Geek Stuff

Amazon’s Black Friday deals kick off with $35 tablet, $25 Fire TV Stick

Liliputing -

Black Friday isn’t just a single day anymore. Some companies have been running promotions all month, and Amazon has 12 days of deals. But if you’ve been hoping to score a good price on an Amazon tablet, eReader, TV box, or other device, now’s the time. Amazon has kicked off some pretty big sales on […]

Amazon’s Black Friday deals kick off with $35 tablet, $25 Fire TV Stick is a post from: Liliputing

Raspberry Pi Zero is a $5 computer that’s faster than the original Raspberry Pi

Liliputing -

When the first Raspberry Pi computer launched in 2012, it seemed crazy that the folks behind the project were able to sell a fully functional computer for just $35, even if it was a computer with a low-power ARM-based processor designed to run Linux and use an SD card (sold separately for storage). But since […]

Raspberry Pi Zero is a $5 computer that’s faster than the original Raspberry Pi is a post from: Liliputing

How Sports Commentaries Can Speed Up AI Development

Slashdot -

An anonymous reader writes: In an effort to shorten the annotation phase prior to neural network learning, Indian researchers are using commentaries intended for human viewers to help machines understand the meaning of action in cricket. The researchers suggest that closed-caption movie commentaries, as well as other types of usefully descriptive pre-existing commentaries could continue to prove helpful in teaching artificial intelligence the meaning of what it is seeing on screen.

Read more of this story at Slashdot.

Raspberry Pi Zero: the $5 computer

Raspberry Pi -

Of all the things we do at Raspberry Pi, driving down the cost of computer hardware remains one of the most important. Even in the developed world, a programmable computer is a luxury item for a lot of people, and every extra dollar that we ask someone to spend decreases the chance that they’ll choose to get involved.

Private Video on Vimeo

Join the web’s most supportive community of creators and get high-quality tools for hosting, sharing, and streaming videos in gorgeous HD with no ads.

The original Raspberry Pi Model B and its successors put a programmable computer within reach of anyone with $20-35 to spend. Since 2012, millions of people have used a Raspberry Pi to get their first experience of programming, but we still meet people for whom cost remains a barrier to entry. At the start of this year, we began work on an even cheaper Raspberry Pi to help these people take the plunge.

Four fathers!?!??

Today, I’m pleased to be able to announce the immediate availability of Raspberry Pi Zero, made in Wales and priced at just $5. Zero is a full-fledged member of the Raspberry Pi family, featuring:

  • A Broadcom BCM2835 application processor
    • 1GHz ARM11 core (40% faster than Raspberry Pi 1)
  • 512MB of LPDDR2 SDRAM
  • A micro-SD card slot
  • A mini-HDMI socket for 1080p60 video output
  • Micro-USB sockets for data and power
  • An unpopulated 40-pin GPIO header
    • Identical pinout to Model A+/B+/2B
  • An unpopulated composite video header
  • Our smallest ever form factor, at 65mm x 30mm x 5mm

Raspberry Pi Zero runs Raspbian and all your favourite applications, including Scratch, Minecraft and Sonic Pi. It is available today in the UK from our friends at element14, The Pi Hut and Pimoroni, and in the US from Adafruit and in-store at your local branch of Micro Center. We’ve built several tens of thousands of units so far, and are building more, but we expect demand to outstrip supply for the next little while.

One more thing: because the only thing better than a $5 computer is a free computer, we are giving away a free Raspberry Pi Zero on the front of each copy of the December issue of The MagPi, which arrives in UK stores today. Russell, Rob and the team have been killing themselves putting this together, and we’re very pleased with how it’s turned out. The issue is jam-packed with everything you need to know about Zero, including a heap of project ideas, and an interview with Mike Stimson, who designed the board.

MagPi #40 in all its glory

If you’re looking for cables to go with your free Zero, head over to the newly revamped Swag Store, where we’re offering a bundle comprising a mini-HDMI and a micro-USB adapter for just £4, or alternatively subscribe and we’ll send you them for free.

Happy hacking!​

The post Raspberry Pi Zero: the $5 computer appeared first on Raspberry Pi.

IT Execs On Their Dream Dinner Guests

Slashdot -

StewBeans writes: In this lighthearted article for the holiday, IT executives were asked, if they could invite any technologist living or deceased to their Thanksgiving dinner, who would they invite and why? One CTO said that he'd invite the CTO of Amazon, Werner Vogels, so he could hear his thoughts on the future of cloud computing. Another would invite Ratan Tata, who he calls the "Bill Gates of India." Other responses range from early visionaries like Grace Hopper and Vint Cerf to the mysterious inventors/designers of the Roland TR-808.

Read more of this story at Slashdot.

Japanese Rocket Launches Its First Commercial Satellite

Slashdot -

schwit1 writes: Using its H-IIA rocket, upgraded to lower cost, Japan launched its first commercial payload today, putting Canada's Telestar 12V into geosynchronous orbit. UPI reports: "Japan's Aerospace Exploration Agency said the H-IIA rocket was upgraded for the launch, permitting the satellite to stay closer to its geostationary orbit. Tokyo's Chief Cabinet Secretary Yoshihide Suga said he hoped the launch would exhibit the quality of Japan's rocket engineering, and that the successful launch would result in more orders from other global corporations. Following the launch, Mitsubishi Heavy Industries vice president Naohiko Abe said the firm plans to actively promote the H-IIA for satellite launches."

Read more of this story at Slashdot.

Critical Zen Cart Vulnerability Could Spell Black Friday Disaster For Shoppers

Slashdot -

Mark Wilson writes: It's around this time of year, with Black Friday looming and Christmas just around the corner, that online sales boom. Today security firm High-Tech Bridge has issued a warning to retailers and shoppers about a critical vulnerability in the popular Zen Cart shopping management system. High-Tech Bridge has provided Zen Cart with full details of the security flaw which could allow remote attackers to infiltrate web servers and gain access to customer data. Servers running Zen Cart are also at risk of malware, meaning that hundreds of thousands of ecommerce sites pose a potential danger. Technical details of the vulnerability are not yet being made public, but having notified Zen Cart of the issue High-Tech Bridge says the date of full public disclosure is 16 December.

Read more of this story at Slashdot.

Why Car Salesmen Don't Want To Sell Electric Cars

Slashdot - writes: Matt Richtel writes in the NYT that one big reason there are only about 330,000 electric vehicles on the road is that car dealers show little enthusiasm for putting consumers into electric cars. Industry insiders say that electric vehicles do not offer dealers the same profits as gas-powered cars, they take more time to sell because of the explaining required, and electric vehicles may require less maintenance, undermining the biggest source of dealer profits — their service departments. Some electric car buyers have said they felt as if they were the ones doing the selling. Chelsea Dell made an appointment to test-drive a used Volt but when she arrived, she said, a salesman told her that the car hadn't been washed, and that he had instead readied a less expensive, gas-powered car. "I was ready to pull the trigger, and they were trying to muscle me into a Chevy Sonic," says Dell. "The thing I was baffled at was that the Volt was a lot more expensive." Marc Deutsch, Nissan's business development manager for electric vehicles says some salespeople just can't rationalize the time it takes to sell the cars. A salesperson "can sell two gas burners in less than it takes to sell a Leaf," Deutsch says. "It's a lot of work for a little pay." Jared Allen says that service is crucial to dealer profits and that dealers didn't want to push consumers into electric cars that might make them less inclined to return for service. Maybe that helps explains the experience of Robert Kast, who last year leased a Volkswagen e-Golf from a local dealer. He said the salesman offered him a $15-per-month maintenance package that included service for oil changes, belt repair and water pumps. "I said: 'You know it doesn't have any of those things,'" Mr. Kast recalled. He said the salesman excused himself to go confirm this with his manager. Of the whole experience, Mr. Kast, 61, said: "I knew a whole lot more about the car than anyone in the building." "Until selling a plug-in electric car is as quick and easy as selling any other vehicle that nets the dealer the same profit, many dealers will avoid them, for very logical and understandable reasons," says John Voelker. "That means that the appropriate question should be directed to makers of electric cars: What are you doing to make selling electric cars as profitable and painless for your dealers as selling gasoline or diesel vehicles?"

Read more of this story at Slashdot.

Scientists Produce Graphene 100 Times Cheaper Than Ever Before

Slashdot -

Zothecula writes that researchers at the University of Glasgow have found a way to produce large sheets of graphene 100 times more cheaply than previous methods. Gizmag reports: "Since first being synthesized by Andre Geim and Kostya Novoselov at the University of Manchester in 2004, there has been an extensive effort to exploit the extraordinary properties of graphene. However the cost of graphene in comparison to more traditional electronic materials has meant that its uptake in electronic manufacturing has been slow. Now researchers at the University of Glasgow have discovered a way to create large sheets of graphene using the same type of cheap copper used to manufacture lithium-ion batteries."

Read more of this story at Slashdot.

Scientists Produce Graphene 100 Times Cheaper Than Ever Before

Slashdot -

Zothecula writes that researchers at the University of Glasgow have found a way to produce large sheets of graphene 100 times more cheaply than previous methods. Gizmag reports: "Since first being synthesized by Andre Geim and Kostya Novoselov at the University of Manchester in 2004, there has been an extensive effort to exploit the extraordinary properties of graphene. However the cost of graphene in comparison to more traditional electronic materials has meant that its uptake in electronic manufacturing has been slow. Now researchers at the University of Glasgow have discovered a way to create large sheets of graphene using the same type of cheap copper used to manufacture lithium-ion batteries."

Read more of this story at Slashdot.

Insurer Refuses To Cover Cox In Massive Piracy Lawsuit

Slashdot -

An anonymous reader writes with news that Cox Communications' insurer, Lloyds Of London underwriter Beazley, is refusing to cover legal costs and any liabilities from the case brought against it by BMG and Round Hill Music. TorrentFreak reports: "Trouble continues for one of the largest Internet providers in the United States, with a Lloyds underwriter now suing Cox Communications over an insurance dispute. The insurer is refusing to cover legal fees and potential piracy damages in Cox's case against BMG Rights Management and Round Hill Music. Following a ruling from a Virginia federal court that Cox is not protected by the safe-harbor provisions of the DMCA, the Internet provider must now deal with another setback. Following a ruling from a Virginia federal court that Cox is not protected by the safe-harbor provisions of the DMCA, the Internet provider must now deal with another setback."

Read more of this story at Slashdot.

New Wearable Tech Translates Sign Language Into Text

Slashdot -

An anonymous reader writes: A new wearable technology developed by a team of biomedical engineers at Texas A&M University seeks to aid seamless communication between deaf people who use sign language and those who do not understand it. The arm device contains a network of sensors which track hand movements, as well as the electromyography (EMG) signals generated by the muscles in the wrist, and process and translate the different signals into text in real-time.The prototype currently uses Bluetooth to translate the sign language to a computer or smartphone.

Read more of this story at Slashdot.

This Gizmo Knows Your Amex Card Number Before You've Received It

Slashdot -

itwbennett writes: A small device built by legendary hacker Samy Kamkar can predict what new American Express card numbers will be and trick point-of-sale devices into accepting cards without a security microchip. Because American Express appears to have used a weak algorithm to generate new card numbers, the device, called MagSpoof, can predict what a new American Express card number will be based on a canceled card's number. The new expiration date can also be predicted based on when the replacement card was requested.

Read more of this story at Slashdot.

Stronger Locks, Better Security

EFF's Deeplinks -

What if, in response to the terrorist attacks in Paris, or cybersecurity attacks on companies and government agencies, the FBI had come to the American people and said: In order to keep you safe, we need you to remove all the locks on your doors and windows and replace them with weaker ones. It's because, if you were a terrorist and we needed to get to your house, your locks might slow us down or block us entirely.  So Americans, remove your locks! And American companies: stop making good locks!

We'd all reject this as a bad idea. We'd see that it would make us all vulnerable, not just to terrorists but to ordinary thieves and bad guys. We'd reject undermining our daily security in favor of a vague potential that in some cases, law enforcement would be guaranteed, quick, easy access to our homes. We'd say to the FBI: Stop right there. We need more security in the wake of these attacks, not less.

Yet that same tradeoff is similar to what's being asked of us in the attacks on strong encryption. The FBI isn't technically asking for no locks—it's asking for weakened ones so that it can guarantee that it can break any lock that we buy or use—but the end result is the same. We're made more vulnerable. As with the locks on our doors, digital locks can't be made to allow access to all the good guys and none of the bad guys. The lock can't tell the difference, and even more vulnerabilities are created by building complicated processes for storing digital keys, as demonstrated by a recent MIT report and an open letter to David Cameron by Harvard Professor (and EFF Board member) Jonathan Zittrain.

Right now the FBI's strategy is focused on putting pressure on companies like Apple, Microsoft and Google, to prevent us from ever getting access to good locks in the first place. Yet if the FBI was publicly calling for home builders and locksmiths to stop offering you the strongest possible home or office security systems, we'd see the folly of their strategy outright.

EFF and many others have long demonstrated that limiting our access to strong encryption is a bad idea. But somehow, maybe because the way these locks work is more hidden from users in the context of digital networks and tools, the argument continues to be raised by an FBI that should know better. And by politicians who should know better, too, like Hillary Clinton

The response to to insecure networks and digital technologies must be to make them stronger. And yet this basic message is not only lost on those who call for encryption controls, but it has also been undermined by the cybersecurity approach of CISA, which instead of encouraging better security by those who store our information, pushes companies to increase the risks we already face by "sharing" more of our data with the government. Of course, the lapses in government security are already well documented. The same wrongheaded approach is on display when our Congress fails to reform the Computer Fraud and Abuse Act to protect the security researchers whose work results in better protections for us all—and instead pushes for a worse version of the law, with a still broader scope and harsher penalties.

Unlocking everyone's doors isn't the answer to global crime or terrorism. Building and supporting stronger security is.

Share this:   ||  Join EFF

Free Router Software Not In The Crosshairs, FCC Clarifies

EFF's Deeplinks -

FCC will not seek to ban free software from wireless routers, according to a clarification it made earlier this month on a rulemaking related to radio devices. An earlier draft of the official proposal included a specific reference to device manufacturers restricting installation of the open-source project DD-WRT.

That line, in the context of the larger proposal, created confusion in a community of router hackers that already operate in an often unwelcoming environment. Router makers rarely provide much in the way of support or documentation to people developing new software, and have a bad record on delivering software updates to end users. Against this background, the idea that regulators might require or urge those manufacturers to take proactive steps against third-party developers was cause for alarm.

This is especially true considering the valuable innovations and developments that have come out of the third-party router software community—innovations like advancing the state of the art in mesh networking and combatting slowdowns that come from "bufferbloat." Beyond that, free router software is frequently more secure than the manufacturer option, because it continues to receive patches and critical updates through community support.

EFF was far from alone in its concern about the possibility of a regulatory crackdown on free router software. Working together with the Save Wifi coalition, we re-launched our "Dear FCC" platform, originally developed to help the public provide comment on the net neutrality rulemaking earlier this year. More than 1000 concerned individuals used the platform to leave comments on this more recent rulemaking, making it one of the most active open FCC dockets.

To its credit, the FCC seemed to get the message loud and clear. In a blog post earlier this month title "Clearing the Air on Wi-Fi Software Updates," the chief of the agency's Office of Engineering & Technology explained the situation:

[T]here is concern that our proposed rules could have the unintended consequence of causing manufacturers to “lock down” their devices and prevent all software modifications, including those impacting security vulnerabilities and other changes on which users rely. Eliciting this kind of feedback is the very reason that we sought comment in an NPRM and we are pleased to have received the feedback that will inform our decision-making on this matter.

In my last post I recognized the need to work with stakeholders – particularly the user community – to address these concerns in a way that still enables the Commission to execute its mandate to protect users from harmful interference. I’m happy to say that the OET staff and I have spoken directly with some of these stakeholders in the last few weeks.

One immediate outcome of this ongoing dialogue is a step we’ve taken to clarify our guidance on rules the Commission adopted last year in the U-NII proceeding. Our original lab guidance document released pursuant to that Order asked manufacturers to explain “how [its] device is protected from ‘flashing’ and the installation of third-party firmware such as DD-WRT”. This particular question prompted a fair bit of confusion – were we mandating wholesale blocking of Open Source firmware modifications?

We were not, but we agree that the guidance we provide to manufacturers must be crystal-clear to avoid confusion. So, today we released a revision to that guidance to clarify that our instructions were narrowly-focused on modifications that would take a device out of compliance.

That revision is a welcome one. We'll continue to monitor the progress of this proposed rule to ensure it can't be used to jeopardize the important role that free third-party software continues to play in the router ecosystem.

Related Issues: Open Wireless
Share this:   ||  Join EFF

Will You Be Able To Run a Modern Desktop Environment In 2016 Without Systemd?

Slashdot -

New submitter yeupou writes: Early this year, David Edmundson from KDE, concluded that "In many cases [systemd] allows us to throw away large amounts of code whilst at the same time providing a better user experience. Adding it [systemd] as an optional extra defeats the main benefit". A perfectly sensible explanation. But, then, one might wonder to which point KDE would remain usable without systemd? Recently, on one Devuan box, I noticed that KDE power management (Powerdevil) no longer supported suspend and hibernate. Since pm-utils was still there, for a while, I resorted to call pm-suspend directly, hoping it would get fixed at some point. But it did not. So I wrote a report myself. I was not expecting much. But neither was I expecting it to be immediately marked as RESOLVED and DOWNSTREAM, with a comment accusing the "Debian fork" I'm using to "ripe out" systemd without "coming with any of the supported solutions Plasma provides". I searched beforehand about the issue so I knew that the problem also occurred on some other Debian-based systems and that the bug seemed entirely tied to upower, an upstream software used by Powerdevil. So if anything, at least this bug should have been marked as UPSTREAM. While no one dares (yet) to claim to write software only for systemd based operating system, it is obvious that it is now getting quite hard to get support otherwise. At the same time, bricks that worked for years without now just get ruined, since, as pointed out by Edmunson, adding systemd as "optional extra defeats its main benefit". So, is it likely that we'll still have in 2016 a modern desktop environment, without recent regressions, running without systemd?

Read more of this story at Slashdot.

Superfish 2.0: Now Dell is Breaking HTTPS

EFF's Deeplinks -

Earlier this year it was revealed that Lenovo was shipping computers preloaded with software called Superfish, which installed its own HTTPS root certificate on affected computers. That in and of itself wouldn't be so bad, except Superfish's certificates all used the same private key. That meant all the affected computers were vulnerable to a “man in the middle” attack in which an attacker could use that private key to eavesdrop on users' encrypted connections to websites, and even impersonate other websites.

Now it appears that Dell has done the same thing [PDF], shipping laptops pre-installed with an HTTPS root certificate issued by Dell, known as eDellRoot. The certificate could allow malicious software or an attacker to impersonate Google, your bank, or any other website. It could also allow an attacker to install malicious code that has a valid signature, bypassing Windows security controls. The security team for the Chrome browser appears to have already revoked the certificate.  People can test if their computer is affected by the bogus certificate by following this link

Ars Technica is reporting that at least two models of Dell laptop have been confirmed to contain the rogue certificate, but the actual number is possibly much higher.

The same certificate appears to be installed in every affected Dell machine, which would enable an attacker to compromise every affected Dell user if only they had the private key which Dell used to create the certificate. Fortunately attackers (and unfortunately for Dell's customers), Dell included that key on all the affected laptops as well. The result is that anyone with an affected Dell laptop could use it to create a valid HTTPS certificate for any other affected Dell laptop owner. One security researcher made this test site signed with the Dell certificate to prove that this attack was possible. During the test, the researcher confirmed that Firefox, Chrome and Internet Explorer all established an encrypted connection to the site with no warnings at all on an affected Dell laptop. Notably the Dell root certificate was also discovered on at least one SCADA system (the type of computer systems used to control industrial equipment, including in power plants, water treatment centers, and factories).

Less than 24 hours after Ars Technica published the story, Dell issued an apology stating:

Customer security and privacy is a top concern and priority for Dell; we deeply regret that this has happened and are taking steps to address it.

The certificate is not malware or adware. Rather, it was intended to provide the system service tag to Dell online support allowing us to quickly identify the computer model, making it easier and faster to service our customers. This certificate is not being used to collect personal customer information. It’s also important to note that the certificate will not reinstall itself once it is properly removed using the recommended Dell process.

Dell has also released an application to uninstall the certificate [exe] and instructions for how to remove the root certificate manually.

While we applaud Dell for responding to this fiasco so quickly, the fact remains that it never should have happened in the first place. The rogue eDellRoot certificate is dated two months after the Superfish debacle happened. Furthermore, Dell used the Superfish debacle to their advantage, promoting the security of their own products. Since Dell clearly knew that installing a root certificate—à la Superfish—was a bad idea, why did they make the exact same blunder?

We hope that other computer manufactures will learn from this fiasco, if they didn't already learn from Lenovo and Superfish. Hardware manufacturers need to realize that installing their own root certificates on consumer machines is dangerous and irresponsible, since it compromises the security of the entire web. If they don't they're guaranteed to keep facing embarrassment and losing the trust of their customers.

Related Issues: Encrypting the WebSecurity
Share this:   ||  Join EFF

The Quest For the Ultimate Vacuum Tube

Slashdot -

An anonymous reader writes: IEEE Spectrum reports on progress in the development of vacuum tube technology, which remains surprisingly relevant in 2015. "In the six decades since vacuum tubes lost out to solid-state devices in computers, receivers, and power supplies, vacuum technology has continued to evolve and branch out into new terrain, sustaining a small but skilled corps of engineers and scientists around the world, as well as a multibillion-dollar industry. That's because the traveling-wave tube and other vacuum devices continue to serve one purpose extremely well: as powerful sources of microwave, millimeter-wave, and submillimeter-wave radiation. And now, ongoing research into a new and potentially revolutionary kind of traveling-wave tube—the ultracompact and ultraefficient cold-cathode TWT—looks poised to deliver the first practical device by the end of this decade."

Read more of this story at Slashdot.

Deals of the Day (11-25-2015)

Liliputing -

The Lenovo IdeaPad 100s is a Windows notebook with an 11.6 inch display, 2GB of RAM, 32GB of storage, and an Intel Atom Z3735F Bay Trail processor. It’s not exactly a powerhouse, but it should provide decent enough performance for basic tasks… and it’s one of the cheapest Windows notebooks available. The IdeaPad 100s has […]

Deals of the Day (11-25-2015) is a post from: Liliputing


Subscribe to debianHELP aggregator - Geek Stuff