Alterslash

the unofficial Slashdot digest

Google Wants To Rank Websites Based On Facts Not Links

Posted by samzenpusView
wabrandsma writes about Google's new system for ranking the truthfulness of a webpage. "Google's search engine currently uses the number of incoming links to a web page as a proxy for quality, determining where it appears in search results. So pages that many other sites link to are ranked higher. This system has brought us the search engine as we know it today, but the downside is that websites full of misinformation can rise up the rankings, if enough people link to them. Google research team is adapting that model to measure the trustworthiness of a page, rather than its reputation across the web. Instead of counting incoming links, the system – which is not yet live – counts the number of incorrect facts within a page. 'A source that has few false facts is considered to be trustworthy,' says the team. The score they compute for each page is its Knowledge-Based Trust score. The software works by tapping into the Knowledge Vault, the vast store of facts that Google has pulled off the internet. Facts the web unanimously agrees on are considered a reasonable proxy for truth. Web pages that contain contradictory information are bumped down the rankings."

Samsung Officially Unpacks Galaxy S6 and Galaxy S6 Edge At MWC

Posted by samzenpusView
MojoKid writes Today, at Mobile World Congress, Samsung took the veil off of its much-anticipated Galaxy S6, and also the Galaxy S6 edge. As has been heavily rumored, the S6 foregoes the plastic shell of its predecessor and integrates metal and glass instead, resulting in a far more premium feel, a thickness of 6.8mm, and a weight of 138g on the normal S6 and 132g on the edge. Samsung made it a point to mention that the metal it uses in the S6 is 50% stronger than other smartphones- a Apple bendgate jab, perhaps? Both the S6 and S6 edge share the same hardware, which includes a 5.1-inch Quad HD Super AMOLED display. That gives us a resolution of 2560x1440, and a high pixel density of 577 ppi. The new phones also include an octa-core processor (2.1GHz quad + 1.5GHz quad), 3GB of DDR4 memory, and LTE cat 6 (300/50Mbps) support. Also of note is the phone's rear 16 megapixel f/1.9 camera, which Samsung says will launch in less than a second (0.6 seconds, to be exact). The front camera is no slouch either, also boasting an aperture of f/1.9, and coming in at 5 megapixels. The company says that the phone can add 4 hours of battery-life after a mere 10 minutes of charging, and when compared to the iPhone, it charges up to full in half the time. The S6 also has built-in wireless charging as well.

Nope

By ledow • Score: 5, Insightful • Thread

Non-user-replaceable battery, and no SD expansion.

Stick it up your backside, Samsung, and stop emulating the WORST features of your competitors.

A few departures from the S3/S4/S5

By DanTheManMS • Score: 3 • Thread
No removable battery. Less space than an SD card. Lame.

In all seriousness, it does look like a very nice phone. And Samsung has gotten better about pre-loading less bloatware on their more recent releases. We'll have to see how the general public receives it though.

What?

By SternisheFan • Score: 5, Insightful • Thread
No removable battery, no SD card. The best things about Samsung phones have been removed from this version.

Re:Nope

By ShanghaiBill • Score: 4, Insightful • Thread

Non-user-replaceable battery, and no SD expansion.

A replaceable battery costs more upfront and is incompatible with thinness. Most people get a new phone long before the battery dies.

No SD card = major weakness

By dwheeler • Score: 4, Insightful • Thread
One reason I bought an earlier Samsung is *specifically* because it supports a micro-SD card. Nice specs, but no micro-SD is a weakness to me.

Ultra-Low Power Radio Transceiver Enables Truly Wireless Earbuds

Posted by samzenpusView
First time accepted submitter irl_4795 writes At Mobile World Congress in Barcelona NXP Semiconductors will demonstrate Near Field Magnetic Induction technology in a truly wireless earbud including wireless audio streaming from ear to ear. From the article: "The wireless technology being used to enable truly wireless earbuds is based on Near Field Magnetic Induction (NFMI). NFMI features important properties such as ultra-low power consumption and the ability to create a very reliable network in and around the human body, with both high-quality audio and data streaming supported over small distances. An additional integration advantage is also that it requires few external components. NFMI is a short range technology and as such also creates a private network, making it is much less susceptible to interference than 2.4 GHz transceivers.

Re:Health risks?

By modmans2ndcoming • Score: 5, Insightful • Thread

Care to show any credible studies that show this to be a problem?

Not actually batteryless

By david.given • Score: 4, Informative • Thread

Apparently it uses 1.5mW at 1V.

You can get batteryless radios. Crystal radios (which don't necessarily contain a crystal) get all their power from the radio signal, and they're scarily simple. During the second world war foxhole radios were built out of a razor blade, a pencil, some wire and a set of headphones (instructions: http://www.bizarrelabs.com/fox...) Prisoner of war radios used coal

AFAIK, however, the much lower energy VHF signals for FM isn't capable of running an FM decoder, and probably not an earpiece either.

I wonder if a modern crystal earpiece could usefully pick up low-power AM transmissions from a cellphone in your pocket without spamming everyone around you with radio waves?

Re:Health risks?

By arielCo • Score: 5, Insightful • Thread

No. There have been plenty of studies on the effects of non-ionizing radiation on health, and none of the realistic, unbiased ones have yielded any evidence of harm, so it remains a purely theoretical possibility. Furthermore, radiation power densities are going down (TFA is a shining example).

20-Year-Old Military Weather Satellite Explodes In Orbit

Posted by samzenpusView
schwit1 writes A 20-year-old U.S. military weather satellite apparently exploded for no obvious reason. The incident has put several dozen pieces of space junk into orbit. From the article: "A 20-year-old military weather satellite apparently exploded in orbit Feb. 3 following what the U.S. Air Force described as a sudden temperature spike. The “catastrophic event” produced 43 pieces of space debris, according to Air Force Space Command, which disclosed the loss of the satellite Feb. 27 in response to questions from SpaceNews. The satellite, Defense Meteorological Satellite Program Flight 13, was the oldest continuously operational satellite in the DMSP weather constellation."

Re:It should stand two degrees, for sure!

By AK Marc • Score: 5, Interesting • Thread
Many satellites are hybrid solar+batteries. They have sun enough to run and charge, so in the shade, they run off batteries. Batteries fail, sometimes spectacularly. It's possible that there was a chemical reaction in the batteries that *caused*, not was the result of, the temperature spike. Then the battery failed, exploding.

Exploded over Americas, Cooling Failure?

By Irate Engineer • Score: 5, Interesting • Thread
This satellite blew up at 1715 UTC, and since it was in a sun-synchronous polar orbit, local noon would have put that over the Americas (North, Central, or South). This satellite was sitting under the direct sun for 20 years. If the radiator cooling system failed, things could heat up and fail very quickly (there is no wind up there, remember).

Re:It should stand two degrees, for sure!

By sumdumass • Score: 4, Interesting • Thread

I doubt that, there are no sharks in space.

Oh, you are serious. Well, that was my first thought too. Either a laser weapon or a small particle of something (meteorite) smashed through it causing a catastrophic failure..

Its a warning shot...

By david.given • Score: 3 • Thread

...telling us to stay the hell away from their base on Ceres.

We should retaliate by beaming Youtube comments at them.

Re:Uninsightful

By Immerman • Score: 4, Interesting • Thread

Perhaps you could be more informative as to the problem? Why wouldn't a coherent microwave beam be every bit as effective as a laser? Or perhaps you simply didn't realize that masers are a real thing, and even predate lasers sufficiently that lasers were originally called "optical masers".

The only potential issue that I can think of is that, due to the longer wavelength, it would be difficult to focus a maser beam as tightly. Of course if you're happy to cook the whole satellite instead of burn a hole in it, then that's less of an issue.

Spacewalking Astronauts Finish Extensive, Tricky Cable Job

Posted by samzenpusView
An anonymous reader writes news about a three-day cable job completed outside the International Space Station. "Spacewalking astronauts successfully completed a three-day cable job outside the International Space Station on Sunday, routing several-hundred feet of power and data lines for new crew capsules commissioned by NASA. It was the third spacewalk in just over a week for Americans Terry Virts and Butch Wilmore, and the quickest succession of spacewalks since NASA's former shuttle days. The advance work was needed for the manned spacecraft under development by Boeing and SpaceX. A pair of docking ports will fly up later this year, followed by the capsules themselves, with astronauts aboard, in 2017."

Was one of them named ...

By CaptainDork • Score: 3 • Thread

... Larry?

Awesome!

By EvilSS • Score: 3 • Thread
Now let them rest a bit then send them to Arizona

Be careful!

By briancox2 • Score: 3 • Thread
There are satellites exploding up there!

Physicists May Be One Step Closer To Explaining High-Temp Superconductivity

Posted by samzenpusView
sciencehabit writes For years some physicists have been hoping to crack the mystery of high-temperature superconductivity—the ability of some complex materials to carry electricity without resistance at temperatures high above absolute zero—by simulating crystals with patterns of laser light and individual atoms. Now, a team has taken—almost—the next-to-last step in such 'optical lattice' simulation by reproducing the pattern of magnetism seen in high-temperature superconductors from which the resistance-free flow of electricity emerges.

Re:Relatively high temp...

By itzly • Score: 4, Informative • Thread

You will always have heat buildup to deal with in any system that does something useful.

Superconducting magnets are useful, even if they're not doing work.

Re:Relatively high temp...

By itzly • Score: 4, Interesting • Thread

perhaps engineer some meta-materials that hold such properties at room temperature.

Doesn't even have to be room temperature. Being able to make a MRI machine using liquid nitrogen instead of helium would be a huge win.

Re:Relatively high temp...

By ShanghaiBill • Score: 5, Informative • Thread

138K = -211F

The key threshold is 77K. Above that, and you can cool with liquid nitrogen. A liter of liquid N2 costs less than a liter of milk. A liter of liquid helium costs about a hundred times as much.

Pharming Attack Targets Home Router DNS Settings

Posted by samzenpusView
msm1267 (2804139) writes Pharming attacks are generally network-based intrusions where the ultimate goal is to redirect a victim's web traffic to a hacker-controlled webserver, usually through a malicious modification of DNS settings. Some of these attacks, however, are starting to move to the web and have their beginnings with a spam or phishing email. Proofpoint reported on the latest iteration of this attack, based in Brazil. The campaign was carried out during a five-week period starting in December when Proofpoint spotted phishing messages, fewer than 100, sent to customers of one of the country's largest telecommunications companies.

Word Overloading:

By Hartree • Score: 3 • Thread

In the life sciences, "Pharming" is using genetically engineered animals, like goats, to produce proteins or other substances, (especially those with pharmaceutical applications).

Example: Genetically engineered goats that produce spider silk proteins in their milk that can then be extracted from it.

see: http://www.bbc.com/news/scienc...

(Warning, possible auto-play)

Passwords again...

By houstonbofh • Score: 5, Insightful • Thread
"They also try to brute force the admin page for the router using known default username-password combinations."

About time to force manufactures to not have "default" passwords. If 2wire can do it on their amazingly cheap crap, so can others.

Sounds a lot like what I saw last week

By msobkow • Score: 4, Informative • Thread

At the beginning of last week, I saw a number of fake emails "returned" to my ISP email account. A day or two later, I received a phishing email requesting me to change my password for that email account.

Today, someone tried the same thing for my Microsoft account.

It's more creative than usual, but it is still just a phishing attack, and you can easily spot it by the fake URLs in the phishing emails.

Not even

By Billly Gates • Score: 5, Insightful • Thread

Just Compromise an adserver with A flash exploit and You Can 0wn Tens Of thousands within hours.

Whoever thought to run executables on random websites was a good idea? More proof adblock not user education is needed for security. Gone are the days of not clicking meant secure

Check HOSTS For Security Vendors

By Guy From V • Score: 3, Interesting • Thread

Just make sure your hosts file isn't populated with a random bunch of known security software vendors' names like eset, trendmicro, kaspersky, avira or some shit with a loopback to your local before them. I've seen some really screwed up hostfiles on my friends' PCs that look like that. I just trash them in favor of one of the well-known complete hostfiles that some dudes keep updating around the web ...I forget the names of the websites and authors...so...y'know...this advice is a big help lol. I'm sure someone remembers on here...

Research Suggests That Saunas Help You Live Longer

Posted by samzenpusView
jones_supa writes A study of Finnish men suggests that frequent sauna baths may help you live longer. Previous research has suggested that saunas might improve blood vessel function and exercise capacity, or even lower blood pressure in patients with hypertension. The new study links long, hot sauna baths with more benefits, including fewer deaths from heart attacks, strokes, various heart-related conditions and other causes. The study tracked 2315 Finnish men for nearly 20 years on average. Most participants used saunas at least once weekly. Those who used them four to seven times weekly received the greatest benefits. The study published in JAMA Internal Medicine wraps up by saying that further studies are warranted to establish the potential mechanism that links sauna bathing and the aforementioned cardiovascular benefits.

I hate gender bias in studies

By wwphx • Score: 3 • Thread
2,000 men: no women. Guess what -- women are alive and have cardiovascular health also. And a lot of women die because most heart studies don't study women and their symptoms of heart attack are different.

Skewed Results

By Dorianny • Score: 5, Insightful • Thread
The problem with this type of studies is that is that you can never establish causality. Does X activity really extend ones lifespan on its own or is the type of person that engages in that activity simply into a healthier overall lifestyle. This particular study might even be skewed due to most doctors advising patients with chronic Cardiovascular Disease to avoid saunas. Cardiovascular Disease is the number one killer in the developed world and removing them from a population sample would tip average life expectancy higher.

Re:Smoking Hot Blondes

By KingOfBLASH • Score: 4, Informative • Thread

"Finnish Sauna" is often used as a label for a particular type of Sauna at a good bath house. Hot, dry heat (and very hot at that -- often in excess of 100F), often with a roaring fire in the center. You'll also have other types of saunas (steam saunas, infared saunas, etc.), some of which are also associated with a country (Russian Sauna, Turkish Sauna, etc.). And if you pick the right country, the sauna will both be co ed, and naked. (Remember those shirts from the 90s?)

I recommend Spa Zuiver in Amsterdam. Everyone will be naked, you can go into naked jacuzzis together, and it's a wonderfully relaxing experience.

Of course, before you book your ticket with thoughts of a hedon's paradise, you should know a few things.

1. The sauna is not a pick up place. The chances of meeting a hot woman there and turning it into something are quite small.
2. For every hot woman who you will be happy to see naked, there will be four old women or men
3. Staring is not something to be done. However, if you happen to be sitting in a place where you see everything, and someone comes in, well that's OK.
4. You will be naked too. And your beauty will be judging you as well.
5. There will be a bar. And food service. While you can't drink in the pools, where else can you drink around a bunch of naked people?

But, if you'd never been, I'd highly recommend it. A day at the sauna makes you feel incredible. Really. And muscle soreness will just disappear. It's quite amazing (try a sauna after your work outs sometime)

Re:Easy life

By rycamor • Score: 4, Informative • Thread

There have been many, many studies on this matter over the past couple decades. A couple of my favorite meta-aggregators of these studies are Rogue Health and Fitness and Mark's Dailly Apple (yeah, he's a paleo advocate, but he's also a former top competitive runner, Ironman winner, and currently a sculpted buff dude in his 60s -- and his wife only a few years younger looks like a fitness model). Even more interesting, look into guys like Art Devany. He and his wife are in their mid-70s, yet fitter than most people in their 40s.

Basically, the health promises of the 70s-80s were found to be false along several axes. The most notorious being recommendations for the low-fat, high-carb diet, but also the whole jogging/aerobics craze that started in the late 70s has been found to be empirically a failure. This is what led to the renewed interest in weight-lifting and other strength training. Long-duration, plodding exercise really isn't ideal to longevity. Running 10 miles a day used to be thought the peak of fitness, but really it results in muscle atrophy, heart strain, joint problems, etc...

And the problem with focusing on athletes is generally that they overdo it. Athletes are people singularly focused on *winning* not on health and longevity. Athletes will gladly trade a decade of life for a short-term competitive edge. This is what Mark Sisson (Mark's Daily Apple above) found. His competitive running had him constantly sick and/or injured. He scaled his workout way back, stopped the long-distance running, and focused more on short-duration high-intensity exercise to stimulate the hormesis/recovery cycle, and specifically worked on gaining muscle mass.

There is sort of a golden mean to exercise, recovery, muscle mass, strength, etc... And generally it looks about like the "fitness model" ideal for women and the wrestler physique for men. Muscular but not freakish. Slim but not skinny, low body fat, but not veins showing everywhere... you get the idea.

Side note: I was flying back from SCALE 13x last week, and ended up sitting next to a cardiologist who has been doing research in these areas. His synopsis: we should all be lifting weights, and lifting *heavy*.

Re: Easy life

By rycamor • Score: 4, Insightful • Thread

Explain Jim fix?

Easily. Not all exercise is created equal. The jogging craze of the 70s/80s should be dumped into history's dustbin along with the low-fat diet. Also, too much exercise is almost as bad as too little. See my other responses in this thread for more.

42 Artificial Intelligences Are Going Head To Head In "Civilization V"

Posted by samzenpusView
rossgneumann writes The r/Civ subreddit is currently hosting a fascinating "Battle Royale" in the strategy game Civilization V, pitting 42 of the game's built-in, computer-controlled players against each other for world domination. The match is being played on the largest Earth-shaped map the game is capable of, with both civilizations that were included in the retail version of the game and custom, player-created civilizations that were modded into it after release.

news, why?

By X0563511 • Score: 3, Insightful • Thread

So... someone started a really big Civ V game. This is hardly news, even for nerds.

Already done for civ 4

By njahnke • Score: 4, Informative • Thread
I enjoyed Sullla's civ 4 "AI Survivor" while he was publishing it: http://www.garath.net/Sullla/civ4survivor.html

Sullla is one of the best civ 4 players in the world, helped develop the game originally, and is an excellent writer to boot.

Re:news, why?

By LifesABeach • Score: 4, Insightful • Thread
My first reaction was, "cool." It's 2 A.I.'s from Seth's crew, and 45 from other folks. It's a shame we'll not see the process of the outcome. This is only one application of A.I., not the A.I. in total. It one can see the various moves of the game happen; I'm going to go microwave some pop corn, and kick back to watch.

Re:news, why?

By kolbe • Score: 4, Informative • Thread

Civ V, a game historically known for its poor programming, rushed schedules and years of repair to get playable. This game still has one of the most artificially stupid AI's in the history of the Civ series, so I fail to see how this is even mildly interesting.

Craig Brittain (Revenge Porn King) Sues For Use of Image

Posted by samzenpusView
retroworks writes "Washington Post reporter Caitlin Dewey leads with, "Revenge-porn impresario Craig Brittain is learning the hard way that karma is a real witch." The report states that the Federal Trade Commission has settled a complaint against Brittain, whose defunct site, "Is Anybody Down" was accused of unfair business practices. From the article: "The site paid its bills by soliciting women's nude photos on Craigslist and/or from their exes, publishing the photos without the women's permission (and often with their names and phone numbers attached), and then charging fees of $200 to $500 to take the photos down." Brittain agreed to destroy the image and never operate a revenge porn site again. However, On Feb. 9, "Brittain filed a takedown request to Google, demanding that the search engine stop linking to nearly two dozen URLs — including a number of news articles, and files on the case from the FTC — because they used photos of him and information about him without his permission." Ars Technica explains. "In this instance, fair use and general First Amendment principles are on Google's and the media's side."

Sulfur

By Limekiller42 • Score: 3, Funny • Thread
Is this guy even a little concerned that there might be a hell?

The law makes no allowances for irony.

By hey! • Score: 3 • Thread

Nor should it.

So this guy has *exactly* the same privacy rights as any other public figure has, neither more nor less. These rights are fewer than those enjoyed by non-public figures, but they are not zero. He can't stop people from using his image and name, any more than Kim Kardashian can. While in a sense she owns her public persona, she doesn't own every image of her that is taken in public. In other words people can't use her image to sell things as if she endorsed them, but they can use and even sell the image itself.

If this guy owns the copyright to an image, he can reasonably file a DMCA takedown. If the image is taken in a situation in which a public figure would have a reasonable expectation of privacy (e.g. inside his house), then he can take other legal steps, even though allowing that to happen would be poetic justice. The law doesn't deal in poetic justice, and judges aren't allowed to stop enforcing the law just because it would be cool.

Re:Sulfur

By Opportunist • Score: 4, Insightful • Thread

If there is, and if I was Satan, I'd be worried to be evicted when that guy croaks.

Why bring that up ?

By aepervius • Score: 5, Insightful • Thread
Even in the sex-free-est society, revenge porn is not seen as being good. The guy is an asshole (and anybody having posted photo there without consent) and may his reputation follow him around. This has nothing to do with sex being shameful or not, and everything to do with consent and revenge.

Re:Sulfur

By Austerity Empowers • Score: 4, Informative • Thread

Blatant extortion. He's not trying to make the world better, he was trying to hold these people hostage for some bucks precisely because of our attitude about sex. If there is a hell, he belongs there.

Xfce 4.12 Released

Posted by SoulskillView
motang writes: After two years of hard work (and much to the dismay of naysayers who worried the project has been abandoned), the Xfce team has announced the release of Xfce 4.12. Highlights include improvements to the window switcher dialog, intelligent hiding of the panel, new wallpaper settings, better multi-monitor support, improved power settings, additions to the file manager, and a revamped task manager. Here is a quick tour, the full changelog, and the download page. I have been running it since Xubuntu 15.04 beta 1 was released two days ago. It is much improved over 4.10, and the new additions are great."

Re:Xfce 5 should be based on Qt.

By Clsid • Score: 5, Insightful • Thread

You must work for Digia or something. If by portability you mean how well the interface looks, that is a moot point. Nobody would question that Java code was portable, and yet Java programs looked and behaved different (different dialogs, etc) than native software.

On the other hand, you fail to mention why Gtk+ is so bad in your eyes besides shiny graphics, which imho, in Linux land looks better than Qt. Why on earth would the Xfce guys care how well a Qt app looks on Windows or OSX? It is a desktop environment for X11/Wayland for christ's sake.

But in any case a post from an anonymous coward, who probably have never used either toolkit, and maybe is not even a programmer. When you have to work with this stuff, in the end you realize that it is mostly about what was best for the team at the time they started the project (availabe skillset, docs, etc) and at this point both frameworks are the best the open source world has to offer. If you don't enjoy diversity you can go back to Win32, lol.

Is XFCE going the bloat-path? What happened to E?

By Qbertino • Score: 4, Interesting • Thread

Is XFCE going down the bloat path? ... I'm not trolling here, this is an honest question. To me it looks like they're building a dekstop environment and slowing piling features on. My impression is, that we have enough of those with Gnome, KDE and Enlightenment 17 and perhaps a few others.

Or what is the upside of XFCE? Is it like a "light-weight" KDE or something? And what's with LXDE? Wasn't that the hippest kid on the WM/DE block these days?

BTW, what happened to E17? I remember Enlightenment being the darling-child of WMs in the Linux community. Is it nowadays to difficult to configure and/or install?

Kudos

By sandoval88419 • Score: 5, Informative • Thread

... for the good work.

XFCE is light, doesn't get in your way. Yet it is customisable.

I'm looking forward to testing this version.

IMHO it should be the default DE for Debian.

LXDE

By jbolden • Score: 4, Informative • Thread

I think this comment is silly but LXDE merged with Razor-Qt and is now creating the lightweight desktop based on Qt. This is pretty good coverage:

Heavy Qt = KDE
Heavy GTK+ = Gnome
Light Qt = LXDE
Light GTK+ = XFCE

Hear Hear!

By sjames • Score: 3 • Thread

From the announcement (bold mine):

Our session manager was updated to use logind and/or upower if available for hibernate/suspend support. For portability and to respect our users' choices, fallback modes were implemented relying on os-specific backends.

Attention freedeskto.org: Commit that to memory, brand it on your foreheads, tattoo it on each other's butt cheeks, whatever it takes!

Ask Slashdot: How Does One Verify Hard Drive Firmware?

Posted by SoulskillView
An anonymous reader writes: In light of recent revelations from Kaspersky Labs about the Equation Group and persistent hard drive malware, I was curious about how easy it might be to verify my own system's drives to see if they were infected. I have no real reason to think they would be, but I was dismayed by the total lack of tools to independently verify such a thing. For instance, Seagate's firmware download pages provide files with no external hash, something Linux distributions do for all of their packages. Neither do they seem to provide a utility to read off the current firmware from a drive and verify its integrity.

Are there any utilities to do such a thing? Why don't these companies provide verification software to users? Has anyone compiled and posted a public list of known-good firmware hashes for the major hard drive vendors and models? This seems to be a critical hole in PC security. I did contact Seagate support asking for hashes of their latest firmware; I got a response stating, "...If you download the firmware directly from our website there is no risk on the file be tampered with." (Their phrasing, not mine.) Methinks somebody hasn't been keeping up with world events lately.

Secure Boot + Full disk encryption

By vojtech • Score: 4, Insightful • Thread

Actually, the much hated Secure Boot (with the shim loader, MOK, and GRUB2), combined with full disk encryption (for example using LUKS), and in filesystem compression (btrfs2) can quite nicely protect you from anything that a malicious firmware in a harddrive could do. The firmware will only ever see encrypted data passing through it, except for when loading the bootloader and the kernel, which will both be cryptographically verified by UEFI. The in-filesystem compression is there to compensate for the compression SSD drives normally do themselves to gain additional speed that will be impossible to do that on encrypted data.

Sure, this basically converts the problem to trusting the main BIOS (UEFI), but that's something you have to solve in any case.

Re:how ?

By twitnutttt • Score: 4, Interesting • Thread

Of course, reading the memory from the computer you booted the hard drive from means you are potentially running a compromised machine if the hard drive is compromised.

But if you booted a different, known-good machine, then mounted the hard drive in question as a secondary drive, it seems feasible you should be able to read and verify the firmware.

Seagate's response here seems ridiculously out of touch, and I can only hope that their posture on this will adapt quickly as the news and newfound scrutiny of the hard drive firmware layer trickle through the organization's practices.

Re:Pretty pointless

By Anonymous Coward • Score: 5, Interesting • Thread

Obviously the under-reporting of what happened to Joseph Nacchio of Qwest Communications by the corporate media is working.

He refused to cooperate with the NSA because he believed (correctly) that their requests for blanket spying on customers were illegal. Keep in mind this was before Bush signed the law granting telcos retroactive unconstitutional immunity from breaking the law, because every other company apparently cooperated with this. The NSA could have gone to the usually rubber-stampy FISA Court, but apparently they were worried that even that normally useless body would rule against them.

Then Mr. Nacchio got conveniently arrested and charged with "insider trading" and his company got harassed with threats of not getting any more government contracts. He was prevented from bringing up any of the NSA strong arm tactics in his defense because "national security", a concept and government authority I conveniently can't find anywhere in the Constitution of course.

He's out of jail now, fortunately. At the time of course all the national security state types were out trolling that people who believed the NSA would do such things needed tinfoil hats, etc. and now of course thanks to another American hero we know the depths of contempt to which they hold the rule of law and the Constitution.

So one CEO did go to jail for protecting his customers. In fact, with all the dirty dealings, corporate spying, financial misdoings, and basically crashing the US economy in 2008, isn't it funny that the ONLY high profile CEO put in jail of late was somebody trying to do the right thing for average people? Everyone should think long and hard about that.

Re:how ?

By Anonymous Coward • Score: 5, Informative • Thread

No. The hard drive itself is a computer and is compromised. It doesn't matter if you boot off of it or connect it later. You can't trust anything coming out of the main interface.

Many hard drives have a secondary TTL level serial port that you can use to load new firmware on a bricked drive. It's possible that the serial connection is wired in such a way to be safe from corrupt firmware. So it might be possible to recover a compromised hard drive that way, but I wouldn't trust it without a lot more information about the serial port and how it works than is publicly available.

Re:Hashes not useful

By bill_mcgonigle • Score: 4, Informative • Thread

Seagate is correct. Putting a hash on the website doesn't improve security at all because anyone who can change the download can also change the web page containing the hash. ... A company like Seagate doesn't rely on volunteers at universities to distribute their binaries so the technique is pointless.

There are many possible attacks. A hash on a website is not invulnerable to a rogue employee at Seagate (or one "just following orders").

A hash protects against a rouge insertion at the endpoint. Like if your PC is compromised by an attacker and then you pull the hard drive and [assuming there's a way to get a hash from SMART/ATAPI) you can compare the hash of the firmware that the drive is running to the list of published firmwares at the vendor's site. If the attackers are only modifying a small subset of drives, this works fine - they can't also intercept the check to the vendor's site - not unless they've broken TLS and/or have malware on every possible machine.

A tool to verify the firmware is poetically impossible to write. What code on the drive would provide the firmware in response to a tool query? Oh right ..... the firmware itself.

Well, today you can pull the image from JTAG, or so the experts have said (you can verify the firmware directly from memory with a hash if you have moderate funding). There's all sorts of talk about how ATAPI is write-only for firmware because the vendors don't want their competition to get their code and decompile it. This appears to be nonsense, as any other drive vendor already has the debug tools to pull such things from memory, and extracting it from an update isn't that hard - if a 16K DOS update utility can extract it, so can a multi-billion dollar R&D company.

To make it work you need an unflashable boot loader that acts as a root of trust and was designed to do this from the start. But such a thing is basically pointless unless you're trying to detect firmware reflashing malware and that's something that only cropped up as a threat very recently. So I doubt any hard disk has it.

They most certainly do not. So, here we are at today and need a way forward. There are a few ways forward, a fistful of crypto protocols to choose from to ensure future usefulness of hard drives for security applications, and INCITS/SATA-IO ought to be having emergency meetings _right now_ because this (NSA/GCHQ) is a major threat to the industry. The vendors may need to move operations outside of five-eyes to remain commercially viable.

Genetic Data Analysis Tools Reveal How US Pop Music Evolved

Posted by SoulskillView
KentuckyFC writes: The history of pop music is rich in anecdotes, folklore and controversy. But despite the keen interest, there is little in the form of hard evidence to back up most claims about the evolution of music. Now a group of researchers have used data analysis tools developed for genomic number crunching to study the evolution of U.S. pop music. The team studied 30-second segments of more than 17,000 songs that appeared on the U.S. Billboard Hot 100 between 1960 and 2010. Their tools categorized the songs according to harmonic features such as chord changes as well as the quality of timbre such as whether guitar-based, piano-based orchestra-based and so on. They then used a standard algorithm for discovering clusters within networks of data to group the songs into 13 different types, which turned out to correspond with well known genres such as rap, rock, country and so on. Finally, they plotted the change in popularity of these musical types over time.

The results show a clear decline in the popularity of jazz and blues since 1960. During the same period, rock-related music has ebbed and flowed in popularity. By contrast, rap was rare before 1980 before becoming the dominant musical style for 30 years until declining in the late 2000s. The work answers several important question about the evolution of pop music, such as whether music industry practices have led to a decline in the cultural variety of new music, and whether British bands such as The Beatles and The Rolling Stones triggered the 1964 American music revolution [spoiler: no in both cases].

They worked out an algorithm to define genre

By Anonymous Coward • Score: 3, Interesting • Thread

Quite a neat little trick. But making grandiose claims about defining the "evolution of music" is ridiculous.

If tracking genre popularity had been their goal, they could have just picked up the sales figures for each year between 1960-2010 and pasted them into an Excel sheet. The people selling records already know what genre each record belongs to.

Re:They worked out an algorithm to define genre

By quintessencesluglord • Score: 4, Interesting • Thread

But it's not just popularity; it's relationships, and still the data used is flawed.

        Last FM genre tags aren't the most comprehensive (hence music nerds can get into endless debates about whether a band represents this genre or that genre), and it also assumes influence comes within the realm of popular music, and not less popular forms that get co-opted into pop music, and how those less popular lineages developed (as the trope goes, someone like the Sex Pistols never sold many albums, but what albums they did sell ended up in the hands of people who started more popular bands).

        More importantly, this study shows the flaws with quantitative vs. qualitative analysis; using the less descriptive measure as definitive just because it is supposedly "objective", and basically ignoring all other data that doesn't fit the model. They've proved they can measure what they set out to measure, nothing more. This has been most egregious in the soft sciences, like psychology, that tries so very hard to quantify data in an attempt at being definitive, and end up making absurd associations as that isn't the most useful analysis of the data on hand. Some music historians would have been able to point out the obvious flaws (like the progression of the Beatles throughout their history. Twist and Shout is miles away from Revolution #9).

Taking it further

By lalleglad • Score: 3 • Thread

As they are now using techniques from DNA analysis, it could be interesting if they took it a bit further and looked for 'chromosomes'.

What if they expanded the actual tune analysis to the whole tune, and not just 30sec, and searched for parts of tunes that had been used in later tunes, or close enough to be thought of as heavy inspiration?

A segment could then evolve, and perhaps even leap from one style to another, and after a few generations sound totally different from the original, but by this it could be traced back to where it came from.

I think it is common knowledge that blues evolved to jazz and then to rock, but it could be interesting to know in more detail where styles came from, and perhaps where some popular tunes had their actual roots.

science, art, businesses

By globaljustin • Score: 3 • Thread

I like these kinds of questions, but one thing researchers have difficulty accounting for is the difference between the music people listen to and what the Billboard Top 100 chart says.

Defining "pop music" as whatever is on the Billboard Top 100, especially now, is reductive. I understand it's quantifiable and that's the best idea they had for a quantitative definition of pop. However, Billboard's charts are virtually irrelevant when trying to ascertain what people **actually listen to by choice**

Obviously, record companies try to game the system but in the last 30 years they using NASA level science (or attempting to) to control every aspect of the music in ways no one thought of before.

Also: digital music production and software has made "pop" music so mass produced and generic you get things like the Nickleback debacle

I'm not trying to be over-critical of the researcher's methods. I'm sure they did the best they could, but these points are important to understand when investigating this kind of thing.

Jazz isn't dead

By PPH • Score: 3 • Thread

It just smells funny.

- F. Zappa

Foxconn Factories' Future: Fewer Humans, More Robots

Posted by SoulskillView
jfruh writes: Foxconn, which supplies much of Apple's manufacturing muscle and has been criticized for various labor sins, is now moving to hire employees who won't complain because they're robots. The company expects 70 percent of its assembly line work to be robot-driven within three years.

Good

By penguinoid • Score: 3, Insightful • Thread

It's about time that the average Chinese laborer had a high enough standard of living that robots are cheaper.

Automation is Dependent on Design for Manufacture

By mtippett • Score: 4, Informative • Thread

I've been to Foxconn factories in Shenzen, and there are clearly opportunities for deeper automation. However, this will only be possible when the underlying hardware design has been designed for automation.

At the PCB level, pick and place achieves amazing automation and performance with smaller than rice-grain size components used in modern electronics. That is a given.

At the assembly level it isn't so easy to automate with a lot of the designs. There are flex cables, adhesive, torque sensitive screws that all rely on a human to be able to manipulate and then quickly respond to misalignment. To automate this, the design constraints placed on the Industrial Designs need to change. For low and mid-range products where form is not at the level of Apple integration, this will probably increase the automation. For the high end where every mm counts it's unlikely that there will be a high level of assembly automation.

Re: Foxconn Factories' Future: Fewer Humans, More

By CrimsonAvenger • Score: 4, Insightful • Thread
Weren't people saying the same sort of things when the "assembly line" was first invented? After all, the main purpose of the "assembly line" was to make the same amount of stuff with fa fewer workers than had been needed previously.

Oddly, we seem to have managed to get past the introduction of the assembly line without the sort of problems you're predicting - humanity is still here, its population is still growing, and technology is still advancing.

Re:Automation is Dependent on Design for Manufactu

By Kjella • Score: 5, Informative • Thread

At the assembly level it isn't so easy to automate with a lot of the designs. There are flex cables, adhesive, torque sensitive screws that all rely on a human to be able to manipulate and then quickly respond to misalignment. To automate this, the design constraints placed on the Industrial Designs need to change.

I think you underestimate how far sensor technology has come and will go, here for example is an example of automated salmon processing. Obviously there's a lot of natural variation, do we need to bioengineer a more robot-friendly salmon? No. They're measured out by a laser and intelligently cut. Head/tail/other cuts are dropped out to go on another processing line. Each cut is grabbed by a robot with robot vision and placed in pouches to be sealed. Skip to 3:12 if you just want to see that last part. Fillet-making machines are still in the research phase but there are examples of that too using X-rays to scan and find the pin bones. If they can deal with all that, I'm sure they can apply the right torque to a screw.

Re: Foxconn Factories' Future: Fewer Humans, More

By drinkypoo • Score: 4, Insightful • Thread

Oddly, we seem to have managed to get past the introduction of the assembly line without the sort of problems you're predicting

Have we?

humanity is still here, its population is still growing, and technology is still advancing.

Whee! But, with a tip of the cap to Greg Graffin, progress is not intelligently planned. If you're playing a strategy and you use up the resources in early play then you're going to have a bad time.

Granted, life is more complex than a game with a fixed tech tree. Who knows what technology we'll invent tomorrow, right?

Uber Discloses Database Breach, Targets GitHub With Subpoena

Posted by SoulskillView
New submitter SwampApe tips news that Uber has revealed a database breach from 2014. The company says the database contained names and diver's license numbers of their drivers, about 50,000 of which were accessed by an unauthorized third party. As part of their investigation into who was behind the breach, Uber has filed a lawsuit which includes a subpoena request for GitHub. "Uber's security team knows the public IP address used by the database invader, and wants to link that number against the IP addresses and usernames of anyone who looked at the GitHub-hosted gist in question – ID 9556255 – which we note today no longer exists. It's possible the gist contained a leaked login key, or internal source code that contained a key that should not have been made public."

I'm an expert! Trust me!

By nikhilhs • Score: 5, Funny • Thread

After watching years of Law and Order, I feel I'm qualified to make a judgement. ;)

This sounds like a fishing expedition. (DUN DUN)

Re:Just a distraction from the real fail...

By fred911 • Score: 4, Informative • Thread

"Or there could be 2 accesses of that file, depending on how long they left it up there"

They're asking for 6 months of data. Here's the subpoena.

  http://regmedia.co.uk/2015/02/...

Re:Just a distraction from the real fail...

By Anonymous Coward • Score: 4, Interesting • Thread

There's tons of very skilled and usually-careful criminals in prison.

The above is complete bullshit.

The prisons house people who were sloppy, stupid, and lazy.

The smart criminals are in political office and on boards of corporations.

Re:Just a distraction from the real fail...

By 140Mandak262Jamuna • Score: 5, Informative • Thread

There's tons of very skilled and usually-careful criminals in prison.

The above is complete bullshit.

The prisons house people who were sloppy, stupid, and lazy.

The smart criminals are in political office and on boards of corporations.

No. Medium level smart criminals become politicians. The real top level smart criminals become C?O of publicly traded corporations, usually banks, and mutual funds. The super smart criminals buy the politicians to provide safety net for the smart C?O criminals and they remain largely opaque to scrutiny.

Uber planning an amphibious assault?

By chaoskitty • Score: 4, Funny • Thread

Uber has got to have a LOT of drivers if 50,000 of them are also licensed DIVERS. What're they going to do - launch an amphibious assault with 50,000 divers?

Seriously, people have got to start proofreading their posts. Come on - it's not that hard.