Feed aggregator

Is It Illegal to Trick a Robot?

Slashdot -

An anonymous reader writes: Can you get into trouble under anti-hacking laws for tricking machine learning...? A new paper by security researchers and legal experts asks whether fooling a driverless car into seeing a stop sign as a speed sign, for instance, is the same as hacking into it. The original submission asks another question -- "Do you have inadequate security if your product is too easy to trick?" But the paper explores the possibility of bad actors who deliberately build a secret blind spot into a learning system, or reconstruct all the private data that was used for training. One of the paper's authors even coded DNA that corrupts gene-sequencing software and takes control of its underlying computer, and the researchers ultimately warn about the dangers of "missing or skewed security incentives" in the status quo. "Our aim is to introduce the law and policy community within and beyond academia to the ways adversarial machine learning alter the nature of [cracking] and with it the cybersecurity landscape."

Read more of this story at Slashdot.

Open Source RISC V Processor Gets Support From Google, Samsung, Qualcomm, and Tesla

Slashdot -

An anonymous reader writes: Google, Qualcomm, and Samsung "are among 80 tech companies joining forces to develop a new open-source chip design for new technologies like self-driving vehicles," writes Seeking Alpha, citing a (pay-walled) report on The Information. "Western Digital and Nvidia also plan to use the new chip design for some of their products," while Tesla "has joined the RISC-V Foundation and is considering using the tech in its new chip efforts." MIT Technology Review adds that while Arm had hoped to bring their low-power/high performance processors to AI and self-driving cars, "The company that masterminded the processor inside your smartphone may find that a set of free-to-use alternative designs erode some of its future success."

Read more of this story at Slashdot.

Was The Florida Pedestrian Bridge Collapse Triggered By Post-Tensioning?

Slashdot -

A new lawsuit claims post-tensioning triggered the collapse of the pedestrian bridge at Florida International University, killing five motorists and one worker. Engineering News Record reports According to the lawsuit, the March 15, 2018 collapse occurred while a crew was post-tensioning bars in a diagonal member at the north end of the concrete truss that was the bridge's main element. The post-tensioning compressed the diagonal so that it overstressed a joint in the top chord, the lawsuit claims, triggering hinge failure at a connection in the lower chord and resulting in the catastrophic failure of the rest of the 174-ft-long structure. Post-tensioning that modifies the stresses in a structure is inherently risky and should be performed "in the absence of traffic," the lawsuit claims. [The lawsuit] draws heavily on video of the collapse, a voice message about cracks in the structure that were deemed superficial at that time by the engineer of record and design drawings in the design-build joint venture's proposal. Slashdot reader McGruber writes: Interestingly, just two days after the collapse, an Anonymous Coward posted that post-tensioning likely led to the collapse of the bridge... A March 21, 2018 NTSB News Release said "The investigative team has confirmed that workers were adjusting tension on the two tensioning rods located in the diagonal member at the north end of the span when the bridge collapsed. They had done this same work earlier at the south end, moved to the north side, and had adjusted one rod. They were working on the second rod when the span failed and collapsed. The roadway was not closed while this work was being performed." The Miami Herald reports that "how and where precisely the bridge broke apart likely won't be known for months, until the National Transportation Safety Board issues an official finding." While summarizing the leading theories, they're also calling it "the sort of baffling accident that makes structural engineers break out in sweats."

Read more of this story at Slashdot.

Security Experts See Chromebooks as a Closed Ecosystem That Improves Security

Slashdot -

The founder of Rendition Security believes his daughter "is more safe on a Chromebook than a Windows laptop," and he's not the only one. CNET's staff reporter argues that Google's push for simplicity, speed, and security "ended up playing off each other." mspohr shared this article: Heading to my first security conference last year, I expected to see a tricked-out laptop running on a virtual machine with a private network and security USB keys sticking out -- perhaps something out of a scene from "Mr. Robot." That's not what I got. Everywhere I went I'd see small groups of people carrying Chromebooks, and they'd tell me that when heading into unknown territory it was their travel device... "If you want prehardened security, then Chromebooks are it," said Kenneth White, director of the Open Crypto Audit Project. "Not because they're Google, but because Chrome OS was developed for years and it explicitly had web security as a core design principle...." Drewry and Liu focused on four key features for the Chromebook that have been available ever since the first iteration in 2010: sandboxing, verified boots, power washing and quick updates. These provided security features that made it much harder for malware to pass through, while providing a quick fix-it button if it ever did. That's not to say Chrome OS is impervious to malware. Cybercriminals have figured out loopholes through Chrome's extensions, like when 37,000 devices were hit by the fake version of AdBlock Plus. Malicious Android apps have also been able to sneak through the Play Store. But Chrome OS users mostly avoided massive cyberattack campaigns like getting locked up with ransomware or hijacked to become part of a botnet. Major security flaws for Chrome OS, like ones that would give an attacker complete control, are so rare that Google offers rewards up to $200,000 to anyone who can hack the system. The article argues that "Fewer software choices mean limited options for hackers. Those are some of the benefits that have led security researchers to warm up to the laptops... "Chrome OS takes an approach to security that's similar to the one Apple takes with iOS and its closed ecosystem."

Read more of this story at Slashdot.

The Prestigious Free Software Award Goes to Karen Sandler

Slashdot -

Each year the Free Software award goes to someone making "a great contribution to the progress and development of free software, through activities that accord with the spirit of free software." This year's winner is a former executive of the GNOME Foundation, Karen Sandler. Jeremy Allison - Sam, Slashdot reader #8,157, brought this announcement. Richard Stallman, President of the FSF, presented Sandler with the award during a ceremony. Stallman highlighted Sandler's dedication to software freedom. Stallman told the crowd that Sandler's "vivid warning about backdoored nonfree software in implanted medical devices has brought the issue home to people who never wrote a line of code. Her efforts, usually not in the public eye, to provide pro bono legal advice to free software organizations and [with Software Freedom Conservancy] to organize infrastructure for free software projects and copyleft defense, have been equally helpful." In her acceptance speech, Sandler spoke about her dedication to free software as a patient, advocate and professional. "Coming to terms with a dangerous heart condition should never have cost me fundamental control over the technology that my life relies on", said Sandler... "This issue is personal not just for me but for anyone who relies on software, and today that means every single person."

Read more of this story at Slashdot.

Pages

Subscribe to Heydon Consulting aggregator