Tag: science

Gigabyte Firmware Bugs Allow the Installation of BIOS/UEFI Ransomware

An anonymous reader writes from a report via BleepingComputer: Last week, at the BlackHat Asia 2017 security conference, researchers from cyber-security firm Cylance disclosed two vulnerabilities in the firmware of Gigabyte BRIX small computing devices, which allow an attacker to write malicious content to the UEFI firmware. During their presentation, researchers installed a proof-of-concept UEFI ransomware, preventing the BRIX devices from booting, but researchers say the same flaws can be used to plant rootkits that allow attackers to persist malware for years. The two vulnerabilities discovered are CVE-2017-3197 and CVE-2017-3198. The first is a failure on Gigabyte’s part to implement write protection for its UEFI firmware. The second vulnerability is another lapse on Gigabyte’s side, who forgot to implement a system that cryptographically signs UEFI firmware files. Add to this the fact that Gigabyte uses an insecure firmware update process, which doesn’t check the validity of downloaded files using a checksum and uses HTTP instead of HTTPS. A CERT vulnerability note was published to warn users of the impending danger and the bugs’ ease of exploitation. Read more of this story at Slashdot.

Read the original post:
Gigabyte Firmware Bugs Allow the Installation of BIOS/UEFI Ransomware

‘Arctic World Archive’ Will Keep the World’s Data Safe In an Arctic Mineshaft

An anonymous reader quotes a report from The Verge: Norway’s famous doomsday seed vault is getting a new neighbor. It’s called the Arctic World Archive, and it aims to do for data what the Svalbard Global Seed Vault has done for crop samples — provide a remote, impregnable home in the Arctic permafrost, safe from threats like natural disaster and global conflicts. But while the Global Seed Vault is (partially) funded by charities who want to preserve global crop diversity, the World Archive is a for-profit business, created by Norwegian tech company Piql and Norway’s state mining company SNSK. The Archive was opened on March 27th this year, with the first customers — the governments of Brazil, Mexico, and Norway — depositing copies of various historical documents in the vault. Data is stored in the World Archive on optical film specially developed for the task by Piql. (And, yes, the company name is a pun on the word pickle, as in preserving-in-vinegar.) The company started life in 2002 making video formats that bridged analog film and digital media, but as the world went fully digital it adapted its technology for the task of long-term storage. As Piql founder Rune Bjerkestrand tells The Verge: “Film is an optical medium, so what we do is, we take files of any kind of data — documents, PDFs, JPGs, TIFFs — and we convert that into big, high-density QR codes. Our QR codes are massive, and very high resolution; we use greyscale to get more data into every code. And in this way we convert a visual storage medium, film, into a digital one.” Once data is imprinted on film, the reels are stored in a converted mineshaft in the Arctic archipelago of Svalbard. The mineshaft (different to the one used by the Global Seed Vault) was originally operated by SNSK for the mining of coal, but was abandoned in 1995. The vault is 300 meters below the ground and impervious to both nuclear attacks and EMPs. Piql claims its proprietary film format will store data safely for at least 500 years, and maybe as long as 1, 000 years, with the assistance of the mine’s climate. Read more of this story at Slashdot.

Excerpt from:
‘Arctic World Archive’ Will Keep the World’s Data Safe In an Arctic Mineshaft

Spotify Premium Users Will Get Some Albums Two Weeks Before Free Users

Spotify has signed a long-term licensing agreement with Universal Music Group, allowing new albums from Universal artists to be restricted to its premium service for up to two weeks. The Verge reports: In a statement, Spotify CEO Daniel Ek admitted that Spotify understands that its policy of releasing albums across its entire service couldn’t last forever. “We know that not every album by every artist should be released the same way, and we’ve worked hard with UMG to develop a new, flexible release policy, ” Ek stated. “Starting today, Universal artists can choose to release new albums on premium only for two weeks, offering subscribers an earlier chance to explore the complete creative work, while the singles are available across Spotify for all our listeners to enjoy.” The agreement with UMG should allow for deals with Spotify’s other two major label partners, Warner Music Group and Sony Music Group, to be completed in short order — deals that likely will match the parameters set in the Spotify-UMG deal — paving the way for Spotify’s initial public offering. Read more of this story at Slashdot.

Read More:
Spotify Premium Users Will Get Some Albums Two Weeks Before Free Users

Companies Start Implanting Microchips Into Workers’ Bodies

A Swedish start-up called Epicenter is offering to implant its employees and start-up members with microchips that function as swipe cards, allowing them to open doors, operate equipment or buy food and drinks with a wave of the hand. While these microchips have been available for decades, the technology has never been implanted in humans on such a broad scale. “Epicenter and a handful of other companies are the first to make chip implants broadly available, ” reports Associated Press. From the report: [A]s with most new technologies, it raises security and privacy issues. Although the chips are biologically safe, the data they generate can show how often employees come to work or what they buy. Unlike company swipe cards or smartphones, which can generate the same data, people cannot easily separate themselves from the chips. Epicenter, which is home to more than 100 companies and roughly 2, 000 workers, began implanting workers in January 2015. Now, about 150 workers have the chips. A company based in Belgium also offers its employees such implants, and there are isolated cases around the world in which tech enthusiasts have tried them out in recent years. The small implants use near-field communication technology, or NFC, the same as in contactless credit cards or mobile payments. When activated by a reader a few inches away, a small amount of data flows between the two devices via electromagnetic waves. The implants are “passive, ” meaning they contain information that other devices can read, but cannot read information themselves. Ben Libberton, a microbiologist at Stockholm’s Karolinska Institute, says hackers could conceivably gain huge swaths of information from embedded microchips. The ethical dilemmas will become bigger the more sophisticated the microchips become. Epicenter workers stage monthly events where attendees can receive the implant. Read more of this story at Slashdot.

Read the original:
Companies Start Implanting Microchips Into Workers’ Bodies

Oh My God, Look at Saturn’s North Pole

Recently, Gizmodo space writer Rae Paoletta called Saturn “ the golden retriever of the solar system , ” and I’m not here to dispute that characterization. But it was a lot easier to think of Saturn as a golden retriever when the planet’s defining hue was, y’know, gold. Not blue. Not electric, alien protomolecule -blue. Read more…

Visit link:
Oh My God, Look at Saturn’s North Pole

Streaming Services Generated More Than 50% of All US Music Industry Revenue in 2016

Janko Roettgers, reporting for Variety: Streaming music services were for the first time ever responsible for more than 50 percent of all U.S. music industry revenue in 2016, according to new numbers released by the Recording Industry Association of America (RIAA) Thursday. Paid and ad-supported streaming together generated 51 percent of music revenue last year, to be precise, bringing in a total of $3.9 billion. In 2015, streaming music was responsible for 34 percent of the music industry’s annual revenue. Much of that increase can be attributed to a strong growth of paid subscriptions to services like Spotify and Apple Music. Revenue from paid subscription plans more than doubled in 2016, bringing in $2.5 billion, with an average of 22.6 million U.S. consumers subscribing to streaming services last year. The year before, subscription services had an average of 10.8 million paying subscribers. Read more of this story at Slashdot.

Taken from:
Streaming Services Generated More Than 50% of All US Music Industry Revenue in 2016

This Elusive Giant Octopus Snacks on Giant Jellies

The giant deep-sea octopus Haliphron is so rare that marine biologists have seen it just three times in 27 years. Using a robotic sub, scientists have finally caught video footage of this animal at mealtime—revealing its distinct preference for gelatinous sea creatures. Read more…

Original post:
This Elusive Giant Octopus Snacks on Giant Jellies

Dutch Scientist Proposes Circular Runways For Airport Efficiency

An anonymous reader quotes a report from Fast Company: While airport terminal architecture has a solid history of style and innovation, rarely is a proposal put forth to utterly redesign the runway. But that’s precisely the aim of Henk Hesselink, a Dutch scientist working with the Netherlands Aerospace Center. Dubbed the “endless runway, ” Hesselink’s brainchild is a 360-degree landing strip measuring more than two miles in diameter. Since airplanes would be able to approach and take off from any direction around the proposed circle, they wouldn’t have to fight against crosswinds. And three planes would be able to take off or land at the same time. Hesselink’s team uses flight simulators and computerized calculations to test the unconventional design, and have determined that round airports would be more efficient than existing layouts. With a central terminal, the airport would only use about a third of the land of the typical airport with the same airplane capacity. And there’s an added benefit to those living near airports: Flight paths could be more distributed, and thereby making plane noise more tolerable. BBC produced a video detailing Hesselink’s circular runway concept. The concept is fascinating but there are many questions the video does not answer. Phil Derner Jr. from NYC Aviation writes via Business Insider about some of those unanswered questions in his article titled “Why the circular runway concept wouldn’t work.” The fundamental issues discussed in his report include banked runway issues, curved runway issues, navigation issues, and airspace issues. What do you think of Hesselink’s concept? Do you think it is preposterous or shows promise? Read more of this story at Slashdot.

Original post:
Dutch Scientist Proposes Circular Runways For Airport Efficiency

Researchers Discover A Surprising New Role for Lungs: Making Blood

schwit1 quotes ScienceAlert: In experiments involving mice, the team found that lungs produce more than 10 million platelets (tiny blood cells) per hour, equating to the majority of platelets in the animals’ circulation. This goes against the decades-long assumption that bone marrow produces all of our blood components. Researchers from the University of California, San Francisco also discovered a previously unknown pool of blood stem cells that makes this happen inside the lung tissue — cells that were incorrectly assumed to mainly reside in bone marrow. “This finding definitely suggests a more sophisticated view of the lungs — that they’re not just for respiration, but also a key partner in formation of crucial aspects of the blood, ” says one of the researchers, Mark R. Looney. The platelet-producing cells actually migrate from the bone marrow to the lungs. Read more of this story at Slashdot.

View article:
Researchers Discover A Surprising New Role for Lungs: Making Blood

Ubuntu Linux 17.04 ‘Zesty Zapus’ Final Beta Now Available For Download

BrianFagioli writes: The final beta of Ubuntu 17.04 ‘Zesty Zapus’ became available for download Thursday. While it is never a good idea to run pre-release software on production machines, Canonical is claiming that it should be largely bug free at this point. In other words, if you understand the risks, it should be a fairly safe. Home users aside, this is a good opportunity for administrators to conduct testing prior to the official release next month. “The Ubuntu team is pleased to announce the final beta release of the Ubuntu 17.04 Desktop, Server, and Cloud products. Codenamed ‘Zesty Zapus’, 17.04 continues Ubuntu’s proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution, ” says Adam Conrad, Canonical. “The team has been hard at work through this cycle, introducing new features and fixing bugs.” Read more of this story at Slashdot.

Read more here:
Ubuntu Linux 17.04 ‘Zesty Zapus’ Final Beta Now Available For Download