dstates (629350) writes "A team of researchers at the University of Michigan has realeased Zmap, a tool that allows an ordinary server to scan every address on the Internet in just 45 minutes. This is a task that used to take months, but now is accessible to anyone with a fast internet connection. In their announcement Friday, at the Usenix security conference in Washington they provide interesting examples tracking HTTPS deployment over time, the effects of Hurricane Sandy on Internet infrastructure, but also rapid identification of vulnerable hosts for security exploits. As Washington Post Blog discussing the work shows examples of the rate with which of computers on the Internet have been patched to fix Universal Plug and Play, “Debian weak key” and “factorable RSA keys” vulnerabilities. Unfortunately, in each case it takes years to deploy patches and in the case of UPnP devices, they found 2.56 million (16.7 percent) devices on the Internet and not yet upgraded years after the vulnerability had been described. Zero day exploits just became zero hour." Link to Original Source top
dstates (629350) writes "For most of Friday, police and firefighters in Detroit were forced to operate without their usual dispatch radio when the emergency dispatch system failed. The radio system used for communication between 911 dispatchers and Detroit's police, fire and EMS crews went down around 5:30 a.m. Friday morning, causing a backlog of hundreds of calls and putting public safety at risk. Michigan State Police allowed Detroit's emergency system to use the state's communication towers, but access was restricted to top priority calls out of fear of overloading the State system.
More than 60 priority 1 calls and more than 170 non-emergency calls were backed up. With no dispatch to communicate if something went wrong and backup was needed, police were forced to send officers out in pairs for safety concerns on priority 1 calls.
Detroit’s new police chief, James Craig, says he's "appalled" that a redundant system did not kick in. The outage occurred only days after Craig took office. The $131 million dollar Motorola system was installed in 2005 amid controversy over its funding. Spokesmen for Motorola said parts of the system were regularly maintained but acknowledged that backup systems had not been tested in the past two years. They said the problem was a hardware glitch in the link between dispatch and the individual radios. As of 9 p.m. Friday Motorola spokesman said that the system was stable and that the company would continue troubleshooting next week." Link to Original Source top
Massive security breech at US Federal Government contractors site
dstates (629350) writes "SAM (Systems for Awards Management) is a financial management system that the US government requires all contractors and grantees to use. This system has recently been rolled out to replace the older CCR system. Last night, thousands of SAM users received the following message:
"Dear SAM user
The General Services Administration (GSA) recently has identified a security vulnerability in the System for Award Management (SAM), which is part of the cross-government Integrated Award Environment (IAE) managed by GSA. Registered SAM users with entity administrator rights and delegated entity registration rights had the ability to view any entity’s registration information, including both public and non-public data at all sensitivity levels."
From March 8 to 10, any registered user who searched the system could view confidential information including account and social security numbers for any other user of the system. Oops! The Government Services administration says that they have fixed the problem, but this is a serious black eye for the Fed." Link to Original Source top
dstates (629350) writes "ProPublica, the award winning public interest journalism group and frequently cited Slashdot source has published an interesting guide to app technology for journalism and a set of data and style guides. Journalism presents unique challenges with potentially enormous but highly variable site traffic, the need to serve a wide variety of information, and most importantly, the need to quickly develop and vet interesting content, and ProPublica serves lots of data sets in addition to the news. They are also doing some cool stuff like using AI to generate specific narratives from tens of thousands of database entries illustrating how school districts and states often don't distribute educational opportunities to rich and poor kids equally. The ProPublica team focuses on some basic practical issues for building a team, rapidly and flexibly deploying technology and insuring that what they serve is correct. A great news app developer needs three key skills, the ability to do journalism, design acumen and the ability to write code quickly, and the last is the easiest to teach. To build a team they look to their own staff rather than competing with Google for CS grads. Most news organizations use either Ruby on Rails or Python/Django, but more important than which specific technology you choose, pick a server-side programming language and stick to it. Cloud hosting provides news organizations with incredible flexibility (like how do you increase your capacity ten fold for a few days around the election and then scale back the day after), but they're not as fast as real servers, and cloud costs can scale quickly relative to real servers. Maybe a news app is not the most massive"big data" application out there, but where else can you find the challenge of millions of users checking in several times a day for the latest news, and all you need to do is sort out which of your many and conflicting sources are providing you with straight information? Oh, and if you screw up, it will be very public." Link to Original Source top
The new HIPAA rules also greatly strengthen patient privacy, the ability of patients to control who sees their medical information, and increases the penalties for leaking medical records information. “Much has changed in health care since HIPAA was enacted over fifteen years ago,” said HHS Secretary Kathleen Sebelius. “The new rule will help protect patient privacy and safeguard patients’ health information in an ever expanding digital age.”" Link to Original Source top
Cool Technology - Smart ice cubes tell you when you have had enough
dstates (629350) writes "In just 6 weeks an MIT researcher created smart ice cubes that monitor your drinking. After an alcohol induced blackout motivated a bit of introspection, Dhairya Dand pulled together a coin cell battery, an ATtiny microcontroller, and an IR transceiver molded into gelatin to create self-aware glowing ice-cubes. The cubes glow and beat to the ambient music, but more importantly, they know how fast and how much you are drinking, and they change color from green to orange to finally red as you reach your safe limit. If things go too far, the ice cubes can connect to your smartphone and send a text message for a friend come get you. Of course, you have to remember not to swallow them. Interesting implications for addressing the input side of dieting, weight loss and moderation." Link to Original Source top
Hacked review system leads to fake reviews and retraction of scientific papers
dstates (629350) writes "The FCC is considering one of the biggest regulatory changes in decades: allowing a newly available chunk of wireless spectrum to be leased by different users at different times and places, rather than being auctioned off to one high bidder. The plan is to open a new WiFi with spectrum in the 3.550 to 3.650 gigahertz band now used by radar systems. Under the proposed rule to be voted on Wednesday, users could reserve pieces of that spectrum in different regions and at different time managed by a central database. Spectrum sharing is a dramatic change with a potential to make bandwidth accessible to many users. The plan has met with mixed reviews from the cellular carriers." Link to Original Source top
Google avoids billions in taxes using Bermuda shell companies
dstates (629350) writes "Bloomberg reports that Google is using Bermuda shell companies to avoid paying billions of dollars in taxes world wide. By routing payments and recording profits in zero tax havens, multinational companies have been avoiding double digit corporate taxes in the US and Europe. Congressional hearings were held in July on the destructive consequences of off shoring profits. Why aren't the US and Europe exerting more diplomatic pressure on these tax havens that are effectively stealing from the US and European treasuries by allowing profits that did not result from activities in Bermuda or the Cayman Islands to be recorded as occurring there?" Link to Original Source top
dstates (629350) writes "Apple plans to double the fuel cell generating capacity at its North Carolina data center. Ebay also has a fuel cell powered data center. Fuel cell powered data centers could ultimately become buffers for the power grid relying on the grid mainly for backup power and even selling excess power back to the utilities. Fuel cells offer high efficiency and avoid the ~7% transmission losses for long distance electrical transmission lines, and importantly for data centers, local generation is not susceptible to all the disruptions of the power grid." Link to Original Source top
1 million apps, 25 billion downloads, but is the App Store destroying Apple?
dstates (629350) writes "Apple built tremendous customer loyalty based on a simple pact, “Buy our stuff, and it will do what you want it to without invading your life”. I.e., we won’t push advertising at you, we won’t push buggy half-baked illogical software at you, and we won’t use our stuff to invade your privacy or sell your data to the highest bidder. Increasingly, the user experience is dominated by third party apps, but these apps do not live up to the quality and design standards Apple has traditionally set for its own products. Apple just passed 1 million app approvals and 25 billion app downloads. Assuming 200 million iPhones have been sold, that comes to something like 125 app downloads per phone. The result of this deluge is a user experience fail. Free downloads dominate paid apps, but more and more freeware is laden with advertising and pushes to upgrade to paid versions. "In app purchases" has become a closely followed metric. I.e. the “without invading your life” part of the deal never really made it to the apps where users now spend the vast majority of their time. Reliability is also suffering. Many apps are buggy, including Apple’s, and even iCloud has crashed repeatedly in recent days. Bottom line, the App Store is destroying Apple’s core value proposition." Link to Original Source top
GM brings IT dev back in house - self driving Caddy in the works
dstates (629350) writes "The human body is a complex system, and the bacteria in our gut modifies the way we process food. Taking antibiotics early in life changes which bacteria we carry and appears to increase lifetime risk of obesity. For many years, antibiotics have been added to animal feed to increase weight gain in farm animals. Looks like the same thing happens to us." Link to Original Source top
Are teachers headed for obsolescence: OLPC children teach themselves
dstates (629350) writes "One Laptop Per Child reports encouraging results of a bold experiment to reach the millions of students worldwide who have no access to primary school. OLPC delivered tablets to two Ethiopian villages in unmarked boxes without instructions or instructors. Within minutes the kids were opening the boxes and figuring out how to use the Motorola Zoom tablets, within days they were playing alphabet songs and withing a few months how to hack the user interface to enable blocked camera functionality. With the Kahn Academy and others at the high school level and massive open online courses at the college level, the teaching profession is under assault as never before." Link to Original Source top
dstates (629350) writes "The Wall Street Journal reports that Google is in a legal fight with the FBI over access to passwords that will unlock the data on a cell phone. Earlier this year Google refused to unlock an alleged pimp's Android cellphone even after the Federal Bureau of Investigation obtained a search warrant. The problem is that the FBI may have a warrant for a very specific piece of information, but once they have unrestricted access to a person's smartphone, they have access to information about vast swaths of the individual's life. Apple has taken a different strategy burning a unique encryption key into the silicon of each iPhone which neither Apple nor its suppliers retain. As a result, once someone makes 10 unsuccessful unlock attempts on an iPhone, the data is irretrievably gone." Link to Original Source top
dstates (629350) writes "An industry has grown up around patents guaranteeing exclusive access to testing of mutations in specific genes, but recently the Supreme Court rejected a biotechnology patent saying laws of nature cannot be patented, and threw the issue of patents on genes back to the lower courts. The Court of Appeals is now preparing to hear arguments on whether genes can be patented. The results will have major implications. On the one hand, restricting access to whole regions of the human genome will stifle scientific progress. On the other, companies like Myriad Genetics and Optimal Medicine use the patents to protect years of work invested in research, but this also means preventing other companies from offering diagnostics based on competing faster and lower cost technologies to analyze mutations in these genes." Link to Original Source top
Solar Storm Coming but NASA and NOAA Disagree on How Severe It Will Be
dstates (629350) writes "A strong solar storm eruption on July 12, 2012, resulted in a large solar flare, and a wave of plasma stoked by this X-class solar flare, the most intense type, is headed towards Earth. This blast of charged particles, known as a coronal mass ejection (CME), is forecast to ignite a geomagnetic storm on Earth over the weekend. Unfortunately, the two main Federal agencies responsible for monitoring and predicting the consequences of such an event cannot agree on how big an impact the storm will have on earth. NOAA predicts it will be minor, maybe moderate. NASA says it will be moderate to severe. The intensity of the storm matters. If NOAA’s right, and the storm is minor, people living at high latitudes could be treated to some brilliant auroras over the weekend, but otherwise no big deal. If NASA’s right, and the geomagnetic storm is strong to severe, Earth-orbiting satellites could get disoriented and the electrical grid could experience widespread voltage control problems among other issues. I guess we will see soon who is right!" Link to Original Source top
Sign the White House petition for open access to research
dstates (629350) writes "You paid for it, you should be able to read the results of publicly funded research. The National Institutes of Health have had a very successful open access mandate requiring that the results of federally funded biomedical research be published in open access journals. Now there is a White House petition to broaden this mandate. This is a jobs issue. Startups and midsize business need access to federally funded technology research. It is a health care issue, patients and community health providers need access, not a few scientists in well funded research institutes, and even wealthy institutions like Harvard are finding the prices of proprietary journals unsustainable." Link to Original Source top
dstates (629350) writes "Technology Review reports a chilling demonstration at the RSA security conference in which George Kurtz and colleagues from security startup CrowdStrike showed on stage that a real, unmodified Android phone could be hacked by a single web click. Kurtz, acted as a busy user who received a text message asking him to download an update to his phone's software. When he clicked on the link in that message, the phone's browser crashed and the device rebooted. Once restarted, the device appeared unchanged, but a silent, malicious app had been installed that relayed all his phone calls and text messages to the attacker, who could also track his location on a map. The bugs exploited are present in the distributions used by 90% of Android users worldwide." Link to Original Source