Tag: open source

Android Oreo Bug Sends Thousands of Phones Into Infinite Boot Loops

An anonymous reader writes: A bug in the new “Adaptive Icons” feature introduced in Android Oreo has sent thousands of phones into infinite boot loops, forcing some users to reset their devices to factory settings, causing users to lose data along the way. The bug was discovered by Jcbsera, the developer of the Swipe for Facebook Android app (energy-efficient Facebook wrapper app), and does not affect Android Oreo (8.0) in its default state. The bug occurs only with apps that use adaptive icons — a new feature introduced in Android Oreo that allows icons to change shape and size based on the device they’re viewed on, or the type of launcher the user is using on his Android device. For example, adaptive icons will appear in square, rounded, or circle containers depending on the theme or launcher the user is using. The style of adaptive icons is defined a local XML file. The bug first manifested itself when the developer of the Swipe for Facebook Android app accidentally renamed the foreground image of his adaptive icon with the same name as this XML file (ic_launcher_main.png and ic_launcher_main.xml). This naming scheme sends Android Oreo in an infinite loop that regularly crashes the device. At one point, Android detects something is wrong and prompts the user to reset the device to factory settings. Users don’t have to open an app, and the crashes still happen just by having an app with malformed adaptive icons artifacts on your phone. Google said it will fix the issue in Android Oreo 8.1. Read more of this story at Slashdot.

Original post:
Android Oreo Bug Sends Thousands of Phones Into Infinite Boot Loops

Student Charged By FBI For Hacking His Grades More Than 90 times

An anonymous reader shares a report: In college, you can use your time to study. Or then again, you could perhaps rely on the Hand of God. And when I say “Hand of God, ” what I really mean is “keylogger.” Think of it like the “Nimble Fingers of God.” “Hand of God” (that makes sense) and “pineapple” (???) are two of the nicknames allegedly used to refer to keyloggers used by a former University of Iowa wrestler and student who was arrested last week on federal computer-hacking charges in a high-tech cheating scheme. According to the New York Times, Trevor Graves, 22, is accused in an FBI affidavit of working with an unnamed accomplice to secretly plug keyloggers into university computers in classrooms and in labs. The FBI says keyloggers allowed Graves to record whatever his professors typed, including credentials to log into university grading and email systems. Court documents allege that Graves intercepted exams and test questions in advance and repeatedly changed grades on tests, quizzes and homework assignments. This went on for 21 months — between March 2015 and December 2016. The scheme was discovered when a professor noticed that a number of Graves’ grades had been changed without her authorization. She reported it to campus IT security officials. Read more of this story at Slashdot.

Continued here:
Student Charged By FBI For Hacking His Grades More Than 90 times

New VibWrite System Uses Finger Vibrations To Authenticate Users

An anonymous reader quotes a report from Bleeping Computer: Rutgers engineers have created a new authentication system called VibWrite. The system relies on placing an inexpensive vibration motor and receiver on a solid surface, such as wood, metal, plastic, glass, etc.. The motor sends vibrations to the receiver. When the user touches the surface with one of his fingers, the vibration waves are modified to create a unique signature per user and per finger. Rutgers researchers say that VibWrite is more secure when users are asked to draw a pattern or enter a code on a PIN pad drawn on the solid surface. This also generates a unique fingerprint, but far more complex than just touching the surface with one finger. During two tests, VibWrite verified users with a 95% accuracy and a 3% false positive rate. The only problem researchers encountered in the live trials was that some users had to draw the pattern or enter the PIN number several times before they passed the VibWrite authentication test. Besides improvements to the accuracy with which VibWrite can detect finger vibrations, researchers also plan to look into how VibWrite will behave in outdoor environments to account for varying temperatures, humidity, winds, wetness, dust, dirt, and other conditions. This new novel user authentication system is described in full in a research paper entitled “VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration.” Read more of this story at Slashdot.

View post:
New VibWrite System Uses Finger Vibrations To Authenticate Users

Critical Flaws In Maritime Communications System Could Endanger Entire Ships

Orome1 shares a report from Help Net Security: IOActive security consultant Mario Ballano has discovered two critical cybersecurity vulnerabilities affecting Stratos Global’s AmosConnect communication shipboard platform. The platform works in conjunction with the ships’ satellite equipment, and integrates vessel and shore-based office applications, as well as provides services like Internet access for the crew, email, IM, position reporting, etc. The first vulnerability is a blind SQL injection in a login form. Attackers that successfully exploit it can retrieve credentials to log into the service and access sensitive information stored in it. The second one is a built-in backdoor account with full system privileges. “Among other things, this vulnerability allows attackers to execute commands with SYSTEM privileges on the remote system by abusing AmosConnect Task Manager, ” Bellano shared. The found flaws can be exploited only by an attacker that has access to the ship’s IT systems network, he noted, but on some ships the various networks might not be segmented, or AmosConnect might be exposed to one or more of them. The vulnerabilities were found in AmosConnect 8.4.0, and Stratos Global was notified a year ago. But Inmarsat won’t fix them, and has discontinued the 8.0 version of the platform in June 2017. Read more of this story at Slashdot.

More:
Critical Flaws In Maritime Communications System Could Endanger Entire Ships

Saudi Arabia Becomes First Nation To Grant Citizenship To Humanoid Robot

Saudi Arabia became the first country in the world to offer citizenship to a humanoid robot, but Brad Keywell, CEO of Uptake, a predictive analytics technology company, told FOX Business on Thursday artificial intelligence (AI) will not replace humans anytime soon. From a report: “Humans are made super-human through the intelligence that can be derived from these sensors and there is a clear argument that’s made about the possibility that there will be no humans, there’d be just autonomous everything… but this is something that has historically involved humans and I just don’t see that changing, ” he told Maria Bartiromo on “Mornings with Maria.” Uptake’s products are used in a collection of industries ranging from energy to aviation, helping “people and machines work better and faster, ” according to the company website. Read more of this story at Slashdot.

Read More:
Saudi Arabia Becomes First Nation To Grant Citizenship To Humanoid Robot

Justice Department Demands Five Twitter Users’ Personal Info Over an Emoji

An anonymous reader quotes a report from Techdirt: Back in May, the Justice Department — apparently lacking anything better to do with its time — sent a subpoena to Twitter, demanding a whole bunch of information on five Twitter users, including a few names that regular Techdirt readers may be familiar with. If you can’t see that, it’s a subpoena asking for information on the following five Twitter users: @dawg8u (“Mike Honcho”), @abtnatural (“Virgil”), @Popehat (Ken White), @associatesmind (Keith Lee) and @PogoWasRight (Dissent Doe). I’m pretty sure we’ve talked about three of those five in previous Techdirt posts. Either way, they’re folks who are quite active in legal/privacy issues on Twitter. And what info does the DOJ want on them? Well, basically everything: [users’ names, addresses, IP addresses associated with their time on Twitter, phone numbers and credit card or bank account numbers.] That’s a fair bit of information. Why the hell would the DOJ want all that? Would you believe it appears to be over a single tweet from someone to each of those five individuals that consists entirely of a smiley face? I wish I was kidding. Here’s the tweet and then I’ll get into the somewhat convoluted back story. The tweet is up as I write this, but here’s a screenshot in case it disappears. The Department of Justice’s subpoena is intended to address allegations that Shafer, who has a history of spotting weak encryption and drawing attention to it, cyberstalked an FBI agent after the agency raided his home. Vanity Fair summarizes the incident: “In 2013, Shafer discovered that FairCom’s data-encryption package had actually exposed a dentist’s office to data theft. An F.T.C. settlement later validated Shafer’s reporting, but in 2016, when another dentist’s office responded to Shafer’s disclosure by claiming he’d violated the Computer Fraud and Abuse Act and broken the law, the F.B.I. raided his home and confiscated many of his electronics. Shafer was particularly annoyed at F.B.I. Special Agent Nathan Hopp, who helped to conduct the raid, and who was later involved in a different case: in March, he compiled a criminal complaint involving the F.B.I.’s arrest of a troll for tweeting a flashing GIF at journalist Kurt Eichenwald, who is epileptic. Shafer began to compile publicly available information about Hopp, sharing his findings on Twitter. The Twitter users named in the subpoena had started a separate discussion about Hopp, with one user calling Hopp the “least busy F.B.I. agent of all time, ” a claim that prompted Shafer’s smiley-faced tweet.” Read more of this story at Slashdot.

Read the article:
Justice Department Demands Five Twitter Users’ Personal Info Over an Emoji

China Shuts Down Tens Of Thousands Of Factories In Widespread Pollution Crackdown

Buildings in China are shrouded in smog. From a report: China has implemented an unprecedented pollution crackdown in recent months as the country shuts down tens of thousands of factories. The effort is part of a national effort to address China’s infamous pollution and has affected wide swaths of China’s manufacturing sector. In total, it is estimated that 40 percent of all China’s factories have been shut down at some point in order to be inspected by environmental bureau officials. As a result of these inspections over 80, 000 factories have been hit with fines and criminal offenses as a result of their emissions. Safety officials have been moving from province to province (30 in total so far) shutting down factories as well as electricity and gas as they inspect the factories for meeting emissions requirements. This has resulted in late and missed orders, increased costs, and could ultimately result in higher prices on US shelves. Read more of this story at Slashdot.

View original post here:
China Shuts Down Tens Of Thousands Of Factories In Widespread Pollution Crackdown

Arkansas Will Pay Up To $1,000 Cash To Kids Who Pass AP Computer Science A Exam

theodp writes: The State of Arkansas will be handing out cash to high school students who pass an Advanced Placement test in computer science. “The purpose of the incentive program is to increase the number of qualifying scores (3, 4, or 5) on Advanced Placement Computer Science A exams, ” explained a press release for the Arkansas Advanced Placement Computer Science A Incentive Program (only 87 Arkansas public school students passed the AP CS A exam in 2016, according to College Board data). Gov. Asa Hutchinson added, “The Arkansas Department of Education’s incentive for high scores on the AP Computer Science A exam is a terrific way to reward our students for their hard work in school. The real payoff for their hard work, of course, is when they show their excellent transcripts to potential employers who offer good salaries for their skills.” The tiered monetary awards call for public school students receiving a top score of 5 on the AP CS A exam to receive $1, 000, with another $250 going to their schools. Scores of 4 will earn students $750 and schools $150, while a score of 3 will result in a $250 payday for students and $50 for their schools. The program evokes memories of the College Board’s Google-funded AP STEM Access program, which rewarded AP STEM teachers with a $100 DonorsChoose.org gift card for each student who received a 3, 4, or 5 on an AP exam. DonorsChoose.org credits were also offered later by tech-bankrolled Code.org and Google to teachers who got their students coding. Read more of this story at Slashdot.

More:
Arkansas Will Pay Up To $1,000 Cash To Kids Who Pass AP Computer Science A Exam

Discovery of 50km Cave Raises Hopes For Human Colonisation of Moon

New submitter Zorro shares a report: Scientists have fantasised for centuries about humans colonising the moon. That day may have drawn a little closer after Japan’s space agency said it had discovered an enormous cave beneath the lunar surface that could be turned into an exploration base for astronauts. The discovery, by Japan’s Selenological and Engineering Explorer (Selene) probe, comes as several countries vie to follow the US in sending manned missions to the moon. Using a radar sounder system that can examine underground structures, the orbiter initially found an opening 50 metres wide and 50 metres deep, prompting speculation that there could be a larger hollow. This week scientists at the Japan Aerospace Exploration Agency (Jaxa) confirmed the presence of a cave after examining the hole using radio waves. The chasm, 50km (31 miles) long and 100 metres wide, appears to be structurally sound and its rocks may contain ice or water deposits that could be turned into fuel, according to data sent back by the orbiter, nicknamed Kaguya after the moon princess in a Japanese fairytale. Jaxa believes the cave, located from a few dozen metres to 200 metres beneath an area of volcanic domes known as the Marius Hills on the moon’s near side, is a lava tube created during volcanic activity about 3.5bn years ago. Read more of this story at Slashdot.

View post:
Discovery of 50km Cave Raises Hopes For Human Colonisation of Moon

First Mass-Produced Electric Truck Unveiled

AmiMoJo shares a report from NHK WORLD: Japan’s Mitsubishi Fuso Truck and Bus has unveiled what it says is the world’s first mass-produced electric truck, as automakers around the world go all out to develop cars that run on battery power. The vehicle can carry about 3 tons of cargo and travel about 100 kilometers on a single charge. The truck, unveiled on Thursday, will be used by Japan’s largest convenience store chain, Seven-Eleven. Seven-Eleven President Kazuki Furuya says some people complain about the noise delivery vehicles make, and says he is very impressed at how quiet the electric truck is. Read more of this story at Slashdot.

See the original article here:
First Mass-Produced Electric Truck Unveiled