Daily Report: A Net Neutrality Setback for Facebook in India
In the United States, the social media giant has been an advocate of equal treatment of all Internet content. In India, regulators who share that belief have effectively blocked a free Facebook service.
We have watched over the years as smartphone displays have increased in size, and starting last year, we watched as bezels shrank. The next big thing for smartphone design might be making our phones bend in one way or another.
A smartphone with a flexible screen is certainly an interesting concept, straight out of sci-fi tales, [...]
Amazon Prime monthly subscription increasing to $12.99
Amazon Prime, like many other services out there, offers a monthly subscription to help break up the cost of a service. As is also par for the course with those other options, that monthly option works out to be a bit more expensive than paying the annual cost. In this case, [...]
Huawei will integrate Android Messages in its smartphone lineup
Most Android smartphone manufacturers offer their own built-in messaging app which is meant to handle the vast majority of standard text messages sent on the device. However, Google also offers its own app called Android Messages. It’s built in on Pixel smartphones, but if you want that stock look on non-Pixel devices, [...]
Metal-alloy chassis makers Catcher Technology, Foxconn Technology, Ju Teng International Holdings and Casetek Holdings plan to develop motor chassis for electric vehicles (EVs), as demand from the notebook and consumer electronics sectors has been stagnant, according to industry sources.
3D printing set for customized medical, aerospace, auto applications
With the availability of a growing variety of printing materials, ever-improving printing quality and precision, and printer price reduction, 3D printing is expected to enter small-batch, customized applications to medical, aerospace, automobile and other high-tech sectors in 2018, especially after colorful and metal printing technologies have recorded major breakthroughs as shown by 3D printing specialists at the recently concluded CES 2018.
China foundry houses to continue ramping up capacity
The China government is expected to continue to push its wafer foundry houses to further expand their production capacity in coming years as it has clearly set a goal for raising the country's IC self-sufficiency rate to 70% by 2025, from a low of 26.2% in 2016.
LINE has launched its mobile web portal LINE Shopping in Taiwan. In addition to about 1,000 stores using LINE@ to operate online shopping, LINE Shopping partners with 28 online shopping platforms, such as Yahoo! Kimo Shopping, and own-brand online shopping platforms such as PAZZO.
White-box server and storage equipment maker Wiwynn, a subsidiary of Wistron, will expand its workforce by 30-40% in 2018 in anticipation of increasing orders, according to company president Emily Hong.
Taiwan makers to benefit from China OLED capacity build-ups
The massive build-ups of OLED panel production capacity by China-based panel makers are expected to bring business opportunities for Taiwan-based makers, including driver IC designers, IC backend service firms and related OLED material suppliers, according to industry sources.
Insto, a platform that allows individual buyers and sellers to schedule installments or regular fixed-amount payments, will launch Insto Store in first-half 2018 to cover a wider range of products and services, such as educational courses, event tickets, beauty products and financial tools, according to Installment Inc, which operates Insto.
IC designers to see explosive growth in orders for USB Type-C PD chips in 2018
As USB Type-C has become mainstream interface standard for new notebook and desktop models in 2018 while also enjoying increasing application to high-end smartphones, Taiwan analog IC designers including Weltrend Semiconductor, On-Bright Electronics and Etron Technology may see their orders for USB Type-C PD (power delivery) chips in 2018 double from 2017, according to industry sources.
Evonik and Siemens to generate high-value specialty chemicals from carbon dioxide and eco-electricity
Evonik and Siemens are planning to use electricity from renewable sources and bacteria to convert carbon dioxide (CO2) into specialty chemicals. The two companies are working on electrolysis and fermentation processes in a joint research project called Rheticus. The project was launched today and is due to run for two years. The first test plant is scheduled to go on stream by 2021 at the Evonik facility in Marl, Germany which produces chemicals such as butanol and hexanol, both feedstocks for special plastics and food supplements, for example. The next stage could see a plant with a production capacity of up to 20,000 tonnes a year. There is also potential to manufacture other specialty chemicals or fuels. Some 20 scientists from the two companies are involved in the project.
In the fermentation process—here at lab scale—, special bacteria are converting CO-containing gases to valuable chemicals through metabolic processes. (Copyright: Evonik Industries AG)
"We are developing a platform that will allow us to produce chemical products in a much more cost-effective and environmentally-friendly way than we do today", explains Dr. Günter Schmid, technical project responsible of Siemens Corporate Technology. "Using our platform, operators will in future be able to scale their plants to suit their needs." The new technology combines multiple benefits. It not only enables chemicals to be produced sustainably, it also serves as an energy store, can respond to power fluctuations and help stabilize the grid. Rheticus is linked to the Kopernikus Initiative for the energy transition in Germany which is seeking new solutions to restructure the energy system. The Rheticus project will receive 2.8 million euros in funding from Germany's Federal Ministry of Education and Research (BMBF).
"With the Rheticus platform, we want to demonstrate that artificial photosynthesis is feasible", adds Dr. Thomas Haas, who is responsible for the project in Evonik's strategic research department Creavis. Artificial photosynthesis is where CO2 and water are converted into chemicals using a combination of chemical and biological steps, in a process similar to how leaves use chlorophyll and enzymes to synthesize glucose.
Siemens and Evonik are each contributing their own core competencies to this research collaboration. Siemens is providing the electrolysis technology, which is used in the first step to convert carbon dioxide and water into hydrogen and carbon monoxide (CO) using electricity. Evonik is contributing the fermentation process, converting gases containing CO into useful products by metabolic processes with the aid of special micro-organisms. In the Rheticus project, these two steps – electrolysis and fermentation – are scaled up from the laboratory and combined in a technical test facility.
"Rheticus brings together the expertise of Evonik and Siemens. This research project shows how we are applying the Power-to-X idea", says Dr. Karl Eugen Hutmacher from the BMBF. Using electricity to generate chemicals is an idea from the Power-to-X concept. As one of the four pillars of the Kopernikus Initiative, the idea is to help convert and store renewable, electrical energy efficiently. At the same time, the Rheticus platform also contributes to the reduction of carbon dioxide levels in the atmosphere, as it uses CO2 as a raw material. Three tons of carbon dioxide would be needed to produce one tonne of butanol, for example.
Evonik and Siemens see great future potential in the Rheticus platform. It will make it simple to scale plants to the desired size – the chemical industry will be able to adapt them flexibly to local conditions. In future, they could be installed anywhere where there is a source of CO2 – power plant waste gas or biogas for instance.
"Its modular nature and flexibility in terms of location, raw material sources and products manufactured make the new platform attractive for the specialty chemicals industry in particular", says Haas. "We are confident that other companies will use the platform and integrate it with their own modules to manufacture their chemical products", adds Schmid.
Siemens AG (Berlin and Munich) is a global technology powerhouse that has stood for engineering excellence, innovation, quality, reliability and internationality for 170 years. The company is active around the globe, focusing on the areas of electrification, automation and digitalization. One of the world's largest producers of energy-efficient, resource-saving technologies, Siemens is a leading supplier of efficient power generation and power transmission solutions and a pioneer in infrastructure solutions as well as automation, drive and software solutions for industry. The company is also a leading provider of medical imaging equipment – such as computed tomography and magnetic resonance imaging systems – and a leader in laboratory diagnostics as well as clinical IT. In fiscal 2017, which ended on September 30, 2017, Siemens generated revenue of €83.0 billion and net income of €6.2 billion. At the end of September 2017, the company had around 377,000 employees worldwide. Further information is available on the Internet at www.siemens.com.
Evonik is one of the world leaders in specialty chemicals. The focus on more specialty businesses, customer-orientated innovative prowess and a trustful and performance-oriented corporate culture form the heart of Evonik's corporate strategy. They are the lever for profitable growth and a sustained increase in the value of the company. Evonik benefits specifically from its customer proximity and leading market positions. Evonik is active in over 100 countries around the world with more than 36,000 employees. In fiscal 2016, the enterprise generated sales of around €12.7 billion and an operating profit (adjusted EBITDA) of about €2.165 billion.
SAN DIEGO, CA – January 19, 2018 – LRAD Corporation (NASDAQ: LRAD), the world’s leading provider of acoustic hailing devices (“AHDs”) and advanced mass notification systems, today announced the acquisition of Genasys Holding S.L. (“Genasys”), a leading software provider of advanced location-based mass messaging solutions for emergency warning systems and workforce management.
Genasys, headquartered in Madrid, Spain, has an experienced group of developers with over 200 man years of software development and a strong, international technical sales, service, and support team. Genasys currently has two main product offerings: news – a reliable solution for sending SMS-based warnings of public safety hazards to affected populations with industry-leading speed; and, haz – a low cost, easy-to-use solution for remotely monitoring employees, planning tasks, and managing workplace incidents.
“The acquisition of Genasys enables LRAD to significantly enhance its advanced mass notification capabilities and pursue broader geolocation based mass messaging projects and services,” stated Richard S. Danforth, Chief Executive Officer of LRAD Corporation. “Many of the mass notification opportunities we target, including universities, cities, and countries, require an integrated location-based mass messaging service. With this acquisition, LRAD expects to generate revenue on initial installations and recurring revenue from long-term support contracts for updating and maintaining the messaging service over the life of the installations.”
“I am eager to leverage LRAD’s worldwide sales channels to seek accelerated growth of the Genasys mass notification software solutions,” remarked Pablo Colom, Genasys’ Chief Executive Officer. “Genasys has a solid track record of location-based mass messaging integrations and deployments, which include solutions for small workgroups to fully integrated country-wide systems. The synergies of Genasys’ push notification products and LRAD’s award-winning mass notification systems will provide state-of-the-art solutions to communicate potentially lifesaving information to those affected by severe weather, man-made and natural disasters and other emergencies.”
Revenues for Genasys in calendar 2017 (unaudited) were €1.9 million. Total consideration for the acquisition is €3.1 million, which includes a €1.9 million purchase price and the assumption of €1.2 million of debt.
Management will host a conference call to discuss the Genasys acquisition on Monday, January 22, 2018, at 12:00 pm U.S. EST. To access the conference call, dial toll-free 888.567.1602 from the U.S., or international at +1.404.267.0373. A webcast will also be available at the following link: https://www.webcaster4.com/Webcast/Page/1375/24207. A replay of the call will be available approximately four hours after the call concludes, and remain available for 90 days at the aforementioned webcast link. Questions to management may be submitted before or during the call by emailing them to investor@LRAD.com.
About LRAD Corporation
Using advanced technology and superior voice intelligibility, LRAD Corporation’s proprietary Long Range Acoustic Devices® and revolutionary ONE VOICE® mass notification systems are designed to enable users to safely hail and warn, inform and direct, prevent misunderstandings, determine intent, establish large safety zones, and resolve uncertain situations. LRAD systems are in service in more than 70 countries around the world in diverse applications including mass notification and public address, fixed and mobile defense deployments, homeland, border, critical infrastructure, maritime, oil & gas, and port security, public safety, law enforcement and emergency responder communications, asset protection, and wildlife control and preservation. For more information, please visit www.LRAD.com.
About Genasys Holding S.L. Genasys Holding S.L. is backed by Adara Ventures and Caixa Capital Risc, and is a leading software provider of advanced location-based mass messaging solutions for Emergency Warning Systems and Workforce Management. For more information, please visit www.LRAD.com/genasys.
Forward Looking Statements
Except for historical information contained herein, the matters discussed are forward-looking statements within the meaning of Section 21E of the Securities Exchange Act of 1934. You should not place undue reliance on these statements. We base these statements on particular assumptions that we have made in light of our industry experience, the stage of product and market development as well as our perception of historical trends, current market conditions, current economic data, expected future developments and other factors that we believe are appropriate under the circumstances. These statements involve risks and uncertainties that could cause actual results to differ materially from those suggested in the forward-looking statements. These risks and uncertainties include those associated with the integration of Genasys into the Company’s business, that the anticipated benefits and synergies of the transaction may not materialize as expected, that customer demand for the integrated product offerings may not meet expectations, and other risks and uncertainties identified and discussed in our filings with the Securities and Exchange Commission. These forward-looking statements are based on information and management’s expectations as of the date hereof. Future results may differ materially from our current expectations. For more information regarding other potential risks and uncertainties, see the “Risk Factors” section of the Company’s Form 10-K for the fiscal year ended September 30, 2017. LRAD Corporation disclaims any intent or obligation to update those forward-looking statements, except as otherwise specifically stated.
E. Brian Harvey Director, Investor Relations and Capital Markets 858.753.8974 ebharvey@LRAD.com
Two Top Leaders in Italy and Five Us Residents Indicted for Racketeering, Health Care Fraud and Drug Trafficking Conspiracies to Distribute Opioids Resulting in Deaths Involving “Pill Mills” Operating in Tennessee and Florida
January 19, 2018 - On Jan. 4, a federal grand jury in Knoxville, Tennessee, returned a 14-count superseding indictment unsealed today charging seven individuals for their roles in a Racketeer Influenced and Corrupt Organization (RICO) conspiracy and drug trafficking conspiracy to distribute and dispense oxycodone, oxymorphone and morphine outside the scope of professional practice and not for a legitimate medical purpose and resulting in deaths, maintenance of drug-involved premises, distribution of oxycodone resulting in death, conspiracy to defraud the United States through the solicitation and receipt of illegal healthcare kickbacks and money laundering.
Attorney General Jeff Sessions, Acting Assistant Attorney General John P. Cronan of the Justice Department’s Criminal Division, U.S. Attorney J. Douglas Overbey of the Eastern District of Tennessee and Special Agent in Charge Renae M. McDermott of the FBI’s Knoxville Division made the announcement.
“Throughout this country, and certainly in Tennessee and Florida, the illegal and unconscionable mass-distribution of prescription opioids through the operation of illegal pain clinics has taken a heavy toll on our citizens, families and communities,” said Attorney General Sessions. “This sort of profiteering effectively trades human lives for financial riches. The U.S. Department of Justice is determined to stamp out the operation of illegal pain clinics by all legal means, including finding and arresting those responsible wherever they may be in the world.”
“The Eastern District of Tennessee has been at the forefront in the battle against illegal pain clinics and mass-prescribing of opioids for years,” said U.S. Attorney Overbey. “Now, under the leadership of Attorney General Sessions, additional resources have been made available through recent Department of Justice initiatives, including the Opioid Fraud and Abuse Task Force. This latest indictment is a real and tangible result of all of those combined efforts. The citizens of East Tennessee can be assured that we are committed to ridding our district of illegal pill mills.”
Luca Sartini, 58, of Rome, Italy, and Miami; Luigi Palma aka Jimmy Palma, 51, of Rome, Italy, and Miami; Benjamin Rodriguez, 42, of Delray Beach, Florida; Sylvia Hofstetter, 53, of Knoxville; Courtney Newman, 42, of Knoxville; Cynthia Clemons, 45, of Knoxville; and Holli Womack aka Holli Carmichael, 44, of Knoxville, are charged in a third superseding indictment filed in the Eastern District of Tennessee.
On Jan. 19, Sartini and Palma were arrested in the Rome, Italy-area by Italian authorities. Extradition is being sought by the United States. Rodriguez is set to self-surrender. All other defendants were previously charged in prior indictments. The case has been assigned to Chief U.S. District Court Judge Thomas A. Varlan in Knoxville.
According to the indictment, Sartini, Palma, Rodriguez, Hofstetter and a co-conspirator charged in another indictment, from about April 2009 to March 2015, ran the Urgent Care & Surgery Center Enterprise (UCSC), which operated opioid based pain management clinics, “pill mills,” in Florida and Tennessee, where powerful narcotics were prescribed and/or dispensed. The defendants are alleged to have hired medical providers with DEA registration numbers, which would allow the providers to prescribe controlled substances. The prescriptions were primarily large doses of highly addictive and potentially deadly controlled substances. As alleged in the indictment, individuals seeking prescriptions would often travel long distances purporting to suffer from severe chronic pain.
The superseding indictment alleges the defendants distributed quantities of oxycodone, oxymorphone and morphine sufficient to generate clinic revenue of at least $21 million. As per the indictment, the clinics did not accept insurance, received gross fees and ordered unnecessary drug screenings defrauding Medicare. Shell companies were set up to launder the proceeds.
As alleged in the indictment, approximately 700 UCSC enterprise patients are now dead and a significant percentage of those deaths, directly or indirectly, were the result of overdosing on narcotics prescribed by the USSC Enterprise. As alleged in the indictment, the narcotics prescribed by the UCSC enterprise contributed to the deaths of another significant percentage of those patients.
The indictment further alleges that many patients arrived in groups, who were sponsored by drug dealers who paid for the pain clinic visits and prescriptions to obtain all or part of the opioids and other narcotics prescribed to the purported pain patients. In return, drug addicted patients would receive a portion of prescribed narcotics for free from the sponsor.
To date, as a result of this investigation, approximately 30 narcotics traffickers have been charged and convicted federally, and approximately 80 to 90 smaller narcotic distributers have also been charged and convicted. Today’s superseding indictment is among 35 related indictments charging approximately 140 individuals, including medical providers who worked at the pill mills, with various crimes.
The charges in the indictment are merely allegations, and the defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
The superseding indictment is the result of an investigation conducted by the the U.S. Attorney’s Office for the Eastern District of Tennessee, Criminal Division’s Organized Crime and Gang Section, , and the FBI High Intensity Drug Trafficking Area (HIDTA) which is comprised of investigators assigned to the task force by the Loudon County Sheriff’s Office, Knoxville Police Department, Blount County Sheriff’s Office, Roane County Sheriff’s Office, Harriman Police Department and Clinton Police Department. Other agencies provided invaluable assistance, including the Rome Attaché of the Justice Department’s Office of International Affairs; the FBI’s liaison in Rome; the FBI Miami Health Care Fraud Strike Force; the Hollywood, Florida Police Department; the U.S. Department of Health and Human Services; the Tennessee Department of Health; and the DEA’s Knoxville Diversion Group. The Department of Justice extends its gratitude to Interpol and the Italian Financial Police (Guardia di Finanza) for their assistance in locating and apprehending the defendants.
Assistant U.S. Attorneys Tracy L. Stone and Anne-Marie Svolto of the Eastern District of Tennessee, and Trial Attorney Kelly Pearson of the Criminal Division’s Organized Crime and Gang Section, are prosecuting the case.
In light of the nationwide opioid epidemic which led to the declaration of a public health emergency by the Acting Secretary of the Department of Health and Human Services on Oct. 26, 2017, this superseding indictment represents just the latest in a series of federal efforts in the Eastern District of Tennessee meant to combat the scourge of prescription opioids.
DHS Enforcing Critical Identification Requirements to Protect the Homeland
WASHINGTON - Beginning January 22, 2018, the Department of Homeland Security (DHS) will begin enforcing compliance with the Real ID Act to better protect the American people. Fifty-five out of fifty-six states and territories are currently compliant or have received an extension until October 10, 2018. Passengers who have licenses issued by a state or territory that is compliant or has an extension to become compliant with REAL ID requirements may continue to use their licenses as usual.
As of today, American Samoa is the only territory still under review. DHS has worked extensively with every state and territory to provide time, technical assistance, and grants to support compliance with the REAL ID security requirements.
BACKGROUND ON REAL ID
Based on a recommendation of the bipartisan 9/11 Commission, REAL ID is a coordinated effort by the states and the federal government to inhibit terrorists’ ability to evade detection by using fraudulently-obtained driver’s licenses and identification cards. The REAL ID Act was passed by Congress in 2005, and is designed to ensure that people boarding a flight or entering a federal building are who they say they are.
REAL ID established minimum security standards for state-issued driver’s licenses and identification cards. This includes incorporating anti-counterfeiting technology, preventing insider fraud, and using documentary evidence and record checks to ensure a person is who he or she claims to be. It also prohibits federal agencies from accepting non-compliant licenses and identification cards for access to federal facilities, nuclear power plants, and commercial aircraft. The goal of REAL ID is to improve the reliability and accuracy of state-issued driver’s licenses and identification cards used for Federal official purposes.
Because of the potential for confusion about the REAL ID enforcement milestones, residents can use the following guidelines to be fully informed and prepared.
Be aware of your state’s status. You can check if your state is REAL ID compliant or has an extension at www.dhs.gov/real-id.
Bring identity documents to the airport that are acceptable for flying domestically. TSA provides a list of acceptable documents at www.tsa.gov/travel/security-screening/identification. If you need to obtain a new form of ID, please allow sufficient processing time before you travel. For example, the current processing times for U.S. passports are 6-8 weeks for routine service and 2-3 weeks for expedited service.
DHS is working closely with all states and territories to implement their REAL ID requirements and stands ready to provide additional assistance as needed. The women and men of DHS will continue to work tirelessly to put protections in place to keep our country and our people safe.
The report, which was created with broad input from stakeholders and experts, summarizes the opportunities and challenges in reducing the botnet threat, and offers supporting actions to be taken by both the government and private sector in order to reduce the threat of automated cyber-attacks.
Alert (TA18-004A) Meltdown and Spectre Side-Channel Vulnerability Guidance
CPU hardware implementations
On January 3, 2018, the National Cybersecurity and Communications Integration Center (NCCIC) became aware of a set of security vulnerabilities—known as Meltdown(link is external) and Spectre(link is external)— that affect modern computer processors. Exploitation of these vulnerabilities could allow an attacker to obtain access to sensitive information.
CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. Meltdown is a bug that "melts" the security boundaries normally enforced by the hardware. Meltdown affects desktops, laptops, and cloud computers. Spectre is a flaw that an attacker can exploit to force a program to reveal its data. The name derives from speculative execution—an optimization method a computer system performs to check whether it will work to prevent a delay when actually executed. Spectre affects almost all devices including desktops, laptops, cloud servers, and smartphones. Many of these security issues are remediated through the Kernel Address Isolation to have Side-channels Efficiently Removed (KAISER) patch described in detail in an academic paper named “KASLR is Dead: Long Live KASLR.” While this paper identifies a fix for Linux operating systems, the exploit concepts in the article can apply to other operating systems.
More details of these attacks are described in detail by
the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz).
NCCIC encourages users and administrators to refer to their hardware and software vendors for the most recent information. In the case of Spectre, the vulnerability exists in CPU architecture rather than in software, and is not easily patched; however, this vulnerability is more difficult to exploit.
Microsoft has recommended that third-party antivirus vendors add a change to the registry key of the machine that runs the antivirus software. Without it, that machine will not receive any of the following fixes from Microsoft:
NCCIC recommends administrators review CISCO TALOS Snort SIDs: 45357 – 45368 and apply the necessary updates. These twelve rules were released as an emergency update on January 4, 2018, to cover the detection of Meltdown and Spectre side-channel vulnerabilities, and relate to CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754. These signatures cover the specific proofs of concept and sample code outlined in the Spectre and Meltdown whitepapers. While these signatures have the potential to detect variants, they may not work for all cases.
The table provided below lists available advisories and patches. As patches and firmware updates continue to be released, it is important to check with your hardware and software vendors to verify that their corresponding patches can be applied, as some updates may result in unintended consequences. Note:Download any patches or microcode directly from your vendor’s website.
NCCIC recommends using a test environment to verify each patch before implementing.
After patching, performance impacts may vary, depending on use cases. Administrators should ensure that performance is monitored for critical applications and services, and work with their vendor(s) and service provider(s) to mitigate the effect, if possible.
Additionally, users and administrators who rely on cloud infrastructure should work with their CSP to mitigate and resolve any impacts resulting from host OS patching and mandatory rebooting.
CPU hardware implementations are vulnerable to cache side-channel attacks. These vulnerabilities are referred to as Meltdown and Spectre.
Note: This Vulnerability Note is the product of ongoing analysis and represents our best knowledge as of the most recent revision. As a result, the content may change as our understanding of the issues develops.
CPU hardware implementations are vulnerable to side-channel attacks referred to as Meltdown and Spectre. Both Spectre and Meltdown take advantage of the ability to extract information from instructions that have executed on a CPU using the CPU cache as a side-channel. These attacks are described in detail by Google Project Zero, the Institute of Applied Information Processing and Communications (IAIK) at Graz University of Technology (TU Graz) and Anders Fogh. The issues are organized into three variants:
Variant 2 (CVE-2017-5715, also Spectre): Branch target injection
Variant 3 (CVE-2017-5754, Meltdown): Rogue data cache load, memory access permission check performed after kernel memory read
Spectre attacks take advantage of a CPU's branch prediction capabilities. Modern CPUs include a feature called branch prediction, which speculatively executes instructions at a location that the CPU believes it will branch to. Such speculative execution helps to more fully utilize the parts of the CPU, minimizing the time waiting, and therefore improving performance. When a branch is successfully predicted, instructions will retire, which means the outcomes of the instructions such as register and memory writes will be committed. If a branch is mispredicted, the speculatively-executed instructions will be discarded, and the direct side-effects of the instructions are undone. What is not undone are the indirect side-effects, such as CPU cache changes. By measuring latency of memory access operations, the cache can be used to extract values from speculatively-executed instructions.
With Spectre variant 1 (CVE-2017-5753), the instructions after a conditional branch are speculatively executed as the result of a misprediction. With Spectre variant 2 (CVE-2017-5715), the CPU executes instructions at a location determined by a mispredicted branch target.
With both variants of the Spectre attack, the impact is that a process may leak sensitive data to other processes on a system. Spectre may also allow one part of an application to access other parts of the same process memory space that would otherwise not be permitted.
While the Spectre attack itself does not cross a user/kernel memory privilege boundary, depending on the configuration of the target platform, the Spectre attack may indirectly allow a user-space application to access kernel memory. For example, the Project Zero blog post describes a scenario that uses eBPF to exfiltrate kernel memory contents into user-space code. This is made possible because eBPF JIT allows for userspace applications to inject code that is executed in kernel space. While this code is verified by the kernel, eBPF-compliant code will be allowed to execute with kernel permissions. The exploit described by Project Zero leverages eBPF to execute the Spectre attack in kernel space, while exfiltrating the data to user space. It is possible that other technologies that allow in-kernel code execution may also possibly be leveraged to leak kernel memory using Spectre.
Meltdown is related to the Spectre attack in that it also uses a cache side channel to access data that otherwise wouldn't be available. The main difference is that it leverages out-of-order execution capabilities in modern CPUs. Like speculative execution due to branch prediction, as used by Spectre, out-of-order execution on a CPU is a technique for ensuring fullest utilization of the CPU's parts. Although instructions may appear sequentially in the machine language, a CPU that supports out-of-order execution may execute instructions in a non-sequential manner, which can minimize the time that a CPU spends idle.
Meltdown leverages insecure behavior that has been demonstrated in Intel CPUs and may affect CPUs from other vendors. Vulnerable CPUs allow memory reads in out-of-order instruction execution, and also contain a race condition between the raising of exceptions and the out-of-order instruction execution. The Meltdown attack reads a kernel memory value, which raises an exception because code running with user-space privileges are not permitted to directly read kernel memory. However, due to the race condition, out-of-order instructions following the faulting instruction may also execute. Even though instructions appear after the faulting instruction, out-of-order execution allows them to execute, using data retrieved from the instruction that raises the exception. By the time the exception is raised, some number of out-of-order instructions have executed. Although the raised exception causes the CPU to roll back the out-of-order instructions, the cache state is not reverted. This allows data from out-of-order instructions to persist beyond the point when the exception has been raised.
The impact of Meltdown is that a process running in user space is able to view the contents of kernel memory. Meltdown may also allow Spectre-like memory content leaking that does not cross the user/kernel privilege boundary.
The Linux kernel mitigations for Meltdown are referred to as KAISER, and subsequently KPTI, which aim to improve separation of kernel and user memory pages. Because the Spectre attacks do not cross user/kernel boundaries, the protections introduced with KAISER/KPTI do not add any protection against them.
An attacker able to execute code with user privileges can achieve various impacts. The Meltdown attack allows reading of kernel memory from userspace. This can result in privilege escalation, disclosure of sensitive information, or it can weaken kernel-level protections, such as KASLR. The Spectre attack can allow inter-process or intra-process data leaks.
Operating system, CPU microcode updates, and some application updates mitigate these attacks. Note that in many cases, the software fixes for these vulnerabilities will have a negative affect on system performance. Also note that Microsoft Windows systems will no longer receive security updates via Windows Update if they are not running compliant anti-virus software. As with deploying any software updates, be sure to prioritize and test updates as necessary.
Consider CPU Options
Initial reports from the field indicate that overall system performance is impacted by many of the available patches for these vulnerabilities. Depending on the software workflow and the CPU capabilities present, the performance impact of software mitigations may be non-trivial and therefore may become an ongoing operational concern for some organizations. While we recognize that replacing existing CPUs in already deployed systems is not practical, organizations acquiring new systems should evaluate their CPU selection in light of the expected longevity of this vulnerability in available hardware as well as the performance impacts resulting from the various platform-specific software patches. Deployment contexts and performance requirements vary widely, and must be balanced by informed evaluation of the associated security risks. Contact your system vendor to determine if the CPU and operating system combination will experience a performance penalty due to software mitigations for these vulnerabilities.
Elbit Systems Awarded $85 Million Contract to Supply Electronic Warfare Systems to a European Country
HAIFA, Israel, Jan. 18, 2018 -- Elbit Systems Ltd. (NASDAQ: ESLT and TASE: ESLT) ("Elbit Systems" or "the Company") announced today that it was awarded an approximately $85 million contract from a European country to supply a range of advanced ground-based Electronic Warfare (EW) and Signal Intelligence (SIGINT) systems. The contract will be performed over a four-year period.
Edgar Maimon, General Manager of Elbit Systems EW and SIGINT - Elisra said: "We are proud of this contract award that attests to the Company's technological and operational advantage and to the maturity of our solutions." Maimon added: "We are encouraged by the growing demand from European customers and believe that our portfolio positions us well to serve their needs."
About Elbit Systems Elbit Systems Ltd. is an international high technology company engaged in a wide range of defense, homeland security and commercial programs throughout the world. The Company, which includes Elbit Systems and its subsidiaries, operates in the areas of aerospace, land and naval systems, command, control, communications, computers, intelligence surveillance and reconnaissance ("C4ISR"), unmanned aircraft systems, advanced electro-optics, electro-optic space systems, EW suites, signal intelligence systems, data links and communications systems, radios and cyber-based systems. The Company also focuses on the upgrading of existing platforms, developing new technologies for defense, homeland security and commercial applications and providing a range of support services, including training and simulation systems.
This press release contains forward‑looking statements (within the meaning of Section 27A of the Securities Act of 1933, as amended and Section 21E of the Securities Exchange Act of 1934, as amended) regarding Elbit Systems Ltd. and/or its subsidiaries (collectively the Company), to the extent such statements do not relate to historical or current fact. Forward-looking statements are based on management's expectations, estimates, projections and assumptions. Forward‑looking statements are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, as amended. These statements are not guarantees of future performance and involve certain risks and uncertainties, which are difficult to predict. Therefore, actual future results, performance and trends may differ materially from these forward‑looking statements due to a variety of factors, including, without limitation: scope and length of customer contracts; governmental regulations and approvals; changes in governmental budgeting priorities; general market, political and economic conditions in the countries in which the Company operates or sells, including Israel and the United States among others; differences in anticipated and actual program performance, including the ability to perform under long-term fixed-price contracts; and the outcome of legal and/or regulatory proceedings. The factors listed above are not all-inclusive, and further information is contained in Elbit Systems Ltd.'s latest annual report on Form 20-F, which is on file with the U.S. Securities and Exchange Commission. All forward‑looking statements speak only as of the date of this release. The Company does not undertake to update its forward-looking statements.
Elbit Systems Ltd., its logo, brand, product, service and process names appearing in this Press Release are the trademarks or service marks of Elbit Systems Ltd. or its affiliated companies. All other brand, product, service and process names appearing are the trademarks of their respective holders. Reference to or use of a product, service or process other than those of Elbit Systems Ltd. does not imply recommendation, approval, affiliation or sponsorship of that product, service or process by Elbit Systems Ltd. Nothing contained herein shall be construed as conferring by implication, estoppel or otherwise any license or right under any patent, copyright, trademark or other intellectual property right of Elbit Systems Ltd. or any third party, except as expressly granted herein.
Easton lawn care just got a whole lot easier. If you live in Easton, CT or the surrounding areas, the hassle of keeping your home lawn looking good doesn’t have to be such a pain. Yard maintenance including grub control, shrub care, core aeration and other yard care takes time and patience and often requires quite a bit of knowledge to keep your grass green and your landscape looking its best. It’s not easy knowing when to fertilize, whether you need lime or not, how and when to seed and a host of other things lawns need to be healthy and beautiful.
Thankfully, Red Carpet Landscaping is here to help you create a lush lawn and garden that you can be proud of. We have been serving the Westport area since 2009 with our lawn care services and lawn maintenance, rejuvenating and caring for yards with our extensive home services.
We use only the most effective, safest products and have the most knowledgeable and experienced turf management technicians to make sure every project results in 100% guaranteed satisfaction.
Experience the Red Carpet Treatment
Sign up for one of our Turf Programs that includes both standard and organic fertilizer and weed programs for a perfect lawn!
Why You Should Hire a Professional Lawn Care Service
Many of us take pride in tackling do-it-yourself home care projects, and lawn and yard care is certainly one of the most popular and one of the toughest to get right. Every lawn is different and understanding what it takes to keep your lawn looking great is no easy task. Fertilizers, lime, seeding, topsoil, climate conditions and an array of other factors all play key roles in creating a healthy, great looking yard. Here are just a few reasons a lawn care service just might be the best option.
Time. It takes a lot of time to create and maintain a beautiful lawn, and in today’s busy world, few of us have the time to learn turf management and yard maintenance, much less actually getting out there and getting it done. A professional lawn care service knows how to get the job done quickly, and most importantly, how to get the job done right. Even with a good working knowledge of lawn care and some available time to devote to the project, many homeowners find that even when they carefully follow the right steps, there are often disappointing results. Something as simple as picking the wrong fertilizer or applying the right fertilizer at the wrong time can mean wasted hours with nothing to show for it.
While it’s true that hiring any professional home services company will have a certain cost, you may be surprised to learn that lawn care services can be quite affordable when you consider all the options. You already know the time that can be saved by hiring a lawn and turf company and that time can often be converted into dollars. You remember the old saying, time is money? While time can be money, there are other factors that can make the prospect of hiring a lawn care company a good value. Fertilizers, seeds, compost, and all those other elements that go into building a healthy home lawn can be quite expensive. Add in the fact that there are many other factors that determine successful results such as knowing the right nutrients, the Ph levels, and more, and it’s easy to see that there could be a lot of trial and error (and money!) before getting things right. Hiring a pro takes out all that guesswork and potentially unnecessary costs.
A beautiful lawn! Even with plenty of time and understanding what your lawn needs (and doesn’t need) to look its best, the chances of getting things just right the first time can be pretty low. That means more time, more money and you still have brown grass and withering shrubs. If you really want that green, healthy lawn that your neighbors will envy, the choice to hire a lawn care service that guarantees results and has the right experience and knowledge makes the option worth careful consideration. If you decide to let the pros take care of your lawn care and lawn maintenance, Red Carpet Turf will be happy to evaluate your home lawn and design a comprehensive plan to revitalize your yard and landscaping. We will test the soil for Ph levels, determine what nutrients your lawn needs to be healthy again, select the very best products for your yard, and whatever else is needed to get the job done to your satisfaction.
Once we get your yard looking great, we offer maintenance programs to keep your lawn and garden healthy and beautiful. You end up with a yard and lawn that you can be proud of year after year, save time for other important things in your life and enjoy your backyard once again…all at a reasonable cost and guaranteed.
Our lawn care program features custom blends of phosphate-free fertilizers with slow-release technology to produce a beautiful, lush, green turf.
Our goal is to provide the best Mosquito Control in Greenwich Connecticut. We are looking for the WOW factor! Sometimes our sales pitch isn’t quite enough. For that we regularly ask our customers to review the services we are providing them. Below are the most recent reviews we’ve received. Good or bad we are posting them here for you.
LG patents smartphone with a foldable display that opens into a tablet
recently filed a patent with the World Intellectual Property Organization showing a folding smartphone/tablet hybrid. According to the filing, the device is a “mobile phone with a flexible display which can be folded in half."
These new Instagram features are going to ruin someone’s life
Instagram is rolling out a new feature that shows people you follow or messaged when you're using or last used the app. Another feature still in testing tells people when you've taken a screenshot of their story.
Norway Will Make All Short-Haul Flights Electric By 2040
Norway's public operator of air transport plans to make all short-haul flights in the country entirely electric by 2040. "State-owned Avinor, which operates most of Norway's civil airports, is aiming to be the 'first in the world' to switch to electric air transport," reports The Independent. From the report: "We think that all flights lasting up to 1.5 hours can be flown by aircraft that are entirely electric," chief executive Dag Falk-Petersen told AFP. The announcement confirms Norway's reputation as a leader in electric power. In a 2017 report, Avinor announced that in cooperation with the Norwegian Sports Aviation Association and major airlines, it had set up a development project for electric aircraft. Avinor said it had "called for Norway to be established as a test arena and innovation center for the development of electric aircraft." Avinor intends to reduce aircraft greenhouse gas emissions in the short term by phasing in biofuels in the coming years, and then build on these reductions by phasing in electric planes.
Google CEO Sundar Pichai Says He Does Not Regret Firing James Damore
An anonymous reader quotes a report from The Verge: Google CEO Sundar Pichai responded today to the firing of employee James Damore over his controversial memo on workplace diversity, stating that while he does not regret the decision, he regrets that people misunderstood it as a politically motivated event. Speaking in a live conversation with journalist and Recode co-founder Kara Swisher, MSNBC host Ari Melber, and YouTube CEO Susan Wojcicki in San Francisco, Pichai said that the decision to fire Damore was about ensuring women at Google felt like the company was committed to creating a welcoming environment.
"I regret that people misunderstand that we may have made this for a political belief one way or another," Pichai said. "It's important for the women at Google, and all the people at Google, that we want to make a inclusive environment." When pressed by Swisher on the issue of regret, Pichai stated more definitively, "I don't regret it." Wojcicki, who has spoken publicly about how Damore's memo affected her personally, followed up with, "I think it was the right decision."
Security Breaches Don't Affect Stock Price, Study Suggests
Computer security professional Bruce Schneier highlights the key findings of a study that suggests security breaches don't affect stock price. The study has been published in the Journal of Information Privacy and Security. From the report: -While the difference in stock price between the sampled breached companies and their peers was negative (1.13%) in the first 3 days following announcement of a breach, by the 14th day the return difference had rebounded to + 0.05%, and on average remained positive through the period assessed.
-For the differences in the breached companies' betas and the beta of their peer sets, the differences in the means of 8 months pre-breach versus post-breach was not meaningful at 90, 180, and 360 day post-breach periods.
-For the differences in the breached companies' beta correlations against the peer indices pre- and post-breach, the difference in the means of the rolling 60 day correlation 8 months pre- breach versus post-breach was not meaningful at 90, 180, and 360 day post-breach periods.
-In regression analysis, use of the number of accessed records, date, data sensitivity, and malicious versus accidental leak as variables failed to yield an R2 greater than 16.15% for response variables of 3, 14, 60, and 90 day return differential, excess beta differential, and rolling beta correlation differential, indicating that the financial impact on breached companies was highly idiosyncratic.
-Based on returns, the most impacted industries at the 3 day post-breach date were U.S. Financial Services, Transportation, and Global Telecom. At the 90 day post-breach date, the three most impacted industries were U.S. Financial Services, U.S. Healthcare, and Global Telecom.
President Trump took to Twitter this afternoon to announce that he has signed a six-year renewal of a powerful government surveillance tool. "Just signed 702 Bill to authorize foreign intelligence collection," Trump tweeted. "This is NOT the same FISA law that was so wrongly abused during the election. I will always do the right thing for our country and put the safety of the American people first!" The Hill reports: Section 702 of the Foreign Intelligence Surveillance Act (FISA), which the Senate voted to renew with a few small tweaks this week, allows the U.S. to spy on foreigners overseas. The intelligence community says the program is a critical tool in identifying and disrupting terror plots. But the broader surveillance law, which governs U.S. spying on foreigners, has become politically entangled with the controversy over the federal investigation into Trump's campaign and Russia. Some Republicans have claimed that the FBI inappropriately obtained a politically motivated FISA warrant to spy on Trump during the transition and on Friday, Capitol Hill was consumed with speculation about a four-page memo produced by House Intelligence Committee Republicans that some GOP lawmakers hinted contained evidence of such wrongdoing.
An anonymous reader quotes a report from 9to5Google: Our early look at Fuchsia OS last May provided a glimpse into a number of new interface paradigms. Several months later, we now have an updated hands-on with Google's future operating system that can span various form factors. This look at the in-development OS eight months later comes courtesy of Ars Technica who managed to get Fuchsia installed on the Pixelbook. The Made by Google Chromebook is only the third officially supported "target device" for Fuchsia development. As our last dive into the non-Linux kernel OS was through an Android APK, we did not encounter a lockscreen. The Ars hands-on shows a basic one that displays the time at center and Fuchsia logo in the top-left corner to switch between phone and desktop/tablet mode, while a FAB (of sorts) in the opposite corner lets users bring up WiFi controls, Login, and Guest. Only Guest is fully functioning at this stage -- at least for non-Google employees. Once in this mode, we encounter an interface similar to the one we spotted last year. The big difference is how Google has filled in demo information and tweaked some elements. On phones and tablets, Fuchsia essentially has three zones. Recent apps are above, at center are controls, and below is a mixture of the Google Feed and Search. The controls swap out the always-displayed profile icon for a Fuchsia button. Tapping still surfaces Quick Settings which actually reflect current device battery levels and IP address. Impressively, Ars found a working web browser that can actually surf the internet. Google.com is the default homepage, with users able to visit other sites through that search bar. Other examples of applications, which are just static images, include a (non-working) phone dialer, video player, and Google Docs. The Google Calendar is notable for having subtle differences to any known version, including the tablet or web app.
Ask Slashdot: How Would You Explain Einstein's Theories To a Nine-Year-Old?
SiggyRadiation writes: A few days ago, my 9-year-old son asked me why Albert Einstein was so famous. I decided not just to start with the famous formula E=mc^2, because that just seemed to be the easy way out. So I tried to explain what mass and energy are. Then I asked him to try to explain gravity to me. The earth pulls at you because it has a lot of mass. But how can the earth influence your body, pull your feet to the ground, without actually touching you? Why is it that one thing (the earth) can influence something else (you) without actually being connected? Isn't that weird? Einstein figured out how energy, mass and gravity work and are related to each other. This is where our conversation ended. Afterwards I thought: this might be a nice question to ask on Slashdot; how would I continue this discussion to explain it to him further? Of course, with the goal of further feeding his interest in physics.
prisoninmate shares a report from Softpedia: The Wine (Wine Is Not an Emulator) project has been updated today to version 3.0, a major release that ends 2017 in style for the open-source compatibility layer capable of running Windows apps and games on Linux-based and UNIX-like operating systems. Almost a year in the works, Wine 3.0 comes with amazing new features like an Android driver that lets users run Windows apps and games on Android-powered machines, Direct3D 11 support enabled by default for AMD Radeon and Intel GPUs, AES encryption support on macOS, Progman DDE support, and a task scheduler. In addition, Wine 3.0 introduces the ability to export registry entries with the reg.exe tool, adds various enhancements to the relay debugging and OLE data cache, as well as an extra layer of event support in MSHTML, Microsoft's proprietary HTML layout engine for the Windows version of the Internet Explorer web browser. You can read the full list of features and download Wine 3.0 from WineHQ's website.
An anonymous reader quotes a report from the BBC: A new "text bomb" affecting Apple's iPhone and Mac computers has been discovered. Abraham Masri, a software developer, tweeted about the flaw which typically causes an iPhone to crash and in some cases restart. Simply sending a message containing a link which pointed to Mr Masri's code on programming site GitHub would be enough to activate the bug -- even if the recipient did not click the link itself. Mr Masri said he "always reports bugs" before releasing them. Apple has not yet commented on the issue. On a Mac, the bug reportedly makes the Safari browser crash, and causes other slowdowns. Security expert Graham Cluley wrote on his blog that the bug does not present anything to be particularly worried about -- it's merely very annoying. After the link did the rounds on social media, Mr Masri removed the code from GitHub, therefore disabling the "attack" unless someone was to replicate the code elsewhere.
Sprint: LG G Flex Will Launch Online on January 31 for $299 on Contract
Starting today, Sprint customers can pre-order the unique LG G Flex smartphone for $299 online with a two year contract. By pre-ordering between now and January 31st, customers will receive a complimentary Quickwindow Folio Case, which is valued at $60. Sprint…
Motorola Announces Moto X Launch in UK, France, and Germany on February 1
Certain European consumers interested in the Moto X smartphone from Motorola will soon have their chance to purchase the excellent handset. Expected to launch on February 1st, Motorola will sell its iconic Moto X device in Black or White in…
The e-commerce giant announced a short list of places that could become home to its second headquarters. The process has garnered the kind of enthusiasm normally reserved for bids to host the Olympics.
FCC drops idiotic plans to downgrade entire nation's internet speeds
US regulator won't pretend that mobile networks are equivalent to landlines
Analysis America's favorite government watchdog – the Federal Communications Commission – has backtracked on plans to downgrade the entire country's internet, agreeing to maintain its current definition of what is broadband speed.…
In Soviet California, pedestrian hits you! Bloke throws himself in front of self-driving car
We're not sure why but maybe it will become a thing
While commuter buses ferrying Apple and Google employees have been rerouted to avoid being shot at – reportedly with a pellet gun – GM Cruise has had less success keeping one of its self-driving cars out of harm's way.…
America restarts dodgy spying program – just as classified surveillance abuse memo emerges
There is literally nothing decent in this story
Analysis The US Senate reauthorized a controversial NSA spying program on Thursday – and then, because it's 2018 and nothing matters any more, embarked on a partisan battle over a confidential memo that outlines Uncle Sam's alleged abuse of surveillance powers.…
Plutus Payroll victims asked to explain themselves to receiver
Deloitte trying to figure out who to pay first – or maybe who to pay at all
Contractors left out of pocket by the collapse of alleged tax-skimming scammers Plutus Payroll have been asked to provide copious details of their employment history by receiver Deloitte, which appears to have few details of claimants’ status or relationship to Plutus and its associated companies.…
Sad-sack Anon calling himself 'Mr Cunnilingus' online is busted for DDoSing ex-bosses
Electronics tutor's taunts come back to haunt him
An electronics technician pleaded guilty on Wednesday to orchestrating distributed denial of service (DDoS) attacks on a former employer and other organizations – and to unlawfully possessing a firearm as a former felon.…
Sili-spurned Valley! No way, San Jose! Amazon snubs SF Bay Area in search for HQ2 city
Bezos narrows down search for new base to 20 cities, mostly on East Coast
Amazon has trimmed its list of potential cities where it wants to build its second headquarters, dubbed HQ2. The Bezos Bunch says it has narrowed down a list of 238 proposals to 19 US cities and one in Canada.…