New “tricorder” technology might be able to “hear” tumors growing
The new work was spurred by a challenge posed by the Defense Advanced Research Projects Agency (DARPA), best known for sponsoring the studies that led to the Internet. DARPA sought to develop a system to detect plastic explosives buried underground – improvised explosive devices (IEDs) – that are currently invisible to metal detectors. The task included one important caveat: The detection device could not touch the surface in question, so as not to trigger an explosion.
All materials expand and contract when heated, but not at identical rates. Ground, especially muddy ground soaked with water, absorbs more heat than plastic.
In a potential battlefield application, the microwaves would heat the suspect area, causing the muddy ground to expand and thus squeeze the plastic. Pulsing the microwaves would generate a series of ultrasound pressure waves that could be detected and interpreted to disclose the presence of buried plastic explosives.
Sound waves propagate differently in solids than air, with a drastic transmission loss occurring when sound jumps from the solid to air. That’s why, for instance, ultrasound images of babies in utero must be taken through direct contact with the skin.
http://news.stanford.edu/news/2015/november/tricorder-device-arbabian-110915.html
It’s Been 3 Years Since Valve Launched The Steam Linux Beta, Now At 1,600+ Linux Games
Obviously, it’s been quite a while now since leaving beta and in just a few days (10 November) is when the Steam Machines are officially out and powered by Valve’s Debian-based SteamOS. Over the past three years we’ve seen Valve make significant investments into the open-source graphics stack and other areas of Linux (in part through their sponsorship of Collabora and LunarG), Valve developers are significantly pushing SDL2, seen more mainstream interest in Linux gaming, have tons more games available natively for Linux, they have been heavily involved in the creation of the Vulkan graphics API, they have given away their entire game collection to the Mesa/Ubuntu/Debian upstream developers, and much more.
In fact, this week marks the Steam Linux game count crossing 1,600! As of writing, the Steam Store is offering 1,607 Linux-native titles! Just over three years ago, many were doubting my exclusive reports about Valve’s plans for Linux.
http://www.phoronix.com/scan.php?page=news_item&px=Steam-Linux-Beta-Three
Unserialize Vulnerabilities in Java
The most underrated, underhyped vulnerability of 2015 has recently come to my attention, and I’m about to bring it to yours. No one gave it a fancy name, there were no press releases, nobody called Mandiant to come put out the fires. In fact, even though proof of concept code was released OVER 9 MONTHS AGO, none of the products mentioned in the title of this post have been patched, along with many more. In fact no patch is available for the Java library containing the vulnerability. In addition to any commercial products that are vulnerable, this also affects many custom applications.
In this post I’ll be dropping pre-authentication, remote code execution exploits that leverage this vulnerability for WebLogic, WebSphere, JBoss, Jenkins, and OpenNMS. All on the newest versions. Even more interesting, I’ll detail the process we went through to discover that these products were vulnerable, and how I developed the exploits. This should empower you to go out and find this same bug in your own software or commercial products that you or your clients use. All code can be found on the FoxGlove Security Github.
Bank of England’s Andy Haldane warns Smart machines could take 15 million UK jobs and 80 million in the US
In an important new paper based on a speech at the trade union congress in London, Andy Haldane Chief Economist at the Bank of England and Executive Director of Monetary Analysis and Statistics has examined the history of technological unemployment in which he gave a thorough review of the literature and implications for public policy. The media will likely focus on the number of jobs that can be displaced (as I did in the title) and not necessarily Haldane’s points on new jobs being created – both of which are highly important as is ‘skilling-up’.
Andy notes that arguments about “technological unemployment” – the idea that technological advance puts people out of work and bears down on wages – have been raging for centuries. According to Andy, most evidence shows that over the broad sweep of history technological progress has not damaged jobs but rather boosted wages: “Technology has enriched labour, not immiserated it.”
However, he also notes that this broad pattern obscures the fact that there has an increasing skills premium has emerged with each passing wave of technological progress. This was especially the case in the late 20th century, as new machines such as computers began replacing not only physical but cognitive labour. He finds that each phase has eventually resulted in a “growing tree of rising skills, wages and productivity”. But they have also been associated with a “hollowing out of this tree”. Indeed, this hollowing-out of jobs has “widened and deepened with each new technological wave”. This has resulted in a widening income gap between high- and low- skilled workers.
Vicious Chrome V8 JavaScript Exploit Leaves All Android Devices Ripe For Attack
If you’re an Android user that makes heavy use of Google’s Chrome web browser (and what Android user doesn’t?), you’ll want to pay close attention to a new exploit that has the capability of taking your smartphone hostage.
The tricky exploit was demonstrated at MobilePwn2Own, which was held at a Tokyo-based PacSec conference. Quihoo 360 security researcher Guang Gong first uncovered the vulnerability, and thankfully, he hasn’t publicly revealed detailed specifics on its inner workings. However, we do know that it takes advantage of Chrome’s open source V8 JavaScript engine.
