Month: December 2016

5-Year-Old Critical Linux Vulnerability Patched

msm1267 quotes Kaspersky Lab’s ThreatPost: A critical, local code-execution vulnerability in the Linux kernel was patched more than a week ago, continuing a run of serious security issues in the operating system, most of which have been hiding in the code for years. Details on the vulnerability were published Tuesday by researcher Philip Pettersson, who said the vulnerable code was introd in August 2011. A patch was pushed to the mainline Linux kernel December 2, four days after it was privately disclosed. Pettersson has developed a proof-of-concept exploit specifically for Ubuntu distributions, but told Threatpost his attack could be ported to other distros with some changes. The vulnerability is a race condition that was discovered in the af_packet implementation in the Linux kernel, and Pettersson said that a local attacker could exploit the bug to gain kernel code execution from unprivileged processes. He said the bug cannot be exploited remotely. “Basically it’s a bait-and-switch, ” the researcher told Threatpost. “The bug allows you to trick the kernel into thinking it is working with one kind of object, while you actually switched it to another kind of object before it could react.” Read more of this story at Slashdot.

View original post here:
5-Year-Old Critical Linux Vulnerability Patched

‘Star In a Jar’ Fusion Reactor Works, Promises Infinite Energy

An anonymous reader quotes a report from Space.com: For several decades now, scientists from around the world have been pursuing a ridiculously ambitious goal: They hope to develop a nuclear fusion reactor that would generate energy in the same manner as the sun and other stars, but down here on Earth. Incorporated into terrestrial power plants, this “star in a jar” technology would essentially provide Earth with limitless clean energy, forever. And according to new reports out of Europe this week, we just took another big step toward making it happen. In a study published in the latest edition of the journal Nature Communications, researchers confirmed that Germany’s Wendelstein 7-X (W7-X) fusion energy device is on track and working as planned. The space-age system, known as a stellerator, generated its first batch of hydrogen plasma when it was first fired up earlier this year. The new tests basically give scientists the green light to proceed to the next stage of the process. It works like this: Unlike a traditional fission reactor, which splits atoms of heavy elements to generate energy, a fusion reactor works by fusing the nuclei of lighter atoms into heavier atoms. The process releases massive amounts of energy and produces no radioactive waste. The “fuel” used in a fusion reactor is simple hydrogen, which can be extracted from water. The W7-X device confines the plasma within magnetic fields generated by superconducting coils cooled down to near absolute zero. The plasma — at temperatures upwards of 80 million degrees Celsius — never comes into contact with the walls of the containment chamber. Neat trick, that. David Gates, principal research physicist for the advanced projects division of PPPL, leads the agency’s collaborative efforts in regard to the W7-X project. In an email exchange from his offices at Princeton, Gates said the latest tests verify that the W7-X magnetic “cage” is working as planned. “This lays the groundwork for the exciting high-performance plasma operations expected in the near future, ” Gates said. Read more of this story at Slashdot.

Read More:
‘Star In a Jar’ Fusion Reactor Works, Promises Infinite Energy

Researchers Point Out ‘Theoretical’ Security Flaws In AMD’s Upcoming Zen CPU

An anonymous reader writes from a report via BleepingComputer: The security protocol that governs how virtual machines share data on a host system powered by AMD Zen processors has been found to be insecure, at least in theory, according to two German researchers. The technology, called Secure Encrypted Virtualization (SEV), is designed to encrypt parts of the memory shared by different virtual machines on cloud servers. AMD, who plans to ship SEV with its upcoming line of Zen processors, has published the technical documentation for the SEV technology this past April. The German researchers have analyzed the design of SEV, using this public documentation, and said they managed to identify three attack channels, which work, at least in theory. [In a technical paper released over the past weekend, the researchers described their attacks:] “We show how a malicious hypervisor can force the guest to perform arbitrary read and write operations on protected memory. We describe how to completely disable any SEV memory protection configured by the tenant. We implement a replay attack that uses captured login data to gain access to the target system by solely exploiting resource management features of a hypervisor.” AMD is scheduled to ship SEV with the Zen processor line in the first quarter of 2017. Read more of this story at Slashdot.

Read More:
Researchers Point Out ‘Theoretical’ Security Flaws In AMD’s Upcoming Zen CPU

In Las Vegas, Audis now talk to traffic lights so you can count down to green

Audi LAS VEGAS—“You go and you build it in California, but where are you gonna test it? You’re gonna test it in Nevada.” Angela Castro, the Senior Director of Government Affairs Media and Marketing in Southern Nevada, was speaking. She looked around the room at a small group of sleepy reporters in a second-floor conference room looking over Sin City’s Traffic Management Center (TMC), which was surprisingly hushed despite the real-time images of bustling intersections displayed on a handful of giant mounted screens. Read 21 remaining paragraphs | Comments

Read the original post:
In Las Vegas, Audis now talk to traffic lights so you can count down to green

TSMC plans a new factory to pump out tomorrow’s 3 nm chips

News leaked in late August that chipmaker Taiwan Semiconductor Manufacturing Co (TSMC) and Apple were working shrinking the A11 processor set to go in next year’s iPhone down to 10nm. But to ensure it stays in business with the tech titan and other device manufacturers, TSMC is planning to build a new plant to build future chips at 5nm and 3nm sizes. According to Nikkei Asian Review , TSMC announced the new $15.7 billion facility a day after Taiwan’s minister of science and technology, Yang Hung-duen, told local media about it. His ministry might select a site in Kaohsiung for the factory, which could start production as early as 2022. That gives TSMC’s competitors a few years’ breathing room, but the race to smaller and smaller chips continues. While Intel claims it will produce a 10nm processor before its competitors, it conceded that production facilities equipped to pump out increasingly-smaller chips will only get more expensive. That’s why the company is slowing its two-year cycle “tick-tock” innovation cycle to reduce chip size every three years instead, focusing instead of improving internal architecture and performance in the interim. But even that lead might not be enough: On a conference call back in January, TSMC said it has a plan to push out 7nm chips by 2017 and 5nm by 2020. Via: 9to5Mac Source: Nikkei Asian Review

Continue reading here:
TSMC plans a new factory to pump out tomorrow’s 3 nm chips

The Libreboot C201 from Minifree is really really really ridiculously open source

 Open source laptops – ones not running any commercial software whatsoever – have been the holy grail for free software fans for years. Now, with the introduction of libreboot, a truly open source boot firmware, the dream is close to fruition. The $730 laptop is a bog standard piece of hardware but it contains only open source software. The OS, Debian, is completely open source and… Read More

View the original here:
The Libreboot C201 from Minifree is really really really ridiculously open source

First Dinosaur Tail Found Preserved in Amber

The tail of a beautiful, feathered dinosaur has been found perfectly preserved in amber from Myanmar. It is a huge breakthrough that could help open a new window on the biology of a group that dominated Earth for more than 160 million years. From a report on the National Geographic: The semitranslucent mid-Cretaceous amber sample, roughly the size and shape of a dried apricot, captures one of the earliest moments of differentiation between the feathers of birds of flight and the feathers of dinosaurs. Inside the lump of resin is a 1.4-inch appendage covered in delicate feathers, described as chestnut brown with a pale or white underside. CT scans and microscopic analysis of the sample revealed eight vertebrae from the middle or end of a long, thin tail that may have been originally made up of more than 25 vertebrae. NPR has a story on how this amber was found. An excerpt from it reads: In 2015, Lida Xing was visiting a market in northern Myanmar when a salesman brought out a piece of amber about the size of a pink rubber eraser. Inside, he could see a couple of ancient ants and a fuzzy brown tuft that the salesman said was a plant. As soon as Xing saw it, he knew it wasn’t a plant. It was the delicate, feathered tail of a tiny dinosaur. Read more of this story at Slashdot.

Read More:
First Dinosaur Tail Found Preserved in Amber

New Voynich Manuscript reproduction uses new photos, looks great

An “authorized” reproduction of the legendary Voynich Manuscript is finally available in print form , published by Yale University from new photographs taken for the purpose. Yale’s Beinecke Library owns the document and has taken its sweet time putting out a decent art book. The quality is better than the popular “unauthorized” edition published last year; that one uses older scans widely available on the web, but I suppose was good enough to force the university’s hand. The first authorized copy of this mysterious, much-speculated-upon, one-of-a-kind, centuries-old puzzle. The Voynich Manuscript is produced from new photographs of the entire original and accompanied by expert essays that invite anyone to understand and explore the enigma. Many call the fifteenth-century codex, commonly known as the “Voynich Manuscript,” the world’s most mysterious book. Written in an unknown script by an unknown author, the manuscript has no clearer purpose now than when it was rediscovered in 1912 by rare books dealer Wilfrid Voynich. The manuscript appears and disappears throughout history, from the library of the Holy Roman Emperor Rudolf II to a secret sale of books in 1903 by the Society of Jesus in Rome. The book’s language has eluded decipherment, and its elaborate illustrations remain as baffling as they are beautiful. For the first time, this facsimile, complete with elaborate folding sections, allows readers to explore this enigma in all its stunning detail, from its one-of-a-kind “Voynichese” text to its illustrations of otherworldly plants, unfamiliar constellations, and naked women swimming though fantastical tubes and green baths. The Voynich Manuscript [Amazon]

Taken from:
New Voynich Manuscript reproduction uses new photos, looks great

AT&T customers get $88 million in credits and refunds for illegal charges

Enlarge (credit: Getty | Aurich) Current and former AT&T customers will get refunds or bill credits totaling $88 million within the next 75 days, satisfying the terms of a settlement between AT&T and the Federal Trade Commission, the FTC announced today . The AT&T customers were victimized by “mobile cramming,” charges for third-party services that were placed on their phone bills without the customers’ authorization. AT&T agreed to pay for the refunds and credits in a settlement  announced in October 2014 , and it agreed to notify current customers about the process for applying for refunds. The process, which was led by a third-party contractor that validated each customers’ claim , is finally just about over. Some of the money was also recovered from  Tatto and Acquinity , two companies that were allegedly behind cramming schemes that affected AT&T customers. Customers were allowed to apply for refunds for any unauthorized third-party charges that occurred in 2009 and later. Read 4 remaining paragraphs | Comments

Excerpt from:
AT&T customers get $88 million in credits and refunds for illegal charges