An anonymous reader quotes a report from The Stack: WikiLeaks has released a new set of documents in the CIA Vault 7 leak, outlining the "Dumbo" hacking tool which allows control of webcams and microphones. The release explains that the tool is capable of completely suspending processes on webcams and corrupting video recordings. Dumbo's is tasked specifically with gaining and exploiting physical access to target computers used in CIA field operations, the release notes. According to WikiLeaks, the tool allows for the identification, control and manipulation of monitoring and detection systems, such as webcams and microphones, running the Microsoft Windows operating system. The technology first identifies all installed devices, whether they are connected locally, wirelessly, or across wired networks. Once Dumbo has detected all of these devices, it identifies all the related processes, which may include recording, monitoring or detection of video, audio and network streams. These operations can then be suspended by the operator. "By deleting or manipulating recordings the operator is aided in creating fake or destroying actual evidence of the intrusion operation," the release added. Dumbo does require direct access to the target computer and is run from a USB stick. The release states that it supports 32bit Windows XP, Windows Vista, and newer versions of Windows operating system. However, 64bit Windows XP and Windows versions prior to XP are not supported.

Mozilla has launched a new website that makes it really easy to send a file from one person to another. From a report: The site is called Send, and it's basically the Snapchat of file sharing: after a file has been downloaded once, it disappears for good. That might sound like a gimmick, but it underscores what the site is meant for. It's designed for quick and private sharing between two people -- not for long-term hosting or distributing files to a large group. It supports files up to 1GB, and after uploading something, it'll give you a link to send to someone else. That link will expire once they've downloaded it or once 24 hours have passed.

On July 29, 2017, Hyperloop One competed a test at its full-scale Nevada test track that travelled a high speed, running nearly the entirety of the 500 meter (1640 foot) test route. "XP-1, the company's first Hyperloop pod, reached speeds of up to 192 mph during the test, which is getting closer to the planned functional speeds of future Hyperloop installations planned for Dubai elsewhere," reports TechCrunch. From the report: The new test breaks the recorded speed record for any Hyperloop tests ever conducted, including those done by research organizations participating in SpaceX's pod design competition. It was conducted on July 29, 2017, and included a 300 meter acceleration phase, with gradual breaking to come to a stop after that point. Hyperloop One depressurized the tube for the test track down to conditions similar to those at 200,000 feet above sea level, which is part of the Earth's atmosphere where there is very little friction and resistance to the rarified air. The company says that all aspects of the system, from motors, to electronics, to the vacuum pump and magnetic levitation mechanism worked well during the test.

IBM and Sony have developed a new magnetic tape system capable of storing 201 gigabits of data per square inch, for a max theoretical capacity of 330 terabytes in a single palm-sized cartridge. From a report: To achieve such a dramatic increase in areal density, Sony and IBM tackled different parts of the problem: Sony developed a new type of tape that has a higher density of magnetic recording sites, and IBM Research worked on new heads and signal processing tech to actually read and extract data from those nanometre-long patches of magnetism. Sony's new tape is underpinned by two novel technologies: an improved built-in lubricant layer, which keeps it running smoothly through the machine, and a new type of magnetic layer. Usually, a tape's magnetic layer is applied in liquid form, kind of like paint -- which is one of the reasons that magnetic tape is so cheap and easy to produce in huge quantities. In this case, Sony has instead used sputter deposition, a mature technique that has been used by the semiconductor and hard drive industries for decades to lay down thin films.

In a blog post, Trevor Elkins points out the large sizes of common apps like LinkedIn and Facebook. "I went to update all my apps the other day when something caught my eye... since when does LinkedIn take up 275MB of space?!" Elkins wrote. "In fact, the six apps in this picture average roughly 230MB in size, 1387MB in total. That would take an 8Mbit internet connection 24 minutes to download, and I'd still be left with 27 additional apps to update! More and more companies are adopting shorter release cycles (two weeks or so) and it's becoming unsustainable as a consumer to update frequently."

Should Apple do something to solve this "systematic" problem? Elkins writes, "how does an app that occasionally sends me a connection request and recruiter spam take up 275MB?"

Further discussion via Hacker News.

An anonymous reader quotes a report from Bloomberg: Facebook Inc. is working on a video chat device for the home -- the first major hardware product from its experimental Building 8 lab. Featuring a laptop-sized touchscreen, the device represents a new product category and could be announced as soon as next spring's F8 developer conference, according to people familiar with the matter. They say the large screen and smart camera technology could help farflung people feel like they're in the same room, which aligns with Chief Executive Officer Mark Zuckerberg's mission of bringing Facebook users closer together. The device is in the prototype phase but is already being tested in people's homes. Geared to the living room, the video chat device will feature a wide-angle camera lens, microphones and speakers that are all powered by artificial intelligence to boost performance, the people said. A version of the device in testing includes a thin, vertical stand that holds a large touchscreen measuring between 13 and 15 inches diagonally, the people said. Facebook has considered running a version of the Android operating system on its device instead of building its own core operating system, according to the people. Facebook is testing a feature that would allow the camera to automatically scan for people in its range and lock onto them, one of the people said. Facebook is also working on a standalone smart speaker to compete with the Amazon Echo and Google Home, reports Bloomberg. The social media giant is "hiring Apple veterans to help create a Siri-style voice assistant that would run on both devices."

Brad Plumer reports via The New York Times (Warning: may be paywalled; alternate source): In a major blow to the future of nuclear power in the United States, two South Carolina utilities said on Monday that they would abandon two unfinished nuclear reactors in the state, putting an end to a project that was once expected to showcase advanced nuclear technology but has since been plagued by delays and cost overruns. The two reactors, which have cost the utilities roughly $9 billion, remain less than 40 percent built. The cancellation means there are just two new nuclear units being built in the country -- both in Georgia -- while more than a dozen older nuclear plants are being retired in the face of low natural gas prices. Originally scheduled to come online by 2018, the V.C. Summer nuclear project in South Carolina had been plagued by disputes with regulators and numerous construction problems. This year, utility officials estimated that the reactors would not begin generating electricity before 2021 and could cost as much as $25 billion -- more than twice the initial $11.5 billion estimate. The utilities also struggled with an energy landscape that had changed dramatically since the large reactors were proposed in 2007. Demand for electricity has plateaued nationwide as a result of major improvements in energy efficiency, weakening the case for massive new power plants. And a glut of cheap natural gas from the hydraulic fracturing boom has given states a low-cost energy alternative. Facing those pressures, the two owners of the project, South Carolina Electric & Gas and Santee Cooper, announced they would halt construction rather than saddle customers with additional costs.

Apple reported a 7.2% rise in quarterly revenue on Tuesday, thanks to better-than-expected sales of its iPhones. "The company said iPhone sales rose 1.6% to 41.03 million in the third quarter ended July 1, above analysts' average estimate of 40.7 million units," reports Fortune. "Apple sold 40.4 million iPhones a year earlier." From the report: Apple's shares rose 4% in after-hours trading on Tuesday to $ 156.00. Many customers wait for Apple to launch its new smartphones before deciding on upgrading or replacing their current devices, which usually results in iPhone demand tapering in the months before a release. The company forecast total revenue of between $49 billion and $52 billion for the current quarter, while analysts on average were expecting $49.21 billion, according to Thomson Reuters I/B/E/S. Analysts on average expect the company to sell 45.55 million iPhones in the current quarter, according to FactSet. Apple sold 45.51 million iPhones in the year-ago quarter.

Orome1 shares a report from Help Net Security: New research released by MWR InfoSecurity reveals how attackers can compromise the Amazon Echo and turn it into a covert listening device, without affecting its overall functionality. Found to be susceptible to a physical attack, which allows an attacker to gain a root shell on the Linux Operating Systems and install malware, the Amazon Echo would enable hackers to covertly monitor and listen in on users and steal private data without their permission or knowledge. By removing the rubber base at the bottom of the Amazon Echo, the research team could access the 18 debug pads and directly boot into the firmware of the device, via an external SD card, and install persistent malware without leaving any physical evidence of tampering. This gained them remote root shell access and enabled them to access the "always listening" microphones. Following a full examination of the process running on the device and the associated scripts, MWR's researchers investigated how the audio media was being passed and buffered between the processes and the tools used to do so. Then they developed scripts that leveraged tools embedded on the device to stream the microphone audio to a remote server without affecting the functionality of the device itself. The raw data was then sampled via a remote device, where a decision could then be made as to play it out of the speakers on the remote device or save the audio as a WAV file. The vulnerability has been confirmed to affect the 2015 and 2016 editions of the device. The 2017 edition of the Amazon Echo is not vulnerable to this physical attack. The smaller Amazon Dot model also does not carry the vulnerability. More technical details can be found here.

HomePod's firmware has revealed several new features coming to the upcoming iPhone, such as a tap to wake function, facial expression and attention detection, and virtual home button. "Apple accidentally released the firmware over the weekend resulting in a frenzy of analysis about previously unknown features," reports The Verge. From the report: Developers including Steve Troughton-Smith and Guilherme Rambo have been tweeting their findings, notably the discovery of the new iPhone's bezel-less screen design. They've also concluded that the resolution for the iPhone 8 could be as much of a visual leap forward from current-generation iPhones as the iPhone 4's Retina display was from the original iPhone. Apple is using codenames for both its face recognition feature and the bezel-less phone, called "Pearl ID" and "D22" respectively. A potential "attention detection" feature is also mentioned in the code, with some speculating that may mean the phone will remain silent for notifications if it knows you're looking at the screen already. Facial references such as "mouthstretch," "mouthsmile," and "mouthdimple" were also found, which are most likely a nod to Apple's rumored facial recognition feature that can even detect faces in the dark using infrared. A tap to wake feature has also been discovered, and should be similar to the Windows Phone function that allows users to double-tap the screen to wake the phone.

Brandon Hill, writing for HotHardware: AMD isn't the only hardware company making waves this week at SIGGRAPH 2017. NVIDIA is looking to bolster its position in the professional graphics arena with a few new breakthroughs. The first of which is the addition of two new external graphics solutions that are targeted at professional artists and designers who primarily work with notebooks. NVIDIA is making it possible for these professionals to use either Pascal-based TITAN xP or Quadro graphics cards within an external GPU (eGPU) enclosure. NVIDIA will be partnering with a number of hardware partners including Bizon, Magma, and Sonnet, who will make compatible solutions available in September. NVIDIA is also playing up two of its strengths in artifice intelligence (AI) by launching the OptiX 5.0 SDK. With version 5.0, the OptiX is gaining ray tracing support to help speed up processing with regards to visual designs. This new release also adds GPU-accelerated motion blur along with AI-enhanced denoising capabilities.

Former Google senior vice president of Social, Vic Gundotra, said that Android phones are years behind the iPhone when it comes to photography. In a Facebook post, Gundotra said: "The end of the DSLR for most people has already arrived. I left my professional camera at home and took these shots at dinner with my iPhone 7 using computational photography (portrait mode as Apple calls it). Hard not to call these results (in a restaurant, taken on a mobile phone with no flash) stunning. Great job Apple." 9to5Mac reports: In response to a comment suggesting that the Samsung S8 camera was even better, Business Insider spotted that Gundotra disagreed. He said that not only was Apple way ahead of Samsung, but Android was to blame. From Gundotra's Facebook post: "I would never use an Android phone for photos! Here is the problem: It's Android. Android is an open source (mostly) operating system that has to be neutral to all parties. This sounds good until you get into the details. Ever wonder why a Samsung phone has a confused and bewildering array of photo options? Should I use the Samsung Camera? Or the Android Camera? Samsung gallery or Google Photos? It's because when Samsung innovates with the underlying hardware (like a better camera) they have to convince Google to allow that innovation to be surfaced to other applications via the appropriate API. That can take YEARS. Also the greatest innovation isn't even happening at the hardware level -- it's happening at the computational photography level. (Google was crushing this 5 years ago -- they had had 'auto awesome' that used AI techniques to automatically remove wrinkles, whiten teeth, add vignetting, etc... but recently Google has fallen back). Apple doesn't have all these constraints. They innovate in the underlying hardware, and just simply update the software with their latest innovations (like portrait mode) and ship it. Bottom line: If you truly care about great photography, you own an iPhone. If you don't mind being a few years behind, buy an Android."

An anonymous reader quotes a report from Bleeping Computer: "The author of the BrickerBot malware has claimed a cyber-attack that affected several Indian states and has caused over 60,000 modems and routers to lose Internet connectivity," reports Bleeping Computer. "The incident affected modems and routers belonging to Bharat Sanchar Nigam Limited (BSNL) and Mahanagar Telephone Nigam Limited (MTNL), two Indian state-owned telecommunications service providers." The BrickerBot malware infected modems that used default passwords and modems that the two ISPs left exposed via the TR069 management interface to connections from anywhere on the Internet. BrickerBot is a malware strain that affects Linux-based IoT and networking devices. Unlike other malware that hoards devices into botnets for DDoS attacks and other purposes, BrickerBot "bricks" the equipment by rewriting its flash storage with random data. In most cases this bricking effect can be reversed, but in some cases this is permanent. BSNL and MTNL had worked to fix problems but efforts were delayed after a BSNL workforce strike. The BrickerBot author also raised the alarm about similar exposed devices on the network of Pakistan Telecommunication Company Limited (PTCL). In April, the BrickerBot author claimed he bricked over 2 million devices.

The folks over at XDA Developers are reporting that Android may be getting a new feature that could help users identify how much battery life is remaining in their Bluetooth wireless headphones. The feature for "[retrieving] battery level information of [a] remote device" was discovered in the Android Open Source Project (AOSP). Android and Me reports: This hasn't made it to final release just yet, but when it does, it will make it easy for users to quickly ascertain how much battery life is remaining in the Bluetooth headphones that are connected to their device. It doesn't just mean support for Bluetooth headphones, either, as Bluetooth speakers and other accessories that run on battery power will be supported, too. Unfortunately there's no telling on when this feature will see the light of day for the public. There's no set timeframe between a feature that's part of the AOSP and rolling out in a final, public release of the mobile operating system. Some manufacturers have already built support for this feature into their phones, including OnePlus, Samsung, and LG. So while it might not be a completely brand new feature on Android, it would still be good for the Android platform as a whole to support the feature in the stock build.

MojoKid writes: AMD has officially lifted the veil on its new Radeon RX consumer graphics line-up, featuring the company's next-generation Vega GPU architecture. Initially, there are four cards in the Radeon RX Vega line-up, the standard air-cooled Radeon RX Vega 64, a Radeon RX Vega 64 Limited Edition with stylized metal fan shroud, the liquid-cooled Radeon RX Vega 64 Liquid, and the lower-cost Radeon RX Vega 56. At the heart of all Radeon RX Vega series cards is the Vega 10 GPU which is comprised of roughly 12.5 billion transistors and is manufactured using a 14nm FinFET LPP process. Vega 10 can reliably reach the 1.7GHz range, whereas AMD's previous gen Fiji hovered around 1GHz. The base GPU clock speed of the air-cooled Vega 64 is 1,247MHz with a boost clock of 1,546MHz. There is 8GB of HBM2 memory on-board that offers up peak bandwidth of 484GB/s. All told, the Radeon RX Vega 64 is capable of 25.3 TFLOPs (half-precision) of compute performance. The Radeon RX Vega 64 Liquid-Cooled Edition has the same GPU configuration, but with higher base and boost clocks -- 1,406MHz and 1,677MHz, respectively. The lower cost Radeon RX Vega 56 features the same Vega 10 GPU, but 8 of its CUs have been disabled and its clocks are somewhat lower. Although AMD touts a number of efficiency improvements, the Vega RX series requires some serious power. Vega 56 board power is in the 210 Watt range, while the top-end liquid-cooled card hits 345 Watts. AMD claims top-end Vega cards will be competitive with NVIDIA's GeForce GTX 1080 series of cards. AMD Radeon RX Vega graphics cards are expected to ship on August 14th.

An anonymous reader quotes a report from Ars Technica: FCC Chairman Ajit Pai and Democratic lawmakers have been exchanging letters about a May 8 incident in which the public comments website was disrupted while many people were trying to file comments on Pai's plan to dismantle net neutrality rules. The FCC says it was hit by DDoS attacks. The commission hasn't revealed much about what it's doing to prevent future attacks, but it said in a letter last month that it was researching "additional solutions" to protect the comment system. Democratic Leaders of the House Commerce and Oversight committees then asked Pai what those additional solutions are, but they didn't get much detail in return.

"Given the ongoing nature of the threats to disrupt the Commission's electronic comment ling system, it would undermine our system's security to provide a specific roadmap of the additional solutions to which we have referred," the FCC chief information officer wrote. "However, we can state that the FCC's IT staff has worked with commercial cloud providers to implement Internetbased solutions to limit the amount of disruptive bot-related activity if another bot-driven event occurs." The CIO's answers to lawmakers' questions were sent along with a letter from Pai to Reps. Frank Pallone, Jr. (D-N.J.), Elijah Cummings (D-Md.), Mike Doyle (D-Penn.), DeGette (D-Colo.), Robin Kelly (D-Ill.), and Gerald Connolly (D-Va.). The letter is dated July 21, and it was posted to the FCC's website on July 28.

An anonymous reader quotes Phys.org: With steely focus, player number 3 scored a stunning opening goal in the first few minutes of the high-stakes football match between a dominant Bordeaux and their plucky Chinese opponents. But as the crowds cheered, the pint-sized player, known as Arya, showed none of the customary swagger of triumphant strikers. In fact, robot number 3 and its teammates showed no emotion at all as they continued to exterminate their rivals' hopes of victory at RoboCup 2017 in Japan. The game, which Bordeaux won 4-0, was one of the gripping final matches in a four-day event that saw about 3,000 researchers and engineering students from 40 countries displaying the prowess of their latest robotic inventions on the football pitch.

Ranging in design from humanoids with human faces to more skeletal contraptions, the robots were programmed to be self-directed and played strategically without being given instructions. The robots "see" using a camera installed in their heads, while installed with artificial intelligence to recognise the spacing and objects in the sight... [A]bility to play as a team was the "winning factor" in Bordeaux University's triumph, according to associate professor Olivier Ly, who acted as coach and positioned his team's players. "We developed lots of features on the team play... The robots play together, try to do some passes," he said.
Robot teamwork "was a completely unresearched area for computer engineers" when the competition started 20 years ago, according to the president of the RoboCup Federation.

schwit1 shared an article from the BBC: Using a cheap robot, a team of hackers has cracked open a leading-brand combination safe, live on stage in Las Vegas. The team from SparkFun Electronics was able to open a SentrySafe safe in around 30 minutes... After the robot discovered the combination was 51.36.93, the safe popped open -- to rapturous applause from the audience of several hundred... The robot, which cost around $200 to put together, makes use of 3D-printed parts that can be easily replaced to fit different brands of combination safe. It cannot crack a digital lock -- although vulnerabilities in those systems have been exposed by other hacking teams in the past.
Though the safe had a million possible combinations using three two-digit numbers, the last number had slightly larger indents on the dial -- reducing the possible combinations to just 10,000. And in addition, "the team also discovered that the safe's design allows for a margin of error to compensate for humans getting their combination slightly wrong" -- which meant that the robot only had to check every third number. "Using this method, they could cut down the number of possible combinations to around 1,000."

"Some SentrySafe models come with an additional lock and key, but the team was able to unlock it by using a Bic pen."

Long-time Slashdot reader Theaetetus writes: I recently bought a house and the previous owner left some coax (mostly RG59) running between rooms for cable distribution. I'm a cord cutter and don't need cable, and I've already run CAT6e everywhere. But before I pull the RG59 out and try to seal the various holes he left, I figured I'd pick Slashdot's brain: can anyone think of a good non-cable use for spare coax lines?
Leave your best answers in the comments. What can you do with old coaxial cable?

An anonymous reader quotes The Hill: Hackers at at a competition in Las Vegas were able to successfully breach the software of U.S. voting machines in just 90 minutes on Friday, illuminating glaring security deficiencies in America's election infrastructure. Tech minds at the annual "DEF CON" in Las Vegas were given physical voting machines and remote access, with the instructions of gaining access to the software. According to a Register report, within minutes, hackers exposed glaring physical and software vulnerabilities across multiple U.S. voting machine companies' products. Some devices were found to have physical ports that could be used to attach devices containing malicious software. Others had insecure Wi-Fi connections, or were running outdated software with security vulnerabilities like Windows XP.
Though some of the machines were out of date, they were all from "major U.S. voting machine companies" like Diebold Nixorf, Sequoia Voting Systems, and WinVote -- and were purchased on eBay or at government auctions. One of the machines apparently still had voter registration data stored in plain text in an SQLite database from a 2008 election, according to event's official Twitter feed.

By Saturday night they were tweeting video of a WinVote machine playing Rick Astley's "Never Gonna Give You Up."