linkedin – Page 166

Amazon Is Secretly Building an ‘Uber For Trucking’ App, Setting Its Sights On a Massive $800 Billion Market

Amazon is building an app that matches truck drivers with shippers, a new service that would deepen its presence in the $800 billion trucking industry, a person with direct knowledge of the matter told Business Insider. From the report: The app, scheduled to launch next summer, is designed to make it easier for truck drivers to find shippers that need goods moved, much in the way Uber connects drivers with riders. It would also eliminate the need for a third-party broker, which typically charges a commission of about 15% for doing the middleman work. The app will offer real-time pricing and driving directions, as well as personalized features such as truck-stop recommendations and a suggested “tour” of loads to pick up and drop off. It could also have tracking and payment options to speed up the entire shipping process. Read more of this story at Slashdot.

Continue Reading:
Amazon Is Secretly Building an ‘Uber For Trucking’ App, Setting Its Sights On a Massive $800 Billion Market

A $300 Device Can Steal Mac FileVault2 Passwords

An anonymous reader writes: Swedish hardware hacker Ulf Frisk has created a device that can extract Mac FileVault2 (Apple’s disk encryption utility) passwords from a device’s memory before macOS boots and anti-DMA protections kick in. The extracted passwords are in cleartext, and they also double as the macOS logon passwords. The attack requires physical access, but it takes less than 30 seconds to carry out. A special device is needed, which runs custom software (available on GitHub), and uses hardware parts that cost around $300. Apple fixed the attack in macOS 10.12.2. The device is similar to what Samy Kamker created with Poison Tap. Read more of this story at Slashdot.

Continue Reading:
A $300 Device Can Steal Mac FileVault2 Passwords

Disney IT Workers, In Lawsuit, Claim Discrimination Against Americans

dcblogs quotes a report from Computerworld: After Disney IT workers were told in October 2014 of the plan to use offshore outsourcing firms, employees said the workplace changed. The number of South Asian workers in Disney technology buildings increased, and some workers had to train H-1B-visa-holding replacements. Approximately 250 IT workers were laid off in January 2015. Now 30 of these employees filed a lawsuit on Monday in U.S. District Court in Orlando, alleging discrimination on the basis of national origin and race. The Disney IT employees, said Sara Blackwell, a Florida labor attorney who is representing this group, “lost their jobs when their jobs were outsourced to contracting companies. And those companies brought in mostly, or virtually all, non-American national origin workers, ” she said. The lawsuit alleges that Disney terminated the employment of the plaintiffs “based solely on their national origin and race, replacing them with Indian nationals.” The people who were laid off were multiple races, but the people who came in were mostly one race, said Blackwell. The lawsuit alleges that Disney terminated the employment of the plaintiffs “based solely on their national origin and race, replacing them with Indian nationals.” Read more of this story at Slashdot.

More:
Disney IT Workers, In Lawsuit, Claim Discrimination Against Americans

5-Year-Old Critical Linux Vulnerability Patched

msm1267 quotes Kaspersky Lab’s ThreatPost: A critical, local code-execution vulnerability in the Linux kernel was patched more than a week ago, continuing a run of serious security issues in the operating system, most of which have been hiding in the code for years. Details on the vulnerability were published Tuesday by researcher Philip Pettersson, who said the vulnerable code was introd in August 2011. A patch was pushed to the mainline Linux kernel December 2, four days after it was privately disclosed. Pettersson has developed a proof-of-concept exploit specifically for Ubuntu distributions, but told Threatpost his attack could be ported to other distros with some changes. The vulnerability is a race condition that was discovered in the af_packet implementation in the Linux kernel, and Pettersson said that a local attacker could exploit the bug to gain kernel code execution from unprivileged processes. He said the bug cannot be exploited remotely. “Basically it’s a bait-and-switch, ” the researcher told Threatpost. “The bug allows you to trick the kernel into thinking it is working with one kind of object, while you actually switched it to another kind of object before it could react.” Read more of this story at Slashdot.

View original post here:
5-Year-Old Critical Linux Vulnerability Patched

Researchers Point Out ‘Theoretical’ Security Flaws In AMD’s Upcoming Zen CPU

An anonymous reader writes from a report via BleepingComputer: The security protocol that governs how virtual machines share data on a host system powered by AMD Zen processors has been found to be insecure, at least in theory, according to two German researchers. The technology, called Secure Encrypted Virtualization (SEV), is designed to encrypt parts of the memory shared by different virtual machines on cloud servers. AMD, who plans to ship SEV with its upcoming line of Zen processors, has published the technical documentation for the SEV technology this past April. The German researchers have analyzed the design of SEV, using this public documentation, and said they managed to identify three attack channels, which work, at least in theory. [In a technical paper released over the past weekend, the researchers described their attacks:] “We show how a malicious hypervisor can force the guest to perform arbitrary read and write operations on protected memory. We describe how to completely disable any SEV memory protection configured by the tenant. We implement a replay attack that uses captured login data to gain access to the target system by solely exploiting resource management features of a hypervisor.” AMD is scheduled to ship SEV with the Zen processor line in the first quarter of 2017. Read more of this story at Slashdot.

Earth’s Day Lengthens By Two Milliseconds a Century, Astronomers Find

Researchers at Durham University and the UK’s Nautical Almanac Office compiled nearly 3, 000 years of celestial records and found that with every passing century, the day on Earth lengthens by two milliseconds as the planet’s rotation gradually winds down. The Guardian reports: The split second gained since the first world war may not seem much, but the time it takes for a sunbeam to travel 600km towards Earth can cost an Olympic gold medal, as the American Tim McKee found out when he lost to Sweden’s Gunnar Larsson in 1972. For those holding out for a whole extra hour a day, be prepared for a long wait. Barring any change in the rate of slowing down, an Earth day will not last 25 hours for about two million centuries more. Researchers at Durham University and the UK’s Nautical Almanac Office gathered historical accounts of eclipses and other celestial events from 720BC to 2015. The oldest records came from Babylonian clay tablets written in cuneiform, with more added from ancient Greek texts, such as Ptolemy’s 2nd century Almagest, and scripts from China, medieval Europe and the Arab dominions. The ancient records captured the times and places that people witnessed various stages of solar and lunar eclipses, while documents from 1600AD onwards described lunar occultations, when the moon passed in front of particular stars and blocked them from view. To find out how the Earth’s rotation has varied over the 2, 735-year-long period, the researchers compared the historical records with a computer model that calculated where and when people would have seen past events if Earth’s spin had remained constant. The astronomers found that Earth’s spin would have slowed down even more had it not been for a counteracting process. Since the end of the most recent ice age, land masses that were once buried under slabs of frozen water have been unloaded and sprung back into place. The shift caused the Earth to be less oblate — or squished — on its axis. And just as a spinning ice skater speeds up when she pulls in her arms, so the Earth spins faster when its poles are less compressed. Changes in the world’s sea levels and electromagnetic forces between Earth’s core and its rocky mantle had effects on Earth’s spin too, according to the scientists’ report in Proceedings of the Royal Society. Read more of this story at Slashdot.

Visit site:
Earth’s Day Lengthens By Two Milliseconds a Century, Astronomers Find

Cesarean Births Could Be Affecting Human Evolution, Study Says

CanadianRealist writes: Larger babies delivered by cesarean section may be affecting human evolution. Researchers estimate cases where the baby cannot fit down the birth canal have increased from 30 in 1, 000 in the 1960s to 36 in 1, 000 births today, [according to estimates from researchers at the University of Vienna in Austria.] Science Alert reports: “In the past, larger babies and mothers with narrow pelvis sizes might both have died in labour. Thanks to C-sections, that’s now a lot less likely, but it also means that those ‘at risk’ genes from mothers with narrow pelvises are being carried into future generations. More detailed studies would be required to actually confirm the link between C-sections and evolution, as all we have now is a hypothesis based on the birth data.” Agreed, more studies required part. Cesareans may simply be becoming more common with “too large” defined as cesarean seems like a better idea. It’s reasonable to pose the question based simply on an understanding of evolution. Like it’s reasonable to conjecture that length of human pregnancy is a compromise between further development in utero, and chance of mother and baby surviving the delivery. Read more of this story at Slashdot.

See the article here:
Cesarean Births Could Be Affecting Human Evolution, Study Says

Qualcomm Debuts 10nm Server Chip To Attack Intel Server Stronghold

An anonymous reader quotes a report from Tom’s Hardware: Qualcomm and its Qualcomm Datacenter Technologies subsidiary announced today that the company has already begun sampling its first 10nm server processor. The Centriq 2400 is the second generation of Qualcomm server SOCs, but it is the first in its new family of 10nm FinFET processors. The Centriq 2400 features up to 48 custom Qualcomm ARMv8-compliant Falkor cores and comes a little over a year after Qualcomm began developing its first-generation Centriq processors. Qualcomm’s introduction of a 10nm server chip while Intel is still refining its 14nm process appears to be a clear shot across Intel’s bow–due not only to the smaller process, but also its sudden lead in core count. Intel’s latest 14nm E7 Broadwell processors top out at 24 cores. Qualcomm isn’t releasing more information, such as clock speeds or performance specifications, which would help to quantify the benefit of its increased core count. The server market commands the highest margins, which is certainly attractive for the mobile-centric Qualcomm, which found its success in the relatively low-margin smartphone segment. However, Intel has a commanding lead in the data center with more than a 99% share of the world’s server sockets, and penetrating the segment requires considerable time, investment, and ecosystem development. Qualcomm unveiled at least a small portion of its development efforts by demonstrating Apache Spark and Hadoop on Linux and Java running on the Centriq 2400 processor. The company also notes that Falkor is SBSA compliant, which means that it is compatible with any software that runs on an ARMv8-compliant server platform. Read more of this story at Slashdot.

Google Is Rolling Out Android 7.1.1

Google is rolling out Android 7.1.1 for Pixel and Nexus smartphones, including the Nexus 6, Nexus 5X, Nexus 6P, Nexus 9, Pixel, Pixel XL, Nexus Player, Pixel C and General Mobile 4G (Android One). You can download it over-the-air when it becomes available “over the next several weeks” or flash it yourself. Engadget details some of the new features found in Android 7.1.1: As for what you can find from a feature perspective, Google has added support for its “image keyboard” that lets you easily find and send pictures and GIFs without leaving your messaging app of choice. Google says it’ll work inside of Hangouts, Allo, and the default Messaging app. Ironically enough, the feature has been available in the Gboard iOS keyboard that Google launched in the spring, but it’s good to see it coming to more Android phones now. Android 7.1.1 also includes Google’s latest set of more diverse emoji, specifically focused on showing a “wider range of professions” for women. And it also contains the excellent app shortcut feature that originally launched on the Pixel — if you press and hold on an app’s icon, a sub-menu of shortcuts will show up. You’ll be able to quickly send a message to a specific contact or navigate to a saved location using these shortcuts, for example. They’re very much like the “force touch” shortcuts found on the iPhone, but that doesn’t make them any less useful. Read more of this story at Slashdot.

See original article:
Google Is Rolling Out Android 7.1.1

Dailymotion Hack Exposes Millions of Accounts

Millions of accounts associated with video sharing site Dailymotion, one of the biggest video platforms in the world, have been stolen. From a ZDNet report: A hacker extracted 85.2 million unique email addresses and usernames from the company’s systems, but about one-in-five accounts — roughly 18.3 million– had associated passwords, which were scrambled with the bcrypt hashing function, making the passwords difficult to crack. The hack is believed to have been carried out on October 20 by a hacker, whose identity isn’t known, according to LeakedSource, a breach notification service, which obtained the data. Dailymotion launched in 2005, and is currently the 113rd most visited website in the world, according to Alexa rankings. Read more of this story at Slashdot.

Ken May

Tag: linkedin