Month: May 2017

Mac users installing popular DVD ripper get nasty backdoor instead

(credit: Patrick Wardle ) Hackers compromised a download server for a popular DVD-ripping software named HandBrake and used it to push stealthy malware that stole victims’ password keychains, password vaults, and possibly the master credentials that decrypted them, security researchers said Monday. Over a four-day period ending Saturday, a download mirror located at download.handbrake.fr delivered a version of the video conversion software that contained a backdoor known as Proton, HandBrake developers warned over the weekend . At the time that the malware was being distributed to unsuspecting Mac users, none of the 55 most widely used antivirus services detected it. That’s according to researcher Patrick Wardle , who reported results here and here from the VirusTotal file-scanning service. When the malicious download was opened, it directed users to enter their Mac administer password, which was then uploaded in plain text to a server controlled by the attackers. Once installed, the malware sent a variety of sensitive user files to the same server. In a blog post published Monday morning , Thomas Reed, director of Mac offerings at antivirus provider Malwarebytes, wrote: Read 5 remaining paragraphs | Comments

Originally posted here:
Mac users installing popular DVD ripper get nasty backdoor instead

New ultra-high resolution printer makes colors from nanostructures

Researchers from the Technical University of Denmark demonstrated a new nanotechnology-based printing technique that produces long-lasting color images on plastic at resolutions up to 127,000 dots per inch, many times more detailed than traditional laser printers. The system uses a laser to alter the structure of nanoscale structures on the plastic material. (A nanometer is one-billionth of a meter; a human hair is around 60,000 nanometers in diameter.) The nanoprinting technique could also lead to new kinds of 3D displays or invisible watermarks. From New Scientist : The surface of the plastic is shaped so that it has lots of tiny pillars, one roughly every 200 nanometers. A thin film of the element germanium is then spread over the plastic. Heat from a laser melts the germanium on each pillar, morphing its shape and thickness. As a result, it reflects a specific color. The coating protects the shapes of the newly carved nanostructures. Resonant laser printing of structural colors on high-index dielectric metasurfaces (ScienceAdvances)

Read More:
New ultra-high resolution printer makes colors from nanostructures

NIST’s Draft To Remove Periodic Password Change Requirements Gets Vendors’ Approval

An anonymous reader writes: A recently released draft of the National Institute of Standards and Technology’s digital identity guidelines has met with approval by vendors. The draft guidelines revise password security recommendations and altering many of the standards and best practices security professionals use when forming policies for their companies. The new framework recommends, among other things: “Remove periodic password change requirements.” There have been multiple studies that have shown requiring frequent password changes to actually be counterproductive to good password security, said Mike Wilson, founder of PasswordPing. NIST said this guideline was suggested because passwords should be changed when a user wants to change it or if there is indication of breach. Read more of this story at Slashdot.

Follow this link:
NIST’s Draft To Remove Periodic Password Change Requirements Gets Vendors’ Approval

This Synthetic Bone Implant Could Replace Painful Marrow Transplants

Thanks to advances in medicine, bone marrow transplants are no longer the last resorts they one were. Every year, thousands of marrow transplants are performed, a common treatment for ailments from bone marrow disease to leukemia. But because they first require a patient undergo radiation to kill off any existing bone… Read more…

Visit site:
This Synthetic Bone Implant Could Replace Painful Marrow Transplants

Scientists stunned by new findings about salt’s effects on body

Conventional wisdom: If you eat a lot of salt, you will get thirsty to dilute the sodium level in your blood. The excess salt will be excreted in your urine. But a new study of Russian cosmonauts is challenging this long-held belief. When the cosmonauts ate more salt, the became less thirsty. And their appetite increased – they had to eat 25 percent more to maintain their weight. From the New York Times : The crew members were increasing production of glucocorticoid hormones, which influence both metabolism and immune function. To get further insight, [Dr. Jens Titze, now a kidney specialist at Vanderbilt University Medical Center and the Interdisciplinary Center for Clinical Research in Erlangen, Germany] began a study of mice in the laboratory. Sure enough, the more salt he added to the animals’ diet, the less water they drank. And he saw why. The animals were getting water — but not by drinking it. The increased levels of glucocorticoid hormones broke down fat and muscle in their own bodies. This freed up water for the body to use. But that process requires energy, Dr. Titze also found, which is why the mice ate 25 percent more food on a high-salt diet. The hormones also may be a cause of the strange long-term fluctuations in urine volume. Scientists knew that a starving body will burn its own fat and muscle for sustenance. But the realization that something similar happens on a salty diet has come as a revelation. https://youtu.be/aJEzl31zL-I

See the original article here:
Scientists stunned by new findings about salt’s effects on body

Apple pledges $1 billion to support manufacturing jobs in the US

Apple probably won’t start building iPhones and iPads in the United States any time soon , but CEO Tim Cook is happy to help other companies keep their manufacturing businesses stateside. Apple will pour $1 billion into a fund aimed at promoting advanced manufacturing jobs in the US, Cook announced on Mad Money today. “By doing that, we can be the ripple in the pond, ” Cook said. “Because if we can create many manufacturing jobs around, those manufacturing jobs create more jobs around them because you have a service industry that builds up around them.” Apple will announce the first beneficiary of its fund later in May. Cook touched on other areas of interest for Apple, including its intention to support programs that help train developers and get more people coding. Apple will announce details about this endeavor in the summer. “We’re really looking at this thing deeply, ” Cook said. “How do we grow our employee base? How do we grow the developer base? How do we grow manufacturing? You will see us bring things to market in all of those areas across this year.” One of President Donald Trump’s rallying cries during the campaign was the idea that he would bring manufacturing jobs back to the US. In early 2016, Trump said he’d force Apple to “build their damn computers in this country, ” though in reality there’s no teeth to such a threat and the company still assembles its gadgets abroad . Source: Mad Money

See the article here:
Apple pledges $1 billion to support manufacturing jobs in the US

‘First Pirated Ultra HD Blu-Ray Disk’ Appears Online

Has AACS 2.0 encryption used to protect UHD Blu-ray discs been cracked? While the details are scarce, a cracked copy of a UHD Blu-ray disc surfaced on the HD-focused BitTorrent tracker UltraHDclub. TorrentFreak reports: The torrent in question is a copy of the Smurfs 2 film and is tagged “The Smurfs 2 (2013) 2160p UHD Blu-ray HEVC Atmos 7.1-THRONE.” This suggests that AACS 2.0 may have been “cracked” although there are no further technical details provided at this point. UltraHDclub is proud of the release, though, and boasts of having the “First Ultra HD Blu-ray Disc in the NET!” Those who want to get their hands on a copy of the file have to be patient though. Provided that they have access to the private tracker, it will take a while to download the entire 53.30 GB disk. TorrentFreak reached out to both the uploader of the torrent and an admin at the site hoping to find out more, but thus far we have yet to hear back. From the details provided, the copy appears to be the real deal although not everyone agrees. Read more of this story at Slashdot.

Read this article:
‘First Pirated Ultra HD Blu-Ray Disk’ Appears Online

Chess with wireless, glowing nixie tubes

Lasermad’s Nixie Chessboards take 8-10 weeks to hand build, during which time each of the chess pieces is painstakingly built around a vintage nixie tube scavenged from the world’s dwindling supply, and the board is prepared with the wireless induction coils that power the pieces when they’re set on the board, lighting them up. ( via Red Ferret ) (more…)

Continued here:
Chess with wireless, glowing nixie tubes

235 apps attempt to secretly track users with ultrasonic audio

Ultrasonic beacons ( previously , previously ) let advertisers build an idea of when and where you use your devices: the sound plays in an ad on one device, and is heard by other devices. This way, they can associate two gadgets with a single user, precisely geolocate devices without aGPS, or even build graphs of real-world social networks. The threat was considered more academic than some, but more than 200 Android apps were found in the wild using the technique . In research sponsored by the German government [PDF], a team of researchers conducted extensive tests across the EU to better understand how widespread this practice is in the real world. Their results revealed Shopkick ultrasonic beacons at 4 of 35 stores in two European cities. The situation isn’t that worrisome, as users have to open an app with the Shopkick SDK for the beacon to be picked up. In the real world, this isn’t an issue, as store owners, advertisers, or product manufactures could incentivize users to open various apps as a way to get discounts. From the paper: While in April 2015 only six instances were known, we have been able to identify 39 further instances in a dataset of about 1,3 million applications in December 2015, and until now, a total of 234 samples containing SilverPush has been discovered. We conclude that even if the tracking through TV content is not actively used yet, the monitoring functionality is already deployed in mobile applications and might become a serious privacy threat in the near future Apparently it’s not very effective—consumer speakers and mics aren’t designed with ultrasonic use in mind and the authors say noise, audio compression and other factors “significantly affects the feasibility” of the technology—but the intent is clearly there on the part of advertisers and appmakers to make a stab at it. Annoyingly, there doesn’t seem to be a list of the apps that are doing this, but there is a reference to a McDonalds app. If an app asks for access to your device’s microphone, camera, etc., and you don’t know why, delete the app.

Read this article:
235 apps attempt to secretly track users with ultrasonic audio

What Those Spray Paint Marks on the Street Actually Mean [Update]

Walking around your city, you might have noticed spray paint markings on the street and sidewalk. Clearly they’re there to mark something, but what? Turns out, construction workers aren’t just doodling for fun—those marks are there to protect you. Read more…

View article:
What Those Spray Paint Marks on the Street Actually Mean [Update]