2018-01-01 00:00:00 ..
2018-01-17 20:14:45 UTC
2018-01-18 08:18:51 UTC
We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.
Submitted via IRC for TheMightyBuzzard
After a false alert about an inbound missile, Hawaii's Emergency Management Agency has said a worker clicked the wrong item in a drop-down menu and sent it, and that its system was not hacked. But Hawaii News Now is reporting an AP photo from July has resurfaced, showing the agency's operations officer in front of monitors, attached to one of them is a Post-it note with a password on it.
Just.... wow. I'm nearly at a loss for words on how big of a screw up this is. And from the response of the spokesman sounds like this was a shared password, therefore no way to link it to a specific careless employee.
Richard Rapoza, emergency management agency spokesman, confirmed that the password is authentic and was actually used for an "internal application." He said he didn't believe that application is any longer in use, but declined to say what application the password was for.
SoylentNews first reported the vulnerabilities on January 3. Since then, we have had a few stories addressing different reports about these vulnerabilities. Now that it is over two weeks later and we are *still* dealing with reboots, I am curious as to what our community's experience has been.
What steps have you taken, if any, to deal with these reports? Be utterly proactive and install every next thing that comes along? Do a constrained roll out to test a system or two before pushing out to other systems? Wait for the dust to settle before taking any steps?
What providers (system/os/motherboard/chip) have been especially helpful... or non-helpful? How has their response affected your view of that company?
What resources have you been using to check on the status of fixes for your systems? Have you found a site that stands above the others in timeliness and accuracy?
How has this affected your purchasing plans... and your expectations on what you could get for selling your old system? Are you now holding off on purchasing something new?
Found this interesting, you may too.
A new research paper that may help unlock the mystery of why Americans can't seem to get a decent raise. Economists have struggled over that question for years now, as wage growth has stagnated and more of the nation's income has shifted from the pockets of workers into the bank accounts of business owners. Since 1979, inflation-adjusted hourly pay is up just 3.41 percent for the middle 20 percent of Americans while labor's overall share of national income has declined sharply since the early 2000s. There are lots of possible explanations for why this is, from long-term factors like the rise of automation and decline of organized labor, to short-term ones, such as the lingering weakness in the job market left over from the great recession. But a recent study by a group of labor economists introduces an interesting theory into the mix: Workers' pay may be lagging because the U.S. is suffering from a shortage of employers.
[...] argues that, across different cities and different fields, hiring is concentrated among a relatively small number of businesses, which may have given managers the ability to keep wages lower than if there were more companies vying for talent. This is not the same as saying there are simply too many job hunters chasing too few openings—the paper, which is still in an early draft form, is designed to rule out that possibility. Instead, its authors argue that the labor market may be plagued by what economists call a monopsony problem, where a lack of competition among employers gives businesses outsize power over workers, including the ability to tamp down on pay. If the researchers are right, it could have important implications for how we think about antitrust, unions, and the minimum wage.
Monopsony is essentially monopoly's quieter, less appreciated twin sibling. A monopolist can fix prices because it's the only seller in the market. The one hospital in a sprawling rural county can charge insurers whatever it likes for emergency room services, for instance, because patients can't go elsewhere. A monopsonist, on the other hand, can pay whatever it likes for labor or supplies, because it's the only company buying or hiring. That remote hospital I just mentioned? It can probably get away with lowballing its nurses on salary, because nobody is out there trying to poach them.
[...] Harvard University labor economist Lawrence Katz told me that he suspected the findings about market concentration and wages were directionally correct but that they may be a bit "overstated," because it's simply hard to control for the health of the labor market.
"They are getting at what is an important and underexplored topic ... using a creative approach of using really rich data," he said. "I don't know if I would take perfectly seriously the exact quantitative estimates."
Still, even if the study is only gesturing in the direction of a real problem, it's a deeply worrisome one. We're living in an era of industry consolidation. That's not going away in the foreseeable future. And workers can't ask for fair pay if there aren't enough businesses out there competing to hire.
Article summarizing study:
Why Is It So Hard for Americans to Get a Decent Raise?
Actual study (limited access): http://www.nber.org/papers/w24147
Although VR is still in its infancy, "traditional" methods of capturing and transforming footage have emerged. Typically, to shoot 360-degree VR content, a cameraperson employs several cameras rigged in a spherical formation to capture the scene. According to Alicia Millane's blog entry on The Primacy, "Each camera is mounted at a specific angle so the camera's field of view will overlap portions of the surrounding cameras' field of view." With the overlap, editors should be able to get more seamless footage, without any gaps.
[...] Enter volumetric photogrammetry. A mouthful, for sure, but this method of creating virtual environments could possibly hold the key to the future of VR. Unlike the method mentioned above, there are no takes or shots in volumetric VR that are later edited in post-production. This allows for a much more fluid experience, as the consumer frames the scene and chooses his or her own perspective. Using the volumetric capture method, footage of a real person is recorded from various viewpoints, after which software analyzes, compresses and recreates all the viewpoints of a fully volumetric 3D human.
With volumetric VR explained, photogrammetry's defining characteristic is the principle of triangulation. As explained in a blog post on Viar360, triangulation involves taking photographs from at least two locations to form lines of sight. "These lines of sight are then mathematically intersected to produce the 3-dimensional coordinates of the points of interest."
[...] Immersive experiences utilizing volumetric photogrammetry may convey a much more authentic and realistic environment to the end user. Per VRt Ventures founder, Jacob Koo, "If virtual reality has the chance to reach its full potential, then consumers must feel like they are actually somewhere they cannot be physically. That perception takes VR technology out of the novelty category and makes it something actually useful."
The Federal Trade Commission (FTC) is investigating whether chipmaker Broadcom Ltd engaged in anticompetitive tactics in negotiations with customers, the company said on Wednesday.
The investigation comes as Broadcom pursues a hostile takeover of Qualcomm in a $103 billion deal. Since the FTC would likely review any merger for anticompetitive practices, the current probe could make regulatory approval more challenging.
Broadcom was recently issued subpoenas that seek an extensive amount of information, according to The Wall Street Journal, which was the first to report the probe on Wednesday.
The focus of the concern has been that Broadcom has changed some contracts to require customers to buy a percentage of its production of items rather than a certain number, the paper reported.
"This FTC review is immaterial to our business, does not relate to wireless and has no impact on our proposal to acquire Qualcomm," Broadcom said in a statement.
There's a new bug floating around called "chaiOS" that appears to be a basic GitHub link. However, when you text it to a person via the iMessage app (whether on iOS or MacOS), it will crash the app and possibly cause the device to freeze and restart. In other words: Be aware that this exists, but don't send it to anyone.
It was Twitter user Abraham Masri who first uncovered the bug. The people over at 9to5Mac tested it out, and it certainly messed up their devices. They reported crashes and severe lags as a result of the bugs that persisted until the thread containing the link was deleted from the iMessage app. If you did send or receive it, and your device is a mess, there's also a fix in the replies to Masri's original tweet. We've reached out to Apple to confirm that their team is aware of the bug, and to see if there are any fixes in the works.
Walmart is helping customers get rid of leftover opioids by giving them packets that turn the addictive painkillers into a useless gel. The retail giant announced Wednesday that it will provide the packets free with opioid prescriptions filled at its 4,700 U.S. pharmacies.
The small packets, made by DisposeRX, contain a powder that is poured into prescription bottles. When mixed with warm water, the powder turns the pills into a biodegradable gel that can be thrown in the trash. It works on other prescription drugs and for pills, tablets, capsules, liquids or patches, according to DisposeRx.
[...] Some drugstore chains like CVS and Walgreens also collect unused medications at many of their stores. People can also take leftovers to hospital pharmacies or police stations. Unused prescriptions also can be thrown in the trash. But the Food and Drug Administration recommends mixing them first with something unpalatable like kitty litter or used coffee grounds and sealing the mixture in a plastic bag.
Although neuroscientists have a general idea of what parts of the brain do what, catching them in the act is a difficult proposition. But UC Berkeley researchers have managed to do it, visualizing based on direct measurement the path of a single thought (or at least thread) through the brain.
Normal scalp-based electroencephalography (EEG) is easy to do, but it really can only get a very blurry picture of brain activity near the surface, because it has to detect all that through your hair, skin, skull, etc.
What if you could take all that stuff out of the way and put the electrodes right on the brain? That'd be great, except who would volunteer for such an invasive procedure? Turns out, a handful of folks who were already getting open-brain surgery did.
[...] We are trying to look at that little window of time between when things happen in the environment and us behaving in response to it," explained lead author Avgusta Shestyuk in the Berkeley news release. "This is the first step in looking at how people think and how people come up with different decisions; how people basically behave."
Apple today announced a new set of investments to build on its commitment to support the American economy and its workforce, concentrated in three areas where Apple has had the greatest impact on job creation: direct employment by Apple, spending and investment with Apple’s domestic suppliers and manufacturers, and fueling the fast-growing app economy which Apple created with iPhone and the App Store. Apple is already responsible for creating and supporting over 2 million jobs across the United States and expects to generate even more jobs as a result of the initiatives being announced today.
Combining new investments and Apple’s current pace of spending with domestic suppliers and manufacturers — an estimated $55 billion for 2018 — Apple’s direct contribution to the US economy will be more than $350 billion over the next five years, not including Apple’s ongoing tax payments, the tax revenues generated from employees’ wages and the sale of Apple products.
[...] "Apple, already the largest US taxpayer, anticipates repatriation tax payments of approximately $38 billion as required by recent changes to the tax law. A payment of that size would likely be the largest of its kind ever made."
Using the new 15.5 percent repatriation tax rate, the $38 billion tax payment disclosed by Apple means they are doing a $245 billion repatriation. Apple had $252.3 billion in overseas cash as of the end of September quarter, according to SEC filings so that means the company is bringing back nearly all of its foreign cash.
"Apple on Wednesday made a slew of announcements about its investment in and contribution to the U.S. economy in part because of the new tax law.
The headline from Apple is that it will make a $350 billion 'contribution' to the U.S. economy over the next five years, although it's unclear exactly how the company came to that number." https://www.cnbc.com/2018/01/17/apple-announces-350-billion-investment-20k-jobs-over-5-years.html
Samsung has announced the mass production of 16 Gb GDDR6 SDRAM chips with a higher-than-expected pin speed. The chips could see use in upcoming graphics cards that are not equipped with High Bandwidth Memory:
Samsung has beaten SK Hynix and Micron to be the first to mass produce GDDR6 memory chips. Samsung's 16Gb (2GB) chips are fabricated on a 10nm process and run at 1.35V. The new chips have a whopping 18Gb/s pin speed and will be able to reach a transfer rate of 72GB/s. Samsung's current 8Gb (1GB) GDDR5 memory chips, besides having half the density, work at 1.55V with up to 9Gb/s pin speeds. In a pre-CES 2018 press release, Samsung briefly mentioned the impending release of these chips. However, the speed on release is significantly faster than the earlier stated 16Gb/s pin speed and 64GB/s transfer rate.
18 Gbps exceeds what the JEDEC standard calls for.
[A] consortium has devised an ambitious experiment to test the so-called quantum superposition principle (QSP) – the law that allows microscopic systems to appear in two different, perfectly distinguishable, configurations at the same time. [...] Unproven theories advanced since the 1980s suggest the existence of a universal background 'noise' that destroys QSP of larger objects, such as particles that can be seen using an optical microscope.
The 'Project TEQ' consortium, led by the University of Trieste, in Italy, will test the existence of this noise thanks to a €4.4M (£3.9M) award from the European Commission.
Its experiment will involve a tiny particle of glass, one-thousandth of the width of a human hair, being levitated by an electric field in a vacuum at a temperature close to absolute zero (-273C). A laser will be shot at the particle, and the scattering of the laser's light measured for signs of movement of the particle.
If there is no movement, it means that quantum mechanics still apply at this scale and there is no universal background noise. However, if movement is detected, it indicates the existence of a noise that prevents QSP applying at this scale. This would represent the first observed failure of quantum theory, setting a limit on the scale at which quantum mechanics apply and having implications for large-scale applications of any physical system based on quantum principles.
Jonathan Grant Thompson, the man behind the popular science-focused YouTube channel King of Random has been charged with two counts of second-degree felony possession of an explosive device.
Thompson, 37, runs the King of Random YouTube channel, boasting about 200 videos and 8.9 million subscribers. His videos are of science experiments and are in the vein of science-based shows on networks such as the Discovery Channel.
Thompson has been making videos and putting them on YouTube since 2010. His videos have garnered more than 1.6 billion combined views.
According to the article the first complaint "resulted from a citizen complaint via Facebook Messenger on June 15 about Thompson exploding a dry ice bomb", and for the second:
Thompson said a friend had left him a bag of powder, which he believed to be from a deconstructed firework.
After lighting a couple of small "control fires" Thompson and Timothy Burgess, 20, of Ontario, Canada, ignited a larger pile which exploded, the police report states. According to the report, firefighters heard the explosion from the nearby fire station.
Google Maps shows there is a South Jordan fire station 0.2 miles from Thompson's home.
The explosion left Burgess with small particles of burned material embedded in his arms, charges say.
Burgess was charged with one count of second-degree felony possession of an explosive device. Court records show prosecutors have asked a judge to issue a $15,000 warrant for his arrest
Originally spotted via AvE's channel.
Occipital, a company based in Boulder, Colorado, focuses on 3D scanning hardware and depth-sensing cameras: One of its Structure camera sensor arrays works with both an iPhone mixed-reality headset and an upcoming home robot. Occipital's team put an HTC Vive VR headset on me, outfitted with an in-development feature that let me see the room even with my headset on. The technology is called Occipital Tracking. Its aim is to replace external room-sensing hardware completely, like the Oculus Rift's cumbersome stands or the Vive's light-emitting Lighthouse system, in favor of all in-headset tech.
Inside-out tracking, as in-headset room-tracking tech is called, has been in place on Microsoft's VR headsets and upcoming hardware like the Lenovo Mirage Solo with Daydream as well as AR devices like the Microsoft HoloLens, but Occipital Tracking aims to make that tech even better for VR with far more room-aware scanning.
Much as Apple's ARKit or Google's ARCore can scan a room and sense edges and surfaces using a camera and the phone's motion sensor, Occipital's tech pinged my demo space and found glowing points in space that formed a map. The test demo alternated between the real world via pass-through cameras and a fully closed-off VR world with edges of the room overlaid. The VR hardware I tried had stereo cameras, but Occipital says the tracking will work with a single camera, too. It really does seem like ARKit/ARCore for VR.
A game could show a partial overlay only when you are in imminent danger of colliding with something, or even create a virtual environment that incorporates real life obstacles (walls, tables, etc.).
Continuing Linode's efforts to mitigate the Meltdown/Spectre issues, we have learned that the last of our servers has been scheduled for its first reboot. This time it is hydrogen which
, among other things, hosts a copy of our database is one of our web frontends. The reboot is scheduled for tonight, 2018-01-19 @ 05:00 AM UTC (Midnight EST) or approximately 9 hours from the time this story is posted. Our plans are to move hydrogen's workload over to fluorine to cover the load during the hiatus and expect there to be no interruption of service on the site.
Please be aware that Linode considers these reboots to be "Phase 1" of their remediation efforts. We will keep you posted when we learn of other phase(s) being scheduled.
We appreciate your understanding and patience as we deal with this situation.
I recently came upon an article on Ars Technica which revealed that Linode (amongst many, many others) learned of these vulnerabilities at the same time as the rest of us -- when the news hit the press. They had no advance notice with which they could have performed mitigation planning of any kind. That has to count as one of their worst days, ever.
[Update: Corrected title per first comment. Also, should you find any kind of vulnerability with SoylentNews, please send a description to "dev" at "soylentnews.org" and we'll address it as soon as possible. --martyb]
Submitted via IRC for AndyTheAbsurd
Almost a quarter of hackers have not reported a vulnerability that they found because the company didn't have a channel to disclose it, according to a survey of the ethical hacking community.
With 1,698 respondents, the 2018 Hacker Report, conducted by the cybersecurity platform HackerOne, is the largest documented survey ever conducted of the ethical hacking community.
In the survey, HackerOne reports that nearly 1 in 4 hackers have not reported a vulnerability because the company in question lacks a vulnerability disclosure policy (VDP) or a formal method for receiving vulnerability submissions from the outside world.
Without a VDP, ethical, white-hat hackers are forced to go through other channels like social media or emailing personnel in the company, but, as the survey states, they are "frequently ignored or misunderstood".
But that means that three-quarters DO, which I guess is good news. Or at least not bad news.