Oggi e' 13.08.2020
Sei qui: Home arrow Slashdot
Slashdot
Slashdot
News for nerds, stuff that matters

Slashdot
  • Single-line Software Bug Causes Fledgling YAM Cryptocurrency To Implode Just Two Days After Launch
    A two-day-old decentralized cryptocurrency called YAM collapsed this week after its creators revealed that a software bug had effectively vetoed human governance. From a report: "At approximately 6PM UTC, on Wednesday, August 12, we discovered a bug in the YAM rebasing contract that would mint far more YAM than intended to sell to the Uniswap YAM/yCRV pool, sending a large amount of excess YAM to the protocol reserve," the YAM project explained in a post on Thursday. "Given YAM's governance module, this bug would render it impossible to reach quorum, meaning no governance action would be possible and funds in the treasury would be locked." The bug followed from this line of code... totalSupply = initSupply.mul(yamsScalingFactor); ...which was supposed to be⦠totalSupply = initSupply.mul(yamsScalingFactor).div(BASE); YAM, a decentralized finance experiment, implements a governance system (for making protocol changes) based on supposed smart contracts that allocates votes based on assets. [...] The code flaw locked up about $750,000 worth of Curve (yCRV) tokens in the YAM treasury, assets intended to serve as a reserve currency to support the value of YAM tokens.

    Read more of this story at Slashdot.



  • Intel Says New Transistor Technology Could Boost Chip Performance 20%
    Intel on Thursday disclosed a new method for making transistors on semiconductors that its chief architect said could boost the performance Intel's next round of processors by as much as 20%. From a report: The Santa Clara, California-based company is one of the few remaining in the world that both designs and manufactures its own chips. But its manufacturing operations have become a concern among investors after Intel last month said that its next-generation chip-making process, called its 7-nanometer process node, would be delayed. Analysts believe the delays could cement the lead that rivals such as Taiwan Semiconductor Manufacturing Co have gained in making smaller, more power efficient chips. Intel's shares have fallen nearly 20% since the delays were disclosed. On Thursday, Intel sought to buck the notion that the single-number names given to each generation of chip process node tell the entire story by disclosing improvements on its existing 10-nanonmeter process node. It announced a new way of making what it now calls "SuperFin" transistors, which, along with a new material being used to improve the capacitors on chips, is expected to boost the performance of Intel's forthcoming processors, despite their still being made on 10-nanometer manufacturing lines.

    Read more of this story at Slashdot.



  • Facebook Abandons Broken Drilling Equipment Under Oregon Coast Seafloor
    Kale Williams, reporting for The Oregonian: Lynnae Ruttledge was worried when she heard Facebook planned to build a landing spot for an undersea fiber-optic cable near her Oregon Coast home. Tierra Del Mar, where the 70-year-old retired government worker lives part-time, is a tiny community north of Pacific City with no stoplights and no cell-phone service. The enclave, all zoned residential, consists of about a dozen mostly gravel streets running perpendicular to an idyllic stretch of beach, each lined with single-family homes. Ruttledge and many of her neighbors worried about heavy equipment on fragile roads built over sand dunes. They worried about noise and vibrations from the drill needed to punch a hole under the seafloor thousands of feet out into the ocean. They worried about threatened bird species, like the snowy plover and marbled murrelet, that could be affected. Despite their concerns, and a vocal campaign to stop the project, construction began earlier this year. Then, on April 28, the drilling crew hit an unexpected area of hard rock. The drill bit became lodged and the drill pipe snapped 50 feet below the seafloor. The crew was able to recover some of the equipment, but they left the rest where it lay. Today, about 1,100 feet of pipe, a drill tip, various other tools and 6,500 gallons of drilling fluid sit under the seafloor just off the central Oregon coast. Facebook has no plans to retrieve the equipment. Edge Cable Holdings, a Facebook subsidiary responsible for the project, notified the county of the accident on May 5, but it did not explicitly mention the abandoned equipment. That information didn't emerge until a meeting with state officials June 17, nearly two months after the malfunction, said Ali Hansen, a Department of State Lands spokeswoman. "The delay in notification eliminated any potential options for recovery of the equipment," Hansen said in an email. The U.S. Army Corps of Engineers said the company's new plan is to return in early 2021 to drill a new hole, leaving the lost equipment under the seafloor indefinitely.

    Read more of this story at Slashdot.



  • Epic Games Sues Apple
    Epic Games has filed legal papers in response to Apple, read more here (PDF). From the filing: Epic brings this suit to end Apple's unfair and anti-competitive actions that Apple undertakes to unlawfully maintain its monopoly in two distinct, multibillion dollar markets: (i) the iOS App Distribution Market, and (ii) the iOS In-App Payment Processing Market. Epic is not seeking monetary compensation from this Court for the injuries it has suffered. Nor is Epic seeking favorable treatment for itself, a single company. Instead, Epic is seeking injunctive relief to allow fair competition in these two key markets that directly affect hundreds of millions of consumers and tens of thousands, if not more, of third-party app developers.[....] Contrast this anti-competitive harm with how similar markets operate on Apple's own Mac computers. Mac users can download virtually any software they like, from any source they like. Developers are free to offer their apps through the Mac computer App Store, a third-party store, through direct download from the developer's website, or any combination thereof. Indeed, on Macs, Epic distributes Fortnite through its own storefront, which competes with other third-party storefronts available to Mac users. App developers are free to use Apple's payment processing services, thee payment processing services of third parties, or the developers' own payment processing service; users are offered their choice of different payment processing options (e.g., PayPal, Amazon, and Apple). The result is that consumers and developers alike have choices, competition is thriving, prices drop, and innovation is enhanced. The process should be no different for Apple's mobile devices. But Apple has chosen to make it different by imposing contractual and technical restrictions that prevent any competition and increase consumer costs for every app and in-app content purchase -- restrictions that it could never impose on Macs, where it does not enjoy the same dominance in the sale of devices. It doesn't have to be like this. [...] Apple has become what it once railed against: the behemoth seeking to control markets, block competition, and stifle innovation. Apple is bigger, more powerful, more entrenched, and more pernicious than the monopolists of yesteryear. At a market cap of nearly $2 trillion, Apple's size and reach far exceeds that of any technology monopolist in history. Epic just streamed this video to its users.

    Read more of this story at Slashdot.



  • Apple Kicks Fortnite Out of App Store for Challenging Payment Rules
    Fortnite, the social shooter made by Epic Games, has been removed from the Apple App Store, the only way to install software on iPhones. From a report: CNBC searched on the App Store on Thursday and did not find the game. It was previously available for download earlier in the day. App Store promotions about the game brought up a message that it "cannot connect to App Store." On Thursday, Epic Games challenged not only Apple but Google by introducing a new way to buy digital goods like character outfits and weapons at a discount. Users who paid Epic Games directly would receive a 20% discount, versus users who paid through Apple's App Store or Google Play, who would pay a higher amount. This practice is banned by both Apple's App Store and Google's Play Store. In a statement, Apple said: Today, Epic Games took the unfortunate step of violating the App Store guidelines that are applied equally to every developer and designed to keep the store safe for our users. As a result their Fortnite app has been removed from the store. Epic enabled a feature in its app which was not reviewed or approved by Apple, and they did so with the express intent of violating the App Store guidelines regarding in-app payments that apply to every developer who sells digital goods and services. Epic has had apps on the App Store for a decade, and have benefited from the App Store ecosystem -- including its tools, testing, and distribution that Apple provides to all developers. Epic agreed to the App Store terms and guidelines freely and we're glad they've built such a successful business on the App Store. The fact that thheir business interests now lead them to push for a spcial treatment does not change the fact that these guidelines create a level playing field for all developers and make the store safe for all users. We will make every effort to work with Epic to resolve these violations so they can return Fortnite to the App Store.

    Read more of this story at Slashdot.



  • FBI and NSA Expose New Linux Malware Drovorub, Used by Russian State Hackers
    The FBI and NSA have published today a joint security alert containing details about a new strain of Linux malware that the two agencies say was developed and deployed in real-world attacks by Russia's military hackers. From a report: The two agencies say Russian hackers used the malware, named Drovorub, was to plant backdoors inside hacked networks. Based on evidence the two agencies have collected, FBI and NSA officials claim the malware is the work of APT28 (Fancy Bear, Sednit), a codename given to the hackers operating out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main SpecialService Center (GTsSS). Through their joint alert, the two agencies hope to raise awareness in the US private and public sectors so IT administrators can quickly deploy detection rules and prevention measures.

    Read more of this story at Slashdot.



  • The Quest To Liberate $300,000 of Bitcoin From an Old ZIP File
    A few quintillion possible decryption keys stand between a man and his cryptocurrency. From a report: In October, Michael Stay got a weird message on LinkedIn. A total stranger had lost access to his bitcoin private keys -- and wanted Stay's help getting his $300,000 back. It wasn't a total surprise that The Guy, as Stay calls him, had found the former Google security engineer. Nineteen years ago, Stay published a paper detailing a technique for breaking into encrypted zip files. The Guy had bought around $10,000 worth of bitcoin in January 2016, well before the boom. He had encrypted the private keys in a zip file and had forgotten the password. He was hoping Stay could help him break in. In a talk at the Defcon security conference this week, Stay details the epic attempt that ensued. [...] "If we find the password successfully, I will thank you," The Guy wrote with a smiley face. After an initial analysis, Stay estimated that he would need to charge $100,000 to break into the file. The Guy took the deal. After all, he'd still be turning quite the profit. "It's the most fun I've had in ages. Every morning I was excited to get to work and wrestle with the problem," says Stay, who today is the chief technology officer of the blockchain software development firm Pyrofex. "The zip cipher was designed decades ago by an amateur cryptographer -- the fact that it has held up so well is remarkable." But while some zip files can be cracked easily with off-the-shelf tools, The Guy wasn't so lucky. That's partly why the work was priced so high. Newer generations of zip programs use the established and robust cryptographic standard AES, but outdated versions -- like the one used in The Guy's case -- use Zip 2.0 Legacy encryption that can often be cracked. The degree of difficulty depends on how it's implemented, though. "It's one thing to say something is broken, but actually breaking it is a whole different ball of wax," says Johns Hopkins University cryptographer Matthew Green.

    Read more of this story at Slashdot.