RSS 생중계

Cow Could Soon Be Largest Land Mammal Left Due To Human Activity, Says Study

Slashdot - 5시간 5분 지남
An anonymous reader quotes a report from The Guardian: The cow could be left as the biggest land mammal on Earth in a few centuries, according to a new study that examines the extinction of large mammals as humans spread around the world. The spread of hominims -- early humans and related species such as Neanderthals -- from Africa thousands of years ago coincided with the extinction of megafauna such as the mammoth, the sabre-toothed tiger and the glyptodon, an armadillo-like creature the size of a car. "There is a very clear pattern of size-biased extinction that follows the migration of hominims out of Africa," the study's lead author, Felisa Smith, of the University of New Mexico, said of the study published in the journal Science on Thursday. Humans apparently targeted big species for meat, while smaller creatures such as rodents escaped, according the report, which examined trends over 125,000 years. In North America, for instance, the mean body mass of land-based mammals has shrunk to 7.6kg (17lb) from 98kg after humans arrived. If the trend continues "the largest mammal on Earth in a few hundred years may well be a domestic cow at about 900kg", the researchers wrote. That would mean the loss of elephants, giraffes and hippos. In March, the world's last male northern white rhino died in Kenya.

Read more of this story at Slashdot.

카테고리:

CVE-2018-10305

Latest 7 days CVE Lists - 6시간 6분 지남
The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2.0.15 does not properly use the possible_users variable in a query, which might allow attackers to bypass intended access restrictions.

CVE-2018-10309

Latest 7 days CVE Lists - 6시간 6분 지남
The Responsive Cookie Consent plugin before 1.8 for WordPress mishandles number fields.

CVE-2018-10311

Latest 7 days CVE Lists - 6시간 6분 지남
A vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the tag[pinyin] parameter to the /index.php?m=tags&f=index&v=add URI.

CVE-2018-10312

Latest 7 days CVE Lists - 6시간 6분 지남
index.php?m=member&v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to change the password of a common member.

CVE-2018-10313

Latest 7 days CVE Lists - 6시간 6분 지남
WUZHI CMS 4.1.0 allows persistent XSS via the form%5Bqq_10%5D parameter to the /index.php?m=member&f=index&v=profile&set_iframe=1 URI.

CVE-2018-10316

Latest 7 days CVE Lists - 6시간 6분 지남
Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow.

CVE-2018-10318

Latest 7 days CVE Lists - 6시간 6분 지남
Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata.

CVE-2018-10319

Latest 7 days CVE Lists - 6시간 6분 지남
Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet.

CVE-2018-10320

Latest 7 days CVE Lists - 6시간 6분 지남
Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout.

YouTube Says Computers Helped It Pull Down Millions of Objectionable Videos Last Quarter

Slashdot - 6시간 15분 지남
YouTube says it has successfully trained computers to flag objectionable videos. In the last quarter of 2017, the company reportedly pulled down more than six million of these videos before any users saw them. The news comes from a brief aside in Google CEO Sundar Pichai's scripted remarks during parent company Alphabet's earnings call today. "He said YouTube had pulled down more than six million videos in the last quarter of 2017 after first being flagged by its 'machine systems,' and that 75 percent of those videos 'were removed before receiving a single view,'" reports Recode.

Read more of this story at Slashdot.

카테고리:

Algorithm Automatically Spots 'Face Swaps' In Videos

Slashdot - 6시간 55분 지남
yagoda shares a report from MIT Technology Review: Andreas Rossler at the Technical University of Munich in Germany and colleagues have developed a deep-learning system that can automatically spot face-swap videos. The new technique could help identify forged videos as they are posted to the web. But the work also has sting in the tail. The same deep-learning technique that can spot face-swap videos can also be used to improve the quality of face swaps in the first place -- and that could make them harder to detect. The new technique relies on a deep-learning algorithm that Rossler and co have trained to spot face swaps. These algorithms can only learn from huge annotated data sets of good examples, which simply have not existed until now. In semi-related news, the Screen Actors Guild-American Federation of Television and Radio Artists (SAG-AFTRA) says it's "fighting back" against the dangers posed by new face-swapping technologies that have been used to digitally superimpose the faces of its members onto the bodies of porn stars. "SAG-AFTRA has undertaken an exhaustive review of our collective bargaining options and legislative options to combat any and all uses of digital re-creations, not limited to deepfakes, that defame our members and inhibit their ability to protect their images, voices and performances from misappropriation. We are talking with our members' representatives, union allies, and with state and federal legislators about this issue right now and have legislation pending in New York and Louisiana that would address this directly in certain circumstances. We also are analyzing state laws in other jurisdictions, including California, to make sure protections are in place. To the degree that there are not sufficient protections in place, we will work to fix that..."

Read more of this story at Slashdot.

카테고리:

CVE-2016-9599

Latest 7 days CVE Lists - 7시간 6분 지남
puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values. If SSL is enabled, a malicious user could use these open ports to gain access to unauthorized resources.

CVE-2016-9601

Latest 7 days CVE Lists - 7시간 6분 지남
ghostscript before version 0.14 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image. A document (PostScript or PDF) with an embedded, specially crafted, jbig2 image could trigger a segmentation fault in ghostscript.

CVE-2018-6491

Latest 7 days CVE Lists - 7시간 6분 지남
Local Escalation of Priviledge vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege.

Surface Phone Speculation Spurred By New Phone APIs In Windows

Slashdot - 7시간 35분 지남
Microsoft has been rumored to be working on a "Surface Phone" for years now, with little concrete evidence that such a device actually exists. "But the latest Windows 10 Insider Preview has given new fuel for the speculative fire, it has a set of new APIs for cellular phones," reports Ars Technica. From the report: Windows has had integrated support for cell modems since Windows 8, but this has been restricted to supporting data connections. Telephony -- dialing numbers, placing calls -- has always required either Windows Phone or Windows 10 Mobile. This has made the full Windows 10 unsuitable for a phone. That may be changing. Windows 10 build 17650 -- a preview of Redstone 5, the next Windows update after the delayed April update -- includes some telephony APIs. The new APIs cover support for a range of typical phone features: dialing numbers and contacts, blocking withheld numbers, support for Bluetooth headsets and spearphone mode, and so on and so forth. There also looks to be some kind of video-calling support, suggesting support for 3G or LTE video calling.

Read more of this story at Slashdot.

카테고리:

US Government Weighing Sanctions Against Kaspersky Lab

Slashdot - 8시간 15분 지남
An anonymous reader quotes a report from CyberScoop: The U.S. government is considering sanctions against Russian cybersecurity company Kaspersky Lab as part of a wider round of action carried out against the Russian government, according to U.S. intelligence officials familiar with the matter. The sanctions would be a considerable expansion and escalation of the U.S. government's actions against the company. Kaspersky, which has two ongoing lawsuits against the U.S. government, has been called "an unacceptable threat to national security" by numerous U.S. officials and lawmakers. Officials told CyberScoop any additional action against Kaspersky would occur at the lawsuits' conclusion, which Kaspersky filed in response to a stipulation in the 2018 National Defense Authorization Act that bans its products from federal government networks. If the sanctions came to fruition, the company would be barred from operating in the U.S. and potentially even in U.S. allied countries.

Read more of this story at Slashdot.

카테고리:

Facebook Sued Over Fake Ads

Slashdot - 8시간 55분 지남
shilly writes: British finance expert Martin Lewis is suing Facebook for defamation, after a year of trying to persuade the company to stop accepting scam ads featuring his name and image. Facebook insists that he report to them every time he spots a scam; he wants them to check with him before they take money for an ad featuring his name or picture, so he can tell them if it's legit or not. "Lewis said he would not profit from any damages won, which he would donate to charities combating fraud, but that he hoped the action would prompt the site to stamp out scam adverts," reports The Guardian.

Read more of this story at Slashdot.

카테고리:

CVE-2018-10303

Latest 7 days CVE Lists - 9시간 6분 지남
A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-y0nqfutlf3.

[$] A successful defense against a copyright troll

lwn.net - 9시간 6분 지남

At the 2018 Legal and Licensing Workshop (LLW), which is a yearly gathering of lawyers and technical folks organized by the Free Software Foundation Europe (FSFE), attendees got more details on a recent hearing in a German GPL enforcement case. Marcus von Welser is a lawyer who represented the defendant, Geniatech, in a case that was brought by Patrick McHardy. In the presentation, von Welser was joined by Armijn Hemel, who helped Geniatech in its compliance efforts. The hearing was of interest for a number of reasons, not least because McHardy withdrew his request for an injunction once it became clear that the judge was leaning in favor of the defendants—effectively stopping this case dead in its tracks.

카테고리:

페이지

KLDP 수집기 구독하기