Tech Today w/ Ken May

Featured entries

Enlarge (credit: IBM ) Every time we discuss quantum computers, the headline tends to be that someone, somewhere is going to use the quantum to break your encryption and steal your student loan. If only that were true. But it is probably more realistic to think about quantum computers being used to solve quantum problems. And this has been demonstrated with recent chemistry calculations using a tiny quantum computer. If solving quantum problems with quantum computers sounds a bit circular, well, it is, but it is also practical. Think of it like this: every protein in your body has the structure it has because of quantum mechanics. And a physicist who is clever, but not intelligent, can write down an exact equation that describes that protein. But not even the most intelligent can solve that equation. Understanding molecules is hard A lazier physicist would write a computer script to solve the equation. But that won’t work either, because the time it takes to solve an exact description of the molecule will take longer than it takes to go from Big Bang to Heat Death. So we live with approximations. Approximations that are mostly pretty good but sometimes fail spectacularly. And, for some molecules, those approximations don’t speed up calculations very much at all. Read 13 remaining paragraphs | Comments

Preeti Desai of the National Audubon Society came across a dead creature on the beach in Texas City, Texas. She took photos and tweeted: “Okay, biology twitter, what the heck is this?? Found on a beach in Texas City, TX. #wildlifeid.” The consensus is that the fang-toothed, snake-like, eel-like creature is a fangtooth snake-eel . From Yahoo : Biologist Dr. Kenneth Tighe of the Smithsonian National Museum of Natural History was able to answer Desai’s question after the request was passed along to him. Tighe believed the creature to be an Aplatophis chauliodus, which is also known as a fangtooth snake-eel or tusky eel. The toothy creature’s scientific name translates to “terrible serpent.” “It might be [a] Bathyuroconger vicinus or Xenomystax congroides,” Tighe told EarthTouch News on Thursday. “All three of these species occur off Texas and have large fang-like teeth. Too bad you can’t clearly see the tip of the tail. That would differentiate between the ophichthid and the congrids.” Okay, biology twitter, what the heck is this?? Found on a beach in Texas City, TX. #wildlifeid pic.twitter.com/9IUuuL65qh — Preeti Desai

Enlarge / One of the fee-based services ExpensiveWallpaper apps subscribed users to. Researchers recently found at least 50 apps in the official Google Play market that made charges for fee-based services without the knowledge or permission of users. The apps were downloaded as many as 4.2 million times. Google quickly removed the apps after the researchers reported them, but within days, apps from the same malicious family were back and infected more than 5,000 devices. The apps, all from a family of malware that security firm Check Point calls ExpensiveWall, surreptitiously uploaded phone numbers, locations, and unique hardware identifiers to attacker-controlled servers. The apps then used the phone numbers to sign up unwitting users to premium services and to send fraudulent premium text messages, a move that caused users to be billed. Check Point researchers didn’t know how much revenue was generated by the apps. Google Play showed the apps had from 1 million to 4.2 million downloads. Packing heat ExpensiveWall—named after one of the individual apps called LovelyWall—used a common obfuscation technique known as packing. By compressing or encrypting the executable file before it’s uploaded to Play, attackers can hide its maliciousness from Google’s malware scanners. A key included in the package then reassembled the executable once the file was safely on the targeted device. Although packing is more than a decade old, Google’s failure to catch the apps, even after the first batch was removed, underscores how effective the technique remains. Read 3 remaining paragraphs | Comments

According to Bleeping Computer, a WordPress plug that goes by the name Display Widgets has been used to install a backdoor on WordPress sites across the internet for the past two and a half months. While the WordPress.org team removed the plugin from the official WordPress Plugins repository, the plugin managed to be installed on more than 200, 000 sites at the time of its removal. The good news is that the backdoor code was only found between Display Widgets version 2.6.1 (released June 30) and version 2.6.3 (released September 2), so it’s unlikely everyone who installed the plugin is affected. WordPress.org staff members reportedly removed the plugin three times before for similar violations. Bleeping Computer has compiled a history of events in its report, put together with data aggregated from three different investigations by David Law, White Fir Design, and Wordfence. The report adds: The original Display Widgets is a plugin that allowed WordPress site owners to control which, how, and when WordPress widgets appear on their sites. Stephanie Wells of Strategy11 developed the plugin, but after switching her focus to a premium version of the plugin, she decided to sell the open source version to a new developer who would have had the time to cater to its userbase. A month after buying the plugin in May, its new owner released a first new version — v2.6.0 — on June 21. Read more of this story at Slashdot.

Equifax Had ‘Admin’ as Login and Password in Argentina

Posted by kenmay on September - 14 - 2017

Reader wired_parrot writes: The credit report provider Equifax has been accused of a fresh data security breach, this time affecting its Argentine operations. The breach was revealed after security researchers discovered that an online employee tool used by Equifax Argentina was accessible using the “admin/admin” password combination. Read more of this story at Slashdot.

Cyber-arms dealer offers $1m for zero-day Tor hacks

Posted by kenmay on September - 13 - 2017

Zerodium is a cyber-arms dealer that produces hacking tools for governments by buying up newly discovered defects in widely used systems, weaponizing them and then selling them to be used against criminals, activists, journalists and other targets of state surveillance. (more…)

Apple’s new iPhone 8 and iPhone X support fast-charging

Posted by kenmay on September - 13 - 2017

 Want to get 50 percent of your battery life back with just 30 minutes of charging? You can do that with the iPhone 8 (and 8 Plus) and iPhone X (via Engadget). These are the first phones put out by Apple that will support a quicker charge rate if you have a higher capacity charger – though you’ll have to pick one of those up separately to take advantage. Like the iPad Pro before it, … Read More

Enlarge / From the Department of Energy: “This photo shows the construction phase of a 16.5 MW DC solar farm built in Oxford, MA. This 130-acre property was previously known as the largest piggery in Massachusetts.” (credit: Lucas Faria/ US Department of Energy ) On Tuesday, the Department of Energy (DOE) announced that utility-grade solar panels have hit cost targets set for 2020 , three years ahead of schedule. Those targets reflect around $1 per watt and 6¢ per kilowatt-hour in Kansas City, the department’s mid-range yardstick for solar panel cost per unit of energy produced (New York is considered the high-cost end, and Phoenix, Arizona, which has much more sunlight than most other major cities in the country, reflects the low-cost end). Those prices don’t include an Investment Tax Credit (ITC), which makes solar panels even cheaper. The Energy Department said that the cost per watt was assessed in terms of total installed system costs for developers. That means the number is based on “the sales price paid to the installer; therefore, it includes profit in the cost of the hardware,” according to a department presentation  (PDF). The National Renewable Energy Laboratory (NREL), a DOE-funded lab that assesses solar panel cost, wrote that, compared to the first quarter in 2016 , the first quarter in 2017 saw a 29-percent decline in installed cost for utility-scale solar, which was attributed to lower photovoltaic module and inverter prices, better panel efficiency, and reduced labor costs. Despite the plummeting costs for utility-scale solar, costs for commercial and residential solar panels have not fallen quite as quickly—just 15 percent and 6 percent, respectively. Read 5 remaining paragraphs | Comments

The “monster fatberg.” (credit: Thames Water ) A 250-meter-long mass weighing 130 metric tons has blocked a Victorian-era sewer tunnel in the east side of London, the BBC reports . To put the size and heft of the clog in perspective: it’s longer than two American football fields and as heavy as 11 double-decker buses. The mass is a concrete-hard amalgamation of flushed items, including condoms, diapers, and—most notably—wet wipes that have all been cemented together with oils and fats that were also washed down drains. For that reason, these types of clogs are sometimes called “fatbergs.” Authorities expect it will take three weeks to remove. Read 9 remaining paragraphs | Comments

HP unveils its insanely upgradeable Z-class workstations

Posted by kenmay on September - 13 - 2017

No matter how great your latest PC build is, HP’s new Z Workstation lineup can probably top it. The company’s latest Z8, Z6 and Z4 desktop workstations are its most powerful and ridiculously upgradeable ever, it says. The top-end Z8 features 24 RAM slots and up to 3TB of RAM, dual Xeon CPUs (with up to 56 cores), dual M.2 SSDs and dual NVIDIA Quadro Pro graphics cards. It’s aimed squarely at VFX artists, letting them run 3D simulations, edit 8K video and do Nuke compositing, probably all at the same time. Just to rattle off a few more specs (because there aren’t many machines like this), it offers 10 USB 3.1 Gen 2 Type C ports, dual Gig-E ports, seven full-length, full height PCIe slots (nine total) and optional Thunderbolt 3. All of that is housed in a cleanly laid out, tool-free chassis with a 1, 700 watt power supply and invective ducting. Just buying the Z8 box without much inside will cost you $2, 439, but if you want, say, a pair of the latest Xeon Platinum 8180 chips with 28 cores each and two of NVIDIA’s 24GB P6000 Quadro graphics adapters, those items alone would run you a cool $35, 000. Overall, the new machine boosts the memory, CPU core count, graphics and PCIe bandwidth capacity significantly across the board compared to its previous Z840 flagship model. The HP Z6 Workstation ($1, 919) dials that craziness down a notch, with 384GB of max system memory and fewer slots and ports, but still has the dual Xeon CPU option. The Z4 Workstation ($1, 239), meanwhile, lets you install 256GB of RAM and a single Xeon CPU, limited to Intel’s new W-series . The top end of that right now is the Xeon W2155 with 10 cores and 20 threads, and HP hasn’t said whether it’ll support the flagship 18-core Xeon W that’s coming later in the year. Remember, these prices are for the bare boxes only, not the graphics cards, memory, CPUs and other stuff you’ll need. On the Z4 model, however, the Xeon W 10-core chip is “just” $1, 000, so it should be no problem to build a box for around $3, 000 to $4, 000. HP also unveiled a few new displays, including the 38-inch Z38c curved display that is a bit of an odd duck for HP’s video-oriented Z lineup. Much like LG’s 38UC99 38-inch screen , it has sort-of 4K resolution (3, 840 x 1, 600) 21:9 that can’t actually handle full-resolution UHD video, so seems more suited for gaming. It also lacks other features like 10-bit capability, which is becoming increasingly important for 4K HDR video editing and color correctoin. HP’s Z8 and Z6 Workstations are coming in October, while the Z4 arrives sometime in November. This end-of-year date should help film and VFX houses fit them into their fiscal purchase budgets, because other than the Z4, these aren’t really meant for you or me.