Windows 7 & 8 machines to get monthly "rollups", no choice in patches

by
in microsoft on (#1QYT5)
It looks like the end of the road for Win 7 & 8 users may be at hand. Microsoft’s Senior Product Marketing Manager Nathan Mercer just announced that, “From October 2016 onwards, Windows will release a single Monthly Rollup that addresses both security issues and reliability issues in a single update. The Monthly Rollup will be published to Windows Update (WU), WSUS, SCCM, and the Microsoft Update Catalog. Each month’s rollup will supersede the previous month’s rollup, so there will always be only one update required for your Windows PCs to get current."

In other words, individual patches will no longer be available after October 2016, and Windows 7 and Windows 8 users will now only have two choices: stop updating completely and leave your computers vulnerable to security holes, or accept everything single thing Microsoft sends you whether you want it or not. Will this include forced installs of Win 10 on existing Win 7/8 PCs? Only time will tell.

Soylent CEO criminally charged for unpermitted tiny off-grid home

by
Anonymous Coward
in legal on (#1QKXC)
Rob Rhinehart, developer of the meal replacement milkshake known as Soylent, has been criminally charged over his off-grid “experiment in sustainable living”. He installed an off-grid shipping container home, without obtaining city permits, and he allegedly refused city orders in January and April to remove the container. He could face up to two years in prison and a $4,000 fine.

Rhinehart plopped down the container with no fence on a vacant lot of 8,422 square feet in Montecito Heights — an evolving hilltop community with gorgeous views of the downtown Los Angeles skyline, which property records show he bought in January for $21,300. And he was almost never there. Over time, it became a vandalized graffiti eyesore with broken windows and a magnet for unwelcome visitors who for years have flocked to the hill looking for a place to drink, make out or watch Dodger Stadium fireworks.

On-Demand drone insurance

by
in hardware on (#1Q78W)
story imageMore people than ever have drones, but flying them also comes with risks such as losing your drone, damaging it, or worse, causing damage with it. As more of them take to the sky it's not unlikely that some form of insurance will eventually become required to be held by drone operators. A recently-launched company named Verifly is getting an early start in that market by offering short-term "on-demand" insurance for recreational and commercial drone users. The insurance service starts at an $10 an hour and offers liability insurance for up to a quarter mile around the user. The system works through a downloadable app where the drone operator selects a flight area and receives hourly insurance, subject to some limitations. Right now the service is not offered in all states, but is available in 40 of the 50 states. The insurance currently covers drones with a maximum weight of up to 15 pounds and has a maximum liability limit of $1,000,000 of coverage per incident.

Study shows PTSD may be more physical than psychological

by
in science on (#1PWJW)
Since 2012, neuropathologist Daniel Perl has advocated for this theory: specifically that blast waves caused physical damage at the intersection of the brain's gray matter and white matter , where microscopic analysis of the brains of former soldiers who suffered from PTSD reveals a "brown dust" of scarring, in regions that are neuroanatomically associated with sleep and cognition.

Perl and his team examined brains of service members who died well after their blast exposure, including a highly decorated Special Operations Forces soldier who committed suicide. All of them had the same pattern of scarring in the same places, which appeared to correspond to the brain’s centers for sleep, cognition and other classic brain-injury trouble spots.

Ibolja Cernak is a Bosnian scientist who conducted a study on 1,300 veterans of the Bosnian/Serbian conflict, which confirmed much of Perl's hypothesis. Adherents of this hypothesis believe that the action of a blast weakens the material connections at their intersections -- perhaps by compressing the body and forcing blood into the brain, putting a "shearing load on brain tissues."

'Faceless Recognition System' can identify you even with your face hidden

by
in security on (#1PWJ5)
In a new paper uploaded to the ArXiv pre-print server, researchers at the Max Planck Institute in Saarbrücken, Germany demonstrate a method of identifying individuals even when most of their photos are un-tagged or obscured. The researchers' system, which they call the “Faceless Recognition System,” trains a neural network on a set of photos containing both obscured and visible faces, then uses that knowledge to predict the identity of obscured faces by looking for similarities in the area around a person's head and body.

The accuracy of the system varies depending on how many visible faces are available in the photo set. Even when there are only 1.25 instances of the individual's fully-visible face, the system can identify an obscured faced with 69.6 percent accuracy; if there are 10 instances of an individual's visible face, it increases to as high as 91.5 percent.

In other words, even if you made sure to obscure your face in most of your Instagram photos, the system would have a decent chance identifying you as long as there are one or two where your face is fully visible.

Interview with Timothy Lord about Slashdot

by
in internet on (#1PQ0D)
FossForce has an interesting video interview with Timothy Lord:
The original Slashdot crew was declared redundant in early 2016 by the site’s latest owner, Slashdot Media. Timothy Lord was the last of the early Slashdot editors to be let go, and has posted more stories on Slashdot than anyone else, ever, so we turned to him to learn how and why Slashdot helped the FOSS movement grow and eventually infiltrate mainstream IT.
The questions are mainly geared toward FOSS, but he does talk about "news for nerds" and explains the role that discussion sites, such as Slashdot, played in the community.

What form do you think discussion sites of the future will be? Will everyone still be staring at Facebook feeds and Twitter tweets in 20 years? Do human curated story sites (slash-like) have advantages over generic link sharing sites (like reddit, digg)? Or is every site just regurgitating the same generic news year after year and it doesn't really matter what form it takes?

Smart stitches coming to a hospital near you

by
in hardware on (#1PPZG)
story imageWe already have smartphones, smart TVs and smart cars, so why not leverage technology to include smart stitches? Using tiny sensors and electronics layered into fibers like cotton or various synthetics, super-small-scale electronics called “nano-scale sensors” and “microfluidics” are inserted into the sutures to monitor things like pressure, stress, strain and body temperature — as well as pH and glucose levels. This data from the sutures can transmit wirelessly in real time to a cellphone or computer, giving doctors a better idea of how a patient is healing and whether an infection is starting. Although they’ve only been tested in vitro, on rats’ tissue, so further studies are needed, but researchers are confident with the results they’ve seen so far.

Olympics viewers overloaded with commercials during NBC Olympic Opening Ceremony

by
in sports on (#1PMZM)
During the Olympic opening ceremonies, NBC may very well stand for "Nothing But Commercials". Viewers took to Twitter to slam the network’s frequent commercial breaks after six commercial breaks in under 40 minutes. Inserting commercials is probably the reason that NBC did a tape delay of the opening ceremony.

NBC has also been inserting commercials while matches are taking place over the first two days of the women's and men's Olympic soccer tournaments, prompting anger from many. And yet NBC has billed this as the 'Most Live Olympics Ever' despite the one hour broadcast delay for the opening ceremony.

America’s electronic voting machines are scarily easy targets

by
in security on (#1PAA1)
story imageMost people remember the vote-counting debacle of the 2000 election, the dangling chads that resulted in the Supreme Court breaking a Bush-Gore deadlock. What people may not remember is the resulting Help America Vote Act (HAVA), passed in 2002, which among other objectives worked to phase out the use of the punchcard voting systems that had caused millions of ballots to be tossed.

In many cases, those dated machines were replaced with electronic voting systems. The intentions were pure. The consequences were a technological train wreck. The list of those problems is what you’d expect from any computer or, more specifically, any computer that’s a decade or older. Most of these machines are running Windows XP, for which Microsoft hasn’t released a security patch since April 2014. Though there’s no evidence of direct voting machine interference to date, researchers have demonstrated that many of them are susceptible to malware or, equally if not more alarming, a well-timed denial of service attack.

“When people think that people think about doing something major to impact our election results at the voting machine, they think they’d try to switch results,” says Brennan Center’s Lawrence Norden, referring to potential software tampering. “But you can do a lot less than that and do a lot of damage… If you have machines not working, or working slowly, that could create lots of problems too, preventing people from voting at all.”

The extent of vulnerability isn’t just hypothetical; late last summer, Virginia decertified thousands of insecure WinVote machines. As one security researcher described it, “anyone within a half mile could have modified every vote, undetected” without “any technical expertise.” The WinVote systems are an extreme case, but not an isolated one.

Ransomware is targeting the enterprise at an increasing pace

by
in security on (#1P8DF)
Enterprise-targeting cyber enemies are deploying vast amounts of potent ransomware to generate revenue and huge profits – nearly $34 million annually according to Cisco’s Mid-Year Cybersecurity Report out this week.

Ransomware, Cisco wrote, has become a particularly effective moneymaker, and enterprise users appear to be the preferred target. One of the main reasons is that corporations have access to (and can afford) ransom money whereas individual users may not.

Problems include faster and more effective propagation methods that maximize the impact of ransomware campaigns, exploit kits, which make ransomware easy to deploy, and vulnerabilities in the enterprise application software JBoss, which is providing attackers with a new vector that they can use to launch ransomware campaigns with.

Another very troubling issue is that a small but growing number of malware samples show that bad actors are using Transport Layer Security (TLS), the protocol used to provide encryption for network traffic, to hide their activities. This is a cause for concern among security professionals, since it makes deep-packet inspection ineffective as a security tool.
12345678910...