Month: July 2016

Today, the UK's Wellcome Trust, a major funder of biomedical research, announced that it was partnering with a publisher called F1000 to create a new scientific journal. As its name implies, Wellcome Open Research will exclusively feature the research of people funded by the organization, and it will provide open access for anyone to view it—no subscription required. The journal will also have distinctive twists on what constitutes something worth publishing, as well as the peer review process.

Both the underlying technology and the approach to publishing will be borrowed from F1000. Authors will submit a work (more on what constitutes a work later), at which point it will undergo a brief editorial check for scientific validity. If it passes, it gets published online. At that point, peer reviewers will be invited to check the work out; their reviews, as well as their identity, will be public, so that anyone viewing the document can see it. The paper can then be revised based on the reviewers' comments; only when everyone is satisfied will the final product be submitted to scientific publication databases like PubMed.

Beyond the open peer review, Wellcome appears to be pushing for a greater opening up of the scientific process. In addition to works that are like a traditional scientific publication, the journal will happily take negative results (a hypothesis is wrong), null results (an experiment simply failed), and even just data sets. This is an acknowledgement that researchers typically do many experiments that are failures or produce results that aren't of general interest. But these results can be of value to the scientific community, if for no other reason than to warn them of experimental approaches that simply don't work.

My roommate received this email from a Microsoft recruiter today. pic.twitter.com/90Qwr78eGO

— Patrick Burtchaell (@pburtchaell) July 6, 2016

It's always horrible when olds try to emulate the style of the kids, which makes this attempt by Microsoft to attract interns particularly toe-curling. Twitter user Patrick Burtchaell says that his roommate received the youth lingo-infused e-mail from a Microsoft recruiter, and it brings to mind that scene from 30 Rock.

Translation was needed for some of the more senior (in age rather than tenure) members of the Ars Staff: "bae" is a term of endearment equivalent in meaning to "babe," "hella noms" means "lots of food," and "getting lit" means "getting drunk or high."

The best, by which I mean worst, part of the e-mail is that it gets the lingo wrong. "Drank" does not mean "drink." "Drank" means "cough syrup;" specifically, cough syrup containing codeine and promethazine that is consumed recreationally. Opioids like codeine are routinely abused to get high, and, when combined with the antihistamine promethazine, can produce feelings of euphoria.

This (blurry) picture shows the bad domain name printed on the bottom of a TP-Link router. (credit: Amitay Dan)

In common with many other vendors, TP-Link, one of the world's biggest sellers of Wi-Fi access points and home routers, has a domain name that owners of the hardware can use to quickly get to their router's configuration page. Unlike most other vendors, however, it appears that TP-Link has failed to renew its registration for the domain, leaving it available for anyone to buy. Any owner of the domain could feasibly use it for fake administration pages to phish credentials or upload bogus firmware. This omission was spotted by Amitay Dan, CEO of Cybermoon, and posted to the Bugtraq mailing list last week.

Two domain names used by TP-Link appear to be affected. tplinklogin-dot-net was used, according to TP-Link, on devices sold until 2014. On initial setup, while the router's Internet connection is still offline, the domain name will be trapped automatically and correctly send users to the router's configuration page. But subsequent visits to the configuration page can use the real Internet DNS system to resolve the address, and hence those routers are susceptible to being hijacked. A second TP-Link domain name, tplinkextender-dot-net, was used by TP-Link wireless range extenders and is similarly vulnerable.

Together, these domain names appear to be quite busy; estimates based on Alexa's ranking suggest that tplinklogin-dot-net sees about 4.4 million visits per month, with another 800,000 for tplinkextender-dot-net. It's not known who the new owner of the domains is, but Dan tweeted that domain name brokers are offering the more popular of the two for $2.5 million. This high price tag is perhaps why TP-Link has declined to buy the name back.

After taking a hiatus, Mac malware is suddenly back, with three newly discovered strains that have access to Web cameras, password keychains, and pretty much every other resource on an infected machine.

The first one, dubbed Eleanor by researchers at antivirus provider Bitdefender, is hidden inside EasyDoc Converter, a malicious app that is, or at least was, available on a software download site called MacUpdate. When double clicked, EasyDoc silently installs a backdoor that provides remote access to a Mac's file system and webcam, making it possible for attackers to download files, install new apps, and watch users who are in front of an infected machine. Eleanor communicates with control servers over the Tor anonymity service to prevent them from being taken down or being used to identify the attackers.

"This type of malware is particularly dangerous as it's hard to detect and offers the attacker full control of the compromised system," Tiberius Axinte, technical leader of the Bitdefender Antimalware Lab, said in a blog post published Wednesday. "For instance, someone can lock you out of your laptop, threaten to blackmail you to restore your private files or transform your laptop into a botnet to attack other devices."

The nuclear reactions that formed the first elements after the Big Bang. (credit: Arizona State University)

Cosmology is truly a remarkable science. Okay, all science is remarkable, but cosmology deals with something so neat and simple—the beginning of the Universe, where all of our reality was governed by fundamental physics. That simplicity is seen through the blurred vision of time, though. The remarkable part is how much detail we can extract from the fuzzy forms that are visible of the past.

One of those details is nucleosynthesis. The Big Bang theory predicts the elemental make up of the early Universe with amazing accuracy. Except for lithium. Lithium is either hiding, or there is an eater-of-lithium that shares an apartment with its better known cousin, the eater-of-socks. In lieu of evidence for an eater-of-lithium, scientists have been trying to figure out what might have prevented lithium from forming in the first place. One solution: a new particle that seems promising.

In the early Universe, there were no atoms or molecules as we know them today. The Universe was made up of protons and electrons that had too much energy to stick together, so they formed a kind of fluid, mixing and flowing around each other. But, as the Universe expanded, the fluid cooled, some of the protons began to stick together, grab a neutron or two, and form the first heavier elements.

(credit: Photograph by Rogers Cadenhead)

An Oakland, California, man now faces federal arson charges after he was accused of separate instances of throwing Molotov cocktails at Google Street View cars and other vehicles parked near Google headquarters.

No one was injured in the attacks, but one of the cars involved was destroyed. According to the criminal complaint against Raul Diaz, this was a self-driving car, but a Google spokesperson told Ars the damaged vehicle was not self-driving. (We're awaiting further clarification).

According to an affidavit written by Michael Nuttall, a special agent with the Bureau of Alcohol, Tobacco and Firearms, the attacks began in May. The Mountain View Police Department first responded to a reported incident of arson at a Google building on May 19, 2016. There, two broken Blue Moon beer bottles were found, one with the wick still intact. A Street View vehicle appears to have been targeted, but it was undamaged.

(credit: Don DeBold)

Few environmental limits are as obvious to people today as water availability. Particularly in drier climates, availability can be a pretty unforgiving equation. Even there, a family might pay less for water than for cell phones, but there is often a pretty complex system behind your tap that keeps it running.

The challenge of water availability rises beyond engineering. It becomes a delicate dance managing demand, forecasting supply, and sustaining ecosystems. Decisions have to be made based on information that is never complete, so any opportunity to obtain more useful information is liable to get a thirsty look from water managers.

Of course, a truck load of information won’t do you any good if you can’t extract the bits you need. One tool for working with potentially valuable truck loads is an artificial neural network—a software system that uses machine learning techniques to process tons of data and intelligently answer questions. And one company is now applying IBM’s Watson machine learning system in an interesting way to tell water utilities something they would love to know: how efficiently their customers are using water.