Jump to content

sman

Honorary Members
  • Posts

    2,315
  • Joined

  • Last visited

  • Days Won

    5

Everything posted by sman

  1. Body composting promises a sustainable way of death https://www.sciencemag.org/news/2020/02/body-composting-promises-sustainable-way-death SEATTLE—Death is not environmentally friendly. Cemeteries take up about 500 square kilometers in the United States. Embalming the dead consumes millions of liters of chemicals each year. And cremation takes large amounts of natural gas, producing plentiful greenhouse emissions. So why not take a cue from consumers who recycle their food waste into soil, and do the same to our mortal remains? In May 2019, Washington became the first state to legalize natural organic reduction, or body composting, as an environmentally friendly alternative to existing mortuary options. The law will take effect on 1 May, and by early 2021, Recompose, a Seattle-based company, aims to offer commercial body composting. As a first step, Lynne Carpenter-Boggs, a soil scientist at Washington State University, Pullman, and scientific adviser to Recompose, has conducted a pilot study with six donated bodies to test the process.
  2. A good band and Amy lee the star..
  3. You seem to be besotted with Evanesence, think this video was posted earlier too. Lady Antebellum needs no intro. Super voice reaction.
  4. he was the lead singer of 'Oasis'
  5. Heart doctors 'held back stent death data' https://www.bbc.com/news/health-51539112 Doctors working on a clinical trial for treatment of heart disease held back key data, Newsnight has been told. The Excel trial tested whether stents were as effective as open heart surgery at treating patients with a heart problem called left main disease. The data suggested more people fitted with stents were dying after three years. It was eventually published - but only after treatment guidelines that partly relied on the trial had been written. These guidelines recommend both stents and heart surgery for certain patients with left main disease.
  6. hahaha. then would be interesting to know the movies used?
  7. jerry lee lewis, rock & roller, a good track. and a nice mashup of uptown funk.
  8. Hahahaha. yeah an issue to reckon with, which only the developers can reply to?
  9. Here’s Why Blazing Fast Linux OS Peppermint 10 Just Blew Me Away https://www.forbes.com/sites/jasonevangelho/2019/10/31/heres-why-blazing-fast-linux-os-peppermint-10-just-blew-me-away/#1989f8566d9b I use Peppermint 8 (an older version with chromium browser , wanting a chrome browser instead of FF) Quote - I get a thrill from pushing the limits of hardware. Whether that’s trying (in vain) to stress out a Falcon Northwest Talon with 32GB of RAM and a 12-core AMD Ryzen processor, or seeing what a cheap (roughly $165) little Intel dual-core 2.1GHz laptop with 4GB of RAM can truly handle. When I slapped Windows 10 on the Asus VivoBook E203M it was capable of multi-tasking, albeit with frequent “Not Responding” messages and the enthusiasm of a drunk snail. But when I installed Linux distribution Peppermint OS, it just screamed. I’m going to show you a video recorded from Peppermint OS using SimpleScreenRecorder, and then list out exactly what was running and what that software was doing. Note that the total consumed RAM for all of this was roughly 1.7GB. That’s the same amount Windows 10 was using on this system just browsing the web. . . Here’s what’s going on the above clip: Firefox: YouTube streaming + 3 additional tabs (Twitter, Peppermint OS website, etc) Actively downloading a Linux distro via Bittorrent with Transmission Media app playing a local audio file LibreOffice Writer document open 2 instances of the File Manager open 2 instances of Terminal open Peppermint OS system settings open Wallpaper browser open Peppermint OS Software Store open Plus recording the entire screen at 1366x768 with SimpleScreenRecorder which uses considerable CPU cycles Switching between all these tasks was practically instantaneous; the system didn’t feel weighed down, and in fact was quite responsive. No software hangs, no spinning wait wheels. I suspect I could have doubled the workload, which is an extraordinary feat for such an under-powered dual-core laptop. On second thought, I think I'll just keep using it. . . I’ve only spent a few hours with Peppermint OS. Initially I thought it would be a throwaway test as a quick comparison against Windows 10 on ultra-budget, low-resource laptops. Now I can’t help wondering what it’s capable of on powerful hardware like a System76 Oryx Pro, or that beastly Falcon Northwest Talon.
  10. US pressured Dutch chipmaker firm to block sale to China https://www.freemalaysiatoday.com/category/business/2020/01/06/us-pressured-dutch-chipmaker-firm-to-block-sale-to-china/ WASHINGTON: The Trump administration mounted an extensive campaign to block the sale of Dutch chip manufacturing technology to China, with Secretary of State Mike Pompeo lobbying the Netherlands government and White House officials sharing a classified intelligence report with the country’s prime minister, people familiar with the effort told Reuters. The high-level push, which has not previously been reported, demonstrates the importance the White House places on preventing China from getting hold of a machine required to make the world’s fastest microprocessors. It also shows the challenges facing the US government’s largely unilateral efforts to stem the flow of advanced technology to China. The US. campaign began in 2018, after the Dutch government gave semiconductor equipment company ASML, the global leader in a critical chip-making process known as lithography, a license to sell its most advanced machine to a Chinese customer, two sources familiar with the matter told Reuters. Over the following months, US officials examined whether they could block the sale outright and held at least four rounds of talks with Dutch officials, three sources told Reuters. The effort culminated in the White House on July 18 when Deputy National Security Advisor Charles Kupperman raised the issue with Dutch officials during the visit of Netherlands Prime Minister Mark Rutte, who was given an intelligence report on the potential repercussions of China acquiring ASML’s technology, according to a former U.S. government official familiar with the matter. The pressure appears to have worked. Shortly after the White House visit, the Dutch government decided not to renew ASML’s export license, and the US$150 million machine has not been shipped. Ilse van Oevering, a spokeswoman for Rutte’s office, declined comment, saying the government cannot discuss individual licensing cases. The White House declined to comment. Kupperman did not reply to a request for comment. The delayed shipment was first reported on Nov 6 by the Nikkei Asian Review, but details of the US pressure campaign have not previously been disclosed. ASML said it is still awaiting approval of a new license request and declined further comment. ASML has never publicly disclosed the identity of the Chinese customer, but Nikkei and others have reported that it is Semiconductor Manufacturing International Corp (SMIC), China’s biggest chip-making specialist. SMIC did not reply to a request for a comment.
  11. Linux-Based Windows 12 Lite Is Three Times Faster Than Windows 10 https://www.techworm.net/2020/02/linux-windows-12-lite.html Since its advent in 2015, Windows 10 has been affected by countless problems and bugs. Sadly, the updates meant to fix the flaws in this operating system work the other way round. If you’ve had enough of Windows 10 and wish to switch to a different operating system, then the Linux-based Windows 12 Lite might impress you. A Redditor recently discovered Windows 12 Lite discs being sold at a local computer fair. It is worth noting that Microsoft didn’t officially launch Windows 12 Lite. In fact, Microsoft in no way is associated with this newly discovered operating system. In reality, Windows 12 is a modified version of the Linux Lite 4.8 LTS distro made to look like Windows 10. The developer has used the default Windows 10 wallpaper coupled with custom icons to replicate the look and feel of Windows 10. In addition to the physical store, the developers of Windows 12 Lite have also made a website to showcase the features of their operating system. https://webhouses.co.uk/lite/
  12. U.S. mulls cutting Huawei off from global chip suppliers, with TSMC in crosshairs https://www.reuters.com/article/us-usa-huawei-tech-tsmc/u-s-mulls-cutting-huawei-off-from-global-chip-suppliers-with-tsmc-in-crosshairs-idUSKBN20B1YO?feedType=RSS&feedName=businessNews&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+reuters%2FbusinessNews+%28Business+News%29 WASHINGTON (Reuters) - The Trump administration is considering changing U.S. regulations to allow it to block shipments of chips to Huawei Technologies from companies such as Taiwan’s TSMC (2330.TW), the world’s largest contract chipmaker, two sources familiar with the matter said. New restrictions on commerce with China’s Huawei are among several options to be considered at high-level U.S. meetings this week and next. The chip proposal has been drafted but its approval is far from certain, one of the sources said. The measure would be a blow to the world’s no. 2 smartphone maker as well as to TSMC, a major producer of chips for Huawei’s HiSilicon unit and mobile phone rivals Apple Inc (AAPL.O) and Qualcomm Inc (QCOM.O). “What they’re trying to do is make sure that no chips go to Huawei that they can possibly control,” the second source said.
  13. @Pierre75 Find that thereis reift between UK and Australia over Huawei over a leaked high level meeting where Huawei was also discussed. Huawei row: Australian MPs cancel UK trip amid tensions over leak https://www.bbc.com/news/world-australia-51513886 Senior Australian MPs have cancelled a planned trip to the UK as tensions heighten over the role of Huawei in building Britain's 5G network. Lawmakers from the intelligence and security committee had been expected to travel to the UK next month. But the trip has been postponed amid reports of a diplomatic rift. The decision follows a reported complaint from the UK over leaked details of a high-level meeting where Huawei was discussed. Australia has banned the Chinese telecommunications giant from building its next-generation 5G mobile internet networks but Britain last month decided the company could continue to play a role in its system, despite pressure and warnings from Washington. Last week, UK Foreign Secretary Dominic Raab visited Australia, where he met members of the parliament's intelligence committee. Details of the meeting were later leaked to the Sydney Morning Herald, which said an MP had rebuked Mr Raab in the meeting over Britain's Huawei decision, saying Australia was very disappointed. According to Australian media that report prompted a formal complaint from Vicki Treadell, the UK's High Commissioner to Australia, to the heads of two Australian parliamentary committees. Australia and the UK are both part of the Five Eyes intelligence alliance, which also includes the US, New Zealand and Canada. Huawei dispute with UK escalates as Australian MPs snub Britain by planning US trip https://www.abc.net.au/news/2020-02-16/huawei-decision-in-britain-australian-intelligence-mps-snub-uk/11969680 Members of Federal Parliament's intelligence committee are escalating their feud with the British Government by planning a visit to the United States, instead of a now-cancelled trip to London. The pointed snub is the latest diplomatic flare-up between Australia and the UK after its recent decision to allow Chinese telco Huawei to help build Britain's 5G network. Earlier the ABC revealed UK High Commissioner Vicki Treadell had taken the rare step of writing to the heads of two Australian committees to formally protest against the leaking of confidential conversations about the topic. While Australia was quick to exclude Huawei equipment from its 5G network, several major allies including the UK are not convinced that a ban is warranted. Despite warnings from its "five-eyes" intelligence sharing partners Australia and the United States, the British Government has not banned Huawei technology from its next generation of high-speed wireless networks. China accuses Australia of discriminating against Huawei https://www.theguardian.com/australia-news/2020/feb/17/china-accuses-australia-of-discriminating-against-huawei Chinese ambassador says consumers not being served well by ‘politically motivated’ ban on tech firm’s entry into 5G network
  14. Rebuffed by UK, U.S. pitches 'big tent' for Huawei rivals in Europe https://www.reuters.com/article/us-germany-security-huawei/rebuffed-by-uk-u-s-pitches-big-tent-for-huawei-rivals-in-europe-idUSKBN2090HP One industry executive said the U.S. arguments about alternate suppliers were not new but had been stepped up following a British decision last month to use Huawei equipment, partly due to a lack of alternatives. “If people oppose one brand or another then they have to tell us what is the alternative, right?” British Prime Minister Boris Johnson said ahead of the UK’s decision. “The Americans are frustrated by the weak response from Britain, and worry Germany and France will think the same,” said the industry executive, speaking on condition of anonymity to discuss private conversations with American and European officials. “As they see it, European leaders are not basing their statements on facts.” Huawei: How the UK's decision affects the rest of the world https://www.bbc.com/news/technology-51284393 The UK has decided to let Huawei continue to be used in its growing 5G networks - but with restrictions. The long-awaited decision goes against advice and pressure from the US to block the firm for security reasons. But some industry-watchers believe it will benefit the wider rollout of next-generation mobile data services. "I think it's a pragmatic decision that brings stability and continuity in the 5G ecosystem," commented Stephane Teral from IHS Markit. "Huawei has been investing in the UK and in other countries in Europe including France, Germany, Italy, and Poland since the beginning of this century. A ban would have been disastrous."
  15. [Update: Back] Dashlane password manager extension has been removed from the Chrome Web Store https://9to5google.com/2020/02/11/dashlane-extension-removed-chrome-web-store/ As account security has become more important, having a good cross-platform password manager has become almost essential. Unfortunately, one of the more popular password managers, Dashlane, has had its extension removed from the Chrome Web Store due to privacy and permissions issues. Spotted by Techdows, one of the engineers responsible for the Dashlane password manager has publicly posted an attempt to get in contact with Google. In the post, it’s explained that, on Friday, Dashlane received a warning from the Chrome Web Store stating that the extension had a week to either cutback or explain the permissions it asks for. To comply with the request, Dashlane submitted a “permission justification form,” spelling out how the extension works and why it needs so many permissions to do the job, along with a new version of Dashlane. The next day, Dashlane was removed from the Chrome Web Store altogether, with the extension’s listing currently leading to a 404 error. Mastercard is pioneering new payment technology that identifies commuters by the way they walk https://www.marketwatch.com/story/mastercard-is-pioneering-new-payment-technology-that-identifies-commuters-by-the-way-they-walk-2020-02-14?mod=mw_latestnews The payment provider is investigating innovative behavioral biometrics such as gait, face, heartbeat and veins for cutting edge payment systems of the future Commuters may soon be able to ditch their bus pass and access public transport with technology identifying them by the way they walk. Mastercard MA, +1.52% is working with transport firms to develop a new system that would authenticate passengers by their gait. The payment provider told MarketWatch that everyone has a unique walk, and it is investigating innovative behavioral biometrics such as gait, face, heartbeat and veins for cutting edge payment systems of the future. Ajay Bhalla, president of cyber and intelligence solutions for Mastercard, told MarketWatch in an interview: “We are working with transport organizations where your face or gait will authenticate you. Signal Is Finally Bringing Its Secure Messaging to the Masses https://www.wired.com/story/signal-encrypted-messaging-features-mainstream/ The encryption app is putting a $50 million infusion from WhatsApp cofounder Brian Acton to good use, building out features to help it go mainstream. Marlinspike has always talked about making encrypted communications easy enough for anyone to use. The difference, today, is that Signal is finally reaching that mass audience it was always been intended for—not just the privacy diehards, activists, and cybersecurity nerds that formed its core user base for years—thanks in part to a concerted effort to make the app more accessible and appealing to the mainstream. Signal's new group messaging, which will allow administrators to add and remove people from groups without a Signal server ever being aware of that group's members, required going further still. Signal partnered with Microsoft Research to invent a novel form of "anonymous credentials" that let a server gatekeep who belongs in a group, but without ever learning the members' identities. "It required coming up with some innovations in the world of cryptography," Marlinspike says. "And in the end, it’s just invisible. It’s just groups, and it works like we expect groups to work." Signal is rethinking how it keeps track of its users' social graphs, too. Another new feature it's testing, called "secure value recovery," would let you create an address book of your Signal contacts and store them on a Signal server, rather than simply depend on the contact list from your phone. That server-stored contact list would be preserved even when you switch to a new phone. To prevent Signal's servers from seeing those contacts, it would encrypt them with a key stored in the SGX secure enclavethat's meant to hide certain data even from the rest of the server's operating system. That feature might someday even allow Signal to ditch its current system of identifying users based on their phone numbers—a feature that many privacy advocates have criticized, since it forces anyone who wants to be contacted via Signal to hand out a cell phone number, often to strangers. Instead, it could store persistent identities for users securely on its servers. "I’ll just say, this is something we’re thinking about," says Marlinspike. Secure value recovery, he says, "would be the first step in resolving that." US says it can prove Huawei has backdoor access to mobile-phone networks https://arstechnica.com/tech-policy/2020/02/us-gave-allies-evidence-that-huawei-can-snoop-on-phone-networks-wsj-says/ US officials say they have evidence that Huawei has backdoor access to mobile-phone networks around the world, according to a Wall Street Journal article published today. "We have evidence that Huawei has the capability secretly to access sensitive and personal information in systems it maintains and sells around the world," US National Security Adviser Robert O'Brien told the Journal. The United States has long claimed that Huawei can secretly access networks through the networking gear it sells to telcos, but the goverment previously argued that it doesn't need to show any proof. US officials still are not providing such evidence publicly but have begun sharing their intelligence with other countries, the Journal report said. The Journal wrote: The US kept the intelligence highly classified until late last year, when American officials provided details to allies including the UK and Germany, according to officials from the three countries. That was a tactical turnabout by the US, which in the past had argued that it didn't need to produce hard evidence of the threat it says Huawei poses to nations' security. The US has been sharing this evidence at the same time the Trump administration tries to convince allies to get Huawei gear out of their networks. US officials said they have been aware of Huawei's backdoor access "since observing it in 2009 in early 4G equipment," the Journal wrote. However, the US officials quoted by the Journal "declined to say whether the US has observed Huawei using this access." There's a privacy bracelet that jams smart speakers and, hell yeah, bring it https://mashable.com/article/bracelet-jams-alexa-smart-speakers/ Smart speakers are creepy recording devices that eavesdrop on unsuspecting people. A new piece of custom technology offers the chance to fight back. Stylized as a cyberpunk bracelet, a "wearable jammer" was developed by a trio of professors at the University of Chicago. In addition to looking punk rock as all hell, the device emits ultrasonic noise that interferes with microphones' ability to record yet is inaudible to humans. Oh, and the professors — Ben Zhao, Heather Zheng, and assistant professor Pedro Lopes — published schematics online so the more technically proficient of you can make one at home. Notably, this is neither the first time someone has made a microphone jammer nor the first time that ultrasound has been used to screw with smart speakers. This device is special, however, for reasons greater than just its bracelet style. "[Current] jammers are also directional, requiring users to point the jammer to a microphone; instead, our wearable bracelet is built in a ring-layout that allows it to jam in multiple directions," reads a paper explaining the science behind the jammer. "This is beneficial in that it allows our jammer to protect against microphones hidden out of sight."
  16. Escaping the Chrome Sandbox with RIDL https://googleprojectzero.blogspot.com/2020/02/escaping-chrome-sandbox-with-ridl.html Guest blog post by Stephen Röttger tl;dr: Vulnerabilities that leak cross process memory can be exploited to escape the Chrome sandbox. An attacker is still required to compromise the renderer prior to mounting this attack. To protect against attacks on affected CPUs make sure your microcode is up to date and disable hyper-threading (HT). In my last guest blog post “Trashing the Flow of Data” I described how to exploit a bug in Chrome’s JavaScript engine V8 to gain code execution in the renderer. For such an exploit to be useful, you will usually need to chain it with a second vulnerability since Chrome’s sandbox will limit your access to the OS and site isolation moved cross-site renderers into separate processes to prevent you from bypassing restrictions of the web platform. In this post, we will take a look at the sandbox and in particular at the impact of RIDL and similar hardware vulnerabilities when used from a compromised renderer. Chrome’s IPC mechanism Mojo is based on secrets for message routing and leaking these secrets allows us to send messages to privileged interfaces and perform actions that the renderer shouldn’t be allowed to do. We will use this to read arbitrary local files as well as execute a .bat file outside of the sandbox on Windows. At the time of writing, both Apple and Microsoft are actively working on a fix to prevent this attack in collaboration with the Chrome security team. Summary When I started working on this I was surprised that it’s still exploitable even though the vulnerabilities have been public for a while. If you read guidance on the topic, they will usually talk about how these vulnerabilities have been mitigated if your OS is up to date with a note that you should disable hyper threading to protect yourself fully. The focus on mitigations certainly gave me a false sense that the vulnerabilities have been addressed and I think these articles could be more clear on the impact of leaving hyper threading enabled. That being said, I would like you to take away two things from this post. First, info leak bugs can be more than just an ASLR bypass. Even if it wasn’t for the reliance on secret port names, there would be other interesting data to leak, e.g. Chrome’s UnguessableTokens, Gmail cookies or sensitive data in other processes on the machine. If you have an idea how to find info leaks at scale, Chrome might be a good target. Second, I ignored hardware vulnerabilities for the longest time since they are way out of my comfort zone. However, I hope that I can give you another data point on their impact with this blog post to help you make a decision if you should disable hyper-threading. There’s lots of room for exploration on what other software can be broken in similar ways and I would love to see more examples of applying hardware bugs to break software security boundaries.
  17. South Korea switching their 3.3 million PCs to Linux https://www.fosslinux.com/29117/south-korea-switching-their-3-3-million-pcs-to-linux.htm The reasoning behind the switch is two-fold. South Korea was looking to reduce its reliance on Microsoft and Windows and cut down on software licensing costs. South Korean government has announced that it will switch the computers used in its central, local, and public institutions to Linux-based operating systems starting this year-end. The announcement comes just one month after the end of “free” support for Microsoft Windows 7, the most prevalent operating system used by the South Korean government. The reasoning behind the switch is two-fold. South Korea was looking to reduce its reliance on Microsoft and Windows and cut down on software licensing costs. “We will resolve our dependency on a single company while reducing the budget by introducing an open-source operating system.” …said Choi Jang-hyuk, South Korea’s head of Ministry of Strategy and Finance, Although most Linux distros are free, South Korean officials estimate that migrating their current fleet of approximately 3.3 million PCs from Windows 7 to Linux will cost about 780 billion won (approximately $655 million). The price tag will cover the implementation, transition, and purchase of new PCs. The ministry first plans to test the waters with a pilot test to explore and expose any potential compatibility and security issues. Since many of South Korea’s government websites, network devices, and software are designed for compatibility with Windows-based operating systems, this is a wise move by the government. Should the South Korean’s pilot Linux prove successful, with no major issues encountered, expect a broader roll-out to follow? If successful, South Korea’s foray into the Linux world could incite and seduce other governments to follow suit.
  18. @Ssherjj 'In some room' no. is good.
  19. Happy that you find it useful @Pierre75
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.