The US Food and Drug Administration released guidance last week in which it suggested that medical-device manufacturers consider the dangers of hacking in the design of their products, while not requiring countermeasures.

The nine-page document informs companies of the agency's "current thinking" on the topic of cybersecurity. In it, the FDA recommended that companies assess any dangers on the intentional or unintentional misuse of a device in their design stage. In addition, medical devices and systems should detect and log attacks and allow technicians to react to such attacks, whether through patching a vulnerability or other action.

"The need for effective cybersecurity to assure medical device functionality and safety has become more important with the increasing use of wireless, Internet- and network-connected devices, and the frequent electronic exchange of medical device-related health information," the agency stated, adding that "manufacturers should address cybersecurity during the design and development of the medical device, as this can result in more robust and efficient mitigation of patient risks."

Read 6 remaining paragraphs | Comments

Aurich Lawson

UPDATE: On Friday, Intel issued a statement via its company blog to apologize for its part in the #GamerGate conversation. The post began with an acknowledgement that the company pulled ads from news site Gamasutra, confirming that the company would "not continue with our current ad campaign" there after receiving a wave of user complaints.

"Our action inadvertently created a perception that we are somehow taking sides in an increasingly bitter debate in the gaming community," the post continued. "That was not our intent, and that is not the case. When it comes to our support of equality and women, we want to be very clear: Intel believes men and women should be treated the same."

The post concluded by decrying "any organization or movement that discriminates against women," then saying, "we apologize and we are deeply sorry if we offended anyone." Intel's apology did not acknowledge the content of Leigh Alexander's September article, nor any other concerns or complaints attributed to #GamerGate.

Read 7 remaining paragraphs | Comments

The Windows 10 desktop isn't all that different from Windows 8.1's, but it's more important for the OS to replace Windows 8's damaged brand. Andrew Cunningham

The desktop environment in Windows 8.1 is pretty good.

This was not the message that Microsoft conveyed at its Windows 10 launch event last week, a presentation that had Microsoft's historically change-averse but financially important business customers in mind. Whether the company was looking forward to multiple desktops and Continuum or backward to the Start menu and the command prompt, Microsoft's message was clear: we have finished undoing all that stuff you didn't like.

But regardless of the message, the Windows 10 desktop is really only building on the foundation Windows 8.1 and Windows 8.1 Update 1 laid. These updates restored the Start button, allowed desktop and laptop users to boot into the desktop environment by default, and gave the familiar Windows taskbar the ability to launch and switch between full-screen Windows Store apps.

Read 12 remaining paragraphs | Comments

Not the actual exploit.

A security researcher claims to have uncovered a botnet being built by Romanian hackers using the “Shellshock” exploit against servers on a number of high-profile domains, including servers at Yahoo and the utility software developer WinZip. Jonathan Hall, president and senior engineer of technology consulting firm Future South Technologies published a lengthy explanation of the exploits and his communications with the exploited on his company’s website this weekend and said that Yahoo had acknowledged finding traces of the botnet on two of its servers.

Hall found the botnet, he said, by tracking down the source of requests that probed one of his servers for vulnerable CGI server scripts that could be exploited using the Shellshock bash vulnerability. That security flaw allows an attacker to use those vulnerable server scripts to pass commands on to the local operating system,  potentially allowing the attacker take remote control of the server. Hall traced the probes back to a server at WinZip.com. He then used his own exploit of the bash bug to check the processes running on the WinZip server and identified a Perl script running there named ha.pl.

After extracting the contents of the script, Hall discovered that it was an Internet Relay Chat (IRC) bot similar to ones used to perform distributed denial of service attacks on IRC servers. However, as he examined it more closely, he found that it “appeared to focus more on shell interaction than DDoS capabilities,” he wrote. According to Hall, it takes remote control of the server, while using its IRC code to report back to an IRC channel (called, creatively, #bash). The code was also heavily commented in Romanian.

Read 6 remaining paragraphs | Comments

The actual firing patterns of grid cells as a mouse navigates a square enclosure. Norwegian University of Science and Technology

Understanding where we're located may seem trivial, but it has a profound effect on life. We strongly associate memories with specific locations, and we can retain the ability to navigate between places for decades. A sense of location is also associated with basic survival: you can remember where to go next to get food, or know that approaching an edge should be done cautiously if you recall that you're 300 meters up a mountainside.

All of which suggests that producing a sense of place—and relating that sense to both memories and to other locations—should be central to the lives of complex animals. But until the 1970s, we had very little idea of how this knowledge was generated and retained by the brain. This year, the Nobel Prize committee is honoring three researchers for their roles in figuring out "the brain's GPS."

A sense of place

One half of the prize is going to John O’Keefe, an American who has worked at the University College, London for decades. O’Keefe's work took advantage of technological developments in the late 1960s. At the time, researchers had known for a while how to record the activity of individual neurons in the brain, but this was extremely invasive and generally done on anesthetized animals. A key breakthrough was the miniaturization of the equipment, which was eventually made small enough that the rats could be monitored while they were awake and active.

Read 6 remaining paragraphs | Comments

HP today confirmed yesterday's report that it plans to split itself into two companies, one for PCs and printers and another for business technology and services. HP also said its layoffs, which are already in full swing, will affect 55,000 people by the time they're done. For comparison's sake, Google's entire employee base is 47,756.

HP had 317,000 employees as of October 2013. The company got rid of 36,000 people by July of this year. HP was planning total "employee reductions" of 45,000 to 50,000 people, but it will now push that to 55,000 "to fund investment opportunities in R&D and sales," the company said in a presentation for investors today.

HP plans to break into two by the end of October 2015. One of the new, separate companies will be Hewlett-Packard Enterprise, focusing on "servers, storage, networking, converged systems, services and software as well as its OpenStack Helion cloud platform," HP said. HP CEO Meg Whitman will be CEO of Hewlett-Packard Enterprise.

Read 5 remaining paragraphs | Comments

Dmitry Lyakhov via Flickr

Adhesives that can form bonds underwater would be useful for many biomedical applications, yet few synthetic adhesives exist today. In the last decade, researchers have begun to look to the sea to investigate the organisms—mussels, barnacles, algae, and others—that naturally secrete durable underwater adhesives. Recently, scientists have successfully developed adhesives that are able to mimic their biological counterparts.

There are two natural protein systems that have been widely investigated thus far. One uses a chemical called 3,4-dihydroxyphenylalanine (DOPA) that links proteins together—we’ll call this the sticky part. The other relies on an amyloid structure, a flat assembly of proteins that tends to form dense fibers. In this work, investigators aimed to combine the sticky bit and the fibers to produce a next generation of bio-inspired adhesives. (They tested two sticky proteins—Mfp3 and Mfp5, which mimic DOPA-based mussel adhesive proteins—and the amyloid protein, CsgA.)

The authors used computer modeling to check whether the sticky parts could be merged with the fibrous one. They found that neither protein disrupted the other—it was possible to create a single molecule that combined both of their binding properties. Simulations also showed that these hybrid proteins spontaneously formed fibers, which suggests that this dual system could in fact be used to form adhesive materials. These fibers were held together by stacking of the amyloid core and adhesion from the sticky domains.

Read 7 remaining paragraphs | Comments

Redbox Instant, Verizon's attempt to compete against Netflix, is being closed after a two-year existence marked by criminal activity and a failure to attract customers.

"Redbox Instant by Verizon... will be shut down on Tuesday, October 7, 2014, at 11:59 p.m. Pacific Time," customers were told in a notice on the service's website.

The Verizon/Redbox joint venture never caught on, but things took a turn for the worse this year. "Redbox Instant has a problem that may just break its neck: The video service disabled sign-ups for new users because of criminal activity three months ago and has yet to open up the gates again," GigaOm reported on Sept. 29. Redbox customers' payment information wasn't leaked, but criminals had been using Redbox Instant's website "to verify credit card numbers they illegally obtained elsewhere."

Read 5 remaining paragraphs | Comments

Cyrus Farivar

This week, I downloaded a new iPhone app, Path Talk, and I texted actual questions to local businesses near where I live in Oakland, California. In some cases I got answers back within minutes, but most took longer, even over an hour. Nevertheless, it was almost like magic.

Without interrupting my work day, I learned some crucial information about my favorite East Oakland taco truck (Tacos Sinaloa): "Can I place an order by phone?"

"Hi! Unfortunately, you would have to come to our restaurant in person since we do not take orders over the phone. Sorry about that. Have a nice day!"

Read 25 remaining paragraphs | Comments

The Wall Street Journal is reporting that HP will break up into two separate companies. According to the report, the company appears ready to split into separate "Consumer" and "Enterprise" companies, with PCs and printers ending up in one company and corporate hardware and services operations going to the other. The Journal says HP plans to announce the move "as early as Monday."

If this sounds familiar, it's because this is basically the plan that was proposed in 2011 when HP's CEO was Léo Apotheker. HP intended to get rid of the "Personal Systems Group" (PSG), the division that makes PCs, and focus on the enterprise. Shareholders didn't like the plan though. So after Apotheker was fired and the current CEO Meg Whitman took over, she decided to keep the PC division. At the time, Whitman said, “It’s clear after our analysis that keeping PSG within HP is right for customers and partners, right for shareholders, and right for employees. HP is committed to PSG, and together we are stronger.” Whiteman reorganized the unit, combining the low-profit PC division with the more profitable printer group.

After a few years, it looks like the old plan is mostly back, and the PC group will be spun off into a separate company and take the printer group with it. WSJ says Whiteman will be the chairman of Consumer HP and CEO of Enterprise HP. The current lead independent director, Patricia Russo, will be chairman of Enterprise HP, and Dion Weisler will move from an executive in the PC/printer group to become the new company's CEO.

Read on Ars Technica | Comments

Aurich Lawson

Markdown is a Perl script that converts plain text into Web-ready HTML; it's also a shorthand syntax for writing HTML tags without needing to write the actual HTML. Markdown has been around for a decade now, but it hasn't seen an update in all that time—nearly unheard of for a piece of software. In that light, the fact that Markdown continues to work at all is somewhat amazing.

Regrettably, "works" and "works well" are not the same thing. Markdown, despite its longevity, has bugs. But here, the software has an advantage. As free and open source (FOSS) software, licensed under a BSD-style license, anyone can fork Markdown and fix those bugs.

Recently, a group of developers set out to fix some of those bugs, creating what they call a "standard" version of Markdown. From a pure code standpoint, the results are great. Yet there was no surplus of gratitude. Instead, the "standard" group found itself at the center of a much larger and very contentious debate, one that's ultimately about who we want in control of the tools we use.

Read 52 remaining paragraphs | Comments

The smartwatch product category is still just getting off the ground, and right now they aren't the most useful things on the planet. There is a ton of power packed into them, though, and the main problem is essentially limited software. In that regard, how about running a full desktop OS on your wrist?

Corbin Davenport has been torturing his Android Wear-powered Samsung Gear Live by making it run all manner of things it shouldn't ever be asked to run. Thanks to the Android DOS emulator aDosBox, he's even gotten Windows 95 to boot up, which you can see in the above video. Sadly, it's not running perfectly. Thanks to a lack of emulator configuration, Windows 95 keeps running out of memory and apps just crash. The Gear has a whopping 512MB of RAM, but the emulator just doesn't let Windows address it all.

It's not just Windows that Davenport has gotten running on the Gear Live. He also has video of the Android version of Doom (of course) and Minecraft PE. The 1.65 inch screen makes everything pretty unusable, but it's all in good fun. If you want to see more microscopic programs running on a smartwatch, don't forget our attempts with the original Galaxy Gear—we got Candy Crush and a full Android Launcher up and running on these little things.

Read on Ars Technica | Comments

Hawaii's Puʻu ʻŌʻō eruption. And you thought Iceland got all the good volcano names. USGS

The Earth seems to have been smoking a lot recently. Volcanoes are currently erupting in Iceland, Hawaii, Indonesia, and Mexico. Others, in the Philippines and Papua New Guinea, erupted recently but seem to have calmed down. And then there was the fatal eruption in Japan. Many of these have threatened homes and forced evacuations. But among their less-endangered spectators, these eruptions may have raised a question: Is there such a thing as a season for volcanic eruptions?

Surprisingly, this may be a possibility. While volcano “seasons” aren't anything like the four we're familiar with, scientists have started to discern intriguing patterns in their activity.

Eruptions caused by a shortened day

The four seasons are caused by the Earth’s axis of rotation tilting towards and away from the Sun. But our planet undergoes another, less well-known change, one that affects it in a more subtle way—perhaps even volcanically.

Read 13 remaining paragraphs | Comments

An internal front view of the vending machine, with the battery, circuitry, and top dial. USPTO

In the late 1800s, we still didn't know a great deal about electricity. One scientist was still attempting to figure out how electric shocks kill things in 1895, and found that when he delivered a 240-milliamp shock to dogs, their hearts were very damaged (for comparison, a taser puts out about 3 milliamps). In 1903, Thomas Edison was trying to prove alternating current was dangerous by electrocuting animals. But before these instances of using electricity for death, one inventor thought people would be interested in using quick jolts to improve health, like the green juice of his day.

"When electricity was in its infancy, the power was believed to have a beneficial effect on health. Why not vend a small measure of electricity by coin operation?" wrote Paul Braithwaite in his book, Arcades and Slot Machines. Braithwaite was describing an existing patented design: a coin-operated vending machine that would deliver an electrical shock to the customer in exchange for money.

The patent for a "coin operated electrical apparatus" was originally filed by Norman W. Russ and granted in England in 1886. Russ followed up with patents for his invention in France, Belgium, Canada, and the United States, which granted it on May 15, 1888.

Read 8 remaining paragraphs | Comments

I needed a bit of food, but do i find this red stuff rewarding? University of Florida

Scott Waddell, at Oxford's Centre for Neural Circuits and Behavior, is interested in Big Ideas like memory and motivation—and not necessarily in thirsty flies. But in trying to understand the former, he has spent a lot of time studying the latter.

Reward systems depend on both obtaining a resource and learning to appreciate it. Drinking water is rewarding to thirsty animals, but only because the act of drinking impacts the nervous system and controls water-seeking behavior. How it manages to do so has been largely unexplored.

In the case of flies, thirst completely rewires behavior. Water-sated flies avoid water; only those that have been deprived for at least six hours gravitate towards it. Waddell's group demonstrated that a specific subset of dopamine-using neurons are required for thirst to induce flies to value water, and that this valuation depends on the flies' sensing of water vapor.

Read 5 remaining paragraphs | Comments

Stack Exchange

here asks:

I'm trying to determine the technical details of why software produced using programming languages for certain operating systems only work with them.

It is my understanding that binaries are specific to certain processors due to the processor specific machine language they understand and the differing instruction sets between different processors. But where does the operating system specificity come from? I used to assume it was APIs provided by the OS but then I saw this diagram in a book.

Read 18 remaining paragraphs | Comments

ComputerCOP Supercut
A county sheriff from Limestone, Alabama is sticking by his department's endorsement of ComputerCOP, a shady piece of software given to parents to monitor their kids online. Other law enforcement agencies, it appears, have followed that example.

Earlier this week, the Electronic Frontier Foundation published an investigation into software called ComputerCOP which approximately 245 agencies in more than 35 states, plus the US Marshals, have been distributing to parents to use to monitor their children. The software is essentially spyware, and many versions come with a keylogger, which in some cases transmits unencrypted keystrokes to a server.

In addition to ComputerCOP's security issues, the EFF discovered misleading marketing materials that wrongly claimed endorsements from the US Department of the Treasury and the ACLU. “Law enforcement agencies have purchased a poor product, slapped their trusted emblems on it, and passed it on to everyday people. It’s time for those law enforcement agencies to take away ComputerCOP’s badge,” Dave Maass of the EFF wrote in an article that was republished on Ars on Wednesday.

Read 12 remaining paragraphs | Comments

A Tava sandstone dike standing free of the surrounding rock, which eroded away here. C. Siddoway

Igneous rocks are rebels. Sedimentary rocks follow straight-forward rules—they are deposited in horizontal layers, with the oldest sediments on the bottom. Igneous rocks can do what they want. Molten rock can eat away at other rocks below ground, opening up a cozy space to cool and solidify. It can also come flying—or oozing—out of a volcano, quickly crystallizing on the surface. Or it may squirt through crevices like fractures or boundaries between sedimentary layers, inserting itself as a sheet in any number of orientations. Where these walls of igneous rock cut across rock layers, they are called “dikes.”

Every now and then, when conditions are just right, sediments get to play this game, too. When they’re over-pressurized, water-soaked sands can sometimes get injected into fractures to form “clastic dikes”. Most often, these clastic dikes invade sediments or sedimentary rocks. Only very, very rarely, does sand get to turn the tables on those igneous hooligans, forming dikes of sandstone within igneous rocks.

In Colorado’s Front Range, near Colorado Springs, you can find that strange inversion. Along the Ute Pass Fault, the Tava sandstone forms dikes and similar formations within the billion-year-old Pikes Peak Granite, as well as some even older crystalline rocks to the south. Sheets of sandstone up to six meters thick cut through the rocks, which would confuse the heck out of any young geology students an instructor was mean enough to bring out there.

Read 10 remaining paragraphs | Comments

The front (left) and back (right) of RocketSkates, motorized chariots for your feet. Andrew Cunningham

Some words just make other words seem cooler. Add "rocket" to just about anything—car, backpack, toast—and suddenly you've made those words way more interesting. Rocket car! Rocket backpack! Rocket toast!

That was my thinking when I decided to try out RocketSkates, an upcoming product from Acton that cleared $550,000 in Kickstarter funding over the summer. While they aren't actually propelled by rockets, the motorized and battery-powered skates will scoot you along at speeds of about 12 miles per hour, and creator Peter Treadway has high hopes that they'll compete with skateboards, bikes, regular skates, and plain old feet as a form of urban transit. We met with Treadway earlier this week to talk about the skates and to take them for a test run.

RocketSkates began as a school project that Treadway began working on while he was getting his master's degree in industrial design. For him, "wearable transportation" was a natural way to combine his "love of cars and love of fashion." During the prototyping phase, he even delayed his own graduation so he could retain his access to the school's facilities.

Read 17 remaining paragraphs | Comments

Microsoft sued Samsung in August, alleging that the Korean firm had failed to make payments that were contractually owed. At the time, the documents were sealed, obscuring the value of the payments. Today, those documents were unsealed, revealing the full scale of the suit.

In September 2011, the two companies entered a seven-year cross-licensing agreement for mobile-related patents. The payments for the first year were made without fuss. In August 2013, Samsung told Microsoft that it had assessed the value of the royalties owed for the second year as over $1 billion. Payment of this fee was due in October, but Microsoft says that no payment was received until late November 2013. Redmond's complaint says that Samsung owes more than $6.9 million in interest fees for the late payment (per the terms of the original licensing agreement).

What changed between August and October? In September 2013, Microsoft announced that it was buying Nokia's Devices division. The software giant asserts that Samsung is both claiming that Nokia's devices are not covered by the cross-licensing deal—and hence violating Samsung's own patents—and that the Nokia purchase voids the licensing agreement in its entirety.

Read 3 remaining paragraphs | Comments