RSS 생중계

Small Dongle Brings the HDD Clicking Back To SSDs In Retro PCs

Slashdot - 2시간 27분 지남
Longtime Slashdot reader root_42 writes: Remember the clicking sounds of spinning hard disks? One "problem" with retro computing is that we replace those disks with compact flash, SD cards or even SSDs. Those do not make any noises that you can hear under usual circumstances, which is partly nice because the computer becomes quieter, but also irritating because sometimes you can't tell if the computer has crashed or is still working. This little device fixes that issue! It's called the HDD Clicker and it's a very unique little gadget. "An ATtiny and a few support components ride on a small PCB along with a piezoelectric speaker," describes Hackaday. "The dongle connects to the hard drive activity light, which triggers a series of clicks from the speaker that sound remarkably like a hard drive heading seeking tracks." A demo of the device can be viewed at 7:09, with a full defragmentation at 13:11.

Read more of this story at Slashdot.

카테고리:

Germany To Keep 2 of Its 3 Nuclear Plants Running Into April

Slashdot - 5시간 27분 지남
Germany's government plans to keep two of the country's three remaining nuclear power plants running until mid-April to help prevent a potential winter energy shortage, the economy and energy minister said Tuesday. The Associated Press reports: The announcement by Economy and Energy Minister Robert Habeck means the government has officially, albeit temporarily, reversed Germany's long-held plan to shut shut down its nuclear plants by the end of the year. Habeck said the decision to keep operating the two plants in southern Germany -- Isar 2 in Bavaria and Neckarwestheim north of Stuttgart -- into next year a "necessary" step to avoid potential power grid shortages in the region. Officials still plan to close down Germany's third remaining nuclear plant, Emsland in the northern German state of Lower Saxony, at the end of the year as planned. Habeck said officials announced the decision Tuesday in light of stress test data from France's nuclear providers that indicated grid shortages could be more severe than expected this winter. Like other European countries, Germany is scrambling to ensure the lights stay on and homes stay warm this winter despite the reduction in natural gas flows from Russia amid the war in Ukraine. "The situation in France is not good and has developed much worse than was actually forecasted in the last few weeks," Habeck said. "As the minister responsible for energy security I have to say: Unless this development is reversed, we will leave Isar 2 and Neckarwestheim on the grid in the first quarter of 2023."

Read more of this story at Slashdot.

카테고리:

CVE-2022-39035

Latest 7 days CVE Lists - 8시간 12분 지남
Smart eVision has insufficient filtering for special characters in the POST Data parameter in the specific function. An unauthenticated remote attacker can inject JavaScript to perform XSS (Stored Cross-Site Scripting) attack.

CVE-2022-39053

Latest 7 days CVE Lists - 8시간 12분 지남
Heimavista Rpage has insufficient filtering for platform web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS (Reflected Cross-Site Scripting) attack.

CVE-2022-39054

Latest 7 days CVE Lists - 8시간 12분 지남
Cowell enterprise travel management system has insufficient filtering for special characters within web URL. An unauthenticated remote attacker can inject JavaScript and perform XSS (Reflected Cross-Site Scripting) attack.

CVE-2022-39029

Latest 7 days CVE Lists - 8시간 12분 지남
Smart eVision has inadequate authorization for the database query function. A remote attacker with general user privilege, who is not explicitly authorized to access the information, can access sensitive information.

CVE-2022-39030

Latest 7 days CVE Lists - 8시간 12분 지남
smart eVision has inadequate authorization for system information query function. An unauthenticated remote attacker, who is not explicitly authorized to access the information, can access sensitive information.

CVE-2022-39031

Latest 7 days CVE Lists - 8시간 12분 지남
Smart eVision has insufficient authorization for task acquisition function. An unauthorized remote attacker can exploit this vulnerability to acquire the Session IDs of other general users only.

CVE-2022-39032

Latest 7 days CVE Lists - 8시간 12분 지남
Smart eVision has an improper privilege management vulnerability. A remote attacker with general user privilege can exploit this vulnerability to escalate to administrator privilege, and then perform arbitrary system command or disrupt service.

CVE-2022-39033

Latest 7 days CVE Lists - 8시간 12분 지남
Smart eVision’s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication, access restricted paths to download and delete arbitrary system files to disrupt service.

CVE-2022-39034

Latest 7 days CVE Lists - 8시간 12분 지남
Smart eVision has a path traversal vulnerability in the Report API function due to insufficient filtering for special characters in URLs. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication, access restricted paths and download system files.

CVE-2022-38699

Latest 7 days CVE Lists - 8시간 12분 지남
Armoury Crate Service’s logging function has insufficient validation to check if the log file is a symbolic link. A physical attacker with general user privilege can modify the log file property to a symbolic link that points to arbitrary system file, causing the logging function to overwrite the system file and disrupt the system.

Room-Temperature Superconductivity Study Retracted

Slashdot - 8시간 57분 지남
An anonymous reader quotes a report from Science Magazine: In 2020, Ranga Dias, a physicist at the University of Rochester, and his colleagues published a sensational result in Nature, featured on its cover. They claimed to have discovered a room-temperature superconductor: a material in which electric current flows frictionlessly without any need for special cooling systems. Although it was just a speck of carbon, sulfur, and hydrogen forged under extreme pressures, the hope was that someday the material would lead to variants that would enable lossless electricity grids and inexpensive magnets for MRI machines, maglev railways, atom smashers, and fusion reactors. Faith in the result is now evaporating. On Monday Nature retracted the study, citing data issues other scientists have raised over the past 2 years that have undermined confidence in one of two key signs of superconductivity Dias's team had claimed. "There have been a lot of questions about this result for a while," says James Hamlin, an experimental condensed matter physicist at the University of Florida. But Jorge Hirsch, a theoretical physicist at the University of California, San Diego (UCSD), and longtime critic of the study, says the retraction does not go far enough. He believes it glosses over what he says is evidence of scientific misconduct. "I think this is a real problem," he says. "You cannot leave it as, 'Oh, it's a difference of opinion.'" The retraction was unusual in that Nature editors took the step over the objection of all nine authors of the paper. "We stand by our work, and it's been verified experimentally and theoretically," Dias says. Ashkan Salamat, a physicist at the University of Nevada, Las Vegas, and another senior member of the collaboration, points out the retraction does not question the drop in electric resistance -- the most important part of any superconductivity claim. He adds, "We're confused and disappointed in the decision-making by the Nature editorial board." The retraction comes even as excitement builds for the class of superconducting materials called hydrides, which includes the carbonaceous sulfur hydride (CSH) developed by Dias's team. Under pressures greater than at the center of the Earth, hydrogen is thought to behave like a superconducting metal. Adding other elements to the hydrogen -- creating a hydride structure -- can increase the "chemical pressure," reducing the need for external pressure and making superconductivity reachable in small laboratory vises called diamond anvil cells. As Lilia Boeri, a theoretical physicist at the Sapienza University of Rome, puts it, "These hydrides are a sort of realization of metallic hydrogen at slightly lower pressure." In 2015, Mikhail Eremets, an experimental physicist at the Max Planck Institute for Chemistry, and colleagues reported the first superconducting hydride: a mix of hydrogen and sulfur that, under enormous pressures, exhibited a sharp drop in electrical resistance at a critical temperature (Tc) of 203 K (-70C). That was nowhere near room temperature, but warmer than the Tc for most superconducting materials. Some theorists thought adding a third element to the mix would give researchers a new variable to play with, enabling them to get closer to ambient pressures -- or room temperatures. For the 2020 Nature paper, Dias and colleagues added carbon, crushed the mix in a diamond anvil cell, and heated it with a laser to create a new substance. They reported that tests showed a sharp drop in resistance at a Tc of 288 K (15C) -- roughly room temperature -- and a pressure of 267 gigapascals, about 75% of the pressure at the center of the Earth. But in a field that has seen many superconducting claims come and go, a drop in resistance alone is not considered sufficient. The gold standard is to provide evidence of another key attribute of superconductors: their ability to expel an applied magnetic field when they cross Tc and become superconducting. Measuring that effect in a diamond anvil cell is impractical, so experimentalists working with hydrides often measure a related quantity called "magnetic susceptibility." Even then they must contend with tiny wires and samples, immense pressures, and a background magnetic signal from metallic gaskets and other experimental components. "It's like you're trying to see a star when the Sun is out," Hamlin says. "The study's magnetic susceptibility data were what led to the retraction," reports Science. "The team members reported that a susceptibility signal emerged after they had subtracted a background signal, but they did not include raw data. The omission frustrated critics, who also complained that the team relied on a 'user-defined' background -- an assumed background rather than a measured one. But Salamat says relying on a user-defined background is customary in high-pressure physics because the background is so hard to measure experimentally." Dias and Salamat posted a paper to arXiv in 2021 containing the raw susceptibility data and purported to explain how the background was subtracted, but it "raised more questions than it answered," says Brad Ramshaw, a quantum materials physicist at Cornell University. "The process of going from the raw data to the published data was incredibly opaque." Hirsch accused the data of being "fabricated," noting suspicious similarities to data in a 2009 paper on superconductivity in europium under high pressures. It too was later retracted.

Read more of this story at Slashdot.

카테고리:

All 50 States Get Green Light To Build EV Charging Stations

Slashdot - 10시간 25분 지남
The U.S. Transportation Department on Tuesday said it approved electric vehicle charging station plans for all 50 states, Washington, D.C., and Puerto Rico covering roughly 75,000 miles of highways. CNBC reports: Earlier this year, the Biden administration allocated $5 billion to states to fund EV chargers over five years along interstate highways as part of the bipartisan infrastructure package. Under the plan, entitled the National Electric Vehicle Infrastructure Formula Program, states provided their EV infrastructure deployment proposals to the Joint Office of Energy and Transportation. States are now approved to construct a network of EV charging stations along designated alternative fuel corridors on the national highway system and have access to more than $1.5 billion to help build the chargers. It's unclear how many charging stations the funds will support, and states have not yet shared specific charger locations. Transportation Department officials have said that states should install stations every 50 miles and ensure each station is located within one mile of an interstate highway. "We have approved plans for all 50 States, Puerto Rico and the District of Columbia to help ensure that Americans in every part of the country -- from the largest cities to the most rural communities -- can be positioned to unlock the savings and benefits of electric vehicles," Transportation Secretary Pete Buttigieg said in a statement.

Read more of this story at Slashdot.

카테고리:

Tim Cook: 'No Good Excuse' For Lack of Women In Tech

Slashdot - 11시간 2분 지남
AmiMoJo shares a report from the BBC: Apple chief executive Tim Cook says there are still "not enough women at the table" at the world's tech firms -- including his own. He said there were "no good excuses" for the lack of women in the sector. Apple has just launched its founders' development program for female founders and app creators in the UK. "I think the the essence of technology and its effect on humanity depends upon women being at the table," Mr Cook says. "Technology's a great thing that will accomplish many things, but unless you have diverse views at the table that are working on it, you don't wind up with great solutions." Apple had 35% female staff in the US in 2021, according to its own diversity figures. It launched its original Apple Health Kit in 2014 without a period tracker -- which led to accusations that this was an oversight due to male bias among its developers. One challenge facing the sector is the lack of girls choosing to pursue science, tech, engineering and maths subjects at school. "Businesses can't cop out and say 'there's not enough women taking computer science -- therefore I can't hire enough,'" says Mr Cook. "We have to fundamentally change the number of people that are taking computer science and programming." His view is that everybody should be required to take some sort of coding course by the time they finish school, in order to have a "working knowledge" of how coding works and how apps are created. According to Deloitte Global, large global tech firms will reach nearly 33% overall female representation in their workforces in 2022 on average -- with 25% occupying technical roles. In the interview with the BBC, Cook also commented on the future of augmented reality, saying: "in the future, people will wonder how we lived without AR." He added: "we're investing a ton in that space." Earlier this year, Apple analyst Ming-Chi Kuo said Apple could announced its long-rumored mixed-reality headset as soon as January 2023.

Read more of this story at Slashdot.

카테고리:

The Latest iPadOS 16 Beta Brings Stage Manager To Older iPad Pro Models

Slashdot - 11시간 42분 지남
Apple is bringing Stage Manager, a new multitasking system exclusive to iPads with the M1 chip, to a number of older devices. Engadget reports: Probably the biggest change Apple announced with iPadOS 16 earlier this year is Stage Manager, a totally new multitasking system that adds overlapping, resizable windows to the iPad. That feature also works on an external display, the first time that iPads could do anything besides mirror their screen on a monitor. Unfortunately, the feature was limited to iPads with the M1 chip -- that includes the 11- and 12.9-inch iPad Pro released in May of 2021 as well as the M1-powered iPad Air which Apple released earlier this year. All other older iPads were left out. That changes with the latest iPadOS 16 developer beta, which was just released. Now, Apple is making Stage Manager work with a number of older devices: it'll work on the 11-inch iPad Pro (first generation and later) and the 12.9-inch iPad Pro (third generation and later). Specifically, it'll be available on the 2018 and 2020 models that use the A12X and A12Z chips rather than just the M1. However, there is one notable missing feature for the older iPad Pro models -- Stage Manager will only work on the iPad's build-in display. You won't be able to extend your display to an external monitor. Apple also says that developer beta 5 of iPadOS 16. is removing external display support for Stage Manager on M1 iPads, something that has been present since the first iPadOS 16 beta was released a few months ago. It'll be re-introduced in a software update coming later this year.

Read more of this story at Slashdot.

카테고리:

CVE-2022-40497

Latest 7 days CVE Lists - 12시간 12분 지남
Wazuh v3.6.1 - v3.13.5, v4.0.0 - v4.2.7, and v4.3.0 - v4.3.7 were discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Response endpoint.

Cloudflare Takes Aim At AWS With Promise of $1.25 Billion To Startups That Use Its Own Platform

Slashdot - 12시간 25분 지남
An anonymous reader quotes a report from TechCrunch: Cloudflare, the security, performance and reliability company that went public three years ago, said this morning that it will help connect startups that use its serverless computing platform to dozens of venture firms that have collectively offered to invest up to $1.25 billion in the companies out of their existing funds. It's a smart, splashy incentive to entice more startups to use the now five-year-old product, which, according to Cloudflare, enables developers to build or augment apps without configuring or maintaining infrastructure. Cloudflare notes in a related press release that startups can scale so fast using the platform that Cloudflare acquired one last year: Zaraz, a startup that promises to speed up website performance with a single line of code. (Cloudflare isn't promising to acquire other startups, but the suggestion is in the air.) Indeed, this funding program, as far as we can tell, is really about Cloudflare taking aim at hugely lucrative products like AWS, Azure and Google Cloud. Toward that end, we asked Cloudflare CEO Matthew Prince over the weekend why Cloudflare thinks it can steal market share from these much bigger companies. "I wouldn't characterize it as 'stealing' market share from anyone," he said. "It's a matter of earning market share, and the way you earn market share is by providing a better product at a more affordable price." Asked how much more affordable, he said merely that it's "significantly less expensive than the legacy public clouds" because of how it's built. As Prince explains it, modern browsers "encounter new, untrusted code with nearly every page they open online today. They need a way to quickly and safely execute that code [and use a] technology called isolates to achieve that." Cloudflare Workers, which is the name of the platform, "takes the isolates technology inspired by the browser and makes it available as a developer platform." Prince said the idea to connect startups on its platform with venture funding came out of existing relationships it has with VCs who'd begun noticing that more of their portfolio companies are using Cloudflare Workers as their developer platform. "When they did due diligence," said Prince, the VCs would "push [founders] on 'why Cloudflare and not a platform like AWS,' [and] the answer that startup after startup gave was that Cloudflare Workers scaled better, had better performance, and was less expensive to operate." "If you're a VC and you hear an answer like that multiple times from the most promising startups it causes you to take notice," he added. Cloudflare is not providing any funding or making any funding decisions, it makes clear. All funding decisions will be made by the participating firms.

Read more of this story at Slashdot.

카테고리:

Oracle Pays $23 Million To SEC To Settle Bribery Charges

Slashdot - 12시간 47분 지남
Oracle has paid $23 million to the US Securities and Exchange Commission to settle corruption charges that subsidiaries in Turkey, United Arab Emirates and India used "slush funds" to bribe foreign officials to win business. The Register reports: The SEC said on Tuesday that Big Red violated provisions of the Foreign Corrupt Practices Act (FCPA) during a three-year period between 2016 and 2019. The cash that was apparently surreptitiously set aside was also spent on paying for foreign officials to attend technology conferences, which breaks Oracle's own internal policies and procedures. And the SEC said that in some instances, it found Oracle staff at the Turkish subsidiary had spent the funds on taking officials' families with them on International conferences or side trips to California. "The creation of off-books slush funds inherently gives rise to the risk those funds will be used improperly, which is exactly what happened here at Oracle's Turkey, UAE, and India subsidiaries," said Charles Cain, FCPA unit chief at the SEC. "This matter highlights the critical need for effective internal accounting controls throughout the entirety of a company's operations," he added. Oracle, without admitting or denying the findings of the SEC's investigation, has agreed to "cease and desist from committing violations" of the anti-bribery, books and records, and internal accounting controls of the FCPA, said the Commission.

Read more of this story at Slashdot.

카테고리:

Intel and Samsung Are Getting Ready For 'Slidable' PCs

Slashdot - 13시간 7분 지남
During Intel's Innovation keynote today, Samsung Display showed off a prototype PC that slides from a 13-inch tablet into a 17-inch display. Intel also announced that it's been experimenting with slidable PC form factors. The Verge reports: The prototype device that Samsung Display and Intel have shown off today essentially turns a 13-inch tablet into a 17-inch monitor with a flexible display and a sliding mechanism. Intel was quick to demonstrate its new Unison software on this display, which aims to connect Intel-powered computers to smartphones -- including iPhones. The slidable PC itself is just a concept for now, and there's no word from Intel or Samsung Display on when it will become a reality.

Read more of this story at Slashdot.

카테고리:

페이지

KLDP 수집기 구독하기