RSS 생중계

Researchers Are Creepily Close To Predicting When You're Going To Die

Slashdot - 5시간 32분 지남
An anonymous reader quotes a report from Ars Technica: If death is in the cards, it may also be in your blood. Measurements of 14 metabolic substances in blood were pretty good at predicting whether people were likely to die in the next five to 10 years. The data was published this week in Nature Communications. A team of researchers led by data scientists in the Netherlands came up with the fateful 14 based on data from 44,168 people, aged 18 to 109. The data included death records and measurements of 226 different substances in blood. Of the 44,168 people, 5,512 died during follow-up periods of nearly 17 years. The researchers then put their death panel to the test. They used the 14 blood measurements to try to predict deaths in a cohort of 7,603 Finnish people who were surveyed in 1997. Of those Finns, 1,213 died during follow-up. Together, the 14 blood measurements were about 83% accurate at predicting the deaths that occurred within both five years and 10 years. The accuracy dropped to about 72% when predicting deaths for people over 60 years old, though.

Read more of this story at Slashdot.

카테고리:

Splunk To Buy Cloud-Monitoring Software Maker SignalFx For $1.05 Billion

Slashdot - 6시간 52분 지남
Splunk Inc. reached a $1.05 billion deal to buy cloud-monitoring startup SignalFx Inc., a deal that would strengthen the cybersecurity and data-analytics firm's offerings in the fast-growing cloud-computing sector. The Wall Street Journal reports: Founded in 2004, Splunk -- a play on the word "spelunking" -- collects and analyzes data to help companies identify patterns, like customers' beverage preferences, and detect anomalies, say fraud or a cyberattack. Splunk officials told analysts that Splunk has some customer overlap with San Mateo, Calif.-based SignalFx and that the target company's software represents a "top tier asset to the things that matter" to clients. Closely held SignalFx was valued at nearly $500 million after a $75 million funding round that closed in May, according to a Dow Jones VentureSource estimate. The cash-and-stock deal is expected to close in the second half of Splunk's fiscal year, which ends Jan. 31. San Francisco-based Splunk, which went public in 2012 and carries a nearly $1.5 billion deficit, said it would be able to absorb the added operating costs from the deal. Splunk has been increasing its cloud business, which accounted for 25% of revenues in the July quarter and is expected to represent half of operations over the next few years, company officials said.

Read more of this story at Slashdot.

카테고리:

Google Postpones Shutdown of Hangouts For G Suite Users

Slashdot - 7시간 32분 지남
Google will let G Suite customers continue to use Hangouts until next year, delaying a shutdown of the service that was supposed to begin in October. Hangouts will now stay around for business customers until at least next June. The Verge reports: The shutdown will move customers of Google's business-focused G Suite subscription over to a pair of new chat services: Hangouts Chat, a Slack competitor; and Hangouts Meet, a video conferencing service. While the services generally include the same functionality (and more), people are pretty used to Hangouts, and Google says it's heard from companies' IT teams that they'd "like more time to migrate [their] organizations from classic Hangouts to Hangouts Chat." Google says it now plans to start transitioning all G Suite users over to the new services by the end of next year. To make the transition easier, Google says it's going to work on adding more features to classic Hangouts. Right now, classic Hangouts users can only directly message a Hangouts Chat user. In the future, Google suggests that classic users may be able to view or participate in group chats, too.

Read more of this story at Slashdot.

카테고리:

California High School In Silicon Valley Is Locking Up Students' Cellphones

Slashdot - 8시간 12분 지남
San Mateo High School administrators have instituted a new policy to lock up students' cellphones. "Each school day, nearly 1,700 students place their devices in a Yondr pouch that closes with a proprietary lock," reports NBC News. "School administrators unlock them at the end of the day." The goal is to help students focus on the teacher and other students. From the report: While administrators and teachers say they have already noticed a positive effect on students, the policy has elicited mixed reactions from researchers who argue its long-term effectiveness. Devices remain in the student's possession, but they aren't able to access them, the school said. The program was funded with a $20,000 grant. The pouches have been assigned to students at no cost, but losing one will cost the high-schoolers a $25 replacement fee. Some technology experts feel the new policy is a step in the right direction and will curb distraction in the classroom. "Taking cellphones out of the classroom is a no-brainer," said Calvin Newport, a professor of computer science at Georgetown University. Students tend to perform worse when they have access to network connectivity in the classroom, he said. "The ability to be free of distraction and concentrate on things is increasingly valuable, so it's a good general function of our schools to be a place where our students get trained to keeping their concentration on one thing at a time," he added. While many researchers have focused on the benefits of cutting out devices from the classroom, others worry about taking away something young people depend on. Larry Rosen, a research psychologist at California State University, said young people constantly check their phones to alleviate anxiety. They are anxious about staying on top of things, and that anxiety will build up if they are forced to ditch the devices cold turkey, he added. Taking away phones doesn't work for everyone, he argues. Instead, he believes "technology breaks" are a much happier medium.

Read more of this story at Slashdot.

카테고리:

[$] LWN.net Weekly Edition for August 22, 2019

lwn.net - 8시간 32분 지남
The LWN.net Weekly Edition for August 22, 2019 is available.
카테고리:

Waymo Releases a Self-Driving Open Data Set For Free Use By Research Community

Slashdot - 8시간 52분 지남
An anonymous reader quotes a report from TechCrunch: Waymo is opening up its significant stores of autonomous driving data with a new Open Data Set it's making available for the purposes of research. The data set isn't for commercial use, but its definition of "research" is fairly broad, and includes researchers at other companies as well as academics. The data set is "one of the largest, riches and most diverse self-driving data sets ever released for research," according to Waymo principal scientist and head of Research, Drago Anguelov, who was at both Zoox and Google prior to joining Waymo last year. Anguelov said in a briefing that the reason he initiated the push to make this data available is that Waymo and several other companies working in the field are "currently hampered by the lack of suitable data sets." The Waymo Open Data set tries to fill in some of these gaps for their research peers by providing data collected from 1,000 driving segments done by its autonomous vehicles on roads, with each segment representing 20 seconds of continuous driving. It includes driving done in Phoenix, Ariz.; Kirkland, Wash.; Mountain View, Calif.; and San Francisco, Calif., and offering a range of different driving conditions, including at night, during rain, at dusk and more. The segments include data collected from five of Waymo's own proprietary lidars, as well as five standard cameras that face front and to the sides, providing a 360-degree view captured in high resolution, as well as synchronization Waymo uses to fuse lidar and imaging data. Objects, including vehicles, pedestrians, cyclists and signage is all labeled. "We decided to contribute our part to make, ultimately, researchers in academia ask the right questions -- and for that, they need the right data," Anguelov said. "And I think this will help everyone in the field; it is not an admission in any way that we have problems solving these issues. But there is always room for improvement in terms of efficiency, scaleability, amount of labels to need. It's a developing field. Mostly we're trying to get others into thinking about our problems and working with us, as opposed to doing work that's potentially not so impactful, given the current state of things."

Read more of this story at Slashdot.

카테고리:

DoorDash Still Pockets Workers' Tips Almost a Month After It Promised To Stop

Slashdot - 9시간 32분 지남
DoorDash, the leading food delivery app in the U.S., is still pocketing workers' tips, despite announcing last month that it would stop the practice and change its tipping policies. The announcement was made after a report from The New York Times highlighted how the company uses tips to make up the worker's base pay -- essentially stealing the money you're trying to give someone to maximize their profits. Vox reports: At the time, CEO Tony Xu announced in a series of tweets that DoorDash would institute a new model to ensure workers' earnings would "increase by the exact amount a customer tips on every order." Xu promised to provide "specific details in the coming days." The next day, Xu sent out a note to DoorDash workers, broadly outlining changes and letting them know âoewhat to expect in the days ahead." But 27 days later, current DoorDash workers tell Recode that the company's pay and tipping policies have stayed the same. The company has not made any public statements about its worker pay and how it plans to institute the changes, nor has it offered a specific date when it will fulfill its promise. A spokesperson declined to comment about the company's plans to change its tipping policy. Soon after DoorDash's years-long tipping scheme was mentioned in the NYT's report, a class-action lawsuit was filed against the company for misleading its customers about how their tips were used. The lawsuit, filed at the end of July, claims that DoorDash failed to make clear to its customers that tips they gave through its app to couriers were not being allocated as they were intended to be, and that had customers known this, they would not have tipped through the app.

Read more of this story at Slashdot.

카테고리:

Google DeepMind Co-Founder Placed On Leave From AI Lab

Slashdot - 10시간 12분 지남
Mustafa Suleyman, the co-founder of Google's high-profile AI lab DeepMind, has been placed on leave after controversy over some of the projects he led. Bloomberg reports: Mustafa Suleyman runs DeepMind's "applied" division, which seeks practical uses for the lab's research in health, energy and other fields. Suleyman is also a key public face for DeepMind, speaking to officials and at events about the promise of AI and the ethical guardrails needed to limit malicious use of the technology. "Mustafa is taking time out right now after 10 hectic years," a DeepMind spokeswoman said. She didn't say why he was put on leave. He founded DeepMind in 2010 alongside current Chief Executive Officer Demis Hassabis. Four years later, Google bought DeepMind for 400 million pounds (currently $486 million), an ambitious bet on the potential of AI that set off an expensive race in Silicon Valley for specialists in the field. DeepMind soon began working on health-care research, eventually creating a division dedicated to the area. Suleyman, nicknamed "Moose" and whose mother was a nurse, led the development of the DeepMind Health team, building it into a 100-person unit.

Read more of this story at Slashdot.

카테고리:

Moscow's Blockchain Voting System Cracked a Month Before Election

Slashdot - 10시간 52분 지남
An anonymous reader quotes a report from ZDNet: A French security researcher has found a critical vulnerability in the blockchain-based voting system Russian officials plan to use next month for the 2019 Moscow City Duma election. Pierrick Gaudry, an academic at Lorraine University and a researcher for INRIA, the French research institute for digital sciences, found that he could compute the voting system's private keys based on its public keys. This private keys are used together with the public keys to encrypt user votes cast in the election. Gaudry blamed the issue on Russian officials using a variant of the ElGamal encryption scheme that used encryption key sizes that were too small to be secure. This meant that modern computers could break the encryption scheme within minutes. What an attacker can do with these encryption keys is currently unknown, since the voting system's protocols weren't yet available in English, so Gaudry couldn't investigate further. "Without having read the protocol, it is hard to tell precisely the consequences, because, although we believe that this weak encryption scheme is used to encrypt the ballots, it is unclear how easy it is for an attacker to have the correspondence between the ballots and the voters," the French researcher said. "In the worst case scenario, the votes of all the voters using this system would be revealed to anyone as soon as they cast their vote." The Moscow Department of Information Technology promised to fix the reported issue. "We absolutely agree that 256x3 private key length is not secure enough," a spokesperson said in an online response. "This implementation was used only in a trial period. In few days the key's length will be changed to 1024." However, a public key of a length of 1024 bits may not be enough, according to Gaudry, who believes officials should use one of at least 2048 bits instead.

Read more of this story at Slashdot.

카테고리:

Flaws in Cellphone Evidence Prompt Review of 10,000 Verdicts in Denmark

Slashdot - 11시간 32분 지남
The authorities in Denmark say they plan to review over 10,000 court verdicts because of errors in cellphone tracking data offered as evidence. From a report: The country's director of public prosecutions on Monday also ordered a two-month halt in prosecutors' use of cellphone data in criminal cases while the flaws and their potential consequences are investigated. "It's shaking our trust in the legal system," Justice Minister Nick Haekkerup said in a statement. The first error was found in an I.T. system that converts phone companies' raw data into evidence that the police and prosecutors can use to place a person at the scene of a crime. During the conversions, the system omitted some data, creating a less-detailed image of a cellphone's whereabouts. The error was fixed in March after the national police discovered it. In a second problem, some cellphone tracking data linked phones to the wrong cellphone towers, potentially connecting innocent people to crime scenes, said Jan Reckendorff, the director of public prosecutions. "It's a very, very serious case," Mr. Reckendorff told Denmark's state broadcaster. "We cannot live with incorrect information sending people to prison." The authorities said that the problems stemmed partly from police I.T. systems and partly from the phone companies' systems, although a telecom industry representative said he could not understand how phone companies could have caused the errors. The national police determined that the flaws applied to 10,700 court cases dating to 2012, but it is unclear whether the faulty data was a decisive factor in any verdicts. The justice minister set up a steering group to track the extent of the legal problems they may have caused and to monitor the reviews of cases that may have been affected.

Read more of this story at Slashdot.

카테고리:

Intel, Google, Microsoft, and Others Launch Confidential Computing Consortium for Data Security

Slashdot - 12시간 12분 지남
Major tech companies including Alibaba, Arm, Baidu, IBM, Intel, Google Cloud, Microsoft, and Red Hat today announced intent to form the Confidential Computing Consortium to improve security for data in use. From a report: Established by the Linux Foundation, the organization plans to bring together hardware vendors, developers, open source experts, and others to promote the use of confidential computing, advance common open source standards, and better protect data. "Confidential computing focuses on securing data in use. Current approaches to securing data often address data at rest (storage) and in transit (network), but encrypting data in use is possibly the most challenging step to providing a fully encrypted lifecycle for sensitive data," the Linux Foundation said today in a joint statement. "Confidential computing will enable encrypted data to be processed in memory without exposing it to the rest of the system and reduce exposure for sensitive data and provide greater control and transparency for users." The consortium also said the group was formed because confidential computing will become more important as more enterprise organizations move between different compute environments like the public cloud, on-premises servers, or the edge. To get things started, companies made a series of open source project contributions including Intel Software Guard Extension (SGX), an SDK for code protection at the hardware layer.

Read more of this story at Slashdot.

카테고리:

[$] OpenPOWER opens further

lwn.net - 12시간 37분 지남
In what was to prove something of a theme throughout the morning, Hugh Blemings said that he had been feeling a bit like a kid waiting for Christmas recently, but that the day when the presents can be unwrapped had finally arrived. He is the executive director of the OpenPOWER Foundation and was kicking off the keynotes for the second day of the 2019 OpenPOWER Summit North America; the keynotes would reveal the "most significant and impressive announcements" in the history of the project, he said. Multiple presentations outlined a major change in the openness of the OpenPOWER instruction set architecture (ISA), along with various related hardware and software pieces; in short, OpenPOWER can be used by compliant products without paying royalties and with a grant of the patents that IBM holds on it. In addition, the foundation will be moving under the aegis of the Linux Foundation.
카테고리:

CVE-2019-5638

Latest 7 days CVE Lists - 12시간 47분 지남
Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. For example, if a user's password is changed by an administrator due to an otherwise unrelated credential leak, that user account's current session is still valid after the password change, potentially allowing the attacker who originally compromised the credential to remain logged in and able to cause further damage.

CVE-2019-6177

Latest 7 days CVE Lists - 12시간 47분 지남
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Lenovo Vantage or Lenovo Diagnostics in April 2018.

CVE-2019-10687

Latest 7 days CVE Lists - 12시간 47분 지남
KBPublisher 6.0.2.1 has SQL Injection via the admin/index.php?module=report entry_id[0] parameter, the admin/index.php?module=log id parameter, or an index.php?View=print&id[]= request.

CVE-2019-11601

Latest 7 days CVE Lists - 12시간 47분 지남
A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location.

CVE-2019-11602

Latest 7 days CVE Lists - 12시간 47분 지남
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure.

CVE-2019-11603

Latest 7 days CVE Lists - 12시간 47분 지남
A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root.

CVE-2019-13476

Latest 7 days CVE Lists - 12시간 47분 지남
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, XSS in the domain parameter allows a low-privilege user to achieve root access via the email list page.

CVE-2019-14685

Latest 7 days CVE Lists - 12시간 47분 지남
A local privilege escalation vulnerability exists in Trend Micro Security 2019 (v15.0) in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service.

페이지

KLDP 수집기 구독하기