Earth

Global Carbon Dioxide Levels Reach New Monthly Record 155

Posted by samzenpus
from the it's-getting-hot-in-here dept.
mrflash818 writes: For the first time since we began tracking carbon dioxide in the global atmosphere, the monthly global average concentration of carbon dioxide gas surpassed 400 parts per million in March 2015, according to NOAA's latest results. “It was only a matter of time that we would average 400 parts per million globally,” said Pieter Tans, lead scientist of NOAA’s Global Greenhouse Gas Reference Network. “We first reported 400 ppm when all of our Arctic sites reached that value in the spring of 2012. In 2013 the record at NOAA’s Mauna Loa Observatory first crossed the 400 ppm threshold. Reaching 400 parts per million as a global average is a significant milestone."
Security

Researcher: Drug Infusion Pump Is the "Least Secure IP Device" He's Ever Seen 58

Posted by samzenpus
from the bottom-of-the-barrel dept.
chicksdaddy writes: This is a bad month for the medical equipment maker Hospira. First, security researcher Billy Rios finds a raft of serious and remotely exploitable holes in the company's MedNet software, prompting a vulnerability alert from ICS CERT. Now, one month later, ICS CERT is again warning of a "10 out of 10" critical vulnerability, this time in Hospira's LifeCare PCA drug infusion pump. The problem? According to this report by Security Ledger the main problem was an almost total lack of security controls on the device. According to independent researcher Jeremy Williams, the PCA pump listens on Telnet port 23. Connecting to the device via Telnet, he was brought immediately to a root shell account that gave him total, administrator level access to the pump without authentication. "The only thing I needed to get in was an interest in the pump," he said. Richards found other examples of loose security on the PCA 3: a FTP server that could be accessed without authentication and an embedded web server that runs Common Gateway Interface (CGI). That could allow an attacker to tamper with the pump's operation using fairly simple scripts. Also: The PCA pump stores wireless keys used to connect to the local (medical device) wireless network in plain text on the device. That means anyone with physical access to the Pump (which has an ethernet port) could gain access to the local medical device network and other devices on it. The problems prompted Richards to call the PCA 3 pump "the least secure IP enabled device" he has ever worked with.
Network

The Ambitions and Challenges of Mesh Networks and the Local Internet Movement 54

Posted by Soulskill
from the net-positives-and-net-negatives dept.
Lashdots writes: Two artists in New York are hatching a plan to teach kids about the internet by building their own. They'll be creating a small, decentralized network, similar to a mesh network, to access other computers, and they'll be developing their own simple social network to communicate with other people. It's part of a growing movement to supplement the Internet with resilient, local alternatives. "And yet, while the decentralized, ad hoc network architecture appeals philosophically to tech-savvy users fed up with monopolistic ISPs, nobody’s found a way to make mesh networks work easily and efficiently enough to replace home Internet connections. Built more for resiliency than for speed, each participating router must continuously search for the best paths to far-flung machines. For now, that makes them of limited interest to many ordinary consumers who simply want to check their email and watch movies."
Portables

Ask Slashdot: Most Chromebook-Like Unofficial ChromeOS Experience? 91

Posted by Soulskill
from the get-your-company-to-pay-for-it-wink-wink dept.
An anonymous reader writes: I am interested in Chromebooks, for the reasons that Google successfully pushes them: my carry-around laptops serve mostly as terminals, rather than CPU-heavy workhorses, and for the most part the whole reason I'm on my computer is to do something that requires a network connection anyhow. My email is Gmail, and without particularly endorsing any one element, I've moved a lot of things to online services like DropBox. (Some offline capabilities are nice, but since actual Chromebooks have been slowly gaining offline stuff, and theoretically will gain a lot more of that, soon, I no longer worry much about a machine being "useless" if the upstream connection happens to be broken or absent. It would just be useless in the same way my conventional desktop machine would be.) I have some decent but not high-end laptops (Core i3, 2GB-4GB of RAM) that I'd enjoy repurposing as Chromebooks without pedigree: they'd fall somewhat short of the high-end Pixel, but at no out-of-pocket expense for me unless I spring for some cheap SSDs, which I might.

So: how would you go about making a Chromebook-like laptop? Yes, I could just install any Linux distro, and then restrain myself from installing most apps other than a browser and a few utilities, but that's not quite the same; ChromeOS is nicely polished, and very pared down; it also seems to do well with low-memory systems (lots of the current models have just 2GB, which brings many Linux distros to a disk-swapping crawl), and starts up nicely quick.

It looks like the most "authentic" thing would be to dive into building Chromium OS (which looks like a fun hobby), but I'd like to find something more like Cr OS — only Cr OS hasn't been updated in quite a while. Perhaps some other browser-centric pared-down Linux would work as well. How would you build a system? And should I go ahead and order some low-end 16GB SSDs, which I now see from online vendors for less than $25?
Twitter

Twitter Stops Users From Playing DOS Games Inside Tweets 54

Posted by Soulskill
from the no-fun-allowed dept.
jones_supa writes: Twitter has killed off an interesting trend of playing DOS games in tweets. Last week, users discovered they could use the new "Twitter Cards" embedding feature to bundle full DOS games within tweets. Running DOSBox inside the web browser is possible thanks to an Emscripten port of DOSBox called Em-DOSBox. The games were pulled from Internet Archive's collection of 2,600 classic titles, many of which still lack proper republishing agreements with the copyright holder. So, is embedding games within Twitter Cards, against the social network's terms of service? Either way, Twitter has now blocked such activity, likely after seeing the various news reports and a stream of Street Fighter II, Wolfenstein 3D and Zool cheering up people's timelines.
Microsoft

Microsoft: No More 'Patch Tuesday' For Windows 10 Home Users 137

Posted by Soulskill
from the no-more-patchy-coverage dept.
citpyrc writes: According to the Register, Microsoft is making some changes to how it rolls out updates in Windows 10. Home users will receive updates as they come out, rather than queueing them all up on "patch Tuesday." Business users will have the option to set their own update cycle, so they can see if any of the patches accidentally break anything for home users before trying them out. There will also be an optional peer-to-peer updating mechanism for Windows 10. Microsoft announced a service called Advanced Threat Analytics, which employs various machine learning techniques to identify malware on a network. As a premium service, top-dollar customers can pay for Microsoft to monitor black-hat forums and alert the company if any of its employees' identities are stolen.
Security

Maritime Cybersecurity Firm: 37% of Microsoft Servers On Ships Are Vulnerable 51

Posted by samzenpus
from the protect-ya-neck dept.
colinneagle writes: A report from maritime cybersecurity firm CyberKeel claims that spot checks at 50 different maritime sites revealed that 37% of the servers running Microsoft were still vulnerable because they had not been patched. But what's most interesting is what happens when hackers can breach security in shipping environments, including one case in which "drug gangs were able to smuggle entire container loads of cocaine through Antwerp, one of Belgium's largest ports, after its hackers breached the port's IT network," said Rear Adm. Marshall Lytle, assistant commandant responsible for USCG Cyber Command.
Communications

WikiLeaks' Anonymous Leak Submission System Is Back After Nearly 5 Years 26

Posted by timothy
from the drop-'em-a-line dept.
Sparrowvsrevolution writes: On Friday, WikiLeaks announced that it has finally relaunched a beta version of its leak submission system after a 4.5 year hiatus. That file-upload site, which once served as a central tool in WIkiLeaks' leak-collecting mission, runs on the anonymity software Tor to allow uploaders to share documents and tips while protecting their identity from any network eavesdropper, and even from WikiLeaks itself. In 2010 the original submission system went down amid infighting between WikiLeaks' leaders and several of its disenchanted staffers, including several who left to create their own soon-to-fail project called OpenLeaks. WikiLeaks founder Julian Assange says that the new system, which was delayed by his legal troubles and the banking industry blockade against the group, is the final result of "four competing research projects" WikiLeaks launched in recent years. He adds that it has several less-visible submission systems in addition to the one it's now revealed. "Currently, we have one public-facing and several private-facing submission systems in operation, cryptographically, operationally and legally secured with national security sourcing in mind," Assange writes.
Facebook

Facebook Wants to Skip the Off-Site Links, Host News Content Directly 51

Posted by timothy
from the a-few-seconds-a-few-seconds-there dept.
The Wall Street Journal, in a report also cited by The Next Web and others, reports that Facebook is to soon begin acting not just as a conduit for news links pasted onto users' timelines (and leading to articles hosted elsewhere) but also as a host for the articles themselves. From the WSJ article: To woo publishers, Facebook is offering to change its traditional revenue-sharing model. In one of the models under consideration, publishers would keep all of the revenue from ads they sell on Facebook-hosted news sites, the people familiar with the matter said. If Facebook sells the advertisement, it would keep roughly 30% of the revenue, as it does in many other cases. Another motivation for Facebook to give up some revenue: It hopes the faster-loading content will encourage users to spend more time on its network. It is unclear what format the ads might take, or if publishers will be able to place or measure the ads they sell within Facebook. It seems likely Facebook would want publishers to use its own advertising-technology products, such as Atlas and LiveRail, as opposed to those offered by rivals such as Google Inc.
AI

Microsoft's AI Judges Age From Snapshots, With Mixed Results 80

Posted by timothy
from the are-humans-all-that-much-better? dept.
mikejuk writes: A Microsoft Research project that lets users upload photos and estimates their age and gender has attracted more attention than expected — not all of it complimentary. The How-Old.net site demonstrates of some of the capabilities of the Face API included in Microsoft's Project Oxford that was announced at Build. It may have been expected to be a source of amusement but instead it backfired when people started to upload their own photos and discovered just how wrong its estimates could be. It demonstrates not only that machine learning has a long way to go before it's good at estimating age, but also that machine learning may not be the most politically correct way to go about answering the question 'How Old Do I look'. It might be better to employ and algorithm that built in all the rules of how to make a polite answer to that request — such as always knock a decade off the age of anyone over 28. Perhaps this particular neural network needs to learn some social skills before pronouncing how old people look. However it is capable of telling some truths — a photo of Barak Obama in 2005 gives an estimated age of 46, close to his real age of 44, but just 9 years later in 2014 the age guessing robot places him at 65. It seems that Mr President aged 20 years in less than 10 years of office.
Communications

The Pioneer Who Invented the Weather Forecast 33

Posted by timothy
from the kept-it-hidden-in-his-conestoga dept.
HughPickens.com writes: Peter Moore has a fascinating article on BBC about how Admiral Robert FitzRoy, the man who invented the weather forecast in the 1860s faced skepticism and even mockery in his time but whose vision of a public forecasting service, funded by government for the benefit of all, is fundamental to our way of life. Chiefly remembered today as Charles Darwin's taciturn captain on HMS Beagle, during the famous circumnavigation in the 1830s, in his lifetime FitzRoy found celebrity from his pioneering daily weather predictions, which he called by a new name of his own invention — "forecasts". There was no such thing as a weather forecast in 1854 when FitzRoy established what would later be called the Met Office. With no forecasts, fishermen, farmers and others who worked in the open had to rely on weather wisdom — the appearance of clouds or the behavior of animals — to tell them what was coming as the belief persisted among many that weather was completely chaotic. But FitzRoy was troubled by the massive loss of life at sea around the coasts of Victorian Britain where from 1855 to 1860, 7,402 ships were wrecked off the coasts with a total of 7,201 lost lives. With the telegraph network expanding quickly, FitzRoy was able to start gathering real-time weather data from the coasts at his London office. If he thought a storm was imminent, he could telegraph a port where a drum was raised in the harbor. It was, he said, "a race to warn the outpost before the gale reaches them".

For FitzRoy the forecasts were a by-product of his storm warnings. As he was analyzing atmospheric data anyway, he reasoned that he might as well forward his conclusions — fine, fair, rainy or stormy — on to the newspapers for publication. "Prophecies and predictions they are not," he wrote, "the term forecast is strictly applicable to such an opinion as is the result of scientific combination and calculation." The forecasts soon became a quirk of this brave new Victorian society. FitzRoy's forecasts had a particular appeal for the horseracing classes who used the predictions to help them pick their outfits or lay their bets.

But FitzRoy soon faced serious difficulties. Some politicians complained about the cost of the telegraphing back and forth. The response to FitzRoy's work was the beginning of an attitude that we reserve for our weather forecasters today. The papers enjoyed nothing more than conflating the role of the forecaster with that of God and the scientific community were skeptical of his methods. While the majority of fishermen were supportive, others begrudged a day's lost catch to a mistaken signal. FitzRoy retired from his west London home to Norwood, south of the capital, for a period of rest but he struggled to recover and on 30 April 1865 FitzRoy cut his throat at his residence, Lyndhurst-house, Norwood, on Sunday morning. "In time, the revolutionary nature of FitzRoy's work would be recognised," says Moore. "FitzRoy's vision of a weather-prediction service funded by government for the benefit of its citizens would not die. In 1871, the United States would start issuing its own weather "probabilities", and by the end of the decade what was now being called the Met Office would resume its own forecasts in Britain."
The Internet

Comcast Brings Fiber To City That It Sued 7 Years Ago To Stop Fiber Rollout 182

Posted by samzenpus
from the imitation-is-the-sincerest-form-of-flattery dept.
An anonymous reader writes with the latest update in Comcast's "if you can't beat them, join them" fiber plan. In April 2008, Comcast sued the Chattanooga Electric Power Board (EPB) to prevent it from building a fiber network to serve residents who were getting slow speeds from the incumbent cable provider. Comcast claimed that EPB illegally subsidized the buildout with ratepayer funds, but it quickly lost in court, and EPB built its fiber network and began offering Internet, TV, and phone service. After EPB launched in 2009, incumbents Comcast and AT&T finally started upgrading their services, EPB officials told Ars when we interviewed them in 2013. But not until this year has Comcast had an Internet offering that can match or beat EPB's $70 gigabit service. Comcast announced its 2Gbps fiber-to-the-home service on April 2, launching first in Atlanta, then in cities in Florida and California, and now in Chattanooga, Tennessee.
Transportation

Massachusetts Governor Introduces Bill To Regulate Uber, Lyft 192

Posted by Soulskill
from the enjoy-your-medallions dept.
jfruh writes: The "wild west" days of ridesharing services may be coming to an end. The governor of Massachusetts has proposed a bill that would regulate Uber, Lyft, and their rivals in the state. Among the new rules: ridesharing services would have to run background checks on their drivers and keep a roster of active drivers; vehicles would need to have some external marker indicating that they're a ridesharing car; and drivers would need to hold at $1 million worth of insurance when transporting passengers.
Google

Google Insiders Talk About Why Google+ Failed 359

Posted by samzenpus
from the here's-what-happened dept.
An anonymous reader writes in with this story about what happened to Google+ from an employee perspective. "Last month, Google announced that it's changing up its strategy with Google+. In a sense, it's giving up on pitching Google+ as a social network aimed at competing with Facebook. Instead, Google+ will become two separate pieces: Photos and Streams. This didn't come as a surprise — Google+ never really caught on the same way social networks like Facebook, Twitter, or LinkedIn did....Rumors have been swirling for months that Google would change its direction with Google+. Business Insider spoke with a few insiders about what happened to the network that Google believed would change the way people share their lives online. Google+ was really important to Larry Page, too — one person said he was personally involved and wanted to get the whole company behind it. The main problem with Google+, one former Googler says, is the company tried to make it too much like Facebook. Another former Googler agrees, saying the company was 'late to market' and motivated from 'a competitive standpoint.'"
Piracy

Pirate Bay Blockade Censors CloudFlare Customers 160

Posted by timothy
from the broad-brush-swung-wildly dept.
An anonymous reader writes: The blockade of the Pirate Bay by UK ISPs is causing trouble for CloudFlare customers. Several websites have been inadvertently blocked by Sky because a Pirate Bay proxy is hosted behind the same IP-addresses. In a response, CloudFlare threatened to disconnect the proxy site from its network. Like any form of censorship web blockades can sometime lead to overblocking, targeting perfectly legitimate websites by mistake. This is also happening in the UK where Sky's blocking technology is inadvertently blocking sites that have nothing to do with piracy.
Cellphones

Patents Show Google Fi Was Envisioned Before the iPhone Was Released 31

Posted by timothy
from the I-could-show-you-my-notes-from-7th-grade dept.
smaxp writes: Contrary to reports, Google didn't become a mobile carrier with the introduction of Google Fi. Google Fi was launched to prove that a network-of-networks serves smartphone users better than a single mobile carrier's network. Patents related to Google Fi, filed in early 2007, explain Google's vision – smartphones negotiate for and connect to the fastest network available. The patent and Google Fi share a common notion that the smartphone should connect to the fastest network available, not a single carrier's network that may not provide the best performance. It breaks the exclusive relationship between a smartphone and a single carrier. Meanwhile, a story at BostInno points out that Google's not the only one with a network-hopping hybrid approach to phone calls.
Games

How and Why the U-Pick Game Marathon Raises Money With Non-Stop Gaming (Video) 34

Posted by timothy
from the don't-tase-me-bro-it's-only-a-game dept.
On June 12 through 14th of this year, the fourth (not "fourth annual," but close) iteration of the U-Pick Video Game Marathon for Charity --“UPickVG IV” for short --will be streaming on an Internet connection near you. The U-Pick crew's volunteers will be playing and broadcasting video games, non-stop, as a fundraiser for Charity Water, a cause they've supported since the beginning. I talked with organizers Stephanie and Grant Kibler from their video-game lounge of a living room about what it takes to broadcast an online gathering like this, and why they've adopted this as an annual event. Hint: some esoteric video-capture hardware helps, and so does a beefy network connection, for high-quality streaming of games that pre-date today's multiplayer, network-oriented options. That's significant, because U-Pick's stable of titles isn't limited to modern ones, and observers are encouraged to suggest appropriate games (hence "U-Pick").The remote viewers' choices and donations influence the event by deciding which games are represented on the Wheel of Destiny that the team spins to decide which games get played.The play itself, though,*is* limited to the players who'll be on hand at a Northern Virginia co-working space that will serve as this year's venue. It turns out to be easier to stream the output of old consoles than it is to control them from remote (never mind the latency that would mean), but maybe one day participants will be able to play as well as shoulder-surf and laugh at the players' running commentary. You can check out the Upick page on Facebook, too, and watch one of their practice runs each Sunday. (Note: Video #1 talks mostly about the game play and how you can join. Video #2 - below - talks more about hardware and behind-the-scenes work.)
Cloud

Amazon's Profits Are Floating On a Cloud (Computing) 83

Posted by Soulskill
from the they're-hoping-the-weather-holds dept.
HughPickens.com writes: The NY Times reports that Amazon unveiled the financial performance of its powerful growth engine for the first time on Thursday, and the numbers looked good, energized primarily by renting processing power to start-ups and, increasingly, established businesses. Amazon said in its first-quarter earnings report that its cloud division, Amazon Web Services, had revenue of $1.57 billion during the first three months of the year. Even though the company often reports losses, the cloud business is generating substantial profits. The company said its operating income from AWS was $265 million.

Amazon helped popularize the field starting in 2006 and largely had commercial cloud computing to itself for years, an enormous advantage in an industry where rivals usually watch one another closely. At the moment, there is no contest: Amazon is dominant and might even be extending its lead. Microsoft ranks a distant No. 2 in cloud computing but hopes to pick up the slack with infrastructure-related services it sells through Azure, the name of its cloud service. Amazon executives have said they expect AWS to eventually rival the company's other businesses in size. The cloud business has been growing at about 40 percent a year, more than twice the rate of the overall company and many Wall Street analysts have been hoping for a spinoff.

As for Google, the cloud was barely mentioned in Google's earnings call. Nor did the search giant offer any cloud numbers, making it impossible to gauge how well it is doing. But the enthusiasm of Eric Schmidt, Google's executive chairman, was manifest when he spoke at an event for cloud software developers this week. "The entire world will be defined by smartphones, Android or Apple, a very fast network, and cloud computing," said Schmidt. "The space is very large, very vast, and no one is covering all of it."
Security

Pentagon Discloses Network Breach By Russian Hackers 64

Posted by Soulskill
from the digital-diplomatic-incident dept.
An anonymous reader writes: The Pentagon has disclosed that Russian hackers were able to breach one of its secure networks earlier this year, and referred to the attack as a "worrisome" incident. "Earlier this year, the sensors that guard DOD's unclassified networks detected Russian hackers accessing one of our networks," said defense secretary Ash Carter yesterday during a speech at Stanford University. Carter warned Russia that the U.S. Department of Defense would retaliate with cyber campaigns should it see fit. "Adversaries should know that our preference for deterrence and our defensive posture don't diminish our willingness to use cyber options if necessary," said Carter. He added in a prepared statement that the Russian hackers had been able to gain access to an "unclassified network" but had been "quickly identified" by a team of cyberattack experts who managed to block the hackers "within 24 hours." The cybersecurity response team had quickly analyzed the hack patterns and code and identified the intruders as Russian, before "kicking them off the network."
Bug

iOS WiFi Bug Allows Remote Reboot of All Devices In Area 117

Posted by timothy
from the wardriving-experiment dept.
New submitter BronsCon writes: A recently disclosed flaw in iOS 8 dubbed "No iOS Zone" allows an attacker to create a WiFi hot spot that will cause iOS devices to become unstable, crash, and reboot, even when in offline mode. Adi Sharabani and Yair Amit of Skycure are working with Apple for a fix; but, for now, the only workaround is to simply not be in range of such a malicious network.