Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Bug

Staff Breach At OneLogin Exposes Password Storage Feature (cso.com.au)

River Tam quotes a report from CSO Australia: Enterprise access management firm OneLogin has suffered an embarrassing breach tied to a single employee's credentials being compromised. OneLogin on Tuesday revealed the breach affected a feature called Secure Notes that allowed its users to "store information." That feature however is pitched to users as a secure way to digitally jot down credentials for access to corporate firewalls and keys to software product licenses. The firm is concerned Secure Notes was exposed to a hacker for at least one month, though it may have been from as early as July 2 through to August 25, according to a post by the firm. Normally these notes should have been encrypted using "multiple levels of AES-256 encryption," it said in a blog post. Several thousand enterprise customers, including high profile tech startups, use OneLogin for single sign-on to access enterprise cloud applications. The company has championed the SAML standard for single sign-on and promises customers an easy way to enable multi-factor authentication from devices to cloud applications. But it appears the company wasn't using multi-factor authentication for its own systems. OneLogin's CISO Alvaro Hoyos said a bug in its software caused Secure Notes to be "visible in our logging system prior to being encrypted and stored in our database." The firm later found out that an employees compromised credentials were used to access this logging system. The company has since fixed the bug on the same day it detected the bug. CSO adds that the firm "also implemented SAML-based authentication for its log management system and restricted access to a limited set of IP addresses."
Businesses

One of Europe's Biggest Companies Loses 40 Million Euros In Online Scam (softpedia.com) 19

An anonymous reader writes from a report via Softpedia: Leoni AG, Europe's biggest manufacturer of wires and electrical cables and the fourth-largest vendor in the world, announced it lost 40 million euros ($44.6 million) following an online scam that tricked one of its financial officers into transferring funds to the wrong bank account. A subsequent investigation revealed that attackers had scouted the company's network and procedures, and identified a weak spot to attack. According to authorities, a young woman working as CFO at Leoni's Bistrita factory in Romania was the target of the scam, when she received an email spoofed to look like it came from one of the company's top German executives asking her to transfer funds to a bank account. According to unconfirmed information, the money stolen from Leoni's Bistrita branch ended up in bank accounts in the Czech Republic. The FBI says this type of attack is known as CEO fraud, whaling, or BEC (Business Email Compromise), and has defrauded companies around the world of over $3 billion since October 2013.
Printer

3D-Printed Aircraft Tool Sets Guinness World Record (networkworld.com) 16

coondoggie quotes a report from Network World: A 17.5 foot long, 5.5 foot wide and 1.5 foot tall the 3D printed aircraft design tool has earned the title of largest solid 3D printed item by Guinness World Records. The 1,650 lb. apparatus known as a trim-and-drill tool is comparable in length to a large sport utility vehicle and will ultimately be tested for use in building the Boeing 777X passenger jet. Basically the tool will be used to secure the jet's composite wing skin for drilling and machining before assembly, according to researchers at the Department of Energy's Oak Ridge National Laboratory (ONRL) who developed the tool. "The existing, more expensive metallic tooling option we currently use comes from a supplier and typically takes three months to manufacture using conventional techniques," said Leo Christodoulou, Boeing's director of structures and materials in a statement. "Additively manufactured tools, such as the 777X wing trim tool, will save energy, time, labor and production cost and are part of our overall strategy to apply 3D printing technology in key production areas."
Android

Samsung Unveils Gear S3 Classic and Frontier Smartwatches Powered By Tizen (hothardware.com) 10

MojoKid quotes a report from HotHardware: Samsung just wrapped up an event at the IFA expo in Berlin, where the company unveiled two new Gear S3 branded smartwatches. The new Samsung Gear S3 Classic and Gear S3 Frontier leverage many of the design elements from last-year's Gear S2 -- like their Tizen OS, rotating control dial, round display, and fast wireless charging. However, other aspects of the Gear S3 have received significant upgrades. Although they are internally similar, there are a few external differences between the Gear S3 Classic and Frontier. The Gear S3 Classic is the sleeker, more streamlined version of the two. The Classic has a polished finish, with round buttons at the 2 and 4 o'clock positions and no addition protrusions on its chassis. The Gear S3 Frontier is more rugged and has a darker, brushed finish, with flat, rectangular textured buttons and protrusions on either side of the body to shield the buttons from accidental presses. Both the Gear S3 Classic and Frontier are also outfitted with Gorilla Glass SR to protect their circular, Super AMOLED displays, and they're both compatible with industry standard 22mm watch bands too. They are also IP68 rated, so they're able to withstand dust and dirt, and water resistant for up to 30 minutes under 1.5 meters of water. Depending on how heavily these devices are used, Samsung claims they can last roughly 3 -- 4 days on a single charge. They also have support for NFC (compatible with Samsung Pay), Wi-Fi, Bluetooth, and have built-in heart rate monitors, altimeter/barometer, and GPS as well.
AI

Google's DeepMind To Apply AI In Head and Neck Cancer Treatments (thestack.com) 8

An anonymous reader quotes a report from The Stack: Google's DeepMind team has partnered with British hospital doctors on an oral cancer program hoping to cut planning times for radiotherapy treatments. After recently announcing a partnership with London's Moorfields Eye Hospital to use its machine learning technologies to speed up the diagnoses of eye conditions, DeepMind has confirmed a new initiative at the University College London Hospitals (UCLH) NHS Foundation Trust. According to Google's artificial intelligence unit, cancer treatments including radiotherapy involve complicated design and planning, especially when they involve the head and neck. Treatments need to obliterate cancerous cells while avoiding any healthy surrounding cells, nerves, and organs. UCLH plans to work with DeepMind to explore whether machine learning can reduce planning time for these treatments, particularly for the image segmentation process which involves clinicians taking CT and MRI scans to build a detailed map of the areas to be treated. The report adds: "DeepMind algorithms will be set to work on an anonymized collection of 700 radiology scans from former oral cancer patients, learning from the historical data in order to draw its own conclusions without human support."
Intel

Lenovo's 'Yoga Book' Laptop Is So Thin It Needs A Touchscreen Keyboard (gizmodo.com) 54

An anonymous reader writes: At IFA in Berlin, Lenovo announced the Yoga Book, a laptop that measures in at just 0.38-inches thick, making it the thinnest laptop currently available. In order for it to retain such a slim profile, the keyboard needed to be redesigned. The Yoga Book features what is called the Halo Keyboard, a touchscreen keyboard that is separated from the display and doubles as a drawing tablet. Gizmodo reports: "Officially it's called the Halo Keyboard, and if you've ever tried to quickly type on a tablet's software keyboard than you'll be familiar with the experience. Only it's a little nicer because the keyboard is separated from the display, so it doesn't suck up screen real estate, and it has a pleasantly rough texture. It's also got haptic feedback, which in the case of a touchscreen keyboard is sort of like sticking lipstick on the pig. A press of a button turns the keys off and turns the keyboard into a drawing tablet. From there, it behaves a lot like a Wacom tablet, directly reporting pen input into your chosen app. It even reads pen inputs through paper laid over the input panel." Some other specs of this 2-in-1 laptop/tablet include an Intel Atom processor, 64GB of onboard storage with support for a microSD card, 13 hours of battery life, 4G LTE, 802.11 AC Wi-Fi, front and rear cameras, and a 10.1-inch, 1080p display.
Transportation

Senate Committee Expected To OK Autonomous Car Bills in Michigan (detroitnews.com) 55

Michael Wayland, and Melissa Burden, reporting for The Detroit News: Michigan legislators could vote as early as next week on sweeping autonomous vehicle bills that would allow self-driving cars on any Michigan road without a human driver behind the wheel. The Senate's Economic Development and International Investment Committee is holding a public hearing on the bills at 10 a.m. Wednesday at Nexteer Automotive, 3900 E. Holland, in Buena Vista Township in Saginaw County. The seven-member committee is expected to send the bills to the Senate floor for a vote as early as Tuesday. If approved, the bills would need approval of the House before heading to Gov. Rick Snyder's desk. "We're very, very sure that this is going to move out of committee tomorrow," Sen. Mike Kowall, R-White Lake Township, who introduced the legislation, told The Detroit News on Tuesday. "We've aired out just about everything over the sun."
Government

FDA Finds Flaws In Theranos' Zika Tests (techcrunch.com) 37

An anonymous reader quotes a report from TechCrunch: This past week, the U.S. Food and Drug Administration mandated testing for the Zika virus at all U.S. blood centers. That juices demand for Zika-testing technology, but one company that isn't welcome to provide it yet is Theranos. The beleaguered blood analysis startup has run afoul of the FDA, yet again, The Wall Street Journal reports (Warning: may be paywalled). Specifically, regulators found that in developing and testing a new Zika-diagnostic technology, Theranos failed to use proper patient safety protocols, the type approved by an institutional review board. Such protocols are critical in ensuring the ethical treatment of patients involved in studies, and their safety. Theranos had sought the same FDA authorization, but voluntarily withdrew its request once regulators called the startup out, this time, on the safety protocols issue.
Earth

SETI's 'Strong Signal' Came From Earth (arstechnica.com) 89

Yesterday, it was reported that Russia has detected a strong signal around 11 GHz coming from HD164595, a star nearly identical in mass to the Sun and located about 95 light years away from Earth. Well, long story short the signal came Earth. Ars Technica reports: "First, astronomers with the search for extraterrestrial intelligence downplayed the possibility of an alien civilization. 'There are many other plausible explanations for this claimed transmission, including terrestrial interference,' Seth Shostak, a senior astronomer with SETI, wrote. Now the Special Astrophysical Observatory of the Russian Academy of Sciences has concurred, releasing a statement on the detection of a radio signal at the RATAN-600 radio astronomy observatory in southern Russia. 'Subsequent processing and analysis of the signal revealed its most probable terrestrial origin,' the Russian scientists said."
Businesses

No Coding in Palo Alto? City Takes On Silicon Valley Growth (siliconbeat.com) 204

An anonymous reader writes:The birthplace of Hewlett Packard and Xerox Parc and founding place of Facebook is now considering whether to enforce a zoning regulation banning firms whose "primary business is research and development, including software coding," according to the New York Times. As the Times wrote, "To repeat: The mayor is considering enforcing a ban on coding at ground zero of Silicon Valley." Palo Alto Mayor Patrick Burt told the Times: Big tech companies are choking off the downtown. It's not healthy. Palo Alto is a software capital. It has also become a company town, with Palantir Technologies renting 20 downtown buildings, as Marisa Kendall wrote. Other notable tech firms there include Tesla, SAP, Flipboard, VMWare and many others. It has become a center for automation and cars and is home to Ford's research and development center.
Google

Google Search For Android Now Finds Info Hidden Inside Apps (pcworld.com) 23

An anonymous reader writes: First Google created a centralized place to search the web, and now Google has a centralized spot to search your Android phone. The company just announced a new feature for the Google App called In Apps. As its name implies, In Apps lets you search for content inside your Android apps, such as a specific song, contact, or note in Google Keep. To start, the new feature will only work with a select number of apps, including Gmail, Spotify, and YouTube. Google also has plans to add Evernote, Facebook Messenger, Glide, Google Keep, LinkedIn, and Todoist in the coming months. All app searches happen on your device itself, not Google's servers, which means you don't need an Internet connection to use the feature. It's not clear how often the app will index your content or how much of a hit it will take on your battery or device performance.
Windows

Acer Unveils Slim Windows 10 Notebooks, Convertible Chromebook, Curved Screen Laptop (zdnet.com) 41

Ahead of this week's IFA consumer electronics trade show in Berlin, Acer has unveiled a range of notebook computers. The company has a new 13-inch Chromebook R 13 laptop, which it says can also be used as a tablet. There's a new line of Windows 10 Swift notebooks and Spin convertible laptops that are powered by Intel's just unveiled seventh generation Core processors. The Chromebook R13 sports a screen resolution of 1920x1080 pixels, and is powered by a MediaTek quad-core processor coupled with 4GB of RAM. It also houses a USB Type-C, USB 3.0, and HDMI ports. It offers as much as 12-hour of battery life. ZDNet adds:The 14-inch Spin 7 features an aluminium unibody design and is powered by an Intel Core i7 processor, with up to 8GB RAM, and 256 GB solid state disk storage. It weighs 1.2 kg (2.6 pounds) with a width of 10.98mm (0.43 inches). It also includes two USB 3.1 Type-C ports. The Spin 7 goes on sale in the US and Europe in October, with prices starting at $1,199 and 1,299 euro respectively. Heading up Acer's ultra-slim lineup is the aluminium construction, black and gold Swift 7. It features a 13.3-inch full-HD IPS display and Intel 7th generation i5 processor, with a 256GB SSD and 8GB RAM. It boasts fast wireless and dual USB 3.1 Type-C ports. Acer is promising nine hours of battery life for the device, which weighs 1.1kg (2.48 pounds) and has a height of 9.98mm (0.39 inches), making it the slimmest in the Swift series. It will be available in the US and Europe in October from $999 and 1,299 euro respectively.
Operating Systems

Fedora 25 Alpha Linux Distro Now Available (betanews.com) 35

An anonymous reader writes: Today, Fedora 25 Alpha sees a release. While the pre-release distribution is not ready for end users, it does give testers an early start at poking around.
Keep in mind what an Alpha release is folks -- this is pre-Beta. In other words, it is littered with bugs, and you should definitely not run it on a production machine. There are already some show-stopping known issues -- a couple are related to dual-booting with Windows (scary). One bug can destroy OS X data when dual-booting on a Mac!

NASA

EmDrive: NASA Eagleworks' Peer-Reviwed Paper Is On Its Way (ibtimes.co.uk) 404

An anonymous reader quotes a report from International Business Times UK: An independent scientist has confirmed that the paper by scientists at the NASA Eagleworks Laboratories on achieving thrust using highly controversial space propulsion technology EmDrive has passed peer review, and will soon be published by the American Institute of Aeronautics and Astronautics (AIAA). Dr Jose Rodal posted on the NASA Spaceflight forum -- in a now-deleted comment -- that the new paper will be entitled "Measurement of Impulsive Thrust from a Closed Radio Frequency Cavity in Vacuum" and is authored by "Harold White, Paul March, Lawrence, Vera, Sylvester, Brady and Bailey." Rodal also revealed that the paper will be published in the AIAA Journal of Propulsion and Power, a prominent journal published by the AIAA, which is one of the world's largest technical societies dedicated to aerospace innovations. Although Eagleworks engineer Paul March has posted several updates on the ongoing research to the NASA Spaceflight forum showing that repeated tests conducted on the EmDrive in a vacuum successfully yielded thrust results that could not be explained by external interference, those in the international scientific community who doubt the feasibility of the technology have long believed real results of thrust by Eagleworks would never see the light of day.
Android

Google To Drop Nexus Brand Name, Move Away From Stock Android (theverge.com) 178

tripleevenfall quotes a report from The Verge: Google's newest smartphones won't be Nexus devices after all. According to Android Central, Google is dropping the Nexus branding with its two upcoming, HTC-made smartphones. Instead, the company is expected to market the devices under a different name and to lean heavily on the Google brand in the process. This shift is more than just symbolic. The report states Google will load the devices with a special version of Android Nougat, as opposed to the standard "vanilla" version of the operating system that's shipped on past and current Nexus devices. Android Police reported earlier this month that Google may remove the Nexus branding from its upcoming smartphones and replace it with a "G" logo. It's too early to tell which direction Google is taking with its upcoming Android Nougat smartphones. Google has spent years marketing the Nexus brand as a hardware entity, while Google has reserved its own name for software services.
Space

SpaceX Finds a Customer For Its First Reused Rocket (arstechnica.com) 111

What do you do after you successfully land a rocket on a floating barge in the Atlantic? You reuse it. SpaceX has been on the hunt for someone to reuse some of its first-stage Falcon boosters, and now SpaceX has finally found a customer. Ars Technica reports: "The Luxembourg-based satellite operator SES said Tuesday that it intends to launch a geostationary satellite, SES 10, on a reusable rocket in the fourth quarter of this year. SpaceX has not yet specified how much it will charge for launch services on one of its flown boosters, but industry officials anticipate about a 30 percent discount on SpaceX's regular price of $62 million for a Falcon 9 launch. The company has not shared how much it is spending to refurbish and reuse a Falcon 9 stage, nor has it offered much public information about the extent to which the vehicle's engines have had to be tested and prepared for a second flight." "Having been the first commercial satellite operator to launch with SpaceX back in 2013, we are excited to once again be the first customer on SpaceX's first ever mission using a flight-proven rocket," said Martin Halliwell, Chief Technology Officer at SES. "We believe reusable rockets will open up a new era of spaceflight and make access to space more efficient in terms of cost and manifest management."
The Internet

Researchers Map Locations of 4,669 Servers In Netflix's Content Delivery Network (ieee.org) 54

Wave723 writes from a report via IEEE Spectrum: For the first time, a team of researchers has mapped the entire content delivery network that brings Netflix to the world, including the number and location of every server that the company uses to distribute its films. They also independently analyzed traffic volumes handled by each of those servers. Their work allows experts to compare Netflix's distribution approach to those of other content-rich companies such as Google, Akamai and Limelight. To do this, IEEE Spectrum reports that the group reverse-engineered Netflix's domain name system for the company's servers, and then created a crawler that used publicly available information to find every possible server name within its network through the common address nflxvideo.net. In doing so, they were able to determine the total number of servers the company uses, where those servers are located, and whether the servers were housed within internet exchange points or with internet service providers, revealing stark differences in Netflix's strategy between countries. One of their most interesting findings was that two Netflix servers appear to be deployed within Verizon's U.S. network, which one researcher speculates could indicate that the companies are pursuing an early pilot or trial.
The Courts

Revived Lawsuit Says Twitter DMs Are Like Handing ISIS a Satellite Phone (theverge.com) 189

An anonymous reader quotes a report from The Verge: A long-standing lawsuit holding Twitter responsible for the rise of ISIS got new life today, as plaintiffs filed a revised version of the complaint (PDF) that was struck down earlier this month. In the new complaint, the plaintiffs argue Twitter's Direct Message service is akin to providing ISIS with physical communications equipment like a radio or a satellite phone. The latest complaint is largely the same as the one filed in January, but a few crucial differences will be at the center of the court's response. The plaintiffs also offer new arguments for why Twitter might be held responsible for the attack. In the dismissal earlier this month (PDF), District Judge William Orrick faulted the plaintiffs for not articulating a case for why providing access to Twitter's services constituted material aid to ISIS. "Apart from the private nature of Direct Messaging, plaintiffs identify no other way in which their Direct Messaging theory seeks to treat Twitter as anything other than a publisher of information provided by another information content provider," the ruling reads. At the same time, the judge found that the privacy of those direct messages "does not remove the transmission of such messages from the scope of publishing activity." The new complaint includes some language that might address that concern, explicitly comparing Twitter to other material communication tools. "Giving ISIS the capability to send and receive Direct Messages in this manner is no different than handing it a satellite phone, walkie-talkies or the use of a mail drop," the new complaint reads, "all of which terrorists use for private communications in order to further their extremist agendas." The Safe Harbor clause has been used in the past to protect service providers from liability for hosting data on their network. However, "Brookings Institute scholar Benjamin Witters argued against protecting Twitter under the Safe Harbor clause, claiming that the current reasoning would also protect companies that actively offer services in support of terrorists."
Java

Slashdot Asks: What Are Your Favorite Java 8 Features? (infoworld.com) 371

New submitter liveedu shares with us a report from InfoWorld: When Java 8 was released two years ago, the community graciously accepted it, seeing it as a huge step toward making Java better. Its unique selling point is the attention paid to every aspect of the programming language, including JVM (Java Virtual Machine), the compiler, and other help-system improvements. Java is one of the most searched programming languages according to TIOBE index for July 2016, where Java ranks number one. Its popularity is also seen on LiveCoding, a social live coding platform for engineers around the world, where hundreds and thousands of Java projects are broadcasted live. InfoWorld highlights five Java 8 features for developers in their report: lambda expressions, JavaScript Nashorn, date/time APIs, Stream API and concurrent accumulators. But those features only scratch the surface. What makes Java 8 amazing in your opinion? What are your favorite Java 8 features that help you write high quality code? You can view the entire list of changes made to the programming language here.

Slashdot Top Deals