/P3P/ wasn't already a thing that died with a whimper 10 years ago. On the other hand, an almost syntax-free text-file might gain some more traction, even if I fail to see how that's actually useful over some "About" or "Contact" link on the website menu.
It's specifically said the router's firmware was encrypted so he couldn't read it, much less install sniffers or backdoors. About only thing it's reasonable to expect him to be able to do is disable some firewalls between internal and the public Internet. And even that is assuming their internal network was directly connected to "free, public WiFi" and city officials had password lists and locations of the nukes on unsecured shares on their desktops... which is, kinda large leap of faith. Especially since the article says they worked with him solving the problem, so they must've been all like "Oh you found an exploit to get into our secret unprotected network? Oh no, please don't use it or leave any backdoors, or we'll be in big trouble, we'll just let you secure them."
With regards to unencrypted communication over public WiFi, all he'd had to do was put a high-powered WiFi router with same SSID up. Certificates won't even be much help if the attacker is in charge of the network and can re-direct traffic via a proxy "faking" the site or just forcing TLS off. No hacking of routers required. Though if this was their public Internet gateway, likely all that'd give him would be a glimpse of the city servants Facebook chatter and pr0n searches.
The summary is pretty much just a cut & paste of the whole article from Vice, just as the summary of the summary says. And yes the article skips the only interesting part, which is how he found and tested the exploit when the article says he acquired one of the company's routers only after the supposed hack. It also leaves it entirely in air how accessing a "public"/"free" (as it's identified, and which allowed him to freely access the Internet) WiFi counts as a hack, and what was the actual threat there. Open access to their internal network I assume, but that would have been assumption on his part as well if he never tried it -- despite the Vice headline proclaiming he took it over.
Agree, that's just false advertising. Where's our flying cars?! Something called Autopilot should cause your car to take flight. On the safety issue it seems to have a perfect record, however, since I've not yet heard of any Tesla collisions with airplanes. If only airplane autopilots worked half as well!
Except possibly in the widest sense of "SETI has observed someone else observing"... A Russian radio-telescope site claims it has observed the alleged signal well over a year ago - which should give you an idea how important this observation is. The headline, copied straight from ARS Technica though, isn't just ordinarily imprecise, but anyone who's on social media is already aware of the original observation, and is now eagerly waiting for independent confirmation. Without that, it can be anything from an attempt grabbing funding to a Russian radio-frequency jammer test. Because of that, an idependent SETI observation would be very significant. Unfortunately, it's likely a rare event since they've not managed to spot it again in over a year.
Or, if you were really concerned, you could just Google it: https://eprint.iacr.org/2016/167.pdf "Broken SHA256: For a broken SHA256, meaningful collisions or pre-images suggest that new transactions should not be accepted. However, as we saw in Sec- tion 4.3, unless a broken hash results in majority power, an adversary cannot alter historical blocks or transactions. The same can be said for hard-coding known public keys with unspent outputs: even if the adversary gets a differ- ent key that hashes to the same value, deriving the private key should be infeasible if the signature scheme is still strong. The plans for SHA256 thus seem to be more pru- dent than necessary, but since they necessitate a hard fork, rehashing the entire blockchain to add new checkpoints or hardcoding public keys can only increase the security of the transition period, but perhaps at a cost of efficiency."
A little plain-english translation would also be, that BitCoin and other cryptocurrencies (As well as, arguably, the security of every credit card in your pocket and bank transaction and online login and...) doesn't rely on the hash being "unbreakable", it just relies on it being non-trivial, and barring a general quntum computer, we know it to be non-trivial. In fact, the credit-card in your pocket is more vulnerable to single hash being broken, and the whole working principle of BitCoin (mining) is "cracking SHA-2".
The threat-model for BitCoin isn't that the hash will be broken, but that it will become significantly easier for one party; this is a special case of the general majority-hashing-power threat, where the "adversary" covertly through subterfuge or technology obtains majority hashing power. This in fact has happened before (Multiple times at least if you include Satoshi Nakamoto himself) and the world didn't come to an end.
This is not to say that I'm a BitCoin enthusiast, or even that I'm saying it's unbreakable, I'm just saying it's far more complicated and also analyzed, at least by other people than the BitCoin core developers, than a simple "OMGZORZS they gonna crack da hash!!!!111":)
And how many of their research subjects had been diagnosed with hypochondria? Searching for symptoms and eventual disease isn't unlikely pattern, whereas someone actually suffering from it would be more likely to only ask a doctor. Didn't bother to read the article, of course, but hopefully they did also check whether they did search indicating diagnosis also before, and possibly for other diseases.
I also have to join those questioning the "false positive" rate there. People are perhaps even more liable to search for other people's conditions than their own, and while showing them a banner like "Your searches indicate X" would work just as well, in the context of the study that should count as a false positive. One question on this is exactly how they're counting or reporting false positives. Approximately 5 in 100.000 will get pancreating cancer *in their lifetime*, which comes to neighborhood 1 to 1.000.000 million per year. If their algorithm actually tagges 1 in 10.000 users as having pancreatic cancer then it is next to useless. If 1 in 10.000 tagged didn't turn out to have pancreatic cancer, then it's unbelievable.
And indeed, assuming they were searching for identifiable symptoms, wouldn't they have discovered their cancer earlier? Is this a case of too slow medical system, or just a case of people who already know they have pancreatic cancer sometimes making searches looking like recent diagnosis... the example of "Why did I get pancreatic cancer?" in the summary for example is pretty telling, as that would seem quite likely search for a late-stage patient.
It's proof, but the problem is the measure of "largest math proof ever" is dumb. I could let a computer (or preferably a cluster) generate proof that every natural number below 200 trillion is followed by another, and there are no gaps, and it would easily trump that as the "largest math proof ever". What's that you say, it's not the simplest proof? True, but my algorithm just didn't hit on the simplest proof yet... Or if you prefer, I can generate proof of the exact number of primes below 200 trillion, it would beat that record by far and as far as currently known, have no simpler proof. For that matter, the Great Internet Mersenne Prime Search is constantly generating proofs that, if written and dumped out sequentially, would beat the pants off this record. But I hope we're not (or shouldn't be) merely competing for "the largest waste of computing power ever":)
Some perspective would always be welcome, even on Slashdot. Cooking is still by far more dangerous and effects far, far more people and as such is a public health hazard. http://www.arb.ca.gov/research/indoor/cookingstudy.pdf I can only hope one day we will be living in an evidence-based society where cooking will be outlawed as a public menace. That said of course, there's absolutely nothing wrong with studying and reducing health hazards, and many printer manufacturers have long since responded with filtered air printing enclosures etc. But this particular one has been known for years, and postulated for far longer. One thing that has not yet happened but would be somewhat welcome is some sort of "chemical safety labeling" for printer filament; avoiding, of course, reducing choice or increasing the price, but as of currently there's no way at all to know what kind of chemicals each different filament batch contains. I see a lot of people jumping on demanding to know printer styles and brands, but I expect the filament source to have significantly more effect, and when the filament is used to print anything that comes to contact with skin or even food, this is many times more important.
I'm trying hard not to be the token anti-cryptocurrency dude here, but yeah, the theme of the year seems to be "We've invented the wheel - now with Bitcoin!". The glut of different freshly minted cryptocurrencies from everybody who arrived upon the bright idea of starting out a new cryptocurrency, pre-mining it a bit and giving a fancy name has led to people differentiating with different tie-ins to try to get people adopt their coin adopted.
There isn't any instantly apparent reason Storj is tied down to cryptocurrency (which they themselves admit will be changing), although I'll admit it does give a snazzy way to pay for the storage service, but it's nothing new - at least Mojonation was originally based specifically around the idea of micropayments with a cryptocurrency. In fact it sounds exactly like MojoNation from 2000 with Bitcoin like Merkle trees for proof-of-storage thrown in.
While there is absolutely nothing wrong with improvement like that, one thing that catches the eye is that despite copious references, their whitepapers don't really reference any of the prior work on the area of distributed storage like that, and try to sell it as completely new proof-of-concept idea. Oh yeah, along with the "Now with Bitcoin, but all you have to do is buy our new cryptocurrency":)
Oh, yeah, they should've said that in the summary - the difference to Morpheus, Freenet, Mojonation, Chord etc. (in no particular order) is that with Storj (which, somehow, is supposed to be pronounced "Storage" according to their site) is that to participate at this stage, you'll have to buy (currently) 300 dollars worth of their freshly minted cryptocurrency. No thanks.
Additionally from their FAQ: "As described in the MetaDisk whitepaper, we will use Florincoin as an initial solution. Eventually, we will transition to a system with more direct and scalable access to the Bitcoin blockchain via proof-of-existence. As blockchain technology improves we can use systems like Factom to provide faster throughput, and Ethereum to create enforceable contracts on data storage." So... they're in large part relying on technology not even developed yet. I get the modern rush to put software out before anybody else (Or say, 20 years after...), but this does sound like a prime example of putting the cart before the horse.
Slashdot Mirror
17,000 times the average distance to the moon. Raw images: http://pluto.jhuapl.edu/soc/UltimaThule-Encounter/ - of course, it's not worth trying to convince the kind of people who believe Earth is flat and humans have never gone to Moon that these are real. In the linked article, the short version: Left image is color picture, middle image is higher-resolution black and white one, and the rightmost is a composite with colors from the color image and finer features from the black and white one.
It's worth remembering that at that distance from the Sun there's barely any light, and at the closest approach 2014 MU69 passes the probe's field of vision in less than 3 seconds at their incident speeds - and due to the distance they weren't even sure which three seconds! It's a remarkable feat all in all, there's higher resolution images hopefully yet to come during the almost two year data-return window, but it isn't going to be perfectly in focus long-exposure HDR photography.
I'll just miss the point the other way around, and point out that they could've got usable data by using crash test dummies. And indeed, observational studies of people who fell without parachute vs. those who fell with would easily point both the expected safety benefits and the folly of running a controlled trial. This same problem exists for a lot of automotive safety issues (Not that there aren't a LOT of willing people to test not using a helmet on bike, seatbelt on car etc. but studies don't just hurl people at a wall at high speed with and without helmets and compare the results). Any medical studies are generally interrupted if the difference is so overwhelming that it would be unethical to continue, and prior observational studies would fit that bill.
23andMe, which this article deals with, does not (voluntarily) co-operate with law-enforcement. Of course, if they get a court order, they will have to, but to do date they've never been asked for DNA data and haven't had to give out any personal data requested: https://www.23andme.com/transparency-report/
23andMe also does not allow comparison of samples tested outside 23andMe against their own database, the same goes for AncestryDNA. The only reason the GSK case was solved was because those people had purposefully transferred their DNA data into GEDMatch, whose technology and terms of service specifically allowed for matching against this sort of data.
It's alleged that many users of GEDMatch had not read or understood the Term of Service (likely) but others had uploaded their DNA data into GEDMatch specifically for these kinds of purposes. It remains a controversial topic in DNA testing circles not the least because it can implicate distant relatives, but to date merely testing at 23andMe or AncestryDNA hasn't caused anybody to become "police informant", they've had to take complicated actions where they're warned of this sort of possibility every step along the way (Or allowed somebody else to do it for them) to participate in law enforcement DNA searches.
On the other hand, in most of the world USA included law enforcement can legally collect DNA samples from pretty much everybody and construct their own, private DNA database. The law enforcement DNA databases even currently dwarf 23andMe's database in size. The only reason consumer DNA tests were useful in GSK case were because the culprit was beyond suspicion due to being an ex cop and had never had his DNA taken by law enforcement.
But anyway, the short answer is that no, 23andMe does not "deal" with law enforcement unless forced to, which they've never yet been.
Mars is dangerous, so let's switch it to Moon instead. I'm sure that will fix faulty electrical connections and poor chain of command...
It says "Sunspot Observatory", I had to Google it and turns out that's actually it's name, but it IS a solar observatory, one that's dedicated to observation of the closest star to our planet. Ie. the Sun. This makes it exceedingly unlikely they would have anything to do with any alien discovery, unless they're some sort of Sun-dwelling variety, it'd be more likely to run into one at a Walmart.
It also should go without saying (But I'll say it anyway) that it isn't the world's only solar observatory, and the world includes many more countries than USA, so any discovery relating to Sun couldn't be hidden by shutting down this one, nor would it make sense as it'd stop further observations.
According to article I quickly skimmed, the observatory was founded for radio observations of the sun, and there's mentions of the feds being very interested in the "antennas", so the espionage angle seems almost certain and would necessitate evacuation to prevent tampering with evidence (Perhaps not allowing them to pack their stuff when leaving though, as one article claimed) and continued espionage. Main argument against this is that all sensitive communications would be encrypted nowadays, but still just the existence of certain communications would be a security issue.
Washington Post doing a bit of sensationalist journalism. Existing DNA testing companies have already been following these guidelines which are in their terms of service, and large part of them indeed are the law, or their interpretation. The reporting on these companies is weird, because every existing practice and action is always reported as brand new, never happened before. Industry self-regulating is a good idea, but of course there's additional motivation for the companies to cast doubt on those companies not involved in the guidelines. In essence they're saying "Here's what WE have been doing, and what every competitor should do, too".
It would also be pretty dumb move for them to break their promises in an industry where the whole business model is based on gaining people's trust.
In most cases, like this, an NFC chip is correctly described as transponder, not transmitter. It's a passive device that responds to magnetic field, at lengths around half a feet. So the "transmitter" headline is clickbait unfit for a (former) tech-site. It also seems like classic red herring, nobody knows if the ball was equipped with other toys by Russia, focusing on a known passive transponder distracts from that. On the other hand I get the joke potential as world leaders tend to receive gifts at every meeting, and there are certainly existing protocols to protect them from eavesdropping, bombs etc. Of particular note in this context, the briefcase that follows POTUS around and contains all the nuclear missile launch codes etc. is known as the "nuclear football" making things weird for this particular analogy.
According to the translation he's saying "A new generation of technology ... is accelerating breakthrough applications". You know what this means? Party time! Blockchain mentioned! Actually, it's called one of many new generation technologies. I also agree with comments noting it sounds basically a list of buzzwords with no specific meaning, although if you look at the list, they're all immensely useful technologies for ubiquitous surveillance. But he said "breakthrough applications", that can only mean one thing... Cryptocurrency mentioned, party time!
Yep, I'm trying to keep the bitching on articles down to minimum, but how does this even pass for news? And I'm saying that because major news sources broke the story long before SlashDot, so apparently it IS news. Out of seven reasonable, reachable-goals Kickstarters (Which is supposed to be the verified, trustable projects) I've participated in, ONE delivered what they promised, after one delivered my "Beta Tester Ultimate Package" in a broken state after the product was already being delivered at lower price through their own web-store. Really, it should be big news if a crowdfunded project delivers as promised. But this is also largely by design.
What I have more problems is that all of the crowdfunding projects basically grab your money & disappear going totally incommunicado with no feedback either direction, whether they will or don't deliver the project at the end, if there's any backer-updates at all they will be late and clearly showing their contempt for providing any feedback at all. I can't find the statement now (Was it actually removed?) but I remember Kickstarter stressing this was supposed to be a common journey to create something new. Now they're working exactly like (and, in most cases, worse than) traditional closed up development projects with free funding.
But the bitcoin price has no connection to real value. If one Satoshi trades hands at the price of one million per Bitcoin, it could be argue that the price has hit one million. There's no need to guarantee that ALL Bitcoin need to be able to change hands at that price; indeed, as many are lost of thought to be lost, this is provably impossible, to say nothing of the price crash if everybody attempted to "cash out". Since a Satoshi is one hundred millionth of a full Bitcoin, a million dollar per Biitcoin price would come to just one cent per Satoshi, which surely has already happened.
The problem with the "reputable experts" is that according to this, they differ on the correct price by factor of 20. They can't all be right! Take it just as it is though, an anonymous submission of "It's going to hit a million, quick everybody buy so mine go up in value!". As always, the only thing that is certain in stock values is that it is going to go up and down. The thing that is surprising is that it hasn't been prohibited in most countries, and it's actually starting to cross into a point where significant legal restrictions aren't imaginable.
The issue I pointed out wasn't that this wouldn't be useful, but that P3P is a W3C officially recommended protocol/standard started 20 years ago that already does this but much better. However, it never really caught on, and I suspect one main reason is companies don't really want accountability. For the legal defense, the only solution would be a law unequivocally granting immunity if you disclose a vulnerability in responsible manner. A security.txt file isn't worth the paper it's printed on (ie. none) in that regard. I grant P3P is mainly geared towards "privacy" rather than "security", but it does allow specifying the entity in charge as well as any and all dispute-resolution practices, along the intended privacy (Ie. so they don't get flooded by security complaints about showing e-mail addresses when that's intentional, for example).
It's almost like https://www.w3.org/P3P/ wasn't already a thing that died with a whimper 10 years ago. On the other hand, an almost syntax-free text-file might gain some more traction, even if I fail to see how that's actually useful over some "About" or "Contact" link on the website menu.
It's specifically said the router's firmware was encrypted so he couldn't read it, much less install sniffers or backdoors. About only thing it's reasonable to expect him to be able to do is disable some firewalls between internal and the public Internet. And even that is assuming their internal network was directly connected to "free, public WiFi" and city officials had password lists and locations of the nukes on unsecured shares on their desktops... which is, kinda large leap of faith. Especially since the article says they worked with him solving the problem, so they must've been all like "Oh you found an exploit to get into our secret unprotected network? Oh no, please don't use it or leave any backdoors, or we'll be in big trouble, we'll just let you secure them."
With regards to unencrypted communication over public WiFi, all he'd had to do was put a high-powered WiFi router with same SSID up. Certificates won't even be much help if the attacker is in charge of the network and can re-direct traffic via a proxy "faking" the site or just forcing TLS off. No hacking of routers required. Though if this was their public Internet gateway, likely all that'd give him would be a glimpse of the city servants Facebook chatter and pr0n searches.
The summary is pretty much just a cut & paste of the whole article from Vice, just as the summary of the summary says.
And yes the article skips the only interesting part, which is how he found and tested the exploit when the article says he acquired one of the company's routers only after the supposed hack.
It also leaves it entirely in air how accessing a "public"/"free" (as it's identified, and which allowed him to freely access the Internet) WiFi counts as a hack, and what was the actual threat there.
Open access to their internal network I assume, but that would have been assumption on his part as well if he never tried it -- despite the Vice headline proclaiming he took it over.
Agree, that's just false advertising. Where's our flying cars?! Something called Autopilot should cause your car to take flight. On the safety issue it seems to have a perfect record, however, since I've not yet heard of any Tesla collisions with airplanes. If only airplane autopilots worked half as well!
Except possibly in the widest sense of "SETI has observed someone else observing"... A Russian radio-telescope site claims it has observed the alleged signal well over a year ago - which should give you an idea how important this observation is. The headline, copied straight from ARS Technica though, isn't just ordinarily imprecise, but anyone who's on social media is already aware of the original observation, and is now eagerly waiting for independent confirmation. Without that, it can be anything from an attempt grabbing funding to a Russian radio-frequency jammer test. Because of that, an idependent SETI observation would be very significant. Unfortunately, it's likely a rare event since they've not managed to spot it again in over a year.
Or, if you were really concerned, you could just Google it: https://eprint.iacr.org/2016/167.pdf
"Broken SHA256: For a broken SHA256, meaningful
collisions or pre-images suggest that new transactions
should not be accepted. However, as we saw in Sec-
tion 4.3, unless a broken hash results in majority power,
an adversary cannot alter historical blocks or transactions.
The same can be said for hard-coding known public keys
with unspent outputs: even if the adversary gets a differ-
ent key that hashes to the same value, deriving the private
key should be infeasible if the signature scheme is still
strong. The plans for SHA256 thus seem to be more pru-
dent than necessary, but since they necessitate a hard fork,
rehashing the entire blockchain to add new checkpoints
or hardcoding public keys can only increase the security
of the transition period, but perhaps at a cost of efficiency."
A little plain-english translation would also be, that BitCoin and other cryptocurrencies (As well as, arguably, the security of every credit card in your pocket and bank transaction and online login and...) doesn't rely on the hash being "unbreakable", it just relies on it being non-trivial, and barring a general quntum computer, we know it to be non-trivial. In fact, the credit-card in your pocket is more vulnerable to single hash being broken, and the whole working principle of BitCoin (mining) is "cracking SHA-2".
The threat-model for BitCoin isn't that the hash will be broken, but that it will become significantly easier for one party; this is a special case of the general majority-hashing-power threat, where the "adversary" covertly through subterfuge or technology obtains majority hashing power. This in fact has happened before (Multiple times at least if you include Satoshi Nakamoto himself) and the world didn't come to an end.
This is not to say that I'm a BitCoin enthusiast, or even that I'm saying it's unbreakable, I'm just saying it's far more complicated and also analyzed, at least by other people than the BitCoin core developers, than a simple "OMGZORZS they gonna crack da hash!!!!111" :)
Stop using BitCoins! If only people weren't using BitCoins for anything, it would be a perfect currency!
And how many of their research subjects had been diagnosed with hypochondria? Searching for symptoms and eventual disease isn't unlikely pattern, whereas someone actually suffering from it would be more likely to only ask a doctor. Didn't bother to read the article, of course, but hopefully they did also check whether they did search indicating diagnosis also before, and possibly for other diseases.
I also have to join those questioning the "false positive" rate there. People are perhaps even more liable to search for other people's conditions than their own, and while showing them a banner like "Your searches indicate X" would work just as well, in the context of the study that should count as a false positive. One question on this is exactly how they're counting or reporting false positives. Approximately 5 in 100.000 will get pancreating cancer *in their lifetime*, which comes to neighborhood 1 to 1.000.000 million per year. If their algorithm actually tagges 1 in 10.000 users as having pancreatic cancer then it is next to useless. If 1 in 10.000 tagged didn't turn out to have pancreatic cancer, then it's unbelievable.
And indeed, assuming they were searching for identifiable symptoms, wouldn't they have discovered their cancer earlier? Is this a case of too slow medical system, or just a case of people who already know they have pancreatic cancer sometimes making searches looking like recent diagnosis... the example of "Why did I get pancreatic cancer?" in the summary for example is pretty telling, as that would seem quite likely search for a late-stage patient.
Who is going to want to buy Gear Fit 2 after the treatment the first version got?
It's proof, but the problem is the measure of "largest math proof ever" is dumb. I could let a computer (or preferably a cluster) generate proof that every natural number below 200 trillion is followed by another, and there are no gaps, and it would easily trump that as the "largest math proof ever". What's that you say, it's not the simplest proof? True, but my algorithm just didn't hit on the simplest proof yet... Or if you prefer, I can generate proof of the exact number of primes below 200 trillion, it would beat that record by far and as far as currently known, have no simpler proof. For that matter, the Great Internet Mersenne Prime Search is constantly generating proofs that, if written and dumped out sequentially, would beat the pants off this record. But I hope we're not (or shouldn't be) merely competing for "the largest waste of computing power ever" :)
Oh, and mandatory SMBC link.
Yes, I know it's supposed to be XKCD, but we're working on a budget here...
Some perspective would always be welcome, even on Slashdot. Cooking is still by far more dangerous and effects far, far more people and as such is a public health hazard. http://www.arb.ca.gov/research/indoor/cookingstudy.pdf I can only hope one day we will be living in an evidence-based society where cooking will be outlawed as a public menace. That said of course, there's absolutely nothing wrong with studying and reducing health hazards, and many printer manufacturers have long since responded with filtered air printing enclosures etc. But this particular one has been known for years, and postulated for far longer. One thing that has not yet happened but would be somewhat welcome is some sort of "chemical safety labeling" for printer filament; avoiding, of course, reducing choice or increasing the price, but as of currently there's no way at all to know what kind of chemicals each different filament batch contains. I see a lot of people jumping on demanding to know printer styles and brands, but I expect the filament source to have significantly more effect, and when the filament is used to print anything that comes to contact with skin or even food, this is many times more important.
I'm trying hard not to be the token anti-cryptocurrency dude here, but yeah, the theme of the year seems to be "We've invented the wheel - now with Bitcoin!". The glut of different freshly minted cryptocurrencies from everybody who arrived upon the bright idea of starting out a new cryptocurrency, pre-mining it a bit and giving a fancy name has led to people differentiating with different tie-ins to try to get people adopt their coin adopted.
There isn't any instantly apparent reason Storj is tied down to cryptocurrency (which they themselves admit will be changing), although I'll admit it does give a snazzy way to pay for the storage service, but it's nothing new - at least Mojonation was originally based specifically around the idea of micropayments with a cryptocurrency. In fact it sounds exactly like MojoNation from 2000 with Bitcoin like Merkle trees for proof-of-storage thrown in.
While there is absolutely nothing wrong with improvement like that, one thing that catches the eye is that despite copious references, their whitepapers don't really reference any of the prior work on the area of distributed storage like that, and try to sell it as completely new proof-of-concept idea. Oh yeah, along with the "Now with Bitcoin, but all you have to do is buy our new cryptocurrency" :)
Oh, yeah, they should've said that in the summary - the difference to Morpheus, Freenet, Mojonation, Chord etc. (in no particular order) is that with Storj (which, somehow, is supposed to be pronounced "Storage" according to their site) is that to participate at this stage, you'll have to buy (currently) 300 dollars worth of their freshly minted cryptocurrency. No thanks.
Additionally from their FAQ: "As described in the MetaDisk whitepaper, we will use Florincoin as an initial solution. Eventually, we will transition to a system with more direct and scalable access to the Bitcoin blockchain via proof-of-existence. As blockchain technology improves we can use systems like Factom to provide faster throughput, and Ethereum to create enforceable contracts on data storage." So... they're in large part relying on technology not even developed yet. I get the modern rush to put software out before anybody else (Or say, 20 years after...), but this does sound like a prime example of putting the cart before the horse.