friends [entries|archive|friends|userinfo]
Petya Kohts

[ userinfo | ljr userinfo ]
[ archive | journal archive ]

Links
[Links:| Fast Slow ljr_fif tango ]

Видео дня, Леонид Парфенов о деле Ивана Сафронова [Видео] [Jul. 10th, 2020|07:00 pm]

syn_echo_msk_ru

Чем больше нам твердят, что дело Ивана Сафронова не связано с его профессиональной деятельностью, тем больше верится в обратное...
LinkLeave a comment

Московские новости, 55-я новостройка сдана в эксплуатацию для программы реновации [Jul. 10th, 2020|06:57 pm]

syn_echo_msk_ru

Об этом сообщает официальный сайт мэра столицы...
LinkLeave a comment

Diletant.media, Королевство Нортумбрия: на пути Великой языческой армии [Jul. 10th, 2020|06:55 pm]

syn_echo_msk_ru

Первым англским королем Берниции называют Иду, который правил приблизительно во второй половине VI века. Судя по скудным сведениям, на территории Берниции во второй половине VI века было несколько англосаксонских вождей, сражавшихся друг с другом и с соседними бриттами...
LinkLeave a comment

The Stolen Ring found in 1785 [Jul. 10th, 2020|02:37 pm]
syn_ycombinator
Comments
LinkLeave a comment

What does “secure” mean in Information Security? [Jul. 10th, 2020|03:28 pm]
syn_malbblog

This is text – written by Rikke Jensen and me – first appeared in the ISG Newsletter 2019/2020 under the title “What is Information Security?”. I’ve added a few links to this version.

The most fundamental task in information security is to establish what we mean by (information) security.

A possible answer to this question is given in countless LinkedIn posts, thought-leader blog entries and industry white papers: Confidentiality, Integrity, Availability. Since the vacuity of the “CIA Triad” is covered in the first lecture of the Security Management module of our MSc, we will assume our readers are familiar with it and will avoid this non-starter. Let us consider the matter more closely.

One subfield of information security that takes great care in tending to its definitions is cryptography. For example, Katz and Lindell write: “A key intellectual contribution of modern cryptography has been the recognition that formal definitions of security are an essential first step in the design of any cryptographic primitive or protocol”. Indeed, finding the correct security definition for a cryptographic primitive or protocol is a critical part of cryptographic work. That these definitions can be non-intuitive yet correct is made acutely apparent when asking students in class to come up with ideas of what it could mean for a block cipher to be secure. They never arrive at PRP security but propose security notions that are, well, broken.

Fine, we can grant cryptography that it knows how to define what a secure block cipher is. That is, we can know what is meant by it being secure, but does that imply that we are? Cryptographic security notions – and everything that depends on them – do not exist in a vacuum, they have reasons to be. While the immediate objects of cryptography are not social relations, it presumes and models them. This fact is readily acknowledged in the introductions of cryptographic papers where authors illustrate the utility of their proposed constructions by reference to some social situation where several parties have conflicting ends but a need or desire to interact. Yet, this part of the definitional work has not received the same rigour from the cryptographic community as complexity-theoretic and mathematical questions. For example, Goldreich writes: “The foundations of cryptography are the paradigms, approaches, and techniques used to conceptualize, define, and provide solutions to natural ‘security concerns’ ”. Following Blanchette we may ask back: “How does one identify such ‘natural security concerns’? On these questions, the literature remains silent”.

The broader social sciences offer a wealth of approaches to answering questions about social situations, relations, (collective) needs, imaginations and desires, yet, they are often relegated to a service role in information security, e.g. to perform usability testing of existing security technologies or as a token to blame the failings of such technologies on those who rely on them (see the “social engineering” literature). In contrast, we argue for a rather different intersection of social and computer science; one where social science establishes what technology is and ought to be. The service relation is all but inverted. If anything, computer science is asked to provide solutions to problems and challenges that social science identifies. To establish what security means within social settings – to identify and understand “natural security concerns” – one approach stands out in promising deep and detailed insights: ethnography.

More specifically, as highlighted by Herbert, ethnography is uniquely placed to “unearth what the group (under study) takes for granted”. A key challenge in engaging those who depend on security technology is that they are not trained information security professionals. They do not know and, indeed, should not need to know that confidentiality requires integrity, that existing onboarding practices can be phrased in the language of information security, which different security notions cannot be achieved simultaneously and what guarantees, say, cryptography, can give if asked. Therefore, to know exactly what is taken for granted, or put otherwise, expected, in social interactions, social and technical protocols and, indeed, cryptography, rather than what has been proven in some Appendix, is of critical import.

Some often used social science methods, while much more practical and less time consuming than ethnography, are therefore less suitable research approaches in this context. For example, questionnaires and surveys, both the qualitative and quantitative kind, are fairly futile means of enquiry here. While interviews provide some opportunity for deeper engagement, ethnography allows us to learn that which people do not know themselves. Through close observations and analysis of everyday activities and relations, ethnography reveals “the knowledge and meaning structures that provide the blueprint for social action” (Herbert) within the group under study. The exploratory nature of ethnographic enquiry, rooted in fieldwork with the group it aims to understand, is thus a key enabler in unlocking an understanding of individual and collective security needs and practices (i.e. “natural security concerns”). The inherently reflexive and embedded nature of ethnography enables such insights.

Researchers in the ISG are pursuing this approach; bringing cryptography and ethnography into conversation. We are currently engaged in a research project concerning questions about the role security technologies, especially cryptography, can play for participants in large-scale, urban protests. How do we conceptualise confidentiality in chat groups of 50k participants, where at least some must be assumed to be infiltrators? Do notions of post-compromise security, which is a common design goal in cryptographic messaging, matter? Does Blanchette’s critique of non-repudiation as a cryptographic design goal have teeth here? What are the implicit security protocols followed by participants in these protests? Should we reorient the role of trusted-third parties in cryptographic protocols from Goldreich’s “pivotal question” – “the extent to which [an] (imaginary) trusted party can be ’emulated’ by the mutually distrustful parties” to one where the parties are insecure but their infrastructure is not? Armed with this knowledge we can then investigate whether the technologies the participants of such protests and resistance movements use provide the quality which we call “security”.

Image
LinkLeave a comment

Леонид Гозман, Юбилей на фоне пандемии и обнуления [Jul. 10th, 2020|06:13 pm]

syn_echo_msk_ru

На митинги и пикеты могут и готовы выходить не все. Но поддержать человека, не оставить его один на один с репрессивной машиной может каждый.
Людям очень нужна ваша помощь...
LinkLeave a comment

Бизнес сегодня, Сбербанк Бизнес Онлайн признан лучшим онлайн-банком в международном рейтинге SME Banking Club [Jul. 10th, 2020|06:12 pm]

syn_echo_msk_ru

В ходе исследования 90 веб-банков для бизнеса стран СНГ и Кавказа, отобранных на основе их рыночной доли, были проанализированы по 140 критериям, анализируемые функции были объединены в 12 основных блоков...
LinkLeave a comment

Артемий Троицкий, ...Плюс геттоизация всей страны [Jul. 10th, 2020|06:06 pm]

syn_echo_msk_ru

Неправильно, наверное, к чему-то бодро призывать, когда сам за границей. Скажу просто: подумайте о будущем, о себе и о своих детях. Не дайте стране окончательно лечь под диктатуру. Будьте вместе!...
LinkLeave a comment

São Paulo Labor Judge Rules Uber Must Pay Full Employee Benefits to Drivers [Jul. 10th, 2020|02:33 pm]
syn_ycombinator
Comments
LinkLeave a comment

Palantir Goes to the Frankfurt School [Jul. 10th, 2020|02:11 pm]
syn_ycombinator
Comments
LinkLeave a comment

Facebook Cannot Separate Itself from the Hate It Spreads [Jul. 10th, 2020|02:47 pm]
syn_ycombinator
Comments
LinkLeave a comment

Cryptographic Security Proofs as Dynamic Malware Analysis [Jul. 10th, 2020|03:02 pm]
syn_malbblog

This is text first appeared in the ISG Newsletter 2019/2020. I’ve added a bunch of links to this version.

RSA encryption with insecure padding (PKCS #1 v1.5) is a gift that keeps on giving variants of Bleichenbacher’s chosen ciphertext attack. As the readers of this newsletter will know, RSA-OAEP (PKCS #1 v2) is recommended for RSA encryption. How do we know, though, that switching to RSA-OAEP will give us an encryption scheme that resists chosen ciphertext attacks? Cryptography has two answers to this. Without any additional assumptions the answer is that we don’t know (yet). In the Random Oracle Model (ROM), though, we can give an affirmative answer, i.e. RSA-OAEP was proven secure. Indeed, security proofs in the ROM (and its cousin the Ideal Cipher Model) underpin many cryptographic constructions that are widely deployed, such as generic transforms to achieve security against active attacks and block cipher modes of operation. This article is meant to give some intuition about how such ROM proofs go by means of an analogy to dynamic malware analysis.

The thought experiment in a typical (game-based) cryptographic proof starts by assuming that there is indeed an adversary that breaks the security goal of our cryptographic construction. For example, assume this adversary can decide if some message A or some message B was encrypted in ciphertext C. We are not even asking the adversary to decrypt C but we are merely asking it to decide which of two messages of its choosing we encrypted. If it cannot even do that, it cannot decrypt or learn anything about the underlying plaintext of a ciphertext. So this is the adversary’s goal: to distinguish. Next we need to decide what capabilities our hypothetical adversary has. Here, let’s consider chosen ciphertext security. The adversary gets to ask for decryptions of any ciphertexts it wants except for the “target” ciphertext C we are challenging it to make a distinguishing decision about. We are taunting the adversary: “We’re giving you the ability to decrypt anything you like except this one ciphertext but you still cannot decrypt it. In fact, we let you choose two messages A and B and we will encrypt one of them for you, you won’t even be able to decide which one we picked”; yep, cryptographers taunt algorithms. This is known as IND-CCA security in cryptography and the standard security notion aimed for and achieved by encryption schemes.

Now to illustrate how these proofs proceed, we will think of the adversary as a piece of malware. To analyse it we are going to put it in a sandbox just as we would do in dynamic analysis. We may then use our power over the sandbox to subject the adversary to various conditions and observe its behaviour. As a consequence, the first goal of such a cryptographic security proof is to show that we can simulate the “world” that our malware-née-adversary expects. Just like malware our adversary could decide to behave differently when it detects a simulation to avoid being analysed. In our setting the adversary expects two things – a Random Oracle and a decryption oracle – and we better simulate those (nearly) perfectly.

In this view, the ROM is Hashing-as-a-Service (HaaS). Instead of specifying a compact hash function like SHA2 with all details so that anyone can ship their own implementation, we are just going to define some API with a single calling point H(): put some string in, receive a digest back, e.g. y=H(x). In the ROM, our HaaS also realises a perfect hash function: for each fresh input x it returns a completely random digest y (of course, if we call H() again on the same x we get the same y just as we would expect from a hash function), so the only way to know the output y is to call H(x) via our API. So what we have is something “random” (perfectly random output) from an “oracle” (we can only call the API). This is somewhat similar in spirit to ransomware countermeasures that intercept calls to the cryptographic API provided by the OS. The difference is that ransomware may implement and ship its own cryptography, but in our thought experiment the only way to get access to H() is via our API. Another practical analogy would be HMAC with a secret key running on an HSM, something Facebook is using for password hashing.

Returning to our proof sketch, we want to show that the ability to decrypt every ciphertext except C does not buy the adversary anything. We can accomplish this in the ROM by making our construction dependent on our API s.t. the only way to produce a valid ciphertext is to call H() on the message (and any other randomness used during encryption), everything else produces an error on decryption. When we accomplish this (which isn’t too hard) then the adversary has two choices: it can submit whatever it wants for decryption which will just produce an error or it can dutifully call H() via our API when producing a ciphertext. The key observation now is that in the latter case it sends us the message (and associated randomness) it might ask us to decrypt later. So we can easily provide plaintexts in response to correctly formed ciphertexts: we are cheating and know the answers before seeing the question.

From this we can conclude that if there was an adversary against our scheme that requires a decryption oracle we can run this adversary against our scheme without actually having access to such a decryption oracle (by simulating it using the information the adversary helpfully sends us via calls to H()). This implies that CCA attacks, i.e. active attacks – in the ROM and for schemes where such proofs exists –, are no more powerful than CPA attacks, i.e. passive attacks. To drive home this point, this is not a claim that we prevent the adversary from running specific attack strategies but it rules out any attack using such a decryption oracle. If we can fake it, it offers no advantage.

HaaS/the ROM is an incredibly powerful tool for proving security. Once we have HaaS we can play all kinds of tricks with the adversary. For example, we can start cheating and send specifically chosen answers in response to strategically chosen queries. When H() is used to check the integrity of some input x against some known digest y we can simply make our API return y on input x or z, it is up to us. This is known as “programming the Random Oracle”. An analogy from dynamic analysis could be to provide bad randomness to a piece of malware to break its encryption or to return incorrect time/date information from a system call to trigger some behaviour. Another trick we can play is to restart our VM from a snapshot which is known as “rewinding”. For example, we may choose to rewind the sandbox with the adversary to some point in the past and then provide different responses from our random oracle to provoke a fork in the malware: it started out doing the same but then at some point it performs different steps. The lemma proving that this makes sense in cryptographic security proofs is aptly called the “forking lemma”.

The ROM isn’t without its problems. For starters, HaaS isn’t how we use hash functions, we actually implement them in code. Indeed, there are (arguably contrived) counter examples of cryptographic schemes that can be proven secure in the ROM but are insecure when used with any real hash function. Secondly, when we worry about quantum computers we also need to worry about hash functions being implemented on them. To account for this we would need to define quantum Hashing-as-a-Service where the adversary can send superposition queries and receive a superposition of digests back. In such a setting, the “looking up the plaintext for a ciphertext from previous hash queries” trick doesn’t work any longer. Reproving cryptographic schemes in the Quantum Random Oracle Model (QROM) is an ongoing research endeavour.

Image
LinkLeave a comment

Should We Be Drinking Less? [Jul. 10th, 2020|03:21 pm]

syn_slashdot
Can a daily drink or two lead to better health? For many years, the federal government's influential dietary guidelines implied as much, saying there was evidence that moderate drinking could lower the risk of heart disease and reduce mortality. But now a committee of scientists that is helping to update the latest edition of the Dietary Guidelines for Americans is taking a harder stance on alcohol. From a report: The committee said in a recent conference call that it plans to recommend that men and women who drink limit themselves to a single serving of wine, beer or liquor per day. Do not drink because you think it will make you healthier, the committee says: It won't. And it maintains that drinking less is generally better for health than drinking more. That message is a departure from previous guidelines, which since 1980 have defined "moderate" drinking as up to two drinks a day for men and one for women. Government agencies have also long defined a standard drink as 12 ounces of regular beer, five ounces of wine, or one and a half ounces of distilled spirits (40 percent alcohol), amounts often exceeded in Americans' typical "drink." Between 1990 and 2010, many editions of the guidelines, which are updated every five years, discouraged heavy drinking and warned pregnant women and people with certain medical conditions not to drink. But they also noted that moderate drinking was linked to fewer heart attacks and lower mortality. The 2010 guidelines mentioned that moderate drinking may even "help to keep cognitive function intact with age." The new recommendation would be a victory for experts who have long questioned the health halo around moderate drinking. They say that studies showing it can protect health are deeply flawed, and that any potential cardiovascular benefits would be outweighed by the fact that alcohol is a leading preventable cause of cancer. According to the National Cancer Institute, even one drink a day increases the risk of breast, esophageal and oral cancer. The new advice is not yet final. The advisory panel is expected to include it in a report that it will release publicly in mid-July and submit to the Department of Agriculture and the Department of Health and Human Services. Those two agencies are scheduled to publish the official dietary guidelines later this year.

Read more of this story at Slashdot.

Image
LinkLeave a comment

Сложно поверить, что эта фотография сделана на недорогой смартфон Redmi [Jul. 10th, 2020|05:22 pm]
syn_ixbt_hard

Профессиональный фотограф и дизайнер Михаил Минков (Mihail Minkov) из Болгарии, увлекающийся съёмкой ночных пейзажей, решил поставить «быстрый эксперимент» и сделать снимок на бюджетный смартфон. 

Для того он выбрал модель Redmi Note 9 Pro с четверной камерой на 64 Мп. В России такой смартфон предлагается в официальном онлайн-магазине Xiaomi за 23 990 рублей. 

На впечатляющем снимке мы видим ночную дорогу, поле подсолнухов и Млечный Путь. Для съёмки он использовал стремянку, чтобы подняться повыше, сделал десять снимков подряд с разной экспозицией для получения хорошего вида Млечного Пути.

        View this post on Instagram                  

Xiaomi Redmi Note 9 Pro Quick experiment with a budget phone, a ladder and some sunflowers with Milky Way. #newmilkyway #longexpolite #yourshotphotographer #natgeo #nightphotography_exclusive #earthfocus #igworldclub_astrophotography #planetfervor #eclectic_shotz #igworldmilkyway #longexposure_shots #nightphotography #landscape_nightscape #nights_dreamworld #universetoday #globalcapture #milkywayshooters #stayandwander #ig_nightscapes #toplongexposure #exploreuniverses #nightscaper #night4view #dreamful_landscapes #igpodium_night #nightphotography #starlitlandscapes #mobilephotography #xiaomiredminote9pro #ShotByMi

A post shared by Mihail Minkov (@fineartshot) on Jul 9, 2020 at 2:29am PDT

Настройки использовались такие:  экспозиция 30 секунд, светочувстительность ISO 3200. Минков снимал на главный модуль основной камеры на 64 Мп с диафрагмой  f/1,9. Также был сделан дополнительный снимок для качественного отображения подсолнухов. Затем снимки были объединены в одно впечатляющее фото.



Комментировать

LinkLeave a comment

Алексей Навальный, Процесс Сафронова должен быть открытым [Jul. 10th, 2020|05:59 pm]

syn_echo_msk_ru

Моё отношение к последнему месту работы Сафронова никак не влияет на моё отношение к сути процесса над ним, но я не считаю необходимым его скрывать...
LinkLeave a comment

Карина Орлова, Почему Навальный неправ про дело Сафронова [Jul. 10th, 2020|05:51 pm]

syn_echo_msk_ru

Если оперировать принципом “работал на госслужбе” - поделом тебе, то и не надо удивляться, когда искренние сторонники Владимира Путина применяют тот же принцип к уголовным делам в отношении Навального...
LinkLeave a comment

Коронавирус. Оперштаб Москвы, У 21,7% москвичей формируется иммунитет к covid-19 [Jul. 10th, 2020|05:50 pm]

syn_echo_msk_ru

По результатам четвертого этапа ИФА-тестирования, который прошел с 19 июня по 2 июля, у 21,7% москвичей формируется иммунитет к коронавирусу...
LinkLeave a comment

Коронавирус. Оперштаб Москвы, В Москве число новых случаев коронавируса почти вдвое меньше, чем месяц назад [Jul. 10th, 2020|05:48 pm]

syn_echo_msk_ru

В столице подтверждено 637 новых случаев заражения коронавируса...
LinkLeave a comment

Коронавирус. Оперштаб Москвы, В России выявлено 6 635 новых случаев коронавируса [Jul. 10th, 2020|05:44 pm]

syn_echo_msk_ru

За последние сутки в России выявлено 6 635 новых случаев коронавируса в 85 регионах...
LinkLeave a comment

Коронавирус. Оперштаб Москвы, Данные о здоровье загрузятся в электронную медкарту автоматически с телефона [Jul. 10th, 2020|05:39 pm]

syn_echo_msk_ru

Электронная медицинская карта доступна москвичам в мобильном приложении. Уже сейчас с гаджета в нее автоматически можно подгружать данные о состоянии здоровья...
LinkLeave a comment

Алексей Нарышкин, Генетики оценили не нынешнее состояние, а риски заболевания [Jul. 10th, 2020|05:39 pm]

syn_echo_msk_ru

В моей довольно большой семье очень хорошо знают, что такое “болезнь Альцгеймера”. Это не набор фактов, перечисление симптомов, фактов и советов врачей...
LinkLeave a comment

Коронавирус. Оперштаб Москвы, Ещё 1007 пациентов вылечились от коронавируса в Москве [Jul. 10th, 2020|05:38 pm]

syn_echo_msk_ru

В Москве выздоровели ещё 1007 пациентов после прохождения лечения от коронавируса...
LinkLeave a comment

Коронавирус. Оперштаб Москвы, В Москве скончались 28 пациентов с коронавирусом [Jul. 10th, 2020|05:37 pm]

syn_echo_msk_ru

В Москве скончались 28 пациентов с подтвержденной пневмонией и положительным результатом тестов на коронавирус...
LinkLeave a comment

Илья Азар, Прекратить штрафовать и арестовывать за одиночные пикеты! [Jul. 10th, 2020|05:28 pm]

syn_echo_msk_ru

Я требую от президента России, его администрации, силовых структур и правоохранительных органов соблюдать законы Российской Федерации и отменить негласное решение задерживать людей на одиночных пикетах!..
LinkLeave a comment

Asia IT Giant's CEO Warns Trump's Visa Curbs Will Cost US [Jul. 10th, 2020|02:45 pm]

syn_slashdot
The chief executive officer of Asia's largest IT services firm warned that a U.S. freeze on thousands of employment visas will only raise costs for American corporations like Wall Street banks, auto manufacturers and drugmakers. From a report: Tata Consultancy Services (TCS) CEO Rajesh Gopinathan told Bloomberg News the move has put massive stress on a huge swath of Indian-born engineers that have lived in the U.S. for years and helped support American clients, who will ultimately be the ones hurt most. His remarks were among the strongest public rebukes from India's $181 billion IT industry since U.S. President Donald Trump's June decree to halt approvals for a range of visas until the end of the year -- including those for intra-company transfers. TCS and peers like Infosys have relied for years on the ability to send talent to work alongside their customers overseas, which include some of the largest electronics manufacturers and global retailers. Investors worry that the inability to do so will hurt their competitiveness in the largest international market. "The ignorance around this ruling should be addressed," Gopinathan said via video conference on Friday. "Playing with the status of people who've moved away from families and committed to spending five-six years in a foreign country without immigrant status to deliver value to customers, is a short-term gimmick," the executive said.

Read more of this story at Slashdot.

Image
LinkLeave a comment

Distribution Release: Slackel 7.3 "Openbox" [Jul. 10th, 2020|02:13 pm]
syn_distrowatch
Slackel is a Linux distribution and live CD based on Slackware Linux and Salix OS. The project's latest release is Slaxel 7.3 "Openbox" which brings the distribution up to date with Slackware's development branch. "What is new: slim login manager is used as default. Gdm exists also but....
LinkLeave a comment

Deepfakes Are Becoming the Hot New Corporate Training Tool [Jul. 10th, 2020|01:50 pm]
syn_ycombinator
Comments
LinkLeave a comment

35% of excess deaths from pandemic not caused by Covid-19 [Jul. 10th, 2020|01:52 pm]
syn_ycombinator
Comments
LinkLeave a comment

Chicago Police Department Arrest API Shutdown is Its Own Kind of 'Cover Up' [Jul. 10th, 2020|02:08 pm]

syn_slashdot
Asraa Mustufa and David Eads, reporting for Chicago Reporter: With Chicago reeling this week from a bloody July 4 weekend that saw more than 80 shootings claim the lives of at least 17 people, including young children, police Superintendent David Brown doubled down on his approach to stemming the violence at a press conference Monday. "We must keep violent offenders in jail longer," Brown said, arguing that arrestees are getting released too quickly and that the electronic monitoring program is "clearly not working" and needs to be revamped. Mayor Lori Lightfoot agreed on the need to keep violent offenders locked up in order to reduce crime. Brown had deployed an additional 1,200 officers on the streets ahead of the holiday weekend to break up "drug corners," in a strategy not unlike that of police chiefs before him. His plan was criticized by civil rights advocates and criminologists, WBEZ reported. "Our endgame is arrests for the precursors to violence," Brown said. "But when we clear the corner, we're pleading with the court systems: Keep them in jail through the weekend." Brown's remarks raise many questions. How did officers carry out this policing strategy? Did they make arrests for violent crimes or other charges? How long were arrestees in police custody? Do these defendants quickly bond out or remain detained? Do these kinds of arrests really keep violent offenders off the street and effectively prevent more violence? Queries like these are key to digging into Brown's claims and gauging how effective CPD's tactics are. But it's now substantially more difficult to check CPD's claims and details about arrests. That's because the department recently shut down its arrest API used by journalists and researchers. A data API, or application programming interface, provides access to structured information in a way machines can read, akin to the difference between getting data in a spreadsheet file versus copying it by hand into a spreadsheet. CPD's API provided access to comprehensive and timely data about arrests going back to 2014 in ways that can be processed and analyzed by software engineers and reporters. The Chicago Reporter used the API last month to analyze police tactics during local mass protests following the Minneapolis police killing of George Floyd. CPD had released figures stating that the majority of arrests made on the weekend of May 29 were for criminal conduct related to looting, not protesting. But by using CPD's own data from the arrest API, we found the opposite to be true: the majority of civil unrest-related arrests made that weekend had been for offenses related to protesting. [...] Within a day of our publishing this analysis, CPD removed access to the API for all users.

Read more of this story at Slashdot.

Image
LinkLeave a comment

На iPhone перестали работать популярные приложения, включая сервисы Яндекса. Сбой мирового масштаба [Jul. 10th, 2020|04:07 pm]
syn_ixbt_hard

Пользователи iPhone и iPad по всему миру в последние несколько часов жалуются на внезапное прекращение работы множества популярных приложений и сервисов. 

Проблема охватывает такие сервисы и приложения, как, например, Spotify, Pinterest, Tinder, Viber, «Авито», Авто.ру, «Кинопоиск», «Додо Пицца», а также Яндекс.Навигатор, Яндекс.Карты, Яндекс.Музыка и Яндекс.Такси. 

Масштабный сбой, охватывающий десятки приложений и сервисов iOS, наблюдается во многих странах мира. Причиной сбоя оказалась Facebook и её инструмент Facebook SDK для авторизации пользователей. Разработчики компаний уже ведут работы по устранению проблемы. 

Вот что говорит пресс-служба Яндекса по этому поводу:

На стороне Facebook SDK произошёл масштабный сбой, из-за которого перестали работать многие популярные приложения на iOS. Facebook SDK используется во множестве приложений для авторизации пользователей».

Пресс-служба Viber также выступила с комментарием:

Тысячи приложений по всему миру, включая Viber, Pinterest, Foursquare, Spotify, не работают на iOS. Это техническая проблема, которая будет исправлена ​​в ближайшее время. Пожалуйста, не удаляйте и не переустанавливайте Viber, это не решит проблему. Viber вернется в ближайшее время. Спасибо за терпение».

Обновлено: работоспособность сервисов и приложений на мобильных устройствах Apple начала восстанавливаться примерно к 16:00 по московскому времени. 



Комментировать

LinkLeave a comment

Как Apple сэкономит на пользователях. Компактная коробка iPhone 12 без наушников и зарядного устройства во всей красе [Jul. 10th, 2020|04:04 pm]
syn_ixbt_hard

Сообщения о том, что новая линейка флагманских смартфонов Apple получит урезанную комплектацию, уже получили подтверждения от самых разных источников. Теперь в сети появился наглядный качественный рендер, демонстрирующий новую компактную коробку для iPhone 12 и её содержимое. 

Ранее уже несколько аналитиков предсказали, что Apple «выкинет» из комплекта iPhone 12 наушники и зарядное устройство. Об этом сообщали и аналитики Barclays, и хорошо известный Мин-Чин Куо, и некоторые другие. Отмечается, что причина в повышенной стоимости материалов и комплектующих iPhone 12 по сравнению с предшественниками. Сокращённый комплект позволит удержать цену на уровне iPhone 11, а также поспособствовать продажам беспроводных AirPods

Ожидается, что упаковка iPhone 12 станет заметно компактнее за счёт таких «сокращений». В коробке останутся только сам смартфон, кабель для зарядки и документация. На рендере наглядно демонстрируется, как это может выглядеть. Кстати, на днях в сети появилось изображение поддона, новый рендер использует эту утечку и более ранние. 

Рендер создал и опубликовал видеоканал EverythingApplePro совместно с авторитетным информатором и одним из основателей XDA Developers Максом Вейнбахом (Max Weinbach). 

Эти источники вместе в прошлом году предсказали ночной режим съёмки iPhone 11, превосходящий по результатам Pixel 4. По отдельности у них тоже внушительные послужные списки утечек. 



Комментировать

LinkLeave a comment

Security updates for Friday [Jul. 10th, 2020|01:40 pm]
syn_lwnheadline
Security updates have been issued by Fedora (curl, LibRaw, python-pillow, and python36), Mageia (coturn, samba, and vino), openSUSE (opera), and Ubuntu (openssl).
LinkLeave a comment

Quibi reportedly lost 90 percent of early users after their free trials expired [Jul. 10th, 2020|01:16 pm]
syn_ycombinator
Comments
LinkLeave a comment

Two Years to Make $10 in Software Revenue [Jul. 10th, 2020|01:41 pm]
syn_ycombinator
Comments
LinkLeave a comment

Кусок эфира, Дмитрий Быков: Новое средневековье [Jul. 10th, 2020|04:41 pm]

syn_echo_msk_ru

Огромное количество народу торжествующе и триумфально в угоду новой политкорректности, новой этики, новому феминизму, чему хотите, утрачивают индивидуальность и превращаются в орущую толпу, омерзительную толпу погромщиков...
LinkLeave a comment

Антон Орехъ, Почему Навальный не прав [Jul. 10th, 2020|04:39 pm]

syn_echo_msk_ru

Я практически уверен в невиновности Ивана Сафронова и не сомневаюсь в том, что его арестовали за журналистскую работу. Сейчас не важно, что написано в трудовой книжке Ивана, важно, за что его наказывают!...
LinkLeave a comment

Егор Куроптев, Экс-замглавы чешской разведки о деле Ивана Сафронова: «Это абсурд» [Видео] [Jul. 10th, 2020|04:29 pm]

syn_echo_msk_ru

Я просто не понимаю, зачем так долго бы следили за человеком и позволяли ему работать на другу страну. Это мне просто непонятно.  Это еще раз подтверждает, что все это дело – абсурд...
LinkLeave a comment

Worldwide PC Shipments Grew Due To Work-From-Home Arrangements [Jul. 10th, 2020|01:00 pm]

syn_slashd_hard
An anonymous reader quotes a report from Engadget: The PC industry bounced back in the second quarter of 2020 after its weakest quarter in years mostly due to shelter-in-place orders prompted by the coronavirus pandemic. According to both Gartner and IDC, PC shipments grew year-over-year in the second quarter -- the former says shipments totaled 64.8 million units (a 2.8 percent increase from Q2 2019), while IDC says global shipments reached 72.3 million units, which is 11.2 percent higher compared to the same period last year. Both organizations attribute the growth to PC production ramping up after supply chains were disrupted in the first quarter and to strong demand, now that more people need computers to work or study from home. "After the PC supply chain was severely disrupted in early 2020 due to the COVID-19 pandemic, some of the growth this quarter was due to distributors and retail channels restocking their supplies back to near-normal levels," Gartner research director Mikako Kitagawa said. The mobile PC or laptop segment did very well, in particular, due to people's remote learning and working needs. However, both organizations are skeptical that the demand would continue beyond 2020. Gartner and IDC also noted that traditional PC shipments exceeded expectations in the U.S. and in the Europe, Middle East and Africa (EMEA) region. "HP and Lenovo topped the list of PC vendors worldwide, with Dell coming in third for both IDC and Gartner," adds Engadget.

Read more of this story at Slashdot.

Image
LinkLeave a comment

Pandemic speeds largest test yet of universal basic income [Jul. 10th, 2020|11:57 am]
syn_ycombinator
Comments
LinkLeave a comment

Борис Вишневский, Или глупость, или подлость [Jul. 10th, 2020|04:09 pm]

syn_echo_msk_ru

Сафронов арестован не за то, что он делал, будучи два месяца сотрудником «Роскосмоса», а за то, что им якобы совершено в период его многолетней работы журналистом...
LinkLeave a comment

Статья дня, «Кто в «Роскосмосе», тот — ясно сразу — человек-говно». Сергей Шнуров — о Навальном и Сафронове [Jul. 10th, 2020|04:00 pm]

syn_echo_msk_ru
Нам не страшен больше НАТО!
Что нам русские менты?
Всех Навального фанаты,
Разорвут на комменты!...
LinkLeave a comment

Эмилия Слабунова, Конституция России ступила на минное поле [Jul. 10th, 2020|03:58 pm]

syn_echo_msk_ru

В Конституцию заложили мину, которая введет правовую систему России в состояние турбулентности...
LinkLeave a comment

Worldwide PC Shipments Grew Due To Work-From-Home Arrangements [Jul. 10th, 2020|01:00 pm]

syn_slashdot
An anonymous reader quotes a report from Engadget: The PC industry bounced back in the second quarter of 2020 after its weakest quarter in years mostly due to shelter-in-place orders prompted by the coronavirus pandemic. According to both Gartner and IDC, PC shipments grew year-over-year in the second quarter -- the former says shipments totaled 64.8 million units (a 2.8 percent increase from Q2 2019), while IDC says global shipments reached 72.3 million units, which is 11.2 percent higher compared to the same period last year. Both organizations attribute the growth to PC production ramping up after supply chains were disrupted in the first quarter and to strong demand, now that more people need computers to work or study from home. "After the PC supply chain was severely disrupted in early 2020 due to the COVID-19 pandemic, some of the growth this quarter was due to distributors and retail channels restocking their supplies back to near-normal levels," Gartner research director Mikako Kitagawa said. The mobile PC or laptop segment did very well, in particular, due to people's remote learning and working needs. However, both organizations are skeptical that the demand would continue beyond 2020. Gartner and IDC also noted that traditional PC shipments exceeded expectations in the U.S. and in the Europe, Middle East and Africa (EMEA) region. "HP and Lenovo topped the list of PC vendors worldwide, with Dell coming in third for both IDC and Gartner," adds Engadget.

Read more of this story at Slashdot.

Image
LinkLeave a comment

Best Intel Motherboards: July 2020 [Jul. 10th, 2020|09:00 am]
syn_anandtech

There's no disputing that Intel had a quiet first half of the year, with not much cadence in its product releases, aside from Comet Lake and its associated Z490 motherboards. During the middle part second quarter, Intel finally unveiled its revamped 14 nm processors through its release of the 10th generation Comet Lake for desktop, and along with it a heap of new models ranging from Z490 to H460, and even the more workstation focused W480 models. Moving firmly into the third quarter of 2020, Intel now has a fully stacked lineup and we're unveiling our Best Intel Motherboards guide for July 2020.

Image

LinkLeave a comment

Василий Вайсенберг, Нужно ли помогать Грудинину собрать миллиард? [Jul. 10th, 2020|03:37 pm]

syn_echo_msk_ru

Нельзя обманывать людей, когда у них просишь деньги. Лучше честно сказать — я не хочу оплачивать такой штраф и если хотите сохранить Совхоз, то придется скинуться...
LinkLeave a comment

Google рассказала об Android 12. Функции, которых мы не увидим в Android 11 [Jul. 10th, 2020|03:21 pm]
syn_ixbt_hard

Компания Google ответила на вопросы пользователей социального новостного ресурса Reddit относительно настоящего и будущего операционной системы Android в рамках традиционной сессии AMA (Ask Me Anything). 

В честности, были раскрыты функции, которые не стоит ждать в Android 11, но появятся в Android 12 в 2021 году или в следующих версиях ОС. Также некоторые из изменений уже начали внедряться в Android 11, но в будущих версиях ОС работа над ними продолжится более активно. 

Во-первых, в Android 11 мы так и не дождёмся функции скриншотов длинных страниц с прокруткой. В ранних сборках бета-версий Android 11 намёки на эту функцию появлялись, однако Google разбила все надежды пользователей на её появление в стабильной версии Android 11. По словам разработчиков, над её реализацией ведётся работа, но она появится не в Android 11 R. 

Во-вторых, в будущем появится усовершенствованная облачная система резервного копирования. Пользователь получит больше информации и настроек для создания бэкапов с разных устройств. Ожидается снятие ограничения в 25 МБ для данных в приложениях. Также в будущих релизах Android разработчики «убьют» функцию локального создания резервной копии информации со смартфона на компьютер через ADB. 

В-третьих Google работает над проблемой с агрессивным закрытием приложений в фоновом режиме, чем грешат многие производители устройств Android. Делается это ради продления времени автономной работы и по ряду других причин. Google осознаёт проблему и планирует побудить производителей прекратить использовать экстремальные методы, приводящие к тому, что некоторые приложения становятся бесполезными. 

В Android 11 накал страстей постараются снизить, требуя от производителей явно извещать пользователей о закрытии приложений в фоновом режиме, а также предоставят новый API, показывающий разработчикам причину закрытия приложений. Однако работа над этой проблемой продолжится в будущем. 

В-четвёртых, разработчики продолжат доводить до ума жестовое управление. В-пятых, сторонние лаунчеры получат больше свободы и возможностей. 



Комментировать

LinkLeave a comment

Привет из прошлого: в корпусе Chieftec CM-25B-OP есть четыре отсека типоразмера 5,25 дюйма [Jul. 10th, 2020|03:06 pm]
syn_ixbt_hard

Ассортимент Chieftec пополнил компьютерный корпус CM-25B-OP серии Classic. При первом же взгляде на новый корпус обращают на себя внимание отсеки типоразмера 5,25 дюйма — их насчитывается четыре штуки.

Корпус, окрашенный в черный цвет, изготовлен из стального листа толщиной 0,7 мм. Он рассчитан на платы типоразмера mini-ITX, mATX и ATX. В корпусе есть семь слотов для карт расширения. Помимо упомянутых четырех отсеков типоразмера 5,25 дюйма, есть один отсек типоразмера 3,5 дюйма с выходом на переднюю панель и три скрытых отсека типоразмера 3,5 дюйма. Для накопителей типоразмера 2,5 дюйма предусмотрено всего одно место.

Нижняя часть передней панели — сетчатая. За сеткой можно закрепить один 90-миллиметровый или 120-миллиметровый вентилятор. На задней стенке есть точки крепления для 80-миллиметрового, 90-миллиметрового или 120-миллиметровый вентилятора.

В корпусе помещаются карты расширения длиной до 280 мм. Если убрать корзину для накопителей, максимально допустимая длина увеличивается до 400 мм. Высота процессорной системы охлаждения не может превышает 165 мм.

На панель ввода-вывода вынесены разъемы двух портов USB 3.0 и двух портов USB 2.0, а также разъемы для наушников и микрофона. При габаритах 490 x 198 x 437 мм корпус весит 6,89 кг.



Комментировать

LinkLeave a comment

Первое изделие EPOS, адресованное геймерам, должно появиться на рынке в октябре текущего года. [Jul. 10th, 2020|02:50 pm]
syn_ixbt_hard

Марка Sennheiser хорошо известна любителям качественного звука. В ее активе есть даже несколько популярных игровых гарнитур серии GSP, таких как GSP 670. Эти гарнитуры выпустила компания Sennheiser Communications A/S, которая была создана как совместное предприятие Sennheiser и Demant в 2003 году.

В текущем году работа совместного предприятия завершается. Компания Sennheiser при этом поглотит подразделение, выпускающее мобильные гарнитуры, а подразделение, занятое корпоративными и игровыми решениями, продолжит работу как компания EPOS, полностью принадлежащая Demant. Она будет выпускать и продавать продукцию, сейчас входящую в каталог Sennheiser Communications для предприятий и любителей игр, под брендом EPOS | Sennheiser, а также представит новую продукцию под собственной маркой EPOS.

Кампания по продвижению бренда EPOS уже запущена. Первое изделие, адресованное геймерам, должно появиться на рынке в октябре текущего года.

 



Комментировать

LinkLeave a comment

Видео дня, Николай Сванидзе о деле Ивана Сафронова [Видео] [Jul. 10th, 2020|03:09 pm]

syn_echo_msk_ru

Никто не претендует на информацию, связанную с гостайной, но если доказательная база не будет открыта, то трудно поверить, что это не удар по свободе слова...
LinkLeave a comment

Мария Горькова, Видеозвонки по Индии. Богатейший бизнесмен страны запустил конкурента Zoom [Jul. 10th, 2020|03:04 pm]

syn_echo_msk_ru

Число клиентов Jio сейчас составляет около 400 млн. В компанию верят крупнейшие игроки IT-индустрии. В 2020 году в Jio Platforms инвестировали Facebook, Intel, а также инвесткомпании, частные и государственные фонды...
LinkLeave a comment

navigation
[ viewing | most recent entries ]
[ go | earlier ]