RSS 생중계

A Stable Plasma Ring Has Been Created In Open Air For the First Time Ever

Slashdot - 1시간 17분 지남
New submitter mrcoder83 shares a report from Futurism: Engineers from the California Institute of Technology (Caltech) have been able to create a stable plasma ring without a container. According to the Caltech press release, it's "essentially capturing lightning in a bottle, but without the bottle." This remarkable feat was achieved using only a stream of water and a crystal plate, made from either quartz and lithium niobate. The union of these tools induced a type of contact electrification known as the triboelectric effect. The researchers blasted the crystal plate with an 85-micron-diameter jet of water (narrower than a human hair) from a specially designed nozzle. The water hit the crystal plate with a pressure of 632.7 kilograms of force per centimeter (9,000 pounds per square inch), generating an impact velocity of around 305 meters per second (1,000 feet per second) -- as fast as a bullet from a handgun. Plasma was formed as a result of the creation of an electric charge when the water hit the crystal surface. The flow of electrons from the point of contact ionizes the molecules and atoms in the gas area surrounding the water's surface, forming a donut-shaped glowing plasma that's dozens of microns in diameter. Caltech posted a video of the plasma ring on their YouTube channel.

Read more of this story at Slashdot.

카테고리:

The House's Tax Bill Levies a Tax On Graduate Student Tuition Waivers

Slashdot - 4시간 47분 지남
Camel Pilot writes: The new GOP tax plan -- which just passed the House -- will tax tuition waivers as income. Graduate students working as research assistants on meager stipends would have to declare tuition waivers as income on the order of $80,000 income. This will force many graduate students of modest means to quit their career paths and walk away from their research. These are the next generation of scientists, engineers, inventors, educators, medical miracle workers and market makers. As Prof Claus Wilke points out: "This would be a disaster for U.S. STEM Ph.D. education." Slashdot reader Camel Pilot references a report via The New York Times, where Erin Rousseau explains how the House of Representatives' recently passed tax bill affects graduate research in the United States. Rousseau is a graduate student at M.I.T. who studies the neurological basis of mental health disorders. "My peers and I work between 40 and 80 hours a week as classroom teachers and laboratory researchers, and in return, our universities provide us with a tuition waiver for school. For M.I.T. students, this waiver keeps us from having to pay a tuition bill of about $50,000 every year -- a staggering amount, but one that is similar to the fees at many other colleges and universities," he writes. "No money from the tuition waivers actually ends up in our pockets, so under Section 117(d)(5), it isn't counted as taxable income." Rousseau continues by saying his tuition waivers will be taxed under the House's tax bill. "This means that M.I.T. graduate students would be responsible for paying taxes on an $80,000 annual salary, when we actually earn $33,000 a year. That's an increase of our tax burden by at least $10,000 annually."

Read more of this story at Slashdot.

카테고리:

'Robots Are Not Taking Over,' Says Head of UN Body of Autonomous Weapons

Slashdot - 6시간 7분 지남
An anonymous reader writes: Robots are not taking over the world," the diplomat leading the first official talks on autonomous weapons assured on Friday, seeking to head off criticism over slow progress towards restricting the use of so-called "killer robots." The United Nations was wrapping up an initial five days of discussions on weapons systems that can identify and destroy targets without human control, which experts say will soon be battle ready. "Ladies and gentlemen, I have news for you: the robots are not taking over the world. Humans are still in charge," said India's disarmament ambassador, Amandeep Gill, who chaired the CCW meeting. "I think we have to be careful in not emotionalizing or dramatizing this issue," he told reporters in response to criticism about the speed of the conference's work. Twenty-two countries, mostly those with smaller military budgets and lesser technical knowhow, have called for an outright ban, arguing that automated weapons are by definition illegal as every individual decision to launch a strike must be made by a human. Gill underscored that banning killer robots, or even agreement on rules, remained a distant prospect.

Read more of this story at Slashdot.

카테고리:

Verizon: No 4G-Level Data Caps For 5G Home Service

Slashdot - 6시간 47분 지남
Verizon recently announced that its upcoming 5G home internet service will not have the kinds of data limits you expect from current wireless services. It will reportedly be able to handle the average data load of a FiOS customer, and it won't be throttled down to 4G gigabyte caps. PC Magazine reports: Verizon has been trying out its new 5G home internet service for months. In a tour of its New Jersey lab, we got a closer look at the 5G antenna setup we saw at Mobile World Congress in February. It's a silver device the size of a paperback book, which connects to a Wi-Fi router with a display. You're supposed to put in a window facing Verizon's 5G service tower. In the test lab, engineer David Binczewski (below) showed us how the company is still working through the challenges of high-frequency, short-distance, millimeter-wave 5G -- most notably, how to penetrate various materials. In a chamber designed to test new 5G devices, he held up a piece of wood between a 5G emitter and a receiver, and we watched the signal fuzz out a bit on a nearby equipment screen. During a roundtable, VP of network support Mike Haberman, some other Verizon folks, and the assembled journalists agreed that an average data cap in the vicinity of 180GB/month would satisfy the average consumer. That's far more than Verizon's current 4G traffic management limit, where folks who use more than 22GB get sent to the back of the line if a tower is congested.

Read more of this story at Slashdot.

카테고리:

NVIDIA Launches Modded Collector's Edition Star Wars Titan Xp Graphics Card

Slashdot - 7시간 27분 지남
MojoKid writes: NVIDIA just launched its fastest graphics card yet and this GPU is targeted at Star Wars fans. In concert with EA's official launch today of Star Wars Battlefront II, NVIDIA unveiled the new Star Wars Titan Xp Collector's Edition graphics card for enthusiast gamers. There are two versions of the cards available -- the Galactic Empire version and a Jedi Order version. Both of the cards feature customized coolers, shrouds, and lighting, designed to mimic the look of a lightsaber. They also ship in specialized packaging that can be used to showcase the cards if they're not installed in a system. The GPU powering the TITAN Xp Collector's Edition has a base clock of 1,481MHz and a boost clock of 1,582MHz. It's packing a fully-enabled NVIDIA GP102 GPU with 3,840 cores and 12GB of GDDR5X memory clocked at 5.5GHz for an effective data rate of 11Gbps, resulting in 547.2GB/s of peak memory bandwidth. At those clocks, the card also offers a peak texture fillrate of 379.75 GigaTexels/s and 12.1TFLOPs of FP32 compute performance, which is significantly higher than a GeForce GTX 1080 Ti. In the benchmarks, it's the fastest GPU out there right now (it better be for $1200), but this card is more about nostalgia and the design customizations NVIDIA made to the cards that should appeal to gamers and Star Wars fans alike.

Read more of this story at Slashdot.

카테고리:

Massive US Military Social Media Spying Archive Left Wide Open In AWS S3 Buckets

Slashdot - 8시간 7분 지남
An anonymous reader quotes a report from The Register: Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing "dozens of terabytes" of social media posts and similar pages -- all scraped from around the world by the U.S. military to identify and profile persons of interest. The archives were found by veteran security breach hunter UpGuard's Chris Vickery during a routine scan of open Amazon-hosted data silos, and these ones weren't exactly hidden. The buckets were named centcom-backup, centcom-archive, and pacom-archive. CENTCOM is the common abbreviation for the U.S. Central Command, which controls army operations in the Middle East, North Africa and Central Asia. PACOM is the name for U.S. Pacific Command, covering the rest of southern Asia, China and Australasia. "For the research I downloaded 400GB of samples but there were many terabytes of data up there," he said. "It's mainly compressed text files that can expand out by a factor of ten so there's dozens and dozens of terabytes out there and that's a conservative estimate." Just one of the buckets contained 1.8 billion social media posts automatically fetched over the past eight years up to today. It mainly contains postings made in central Asia, however Vickery noted that some of the material is taken from comments made by American citizens. The databases also reveal some interesting clues as to what this information is being used for. Documents make reference to the fact that the archive was collected as part of the U.S. government's Outpost program, which is a social media monitoring and influencing campaign designed to target overseas youths and steer them away from terrorism.

Read more of this story at Slashdot.

카테고리:

FCC Approves Next-Gen ATSC 3.0 TV Standard

Slashdot - 8시간 47분 지남
New submitter mikeebbbd writes: "U.S. regulators on Thursday approved the use of new technology that will improve picture quality on mobile phones, tablets and television, but also raises significant privacy concerns by giving advertisers dramatically more data about viewing habits," reports Reuters. ATSC3.0 will apparently make personal data collection and targeted ads possible. New TVs will be necessary, and broadcasters will need to transmit both ATSC 2.0 (the current standard) for 3 to 5 years before turning off the older system. For now, the conversion is voluntary. There appears to be no requirement (as there was when ATSC 2.0 came out) for low-cost adapter boxes to make older TVs work; once a channel goes ATSC 3.0-only, your old TV will not display it any more.

Read more of this story at Slashdot.

카테고리:

CVE-2017-16566

Latest 7 days CVE Lists - 8시간 48분 지남
On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not require authentication, which allows remote attackers to read or replace core system files including those used for authentication (such as passwd and shadow). This can be abused to take full root level control of the device.

Apple's HomePod Gets Delayed Until 2018

Slashdot - 9시간 27분 지남
Apple has reportedly delayed the release of its HomePod smart speaker until 2018. In a statement to The Verge, Apple says that it needs more time to work on the device. "We can't wait for people to experience HomePod, Apple's breakthrough wireless speaker for the home, but we need a little more time before it's ready for our customers," an Apple spokesperson said. "We'll start shipping in the U.S., UK and Australia in early 2018." From the report: The speaker was originally set to be released in December. Priced at $349, the HomePod is slated to take on higher-end sound systems like Sonos, as well as smart assistants like the Amazon Echo and Google Home. The cylindrical speaker features a seven-speaker array of tweeters, a four-inch subwoofer, and a six-microphone array, which puts it right on par spec-wise with the best speakers in its price range, but where it may fall short is Siri, which isn't really in the same class as Alexa or Google Assistant. That challenge is likely why Apple's focus at the launch of the HomePod back at WWDC in June was music first and smart features second.

Read more of this story at Slashdot.

카테고리:

CVE-2017-1000126

Latest 7 days CVE Lists - 9시간 48분 지남
exiv2 0.26 contains a Stack out of bounds read in webp parser

CVE-2017-1000127

Latest 7 days CVE Lists - 9시간 48분 지남
Exiv2 0.26 contains a heap buffer overflow in tiff parser

CVE-2017-1000128

Latest 7 days CVE Lists - 9시간 48분 지남
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser

CVE-2017-1000217

Latest 7 days CVE Lists - 9시간 48분 지남
Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary code execution, fixed in 2.3.3 and 3.0.

CVE-2017-1000221

Latest 7 days CVE Lists - 9시간 48분 지남
In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the access control incorrectly so that users only need to match part of the user name used for the access restriction. For example, a user with the role ROLE_USER will have access to recordings published only for ROLE_USER_X.

Microsoft and GitHub Team Up To Take Git Virtual File System To MacOS, Linux

Slashdot - 10시간 7분 지남
An anonymous reader writes: One of the more surprising stories of the past year was Microsoft's announcement that it was going to use the Git version control system for Windows development. Microsoft had to modify Git to handle the demands of Windows development but said that it wanted to get these modifications accepted upstream and integrated into the standard Git client. That plan appears to be going well. Yesterday, the company announced that GitHub was adopting its modifications and that the two would be working together to bring suitable clients to macOS and Linux. Microsoft says that, so far, about half of its modifications have been accepted upstream, with upstream Git developers broadly approving of the approach the company has taken to improve the software's scaling. Redmond also says that it has been willing to make changes to its approach to satisfy the demands of upstream Git. The biggest complexity is that Git has a very conservative approach to compatibility, requiring that repositories remain compatible across versions. Microsoft and GitHub are also working to bring similar capabilities to other platforms, with macOS coming first, and later Linux. The obvious way to do this on both systems is to use FUSE, an infrastructure for building file systems that run in user mode rather than kernel mode (desirable because user-mode development is easier and safer than kernel mode). However, the companies have discovered that FUSE isn't fast enough for this -- a lesson Dropbox also learned when developing a similar capability, Project Infinite. Currently, the companies believe that tapping into a macOS extensibility mechanism called Kauth (or KAuth) will be the best way forward.

Read more of this story at Slashdot.

카테고리:

Even New Phones Are No Longer Guaranteed To Have the Latest Version of Android

Slashdot - 10시간 47분 지남
Vlad Savov, writing for The Verge: The OnePlus 5T and Razer Phone are two fundamentally different devices, which are nonetheless united by one unfortunate downside: both of them are going on sale this month without the latest version of Android on board. OnePlus will tell you that this issue is down to its extremely stringent testing process, while Razer offers a similar boilerplate about working as fast as possible to deliver Android Oreo. But we're now three months removed from Google's grand Oreo launch, timed to coincide with this summer's total eclipse, and all of these excuses are starting to ring hollow. Why do Android companies think they can ship new devices without the latest and best version of the operating system on board? The notorious fragmentation problem with Android has always been that not every device gets the latest update at the same time, and many devices get stuck on older software without ever seeing an update at all. What's changed now is that the "one version behind the newest and best" phenomenon is starting to infect brand new phones as well. The 5T and Razer Phone are just two examples; there's also Xiaomi, which just launched its Mi Mix 2 in Spain with 2016's Android Nougat as the operating system.

Read more of this story at Slashdot.

카테고리:

CVE-2017-1000163

Latest 7 days CVE Lists - 10시간 48분 지남
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, which may result in phishing or social engineering attacks.

CVE-2017-1000190

Latest 7 days CVE Lists - 10시간 48분 지남
SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.

CVE-2017-1000227

Latest 7 days CVE Lists - 10시간 48분 지남
Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can

CVE-2017-1000230

Latest 7 days CVE Lists - 10시간 48분 지남
The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7 are provided with unexpected input, thus resulting in denial of service attack.

페이지

KLDP 수집기 구독하기