3-4 cups leftover medium or long-grain rice, such as jasmine (no freshly steamed rice)
3 eggs, well beaten
Salt
2 tsp. light soy sauce
Toasted sesame oil
Photo: Kevin Pang
Heat a 12-inch non-stick skillet or wok over medium-high heat. Add diced bacon and sauté until crisp and golden. Remove from pan and leave about a tablespoon of rendered bacon fat in the pan. (Any more and your final product may become too greasy.)
Add beaten eggs, swirling to evenly coat the bottom of the pan. When the edges start to ruffle, add the rice evenly on to the eggs. Gently but expeditiously stir them around, breaking the eggs into small pieces. Do not press down on the rice, as you want to keep the fluffy texture. I use chopsticks to do the stirring, which also curbs the impulse to smoosh down with a spatula.
When the rice is warmed through, add bacon back in and stir through. If using the Chinese preserved vegetables add them in now too. Add a small pinch of salt to season.
Season with a teaspoon of soy sauce to start, and take a quick taste. If you like a bit of a deeper flavor add another teaspoon. Remember we are going for a light brown color, not a murky dark shade.
Turn off the heat, add scallions and stir through. Add a drizzle of toasted sesame oil, and stir gently to incorporate. Scoop into bowls and serve immediately.
As face recognition in public places becomes more commonplace, Big Brother Watch is especially concerned with false identification. In May, South Wales Police revealed that its face-recognition software had erroneously flagged thousands of attendees of a soccer game as a match for criminals; 92 percent of the matches were wrong. In a statement to the BBC, Matt Jukes, the chief constable in South Wales, said “we need to use technology when we’ve got tens of thousands of people in those crowds to protect everybody, and we are getting some great results from that.”
If someone is misidentified as a criminal or flagged, police may engage and ask for further identification. Big Brother Watch argues that this amounts to “hidden identity checks” that require people to “prove their identity and thus their innocence.” 110 people were stopped at the event after being flagged, leading to 15 arrests.
Simply walking through a crowd could lead to an identity check, but it doesn’t end there. South Wales reported more than 2,400 “matches” between May 2017 and March 2018, but ultimately made only 15 connecting arrests. The thousands of photos taken, however, are still stored in the system, with the overwhelming majority of people having no idea they even had their photo taken.
Thieves siphoned hundreds of millions of pesos out of Mexican banks, including No. 2 Banorte, by creating phantom orders that wired funds to bogus accounts and promptly withdrew the money, two sources close to the government’s investigation said. Hackers sent hundreds of false orders to move amounts ranging from tens of thousands to hundreds of thousands of pesos from banks including Banorte, to fake accounts in other banks, the sources said, and accomplices then emptied the accounts in cash withdrawals in dozens of branch offices.
One source said the thieves transferred more than 300 million pesos ($15.4 million). Daily newspaper El Financiero said about 400 million pesos had been stolen in the hack, citing an anonymous source.
It was not clear how much of the money transferred was later withdrawn in cash. Some of the attempts to fraudulently transfer funds were blocked, the sources said.
It’s not particularly difficult, particularly with Shodan to help. The required steps are:
Discover targets on Shodan by searching for the rootDesc.xml file (Imperva found 1.3 million devices);
Use HTTP to access rootDesc.xml;
Modify the victim’s port forwarding rules (the researchers noted that this isn’t supposed to work, since port forwarding should be between internal and external addresses, but “few routers actually bother to verify that a provided ‘internal IP’ is actually internal, and [they abide] by all forwarding rules as a result”.
Launch the attack.
That means an attacker can create a port forwarding rule that spoofs a victim’s IP address – so a bunch of ill-secured routers can be sent a DNS request which they’ll try to return to the victim, in the classic redirection DDoS attack.
The port forwarding lets an attacker use “evasive ports”, “enabling them to bypass commonplace scrubbing directives that identify amplification payloads by looking for source port data for blacklisting”, the post explained.
A team of computer scientists have built the smallest completely autonomous nano-drone that can control itself without the need for a human guidance.
Although computer vision has improved rapidly thanks to machine learning and AI, it remains difficult to deploy algorithms on devices like drones due to memory, bandwidth and power constraints.
But researchers from ETH Zurich, Switzerland and the University of Bologna, Italy have managed to build a hand-sized drone that can fly autonomously and consumes only about 94 milliWatts (0.094 W) of energy. Their efforts were published in a paper on arXiv earlier this month.
At the heart of it all is DroNet, a convolutional neural network that processes incoming images from a camera at 20 frames per second. It works out the steering angle, so that it can control the direction of the drone, and the probability of a collision, so that it know whether to keep going or stop. Training was conducted using thousands of images taken from bicycles and cars driving along different roads and streets.
[…]
But it suffers from some of the same setbacks as the older model. Since it was trained with images from a single plane, the drone can only move horizontally and cannot fly up or down.
No holograms, no 3D, no AR, no bullshit. Square Off is a chess board where the pieces move themselves, and you can play online or against AI.
Square Off is really something special. There’s no avoiding a smile the first time you see a knight slide out from the back row without banging into any pawns along the way, and there’s a certain smug satisfaction from the AI as it slowly slides your pieces off the board after capturing them.
GIF: Square Off
The board houses a 2200 mAh battery that’s rated to around 50 games, rechargeable via AC adapter. There are two versions of Square Off, the standard $329 “Kingdom” set and the $399 “Grand Kingdom” set. The latter, which I’m playing with as I write this, has:
Additional capture space where the opponent’s captured pieces are placed automatically at their designated position
Auto Rest of board after current game is over.
Comes with Special Edition Premium Rosewood chess set
Board size is bigger due to additional capture space but play area is same as Kingdom Set
The Square Off app, which has to remain connected to the board throughout play, is very bare bones at this point, and we’ll update accordingly as upcoming features roll out, including:
Chess.com integration
Game analyzer
Training mode
Pro game live “streaming” and match recording
Chat
While the whole package feels very premium and well-made, at these price points, it’s a bit crazy that there’s no included permanent storage case for the pieces.
Square Off is planning to start taking orders after April 15, once their crowdfunded preorders have all been delivered. Ultimately they also plan to make the board modular for the playing of other games by switching out the surface.
Hard on the heels of the first network-based Rowhammer attack, some of the boffins involved in discovering Meltdown/Spectre have shown off their own technique for flipping bits using network requests.
With a gigabit connection to the victim, the researchers reckon, they can induce security-critical bit flips using crafted quality-of-service packets.
Last week, we reported on research called “Throwhammer” that exploited Rowhammer via remote direct memory access (RDMA) channels.
In separate research, Meltdown/Spectre veterans Daniel Gruss, Moritz Lipp and Michael Schwarz of Graz University of Technology and their team have published a paper describing Nethammer (their co-authors are Lukas Lamster and Lukas Raab, also of Graz; Misiker Tadesse Aga of the University of Michigan; and Clémentine Maurice of IRISA at the University of Rennes).
Nethammer works, they said, without any attacker-controlled code on the target, attacking “systems that use uncached memory or flush instructions while handling network requests.
