Scientists have uncovered 2 billion-year-old water in an Ontario mine. (Image: University of Toronto) Canadian Geoscientists have uncovered water that dates back a whopping two billion years. It’s the oldest water ever discovered on Earth, and it could broaden our understanding of how life emerged on our planet—and possibly elsewhere. Read more…
More here:
Two Billion-Year-Old Water Found in Canadian Mine
An anonymous reader writes: As if 2016 wasn’t shitty enough for Yahoo — which admitted to two separate breaches that saw 500 million users’ and then 1 billion users’ details stolen by hackers — the New York Times reports that a billion-user database was sold on the Dark Web last August for $300, 000. That’s according to Andrew Komarov, chief intelligence office at security firm InfoArmor. He told NYT that three buyers, including two prominent spammers and another who might be involved in espionage tactics purchased the entire database at the aforementioned price from a hacker group believed to based in Eastern Europe. It’s lovely to know that it only costs $300, 000 to be able to threaten a billion people’s online existence — which means each account is only worth $0.0003 to hackers who can ruin your life online in a matter of minutes. Yahoo also doesn’t yet know who made off with all the data from the attack in 2013, which is said to be the largest breach of any company ever. Read more of this story at Slashdot.
Read More:
Yahoo’s Billion-User Database Reportedly Sold On the Dark Web for Just $300,000 – NYT
An anonymous reader writes: Swedish hardware hacker Ulf Frisk has created a device that can extract Mac FileVault2 (Apple’s disk encryption utility) passwords from a device’s memory before macOS boots and anti-DMA protections kick in. The extracted passwords are in cleartext, and they also double as the macOS logon passwords. The attack requires physical access, but it takes less than 30 seconds to carry out. A special device is needed, which runs custom software (available on GitHub), and uses hardware parts that cost around $300. Apple fixed the attack in macOS 10.12.2. The device is similar to what Samy Kamker created with Poison Tap. Read more of this story at Slashdot.
Continue Reading:
A $300 Device Can Steal Mac FileVault2 Passwords
Did you see that story about a 5-year-old boy and his dying wish to see Santa Claus? Of course you did. The heartbreaking tale has been seen and heard by millions of people around the world . It went viral earlier this week when it was retold by virtually every major news outlet. The only problem? It’s almost certainly fake. Read more…
Continue reading here:
That Story About a Boy Dying In Santa’s Arms Is Totally Fake
Microsoft will start bundling drivers with Windows Store games to improve the performance of the game once downloaded. A report on Thurrott adds: This will work by the game download trigging Windows Update to acquire the minimum driver requirements to make sure that application works as intended. This may perturb some users who like having complete control over the driver updates for their hardware as this auto-download mechanism will overwrite the existing installation of the driver. Of course, you can still roll-back the update but hopefully Microsoft gives us a way to stop the auto-download of the driver via the Windows Store when this feature arrives. Read more of this story at Slashdot.
Excerpt from:
Microsoft Will Soon Start Bundling Drivers With Windows Store Games
An anonymous reader writes: To protect Tor users from FBI hacking tools that include all sorts of Firefox zero-days, the Tor Project started working on a sandboxed version of the Tor Browser in September. Over the weekend, the Tor Project released the first alpha version of the sandboxed Tor Browser. “Currently, this version is in an early alpha stage, and only available for Linux, ” reports BleepingComputer. “There are also no binaries available, and users must compile it themselves from the source code, which they can grab from here.” The report notes: “Sandboxing is a security mechanism employed to separate running processes. In computer security, sandboxing an application means separating its process from the OS, so vulnerabilities in that app can’t be leveraged to extend access to the underlying operating system. This is because the sandboxed application works with its own separate portion of disk and memory that isn’t linked with the OS.” Read more of this story at Slashdot.
Originally posted here:
First Version of Sandboxed Tor Browser Available
An anonymous reader quotes a report from Space.com: For several decades now, scientists from around the world have been pursuing a ridiculously ambitious goal: They hope to develop a nuclear fusion reactor that would generate energy in the same manner as the sun and other stars, but down here on Earth. Incorporated into terrestrial power plants, this “star in a jar” technology would essentially provide Earth with limitless clean energy, forever. And according to new reports out of Europe this week, we just took another big step toward making it happen. In a study published in the latest edition of the journal Nature Communications, researchers confirmed that Germany’s Wendelstein 7-X (W7-X) fusion energy device is on track and working as planned. The space-age system, known as a stellerator, generated its first batch of hydrogen plasma when it was first fired up earlier this year. The new tests basically give scientists the green light to proceed to the next stage of the process. It works like this: Unlike a traditional fission reactor, which splits atoms of heavy elements to generate energy, a fusion reactor works by fusing the nuclei of lighter atoms into heavier atoms. The process releases massive amounts of energy and produces no radioactive waste. The “fuel” used in a fusion reactor is simple hydrogen, which can be extracted from water. The W7-X device confines the plasma within magnetic fields generated by superconducting coils cooled down to near absolute zero. The plasma — at temperatures upwards of 80 million degrees Celsius — never comes into contact with the walls of the containment chamber. Neat trick, that. David Gates, principal research physicist for the advanced projects division of PPPL, leads the agency’s collaborative efforts in regard to the W7-X project. In an email exchange from his offices at Princeton, Gates said the latest tests verify that the W7-X magnetic “cage” is working as planned. “This lays the groundwork for the exciting high-performance plasma operations expected in the near future, ” Gates said. Read more of this story at Slashdot.
Read More:
‘Star In a Jar’ Fusion Reactor Works, Promises Infinite Energy
An anonymous reader writes from a report via BleepingComputer: The security protocol that governs how virtual machines share data on a host system powered by AMD Zen processors has been found to be insecure, at least in theory, according to two German researchers. The technology, called Secure Encrypted Virtualization (SEV), is designed to encrypt parts of the memory shared by different virtual machines on cloud servers. AMD, who plans to ship SEV with its upcoming line of Zen processors, has published the technical documentation for the SEV technology this past April. The German researchers have analyzed the design of SEV, using this public documentation, and said they managed to identify three attack channels, which work, at least in theory. [In a technical paper released over the past weekend, the researchers described their attacks:] “We show how a malicious hypervisor can force the guest to perform arbitrary read and write operations on protected memory. We describe how to completely disable any SEV memory protection configured by the tenant. We implement a replay attack that uses captured login data to gain access to the target system by solely exploiting resource management features of a hypervisor.” AMD is scheduled to ship SEV with the Zen processor line in the first quarter of 2017. Read more of this story at Slashdot.
Read More:
Researchers Point Out ‘Theoretical’ Security Flaws In AMD’s Upcoming Zen CPU
Good news, everyone: Biologists have discovered a species of marine worm that, when still in its larval stage, is nothing more than an algae-gobbling, disembodied head. Read more…
Read More:
Horrifying Worm Larva Is Basically a Disembodied Head
The tail of a beautiful, feathered dinosaur has been found perfectly preserved in amber from Myanmar. It is a huge breakthrough that could help open a new window on the biology of a group that dominated Earth for more than 160 million years. From a report on the National Geographic: The semitranslucent mid-Cretaceous amber sample, roughly the size and shape of a dried apricot, captures one of the earliest moments of differentiation between the feathers of birds of flight and the feathers of dinosaurs. Inside the lump of resin is a 1.4-inch appendage covered in delicate feathers, described as chestnut brown with a pale or white underside. CT scans and microscopic analysis of the sample revealed eight vertebrae from the middle or end of a long, thin tail that may have been originally made up of more than 25 vertebrae. NPR has a story on how this amber was found. An excerpt from it reads: In 2015, Lida Xing was visiting a market in northern Myanmar when a salesman brought out a piece of amber about the size of a pink rubber eraser. Inside, he could see a couple of ancient ants and a fuzzy brown tuft that the salesman said was a plant. As soon as Xing saw it, he knew it wasn’t a plant. It was the delicate, feathered tail of a tiny dinosaur. Read more of this story at Slashdot.
Read More:
First Dinosaur Tail Found Preserved in Amber