You are here

Feed aggregator

Iceland's Seismic Activity: A Repeat Show for Atmospheric Ash?

Slashdot - Tue, 08/19/2014 - 16:49
In 2010, ash spewed into the atmosphere by the volcano beneath Iceland's Eyjafjallajökull glacier grounded European air traffic for days (and, partially, for weeks). As reported by The Guardian, a series of similarly situated earthquakes may herald a similar ash-ejecting erruption, and the country has raised its volcano risk to its second-most-severe rating (orange). From the article: Iceland met office seismologist Martin Hensch said the risk of any disruptive ash cloud similar to the one in 2010 would depend on how high any ash would be thrown, how much there would be and how fine-grained it would be. Bardarbunga is Iceland's largest volcanic system, located under the ice cap of the Vatnajokull glacier in the southeast of Iceland. It is in a different range to Eyjafjallajokull. The met office said in a statement it measured the strongest earthquake in the region since 1996 early on Monday and it now had strong indications of ongoing magma movement. "As evidence of magma movement shallower than 10km implies increased potential of a volcanic eruption, the Bardarbunga aviation colour code has been changed to orange," it said. "Presently there are no signs of eruption, but it cannot be excluded that the current activity will result in an explosive subglacial eruption, leading to an outburst flood and ash emission." ... Hensch said the biggest risk in Iceland itself was from flood waves from any eruption under the glacier. He said the area of Iceland mainly at risk of flooding was mostly uninhabited but that roads in the area had been closed.

Read more of this story at Slashdot.


Categories: Tech/Science News

Iceland's Seismic Acticity: A Repeat Show for Atmospheric Ash?

Slashdot - Tue, 08/19/2014 - 16:49
In 2010, ash spewed into the atmosphere by the volcano beneath Iceland's Eyjafjallajökull glacier grounded European air traffic for days (and, partially, for weeks). As reported by The Guardian, a series of similarly situated earthquakes may herald a similar ash-ejecting erruption, and the country has raised its volcano risk to it's second-most-severe rating (orange). From the article: Iceland met office seismologist Martin Hensch said the risk of any disruptive ash cloud similar to the one in 2010 would depend on how high any ash would be thrown, how much there would be and how fine-grained it would be. Bardarbunga is Iceland's largest volcanic system, located under the ice cap of the Vatnajokull glacier in the southeast of Iceland. It is in a different range to Eyjafjallajokull. The met office said in a statement it measured the strongest earthquake in the region since 1996 early on Monday and it now had strong indications of ongoing magma movement. "As evidence of magma movement shallower than 10km implies increased potential of a volcanic eruption, the Bardarbunga aviation colour code has been changed to orange," it said. "Presently there are no signs of eruption, but it cannot be excluded that the current activity will result in an explosive subglacial eruption, leading to an outburst flood and ash emission." ... Hensch said the biggest risk in Iceland itself was from flood waves from any eruption under the glacier. He said the area of Iceland mainly at risk of flooding was mostly uninhabited but that roads in the area had been closed.

Read more of this story at Slashdot.








Categories: Tech/Science News

Why Chinese Hackers Would Want US Hospital Patient Data

Slashdot - Tue, 08/19/2014 - 16:09
itwbennett (1594911) writes In a follow-up to yesterday's story about the Chinese hackers who stole hospital data of 4.5 million patients, IDG News Service's Martyn Williams set out to learn why the data, which didn't include credit card information, was so valuable. The answer is depressingly simple: people without health insurance can potentially get treatment by using medical data of one of the hacking victims. John Halamka, chief information officer of the Beth Israel Deaconess Medical Center and chairman of the New England Healthcare Exchange Network, said a medical record can be worth between $50 and $250 to the right customer — many times more than the amount typically paid for a credit card number, or the cents paid for a user name and password. "If I am one of the 50 million Americans who are uninsured ... and I need a million-dollar heart transplant, for $250 I can get a complete medical record including insurance company details," he said.

Read more of this story at Slashdot.








Categories: Tech/Science News

Nuclear Regulator Hacked 3 Times In 3 Years

Slashdot - Tue, 08/19/2014 - 15:27
mdsolar (1045926) writes with this disconcerting story from CNet about security breaches at the U.S. Nuclear Regulatory Commission, revealed in a new report to have been compromised three times in the last three years: The body that governs America's nuclear power providers said in an internal investigation that two of the hacks are suspected to have come from unnamed foreign countries, the news site Nextgov reported based on a Freedom of Information Act request. The source of the third hack could not be identified because the logs of the incident had been destroyed, the report said. Hackers, often sponsored by foreign governments, have targeted the US more frequently in recent years. A report (PDF) on attacks against government computers noted that there was a 35 percent increase between 2010 and 2013. Intruders used common hacking techniques to get at the NRC's computers. One attack linked to a foreign country or individual involved phishing emails that coerced NRC employees into submitting their login credentials. The second one linked to a foreign government or individual used spearphishing, or emails targeted at specific NRC employees, to convince them to click a link that led to a malware site hosted on Microsoft's cloud storage site SkyDrive, now called OneDrive. The third attack involved breaking into the personal account of a NRC employee. After sending a malicious PDF attachment to 16 other NRC employees, one person was infected with malware.

Read more of this story at Slashdot.








Categories: Tech/Science News

AMD Launches Radeon R7 Series Solid State Drives With OCZ

Slashdot - Tue, 08/19/2014 - 14:47
MojoKid (1002251) writes AMD is launching a new family of products today, but unless you follow the rumor mill closely, it's probably not something you'd expect. It's not a new CPU, APU, or GPU. Today, AMD is launching its first line of solid state drives (SSDs), targeted squarely at AMD enthusiasts. AMD is calling the new family of drives, the Radeon R7 Series SSD, similar to its popular mid-range line of graphics cards. The new Radeon R7 Series SSDs feature OCZ and Toshiba technology, but with a proprietary firmware geared towards write performance and high endurance. Open up one of AMD's new SSDs and you'll see OCZ's Indilinx Barefoot 3 M00 controller on board—the same controller used in the OCZ Vector 150, though it is clocked higher in these drives. That controller is paired to A19nm Toshiba MLC (Multi-Level Cell) NAND flash memory and a DDR3-1333MHz DRAM cache. The 120GB and 240GB drives sport 512MB of cache memory, while the 480GB model will be outfitted with 1GB. Interestingly enough, AMD Radeon R7 Series SSDs are some of the all-around, highest-performing SATA SSDs tested to date. IOPS performance is among the best seen in a consumer-class SSD, write throughput and access times are highly-competitive across the board, and the drive offered consistent performance regardless of the data type being transferred. Read performance is also strong, though not quite as stand-out as write performance.

Read more of this story at Slashdot.








Categories: Tech/Science News

News Aggregator Fark Adds Misogyny Ban

Slashdot - Tue, 08/19/2014 - 14:04
An anonymous reader writes The news aggregator Fark is ancient in dot com terms. Users submit news links to the privately run site and tear it — and each other — to pieces in the discussion threads. (Sound familiar?) While the site isn't as popular as during the early 2000s, the privately run discussion forum has continued and has its champions. site operator Drew Curtis announced today that Gifs, references, jokes and comments involving sexism will be deleted. "Adam Savage once described to me the problem this way: if the Internet was a dude, we'd all agree that dude has a serious problem with women. We've actually been tightening up moderation style along these lines for awhile now, but as of today, the FArQ will be updated with new rules reminding you all that we don't want to be the He Man Woman Hater's Club. This represents enough of a departure from pretty much how every other large internet community operates that I figure an announcement is necessary." Given how bare-knuckled Fark can be, is it time? Overdue?

Read more of this story at Slashdot.








Categories: Tech/Science News

Inheritance

The Daily WTF - Tue, 08/19/2014 - 12:15

In life, you will inherit all sorts of things: traits from your direct ancestors, knick-knacks from relatives you tolerated, and sometimes, even money! Of course, there are other things in life that you inherit that you might not even want. The gene for some debilitating disease. The urn filled with the ashes of a relative you particularly despised. Code.

Gerhardt was employed at a C++ shop. Their main product used a third party library. Perhaps used is not quite right; abused is more apt. Every single field that was public (whether it looked like it should be public or not) was ab/used to the max.

At some point, the vendor upgraded the library, and much to the chagrin of all involved, lots of those formerly public variables and methods were now protected. Some of you will say that perhaps they should just change their code to use the library as the vendor intended. Real programmers™ with any real experience in OO languages will immediately think "OK, we can just wrap the protected stuff with our own classes and continue to access the formerly public stuff as before."

class SecretiveLegator { ...   protected: TopSecretType topSecretMember; } class LegacyHunter : public SecretiveLegator {   public: void setTopSecretMember(const TopSecretType &value) { topSecretMember = value; } const TopSecretType & getTopSecretMember() const { return topSecretMember; } }

Now, with an available work-around worthy of Wile E. Coyote, the forbidden fruit was once again hanging within reach of all who wanted it:

static_cast<LegacyHunter &> (secretiveLegator).setTopSecretMember(newValue);

Of course, if the vendor ever demoted those now-protected fields and methods to private...

Gerhardt inherited another piece of nifty engineering; the getOrSet method. Basically, it allowed you to either get the value of a variable, or set the value of that variable at any given time. What a marvel, you only needed one method! Of course, if you had never seen it and casually came upon it, you had one of those moments when you looked at something, had no clue what it was or why it existed, and mumbled those three magic little words under your breath. Then you look at the source code and wish you hadn't:

public: void getOrSet(bool getOrSet, TheType &x) { if (getOrSet) { this.x = x; } else { x = this.x; } }

Inheritance is usually a static thing. You inherit a trait from mommy or daddy; not some random stranger. Gerhardt's company employed the truly innovative pattern of dynamic inheritance. This is not dynamic casting, mind you, no! There was a BaseClass that consisted of a giant union of all of their structs, allowing code to read and write the underlying data by means of any one of those structs.

Each of the union's member structs represented one or more (possibly nested) derivations from BaseClass. BaseClass had a list of virtual and pure-virtual methods like so:

baseClass *elements = (BaseClass *) new char[nElements * sizeof(BaseClass)];

To initialize the elements array, the proper union struct was used to write the appropriate kind of data to the element. Then the powdered unicorn dust was applied. They had several global variables, one for each subclass of BaseClass. The pointer in the array that represented a given sub-class was initialized like this:

*(void **) p = *(void **) &globalInstanceOfTheSubclassOfBaseClass;

For those of you not up on C++ mojo, that copies the virtual function table pointer from the sample subclass to the start of the memory that they wanted to represent the subclass instance. By overwriting a given pointer with the value from a different subclass, you could completely change all the virtual functions that would be invoked for that particular subclass. Calling a given virtual method would result in code from the last subclass to which the pointer had been set being called.

You may ask, how was this creature used? The GUI had the ability to specify the type of object at any given node in their system. Once the pointer for the object was overwritten, the virtual function table was effectively patched and the resultant code would then behave as though the data in the union/struct was that of the selected subclass.

Of course, virtual function tables aren't the only pointers that can be abused. Gerhardt found where they were using member-pointers (as quasi enums) to tell the method (not what it had to do, but) who called it. The method would then deduce what it was supposed to do based upon who was invoking it.

This was particularly fascinating when inline functions were on a call stack that spanned different DLLs (where the address of the function was different in each and every one).

After a long period of the most bewildering crashes, he stripped out all of the function pointers, and switched the entire mechanism to an ordinary enum.

[Advertisement] Have you seen BuildMaster 4.3 yet? Lots of new features to make continuous delivery even easier; deploy builds from TeamCity (and other CI) to your own servers, the cloud, and more.
Categories: Fun/Other

Adam Carolla Settles With Podcasting Patent Troll

Slashdot - Tue, 08/19/2014 - 11:00
Personal Audio has been trying to assert patents they claim cover podcasting for some time now; in March Adam Carolla was sued and decided to fight back. Via the EFF comes news that he has settled with Personal Audio, and the outcome is likely beneficial to those still fighting the trolls. From the article: Although the settlement is confidential, we can guess the terms. This is because Personal Audio sent out a press release last month saying it was willing to walk away from its suit with Carolla. So we can assume that Carolla did not pay Personal Audio a penny. We can also assume that, in exchange, Carolla has given up the opportunity to challenge the patent and the chance to get his attorney’s fees. ... EFF’s own challenge to Personal Audio’s patent is on a separate track and will continue ... with a ruling likely by April 2015. ... We hope that Personal Audio’s public statements on this issue mean that it has truly abandoned threatening and suing podcasters. Though a press release might not be legally binding, the company will have a hard time justifying any further litigation (or threats of litigation) against podcasters. Any future targets can point to this statement. Carolla deserves recognition for getting this result.

Read more of this story at Slashdot.








Categories: Tech/Science News

Delaware Enacts Law Allowing Heirs To Access Digital Assets of Deceased

Slashdot - Tue, 08/19/2014 - 09:18
An anonymous reader writes Ars reports: "Delaware has become the first state in the U.S .to enact a law that ensures families' rights to access the digital assets of loved ones during incapacitation or after death." In other states, the social media accounts and email of people who die also die with them since the companies hosting those accounts are not obligated to transfer access even to the heirs of the deceased. In Delaware, however, this is no longer the case. The article notes that even if the deceased was a resident of another state, if his/her will is governed by Delaware law, his/her heirs will be allowed to avail of the new law and gain access to all digital assets of the deceased.

Read more of this story at Slashdot.








Categories: Tech/Science News

Research Unveils Improved Method To Let Computers Know You Are Human

Slashdot - Tue, 08/19/2014 - 06:03
An anonymous reader writes CAPTCHA services that require users to recognize and type in static distorted characters may be a method of the past, according to studies published by researchers at the University of Alabama at Birmingham. Researchers focused on a broad form of gamelike CAPTCHAs, called dynamic cognitive game, or DCG, CAPTCHAs, which challenge the user to perform a gamelike cognitive task interacting with a series of dynamic images. For example, in a "ship parking" DCG challenge, the user is required to identify the boat from a set of moving objects and drag-and-drop it to the available "dock" location. The puzzle is easy for the human user to solve, but may be difficult for a computer program to figure out. The game-like nature may make the process more engaging for the user compared to conventional text-based CAPTCHAs. There are a couple research papers available: "A Three-Way Investigation of a Game-CAPTCHA: Automated Attacks, Relay Attacks and Usability" and "Dynamic Cognitive Game CAPTCHA Usability and Detection of Streaming-Based Farming."

Read more of this story at Slashdot.








Categories: Tech/Science News

Hackers Steal Data Of 4.5 Million US Hospital Patients

Slashdot - Tue, 08/19/2014 - 04:06
itwbennett (1594911) writes Community Health Systems said the attack occurred in April and June of this year, but it wasn't until July that it determined the theft had taken place. Working with a computer security company, it determined the attack was carried out by a group based in China that used 'highly sophisticated malware' to attack its systems. The hackers got away with patient names, addresses, birthdates, telephone numbers and Social Security numbers of the 4.5 million people who were referred to or received services from doctors affiliated with the company in the last five years. The stolen data did not include patient credit card, medical, or clinical information.

Read more of this story at Slashdot.








Categories: Tech/Science News

Blackberry Moves Non-Handset Divisions Into New Business Unit

Slashdot - Tue, 08/19/2014 - 02:08
First time accepted submitter BarbaraHudson (3785311) writes The CBC is reporting that Blackberry has made preparations to abandon the phone market by spinning pieces of the business off into Blackberry Technology Solutions. From the article: "The unit ... includes QNX, the company that BlackBerry acquired and used to develop the operating system that became the platform for its new smartphones, and Certicom, a former independent Toronto-area company with advanced security software. BTS will also include BlackBerry's Project Ion, which is an application platform focused on machine-to-machine Internet technology, Paratek antenna tuning technology and about 44,000 patents." When you have less market share than Windows Phone, it's time to throw in the towel ... or as they say in the new "lets not admit we screwed up" vernacular, "pivot to take advantage of new opportunities."

Read more of this story at Slashdot.








Categories: Tech/Science News

Rightscorp's New Plan: Hijack Browsers Until Infingers Pay Up

Slashdot - Tue, 08/19/2014 - 01:30
A few weeks ago, Rightscorp announced plans to have ISPs disconnect repeat copyright infringers. mpicpp (3454017) wrote in with news that Rightscorp announced during their latest earnings call further plans to require ISPs to block all web access (using a proxy system similar to hotel / college campus wifi logins) until users admit guilt and pay a settlement fine (replacing the current system of ISPs merely forwarding notices to users). Quoting TorrentFreak: [Rightscorp] says 75,000 cases have been settled so far with copyright holders picking up $10 from each. ... What is clear is that Rightscorp is determined to go after "Comcast, Verizon, AT&T, Cable Vision and one more" in order to "get all of them compliant" (i.e forwarding settlement demands). The company predicts that more details on the strategy will develop in the fall, but comments from COO & CTO Robert Steele hint on how that might be achieved. ... "[What] we really want to do is move away from termination and move to what's called a hard redirect, like, when you go into a hotel and you have to put your room number in order to get past the browser and get on to browsing the web." The idea that mere allegations from an anti-piracy company could bring a complete halt to an entire household or business Internet connection until a fine is paid is less like a "piracy speeding ticket" and more like a "piracy wheel clamp", one that costs $20 to have removed.

Read more of this story at Slashdot.








Categories: Tech/Science News

Munich Reverses Course, May Ditch Linux For Microsoft

Slashdot - Tue, 08/19/2014 - 00:50
alphadogg (971356) writes with news that the transition from Windows to GNU/Linux in Munich may be in danger The German city of Munich, long one of the open-source community's poster children for the institutional adoption of Linux, is close to performing a major about-face and returning to Microsoft products. Munich's deputy mayor, Josef Schmid, told the Süddeutsche Zeitung that user complaints had prompted a reconsideration (Google translation to English) of the city's end-user software, which has been progressively converted from Microsoft to a custom Linux distribution — "LiMux" — in a process that dates back to 2003.

Read more of this story at Slashdot.








Categories: Tech/Science News

Women Founders Outpace Male Counterparts In Certain Types of Kickstarter Funding

Slashdot - Tue, 08/19/2014 - 00:06
Nerval's Lobster writes Women outpace men when it comes to raising money for technology projects through crowdfunding sites such as Kickstarter, according to a new study by researchers at New York University and the Wharton School at the University of Pennsylvania. Jason Greenberg (NYC) and Ethan Mollick (Wharton/UPenn) chose 1,250 Kickstarter projects in five categories: games and technology, where founders were predominantly male; film, with an even gender distribution; and fashion and children's books, both populated with more female founders and backers. They analyzed additional factors such as "industry typing" (a theory in which people 'often hold conscious or unconscious biases about what gender is the archetype employee in a particular occupation or industry') and restricted the data set by geography and how much money each Kickstarter project wanted (a project aiming for less than $5,000 may attract an inordinate percentage of family and friends as funders, skewing results). After crunching the data, they found that female founders of technology projects were more likely than males to achieve their Kickstarter goals, a finding that didn't extend to the other four categories. "It appears female backers are responsible for helping female founders succeed in specific industry categories that women backers generally disfavor," they theorized, adding a little later: "The value of crowdfunding is that it enables access to a pool of potential female backers particularly inclined to support women in industry categories in which they believe women to be underrepresented."

Read more of this story at Slashdot.








Categories: Tech/Science News

The Royal Society Proposes First Framework For Climate Engineering Experiments

Slashdot - Mon, 08/18/2014 - 23:21
Jason Koebler writes The Royal Society of London, the world's oldest scientific publisher, has unveiled a proposal to create the first serious framework for future geoengineering experiments. It's a sign that what are still considered drastic and risky measures to combat climate change are drifting further into the purview of mainstream science. The scientific body has issued a call to create "an open and transparent review process that ensures such experiments have the necessary social license to operate."

Read more of this story at Slashdot.








Categories: Tech/Science News

The Data Dome: A Server Farm In a Geodesic Dome

Slashdot - Mon, 08/18/2014 - 22:35
1sockchuck writes In a unique approach to data center design, the new high-performance computing center in Oregon is housed in a geodesic dome. The new facility at the Oregon Health and Science University requires no mechanical air conditioning, using outside air to racks of servers reaching densities of 25kW per cabinet. The design uses an aisle containment system to separate hot and cold air, and can recirculate server exhaust heat to adjust cold aisle temperatures in the winter. It's a very cool integration of many recent advances in data center design, combining elements of the Yahoo Chicken Coop and server silo in Quebec. The school has posted a virtual tour that provides a deep technical dive.

Read more of this story at Slashdot.








Categories: Tech/Science News

Linux Kernel Git Repositories Add 2-Factor Authentication

Slashdot - Mon, 08/18/2014 - 22:09
LibbyMC writes For a few years now Linux kernel developers have followed a fairly strict authentication policy for those who commit directly to the git repositories housing the Linux kernel. Each is issued their own ssh private key, which then becomes the sole way for them to push code changes to the git repositories hosted at kernel.org. While using ssh keys is much more secure than just passwords, there are still a number of ways for ssh private keys to fall into malicious hands. So they've further tightened access requirements with two-factor authentication using yubikeys.

Read more of this story at Slashdot.








Categories: Tech/Science News

Software Combines Thousands of Online Images Into One That Represents Them All

Slashdot - Mon, 08/18/2014 - 21:49
Zothecula writes If you're trying to find out what the common features of tabby cats are, a Google image search will likely yield more results than you'd ever have the time or inclination to look over. New software created at the University of California, Berkeley, however, is designed to make such quests considerably easier. Known as AverageExplorer, it searches out thousands of images of a given subject, then amalgamates them into one composite "average" image.

Read more of this story at Slashdot.








Categories: Tech/Science News

Microsoft's Windows 8 App Store Is Full of Scamware

Slashdot - Mon, 08/18/2014 - 21:03
Deathspawner writes Windows 8 brought a lot to the table, with one of its most major features being its app store. However, it's not a feature that Microsoft seems too intent on keeping clean. As it is today, the store is completely littered with misleading apps and outright scamware. The unfortunate thing is that to find any of it, all you have to do is simply open the store and peruse the main sections. Not so surprisingly, no Microsoft software seems to be affected by this, but many open-source apps can be found at the store from unofficial sources that have a cost, or will lead the user to download a third-party installer. It's only a matter of time before malware sneaks its way in, if it's not there already.

Read more of this story at Slashdot.








Categories: Tech/Science News

Pages

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer