Month: October 2016

(credit: michael)

A serious vulnerability that has been present for nine years in virtually all versions of the Linux operating system is under active exploit, according to researchers who are advising users to install a patch as soon as possible.

While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild.

"It's probably the most serious Linux local privilege escalation ever," Dan Rosenberg, a senior researcher at Azimuth Security, told Ars. "The nature of the vulnerability lends itself to extremely reliable exploitation. This vulnerability has been present for nine years, which is an extremely long period of time."

Enlarge / What's inside the Switch? We recap what we know and what we can guess. (credit: Nintendo)

The first trailer for Nintendo's Switch console told us a lot about the console's central gimmick but almost nothing about the details. How big is it? How powerful is it? How long will its battery last? What will it cost? What accessories come bundled, and which will be aftermarket add-ons?

We don't have definitive answers to any of those questions, but if you take all the available information you can make some reasonably confident guesses. So while Nintendo has six more months to give us additional information about the Switch, here's everything we know (and can guess) about the stuff inside the console/portable hybrid for now.

Nvidia's Tegra chip and graphics performance

The new console uses a "custom Tegra processor" from Nvidia, confirming months of rumors. Nvidia has declined to give us the chip's name or provide any specs, but many rumors point to it being either a "Tegra X2" or a very close relative. (Also worth noting: Digital Foundry claims devkits are running a slightly older Tegra X1.)

Enlarge (credit: Getty | Media for Medical)

In 2015, documented cases of sexually transmitted diseases in the US hit the highest number ever in the Centers for Disease Control and Prevention’s records going back to 1941, according to a new report by the agency. It’s the second year in a row with historically high STD levels. However, because only three STDs are routinely reported to the CDC—chlamydia, gonorrhea, and syphilis—the new data may be just a glimpse of the nationwide problem.

Among the three nationally reported STDs, chlamydia had the highest total number of cases, hitting more than 1.5 million in 2015. That total is a 5.9 percent increase from that of 2014. Syphilis saw the largest jump, with a 19 percent increase from 2014 cases, bringing the 2015 total to nearly 24,000. Gonorrhea followed with a 12.8 percent increase, reaching nearly 400,000 cases.

Americans most affected by the STD rise are young people and gay and bisexual men, the agency found. Two-thirds of chlamydia cases and half of gonorrhea cases were among Americans aged 15 to 24. Men who have sex with men were largely behind the rises in gonorrhea and syphilis.

Enlarge (credit: Wikimedia Commons)

Most of the complex organisms we see around us have equally complex genomes with lots of large gene families that allow them to finely tune the regulation of things like development and metabolism. While some of these extra copies of genes became available when an individual gene got duplicated, a lot of this genetic complexity seems to have arisen when the entire genome was duplicated. In other words, an organism can end up with four sets of every chromosome rather than just one each from mom and dad.

While these copies start out looking extremely similar, evolutionary changes allow individual genes to take on specialized roles or to end up active at different times and locations. This specialization can enable evolutionary novelty—more distinct cell types, more elaborate development, and so on.

It's estimated that the lineage that led to us vertebrates experienced two separate whole-genome duplications, giving us four sets of some critical developmental genes. The lineage that led to most fish seems to have undergone yet another one since. But all of those events took place in the distant past, leaving lots of questions about how evolution proceeds when there's extra copies of everything. Now, in order to answer some of those questions, researchers have sequenced the genome of a frog with four sets of chromosomes.

The National Security Operations Center at NSA, photographed in 2012—the nerve center of the NSA's "signals intelligence" monitoring. (credit: National Security Agency)

In a new Thursday court filing, federal prosecutors expanded their accusations against a former National Security Agency contractor. Feds now accuse Harold Thomas Martin III of stealing at least 50 terabytes of classified material. The incident is believed to be the largest heist of secret data from the NSA, far larger than what former contractor Edward Snowden took.

Prosecutors also said that Martin should remain locked up and noted that he will soon be charged with violations of the Espionage Act. That law, which dates back nearly a century, is the same law that was used to charge Chelsea Manning and Snowden, among others. If convicted, violators can face the death penalty.

United States Attorney Rod Rosenstein and two other prosecutors laid out new details in the case against Martin, whose arrest only became public earlier this month. Martin had been a contractor with Booz Allen Hamilton and possessed a top-secret clearance.

Enlarge / You don't need a DeLorean to understand the past. (credit: Wikimedia Commons)

How do we know what today's lifeforms were like when they first evolved? For years, biologists could make inferences about how recent species shared common ancestors based on an approach called cladistics, which quantified how many similar features they shared. This approach worked with fossils as well as living species, allowing us to group them in the sort of branching hierarchies produced by common descent. But these days, rather than things like bone shape and tooth number, we have DNA.

So how do you build a tree out of that? As it turns out, the general approach of cladistics also works with genetic information.

Cladistics

Let's say you want to understand the origin of mammals. To do that, it helps to have a separate but closely related group—for mammals, reptiles would work well. Reptiles and mammals share a number of features, such as having four limbs (they're all tetrapods—even snakes and whales, which can have vestigial limbs). Others are distinct to mammals, like fur or the presence of specific bones in the inner ear. You can also have some features that are partly shared (like the egg laying of a platypus) or present in only a subset of mammals (like flight in the bats).

There are many, many unanswered questions surrounding the Nintendo Switch (aka. Project NX) after its brief unveiling this morning. The biggest? We still don't know the actual dimensions of the system—which includes a tablet screen and detachable Joy-Con controllers. In the absence of official information, we've analyzed high-quality images of the system distributed by Nvidia to estimate those dimensions. That analysis shows the Nintendo Switch has a roughly 6.5" screen and individual controllers slightly smaller than those on the NES.

Our photographic analysis of the Switch's dimensions hinges on a single visual reference point: the analog sticks on the controllers. On the Wii U, Xbox One, and PS4, the top surface of the analog stick measures 17 to 18 mm in diameter at the widest point. That seems to be a comfortable sweet spot that all the console manufacturers have converged upon. It's possible the Switch has thrown this convention out the window and sports a much smaller or larger analog pad, but we doubt it.