An anonymous reader writes: Jeff Atwood has a post about a security threat that's becoming more prevalent every day: spreading malware through a compromised router. "Router malware is the ultimate man-in-the-middle attack. For all meaningful traffic sent through a compromised router that isn't HTTPS encrypted, it is 100% game over." He links to a thorough technical analysis of how even HTTPS encrypted traffic can be subverted. Atwood provides a list of suggestions for keeping your router safe that probably won't be any surprise to people reading this site, and he further recommends only browsing on an unknown router if encryption is available. What I'm curious about are the long-term implications — is there a way forward to re-establish trust in our router infrastructure? What can the open source community do to speed this along?

The Perseids have been active in our skies for a couple of weeks already, but the peak of the meteor shower is coming up in just a few days. Overnight at the end of August 12th and the beginning of August 13th, observers in clear and dark conditions can expect to see up to 100 meteors per hour. The meteor shower should be particularly good this year because it occurs just a day before the new moon, so the sky should be even darker than usual. Forbes has an article on how astronomers figured out where such meteor showers were coming from: In 1833, the regular Leonid meteor shower became spectacular, with 1000 meteors per hour creating a meteor storm. For the next 32 years, the Leonids were normal and quiet again, but in 1866, another storm appeared. John Couch Adams, the British astronomer who failed to find Neptune, correctly surmised where meteor showers came from, a picture that's been spectacularly confirmed for all known meteor showers, including this week's coming Perseids!

gurps_npc writes: Popular Mechanics has a nice article about how to shoot down a non-military drone. Interestingly enough, a Super Soaker will do the job while a standard paint gun does nothing. It doesn't take much energy as long as it is concentrated. A BB gun can do it as well — if you can hit the the target. "Other good non-gun options include pretty much any other solid-projectile slinger. Slingshots will likely work—again, assuming you can hit." They add, "Last but not least, you never want to underestimate the power of just throwing crap. A rock, a baseball, anything you can fling straight, accurate, and fast. All it takes to down a drone is a bent propeller or enough of a jolt to flip it."

An anonymous reader writes: The launch of Windows 10 brought a lot of users kicking and screaming to the "connected desktop." Its benefits come with tradeoffs: "the online service providers can track which devices are making which requests, which devices are near which Wi-Fi networks, and feasibly might be able to track how devices move around. The service providers will all claim that the data is anonymized, and that no persistent tracking is performed... but it almost certainly could be." There are non-trivial privacy concerns, particularly for default settings.

According to Peter Bright, for better or worse this is the new normal for mainstream operating systems. We're going to have to either get used to it, or get used to fighting with settings to turn it all off. "The days of mainstream operating systems that don't integrate cloud services, that don't exploit machine learning and big data, that don't let developers know which features are used and what problems occur, are behind us, and they're not coming back. This may cost us some amount of privacy, but we'll tend to get something in return: software that can do more things and that works better."

jjslash writes: High-end GPU parts from Nvidia and AMD are plenty fast, these days. While top-end cards from both can provide playable performance at 4K, many games dip down to and below 30fps. Folks looking to achieve smooth 4K gameplay will undoubtedly be eyeing dual GTX 980 Ti or Fury X cards to realize their PC gaming machine's full potential. TechSpot puts both cards to the test in SLI and Crossfire modes, at stock and overclocked speeds in over 10 games to see who gets the bragging rights. As it turns out, AMD has a tiny advantage in average frame rates. The two split wins on frame time, but AMD won by bigger margins. When the cards get overclocked, Nvidia is the clear winner, and power consumption favors Nvidia as well.

An anonymous reader writes: When Google started Project Fi, one of their big goals was to make cell phone calling simple and predictable. By combining Wi-Fi calling with cellular networks and flat $10/GB pricing, they're trying to put together a service that "just works." But as Dieter Bohn writes, things can get a lot more complicated when you try to integrate it with other Google services, like Voice. He says, "Precisely what happens when you port your number from Voice to Fi (which are kind of the same thing — but not really!) is clear as mud. ... You won't lose your Google Voice number, and it will still do most of the stuff it did before, but you may have to wend your way back to the 2011-era Google Voice site to manage it. Your texts no longer forward via SMS but they're available in the Hangouts App. You can't call people from Google Voice on the web but you can from Hangouts. Oh, and on Android there's a Hangouts dialer app you can use, sometimes, just because."

rtoz writes: A Japanese engineer has developed a portable transporter small enough to be carried in a backpack that he says is the world's first 'car in a bag'. The lithium battery-powered "WalkCar" device is the size of a laptop and resembles a skateboard more than a car. According to the Reuters report, the slender WalkCar is made from aluminum and weighs between two and three kilograms , depending on whether it is an indoor or outdoor version. The aluminum board and can take loads of up to 120kg., and it reaches top speeds of 10 kilometers per hour, for distances of up to 12 kilometers after three hours of charging. When a rider stands on it, the WalkCar starts automatically, while simply stepping off stops the vehicle. To change direction, the user just shifts their weight.

An anonymous reader writes: A new report from Digital Citizens Alliance has called on Google to do a better job of making sure illicit webcam footage doesn't stick around on YouTube. Over the past several years, hackers have found profit in hijacking webcams and using the footage they capture to embarrass or extort money from their victims. This footage is frequently posted to YouTube, sometimes even as livestreams. DCA says these videos collectively have millions of views on YouTube, and that Google is part of the reason hackers can profit from it. They add that Google has not yet responded to their request.

theodp writes: In Silicon Valley this week, Rep. Barbara Lee called on Apple and other holdouts among the nation's tech companies to release federal data on the diversity of their work forces. She was with other members of the Congressional Black Caucus to turn up the heat on the tech industry to hire more African Americans. "If they believe in inclusion," said Lee, "they have to release the data so the public knows that they are being transparent and that they are committed to doing the right thing." Apple has refused to make public the EEO-1 data that it routinely supplies to the U.S. Dept. of Labor on the demographics of their workers. In the absence of the race and gender data, which Apple and others historically argued were 'trade secrets' and thus not subject to release Freedom of Information requests, tech companies were free to make unchecked claims about their Black employee ranks (Google's 2007 Congressional testimony) until recent disclosures revealed otherwise. The National Science Foundation was even convinced to redirect NSF grant money specifically earmarked for getting African American boys into the computer science pipeline to a PR campaign for high school girls of all colors and economic backgrounds.

wiredmikey writes: Hackers the Def Con gathering in Las Vegas on Friday got schooled in how to be online "killers." A rush to go digital with the process of registering deaths has made it simple for maliciously minded folks to have someone who is alive declared dead by the authorities. The process of having someone officially stamped dead by getting a death certificate issued typically involves a doctor filling out one form and a funeral home filling out another, according to Rock's research. Once forms are submitted online, certificates declaring the listed person legally dead are generated. A fatal flaw in the system is that people can easily pose as real doctors and funeral directors.

An anonymous reader writes: In May we discussed news that three bloggers in Bangladesh had been targeted for brutal killings in recent months over what they wrote online. Now, the local branch of Al-Qaeda is claiming responsibility for a new victim, blogger Niloy Chakrabarti. "The journalist had contributed to the humanist blogging platform Mukto-Mona. His posts often were critical of Islam. Mukto-Mona was established by another blogger—Avijit Roy, who was murdered in Bangladesh in February." His murder was as ghastly as the previous three — six men broke into his apartment with machetes. Rights groups are condemning the killings and demanding that the government put a stop to them. "There is little doubt that these especially brutal killings are designed to sow fear and to have a chilling effect on free speech. This is unacceptable."

An anonymous reader writes: IBM is purchasing a company called Merge Healthcare for $1 billion. The company specializes in medical imaging software, and it will be a key new resource for IBM's Watson AI. Big blue's researchers estimate that 90% of all medical data is contained within images. Having a trove of them and the software to mine that data should help Watson learn how to make more accurate diagnoses. IBM thinks it'll also provide better context for run-of-the-mill medical imaging. "[A] radiologist might examine thousands of patient images a day, but only looking for abnormalities on the images themselves rather than also taking into account a person's medical history, treatments and drug regimens." They can program Watson to do both. The AI is already landing contracts to assist with medical issues: "Last week, IBM announced a partnership with CVS Health, the large pharmacy chain, to develop data-driven services to help people with chronic ailments like diabetes and heart disease better manage their health."

An anonymous reader writes: A new project at MIT aims to put humans in real-time control of a humanoid robot. Operators strap into a vest that contains control circuitry and a pair of arm-like joysticks. As the operator grasps the ends and moves his arms, the robot mimics his arm movements in real time. A demonstration shows the robot crushing cans and punching through drywall. The operator is also given a pair of goggles that shows what the robot is currently "seeing," and the vest provides haptic feedback about what the robot is "feeling." According to a video MIT posted, the goal is to give robots human reflexes for tasks like keeping balance and basic maneuvering. The need for such technology was evident earlier this summer at the DARPA Robotics Challenge, where robots tasked with inspection and repair duties couldn't help but fall down as they moved throughout the testing grounds.

An anonymous reader writes: Twitter has become a valuable tool for U.S. law enforcement agencies in their fight against terrorism. It's been used as evidence in trials, it's provided useful intelligence, and it has helped them figure out who is involved with these groups. But ACLU lawyer Lee Rowland is trying to make sure they don't take it too far. In April, a 30-year-old man was charged with providing "material support" to the Islamic State. The FBI's probably cause? He retweeted some of the group's tweets. FBI director James Comey says a person's intent is the heart of the issue: "Knowing it was wrong, you provided material support for a terrorist organization or some other offense. That is the bulwark against prosecuting someone for having an idea or having an interest. You have to manifest a criminal intent to further the aims prohibited by the statute." Rowland points out the obvious First Amendment concerns. He adds, "... there's also the question of intent there: repeating speech is not automatically an endorsement. ... So a RT alone is certainly not an endorsement and in many situations may be a criticism of the original speaker, and that's particularly true with terrorism, because I believe many people may believe terrorism is self-evidently immoral."

An anonymous reader writes: Security researchers from Trend Micro wondered what kind of cyberattacks might target one of our most common and vital pieces of infrastructure: gas pumps. So, they set up some honeypots to find out if and how gas pumps were being attacked. The researchers ended up getting more than they bargained for. Between February and July, there were at least 23 distinct attacks on their honeypots alone (PDF). This included identifications, modifications, and DDoS attacks. "In their research, they found that a DoS or DDoS attack could disrupt inventory control and distribution, which means gas stations may not have enough supply on hand. Changing pump names could result in the wrong fuel being added to a tank—such as putting Unleaded inside Premium, or vice versa. Drivers wouldn't like that. Or changing the pump volume could result in tanks being underfilled."