Daily Archives: February 9, 2018

Wish you could log into someone’s Netgear box without a password? Summon a &genie=1 – get patching!

Posted on by

Some 17 Netgear routers have a remote authentication bypass, meaning malware or miscreants on your network, or able to reach the device’s web-based configuration interface from the internet, can gain control without having to provide a password. Just stick &genie=1 in the URL, and bingo.

That’s pretty bad news for any vulnerable gateways with remote configuration access enabled, as anyone on the internet can exploit the cockup to take over the router, change its DNS settings, redirect browsers to malicious sites, and so on.

Another 17 Netgear routers – with some crossover with the above issue – have a similar bug, in that the genie_restoring.cgi script, provided by the box’s built-in web server, can be abused to extract files and passwords from its filesystem in flash storage – it can even be used to pull files from USB sticks plugged into the router.

Other models have less severe problems that still need patching just in case. For example, after pressing the Wi-Fi Protected Setup button, six of Netgear’s routers open up a two-minute window during which an attacker can potentially execute arbitrary code on the router as root over the air.

Source: Wish you could log into someone’s Netgear box without a password? Summon a &genie=1 • The Register

Robot learns to mimic simple human motions

Posted on by

Researchers from the University of California, Berkeley, in the USA, have made some progress on this front by teaching code controlling a robot arm and hand to perform three tasks: grabbing an object and placing it in a specific position; pushing an object; and pushing and pulling an object after seeing the same action performed by a human arm.

Think picking up stuff, such as a toy, and placing it on a box, pushing a little car along a table, and so on.

The technique, described in a paper out this week, has been dubbed “one-shot imitation.” And, yes, it requires a lot of training before it can start copycatting people on demand. The idea is to educate the code to the point where it can immediately recognize movements, or similar movements, from its training, and replay them.

A few thousand videos depicting a human arm and a robot arm completing movements and actions are used to prime the control software. The same actions are repeated using different backgrounds, lighting effects, objects, and human arms to increase the depth of the machine-learning model’s awareness of how the limbs generally operate, and thus increase the chances of the robot successfully imitating a person on the fly.

Source: Is that you, T-1000? No, just a lil robot that can mimic humans on sight • The Register

SpaceX Roadster skips Mars, steers to asteroids, central core booster explodes

Posted on by

During a press conference after liftoff, Musk said it was dicey whether the second stage would power up at all. The fuel could have frozen, the oxygen boiled off, or the avionics failed, as the rocket spent more than five hours in our planet’s high-radiation Van Allen belts before firing up.

Usually spacecraft punch through the belts as quickly as possible to minimize the risk of damage. After hours of charged particles bombarding the podule, it still worked just fine. Ish. Maybe it was performing a touching tribute to Tesla’s autopilot software.

The payload was supposed to get into an orbit around the Sun, and skim Mars. Instead, the car will whiz past the Red Planet by a much larger margin than expected and zoom off out toward the asteroid belt. T
[…]
Musk explained what went wrong with the attempted landing of the Falcon Heavy’s central core. The booster was trying to land on the floating autonomous barge Of Course I Still Love You when it suffered a “rapid, unscheduled disassembly,” to use SpaceX’s term for crashed and burned.

According to Musk, the booster had enough main fuel to make the landing, but it ran out of the triethylaluminum and triethylborane (TEA-TEB) fuel that is used to reignite the rocket engines, which are needed to control the rate of descent. Its central motor lit up, but the two other engines didn’t.

The result was that the booster came down too fast and off target. It hit the Atlantic ocean at about 300 MPH 100 metres from the barge, and disintegrated, damaging two of the sea vessel’s four thrusters, which are used to keep the ship in position.

Source: What did we say about Tesla’s self-driving tech? SpaceX Roadster skips Mars, steers to asteroids • The Register

Typical Tesla!

The House That Spied on Me: living in a smart home

Posted on by

In December, I converted my one-bedroom apartment in San Francisco into a “smart home.” I connected as many of my appliances and belongings as I could to the internet: an Amazon Echo, my lights, my coffee maker, my baby monitor, my kid’s toys, my vacuum, my TV, my toothbrush, a photo frame, a sex toy, and even my bed.

Source: The House That Spied on Me

It’s a good story on the privacy and especially the practicality of living in a smart home.

I recognise quite a lot in that much of it is quite a bit of hassle, especially trying to get it working the way you want it to!

Cheddar Man: Britains’ first men were black. And so were Europes’.

Posted on by

New research into ancient DNA extracted from the skeleton has helped scientists to build a portrait of Cheddar Man and his life in Mesolithic Britain.The biggest surprise, perhaps, is that some of the earliest modern human inhabitants of Britain may not have looked the way you might expect.Dr Tom Booth is a postdoctoral researcher working closely with the Museum’s human remains collection to investigate human adaptation to changing environments.’Until recently it was always assumed that humans quickly adapted to have paler skin after entering Europe about 45,000 years ago,’ says Tom. ‘Pale skin is better at absorbing UV light and helps humans avoid vitamin D deficiency in climates with less sunlight.’However, Cheddar Man has the genetic markers of skin pigmentation usually associated with sub-Saharan Africa.This discovery is consistent with a number of other Mesolithic human remains discovered throughout Europe.

Source: Cheddar Man: Mesolithic Britain’s blue-eyed boy | Natural History Museum

PinMe: Tracking a Smartphone User around the World with GPS and WiFi off

Posted on by

We describe PinMe, a novel user-location mechanism that exploits non-sensory/sensory data stored on the smartphone, e.g., the environment’s air pressure, along with publicly-available auxiliary information, e.g., elevation maps, to estimate the user’s location when all location services, e.g., GPS, are turned off.

Source: [1802.01468] PinMe: Tracking a Smartphone User around the World

The gender pay gap at Uber is small and has a reason

Posted on by

Specifically, the study stated, drivers who make runs for Uber more frequently are more likely to know where and when to operate in order to get the highest-paying fares.

Thus, because women, on average, spend less time driving for Uber than their male counterparts, they are less likely to be around to grab the highest-paying fares.

“Men’s willingness to supply more hours per week (enabling them to earn more) and to target the most profitable locations shows that women continue to pay a cost for working reduced hours each week, even with no convexity in the hours-earning schedule,” the research team stated.

The study, which was based on data collected from 1,877,252 drivers operating in America from January 2015 to March 2017, examined factors including average hours worked per week, money earned over the whole week, and money earned per hour.
[…]
Overall, the gang concluded that those who drove an Uber car more often were able to make more per trip, and because on average the men surveyed drove 50 per cent more often, they were able to get on average $21.28 (£15.23) per hour compared to $20.04 (£14.35) logged by their female counterparts.

With more time driving, we’re told, comes a better idea of when and where the best fares are to be expected.
[…]
“A driver with more than 2,500 lifetime trips completed earns 14 per cent more per hour than a driver who has completed fewer than 100 trips in her time on the platform, in part because she learns where to drive, when to drive, and how to strategically cancel and accept trips.”

At least one other factor was cited in the gap: speed.

The study found that while driving for Uber, men tended to drive around 2.2 per cent faster than women. This meant that, over the long haul, they were able to rack up a few extra trips and make a bit more money.

“Increasing speed increases expected driver earnings in almost all Uber settings,” the research team concluded.

Source: Uber: Ah yeah, we pay women drivers less than men. We can explain!