Tekla Perry writes: Researchers at Stanford have demonstrated that they can use ordinary, underground fiber optic cables to monitor for earthquakes, by using innate impurities in the fiber as virtual sensors. "People didn't believe this would work," said one of the researchers. "They always assumed that an uncoupled optical fiber would generate too much signal noise to be useful." They plan a larger test installation in 2018. Their biggest challenge, they say, will not be perfecting the algorithms but rather convincing telcos to allow the technology to piggyback on existing telecommunications lines. Meanwhile, the same data is being used for an art project that visualizes the activity of pedestrians, bicycles, cars, and fountains on the surface above the cables.
On the sidelines of announcing the fifth release candidate for the Linux kernel version 4.14, Linus Torvalds said fuzzing, which involves stress testing a system by generating random code to induce errors, is helping the community find and fix a range of security vulnerabilities. He wrote: The other thing perhaps worth mentioning is how much random fuzzing people are doing, and it's finding things. We've always done fuzzing (who remembers the old "crashme" program that just generated random code and jumped to it? We used to do that quite actively very early on), but people have been doing some nice targeted fuzzing of driver subsystems etc, and there's been various fixes (not just this last week either) coming out of those efforts. Very nice to see.
An anonymous reader writes: Google Chrome engineers are considering adding a special browser permission that will thwart the rising trend of in-browser cryptocurrency miners. Discussions on the topic of in-browser miners have been going on the Chromium project's bug tracker since mid-September when Coinhive, the first such service, launched. "Here's my current thinking," Ojan Vafai, a Chrome engineering working on the Chromium project, wrote in one of the recent bug reports. "If a site is using more than XX% CPU for more than YY seconds, then we put the page into 'battery saver mode' where we aggressively throttle tasks and show a toast [notification popup] allowing the user to opt-out of battery saver mode. When a battery saver mode tab is backgrounded, we stop running tasks entirely. I think we'll want measurement to figure out what values to use for XX and YY, but we can start with really egregious things like 100% and 60 seconds. I'm effectively suggesting we add a permission here, but it would have unusual triggering conditions [...]. It only triggers when the page is doing a likely bad thing." An earlier suggestion had Google create a blacklist and block the mining code at the browser level. That suggestion was shut down as being too impractical and something better left to extensions.
The European Commission has proposed that member states help each other break into encrypted devices by sharing expertise around the bloc. From a report: In an attempt to tackle the rise of citizens using encryption and its effects on solving crimes, the commission decided to sidestep the well-worn, and well-ridiculed, path of demanding decryption backdoors in the stuff we all use. Instead, the plans set out in its antiterrorism measures on Wednesday take a more collegiate approach -- by offering member states more support when they actually get their hands on an encrypted device. "The commission's position is very clear -- we are not in favour of so-called backdoors, the utilisation of systemic vulnerabilities, because it weakens the overall security of our cyberspace, which we rely upon," security commissioner Julian King told a press briefing. "We're trying to move beyond a sometimes sterile debate between backdoors or no backdoors, and address some of the concrete law enforcement challenges. For instance, when [a member state] gets a device, how do they get information that might be encrypted on the device." [...] Share the wealth. "Some member states are more equipped technically to do that [extract information from a seized device] than others," King said. "We want to make sure no member state is at a disadvantage, by sharing the tech expertise among the member states and reinforcing the support that Europol can offer."
An anonymous reader shares a report: California employers can no longer ask job applicants about their prior salary and -- if applicants ask -- must give them a pay range for the job they are seeking, under a new state law that takes effect Jan. 1. AB168, signed Thursday by Gov. Jerry Brown, applies to all public- and private-sector California employers of any size. The goal is to narrow the gender wage gap. If a woman is paid less than a man doing the same job and a new employer bases her pay on her prior salary, gender discrimination can be perpetuated, the bill's backers say. Last year, the state passed a weaker law that said prior compensation, by itself, cannot justify any disparity in compensation. The new bill goes further by prohibiting employers, "orally or in writing, personally or through an agent," from asking about an applicant's previous pay. However, if the applicant "voluntarily and without prompting" provides this information, the employer may use it "in determining the salary for that applicant."
Slashdot turned 20 this month, which is ancient in internet years. How far have we come? Also, we've set up a page to coordinate user meet-ups around the world to celebrate. Read on for the full 20-year history of Slashdot.
An anonymous reader shares a report: Samsung has announced it will soon become possible to run actual proper Linux on its Note8, Galaxy S8 and S8+ smartphones -- and even Linux desktops. Yeah, yeah, we know Android is built on Linux, but you know what we mean. Samsung said it's working on an app called "Linux on Galaxy" that will let users "run their preferred Linux distribution on their smartphones utilizing the same Linux kernel that powers the Android OS." "Whenever they need to use a function that is not available on the smartphone OS, users can simply switch to the app and run any program they need to in a Linux OS environment," Samsung says. The app also allows multiple OSes to run on a device. Linux desktops will become available if users plug their phones into the DeX Station, the device that lets a Galaxy 8 run a Samsung-created desktop-like environment when connected to the DeX and an external monitor.
Canonical has made available the download links for Ubuntu 17.10 "Artful Aardvark". It comes with a range of new features, changes, and improvements including GNOME as the default desktop, Wayland display server by default, Optional X.org server session, Mesa 17.2 or Mesa 17.3, Linux kernel 4.13 or kernel 4.14, new Subiquity server installer, improved hardware support, new Ubuntu Server installer, switch to libinput, an always visible dock using Dash to Dock GNOME Shell extension, and Bluetooth improvements with a new BlueZ among others.
From a report: Multiple U.S. security consultants and other industry sources tell The Daily Beast customers are dropping their use of Kaspersky software all together, particularly in the financial sector, likely concerned that Russian spies can rummage through their files. Some security companies are being told to only provide U.S. products. And former Kaspersky employees describe the firm as reeling, with department closures and anticipation that researchers will jump ship soon. "We are under great pressure to only use American products no matter the technical or performance consequences," said a source in a cybersecurity firm which uses Kaspersky's anti-virus engine in its own services. The Daily Beast granted anonymity to some of the industry sources to discuss internal deliberations, as well as the former Kaspersky employees to talk candidly about recent events.
An anonymous reader quotes a report from Bloomberg: Within the upper echelons of many financial firms, there's a lot of soul searching as executives prepare to roll out a new generation of technology. Publicly, they're upbeat, predicting machines will perform almost all repetitive tasks, freeing humans to focus on more valuable pursuits. Privately, many confide to peers, consultants and sometimes journalists that they're worried about what will happen to their staffs -- and what to tell them. There's also uncertainty. Maybe it's all overblown, executives say, because the tech will be hard to implement and humans will find new roles. Or perhaps it's the beginning of the end for legions of professionals in one of the world's most lucrative fields. Can jobs held by office-dwelling millionaires disappear like those on factory floors? The result, is that employees aren't getting a clear message on what's to come.
For a rosy scenario, look to McKinsey & Co. In July, the consulting firm published a report estimating machines are ready to assume roughly a third of the work now performed by banks' rank and file. The authors framed it as positive: People will have more time to tend to clients, conduct research or brainstorm ideas. So far, it noted, firms at the forefront aren't slashing jobs. At JPMorgan Chase & Co., one of the most tech-savvy banks, Chief Executive Officer Jamie Dimon predicted in June that his workforce will more likely grow than shrink over the next 20 years. Technology may displace workers, he's said, but it also creates opportunities. Yet in interviews, about a dozen Wall Street executives and consultants responsible for deploying technologies -- and steeped in their capabilities -- were more bearish on humans. Machines will take over task after task, they said, and banks simply won't need nearly as many people.
The world's first floating offshore wind farm began delivering electricity to the Scottish grid today. "The 30MW installation, situated 25km (15.5mi) from Peterhead in Aberdeenshire, Scotland, will demonstrate that offshore wind energy can be harvested in deep waters, miles away from land, where installing giant turbines was once impractical or impossible," reports Ars Technica. "At peak capacity, the wind farm will produce enough electricity to power 20,000 Scottish homes." From the report: The installation, called Hywind Scotland, is also interesting because it was built by Statoil, a Norwegian mega-corporation known for offshore oil drilling. Statoil has pursued offshore wind projects in recent years, using the companyâ(TM)s experience building and managing infrastructure in difficult open sea conditions to its advantage. Hywind Scotland began producing power in September, and today it starts delivering electricity to the Scottish grid. Now, all that's left is for Statoil and its partner company Masdar to install a 1MWh lithium-ion battery, charmingly called âoeBatwind,â on shore. Batwind will help the offshore system regulate power delivery and optimize output. After a number of small demonstration projects, the five 6MW turbines are the first commercial turbines to lack a firm attachment to the seafloor. They're held in place using three giant suction anchors, which are commonly used in offshore oil drilling. Essentially, an enormous, empty, upside-down âoebucketâ is placed on the seafloor, and air is sucked out of the bucket, which forces the bucket downward, further into the seafloor sediment. The report mentions a 2013 video that shows how offshore wind farms work.
If you bought a Kindle e-book between April 2010 and May 2012, you might see some Amazon credit coming your way. The company is reportedly distributing funds from an antitrust lawsuit that it levied at Apple in 2013. From a report: Amazon has set up a website listing the available credits, and it has begun sending out emails this morning to U.S. customers who are eligible for a refund. Apple and a handful of book publishers, including Penguin, HarperCollins, Machete Book Group and Macmillan, were found guilty of conspiring to inflate the prices of e-books in order to weaken Amazon's grip on the market. While the book publishers settled out of court, Apple decided to fight the lawsuit and appealed several times. Eventually, it was ordered to pay a total of $450 million in the protracted antitrust case.
Several refunds have already been distributed because of the lawsuit. In fact, the bulk of credits were sent out in 2014 and 2016. The round of credits being sent out today comes from an earmarked $20 million meant to pay states involved in the suit. The Amazon credits have a six-month shelf life and must be spent by April 20, 2018, or they'll expire. In addition the Amazon credits, customers may also be receiving Apple credits that can be used toward iBooks, iTunes and App Store purchases. Apple is currently notifying eligible customers via email.
An anonymous reader quotes a report from The Guardian: The abundance of flying insects has plunged by three-quarters over the past 25 years, according to a new study that has shocked scientists. Insects are an integral part of life on Earth as both pollinators and prey for other wildlife and it was known that some species such as butterflies were declining. But the newly revealed scale of the losses to all insects has prompted warnings that the world is "on course for ecological Armageddon," with profound impacts on human society. The new data was gathered in nature reserves across Germany but has implications for all landscapes dominated by agriculture, the researchers said. The cause of the huge decline is as yet unclear, although the destruction of wild areas and widespread use of pesticides are the most likely factors and climate change may play a role. The scientists were able to rule out weather and changes to landscape in the reserves as causes, but data on pesticide levels has not been collected. The research, published in the journal Plos One, is based on the work of dozens of amateur entomologists across Germany who began using strictly standardized ways of collecting insects in 1989.
schwit1 shares a report from The Independent: The stereotype of a tortured genius may have a basis in reality after a new study found that people with higher IQs are more at risk of developing mental illness. A team of U.S. researchers surveyed 3,715 members of American Mensa with an IQ higher than 130. An "average IQ score" or "normal IQ score" can be defined as a score between 85 and 115. The team asked the Mensa members to report whether they had been diagnoses with mental illnesses, including autism spectrum disorder (ASD) and attention deficit hyperactivity disorder (ADHD). They were also asked to report mood and anxiety disorders, or whether the suspected they suffered from any mental illnesses that had yet to be diagnosed, as well as physiological diseases, like food allergies and asthma. After comparing this with the statistical national average for each illness they found that those in the Mensa community had considerably higher rates of varying disorders. While 10 per cent of the general population were diagnosed with anxiety disorder, that rose to 20 percent among the Mensa community, according to the study which published in the Science Direct journal.
New submitter ctilsie242 writes: Many years ago, it was said that we would have a "cyber 9/11," a security event so drastic that it fundamentally would change how companies and people thought about security. However, this has not happened yet (mainly because the bad guys know that this would get organizations to shut their barn doors, stopping the gravy train.) With the perception that security has no financial returns, coupled with the opinion that "nobody can stop the hackers, so why even bother," what can actually be done to get businesses to have an actual focus on security. The only "security" I see is mainly protection from "jailbreaking," so legal owners of a product can't use or upgrade their devices. True security from other attack vectors are all but ignored. In fact, I have seen some development environments where someone doing anything about security would likely get the developer fired because it took time away from coding features dictated by marketing. I've seen environments where all code ran as root or System just because if the developers gave thought to any permission model at all, they would be tossed, and replaced by other developers who didn't care to "waste" their time on stuff like that. One idea would be something similar to Underwriters Labs, except would grade products, perhaps with expanded standards above the "pass/fail" mark, such as Europe's "Sold Secure," or the "insurance lock" certification (which means that a security device is good enough for insurance companies to insure stuff secured by it.) There are always calls for regulation, but with regulatory capture being at a high point, and previous regulations having few teeth, this may not be a real solution in the U.S. Is our main hope the new data privacy laws being enacted in Europe, China, and Russia, which actually have heavy fines as well as criminal prosecutions (i.e. execs going to jail)? This especially applies to IoT devices where it is in their financial interest to make un-upgradable devices, forcing people to toss their 1.0 lightbulbs and buy 1.0.1 lightbulbs to fix a security issue, as opposed to making them secure in the first place, or having an upgrade mechanism. Is there something that can actually be done about the general disinterest by companies to make secure products, or is this just the way life is now?
한국LUG 사이트는 1024 x 768 해상도(운영자 노트북:14")에 최적화 되어 있습니다. : LINUX FANSITE
WWW.LUG.OR.KR Server is made by CentOS Linux, P4 1.8G, Memory 512MB, Main HDD 160GB, Backup HDD 40GB and LAMP, qmail MTA.
CentOS Linux & Mozilla Firefox UTF-8 Base Created.
1998-2017 www.lug.or.kr Directed By Great Dragon, Kim.
LUG 포인트 정책 : [회원가입 : +100점] [로그인(하루한번) : +100점] [글쓰기 : +20점] [코멘트 : +10점] [다운로드 : -200점] [질문 포인트 : 최소 200점]
데스크탑 프로그래밍(gcc, g++, wxGTK[wxWidgets] 등)은 "Fedora"를 사용하고, 서버 운영(WEB, FTP 등)은 "CentOS"를 사용하시길 권장합니다.
도전하는자, 자신을 투자하는자만이 뜻하는바를 이룰 수 있다.
Information should be Exchanged with Interactive, not One Way Direction.
관리자 Be Maker!
인생에서, 100% 순이익을 보장하는건 없다. 1%의 지식을 나눔으로써, 가끔씩 손해볼 필요도 있다.
그대가 가진 1%의 지식만이라도 공공을 위해 포스팅하라. 손해본다는 생각이 앞선다면 그대의 인생은 힘들어질것이다.
자신이 가진 지식의 1%도 투자하지 않고, 오로지 자신의 이익만 탐하는자와는 동지가 되지마라.
만나서 대화하면 모두 좋은 사람들이지만, 유독 인터넷에서만 자신을 밝히지 않고, 좀비로 서식하는 사람들이 많다.
부지불식간[不知不識間], 좀비(하류) 인생이 될지도 모르니, 항상 자신을 경계하도록 하라.
1. CentOS Linux
2. gcc로 공부하는 C++