United States

US Product Safety Commission Warns That Some Fidget Spinners Explode (cnn.com) 97

An anonymous reader quotes a report from CNN: Fidget spinners are supposed to be calming and fun, especially for students struggling to focus. But after some dangerous incidents involving the popular gizmos, the US Consumer Product Safety Commission has issued new fidget spinner safety guidance for consumers and businesses. There have been a handful of choking incidents reported with the toys, as well as two instances of battery-operated spinners catching on fire and another incident in which a fidget spinner melted, the agency said. No deaths have been reported. The agency also issued safety guidance on battery-operated fidget spinners. Consumers should always be present when the product is charging, never charge it overnight and always use the cable it came with, the statement said. Users should unplug their spinner immediately once it's fully charged and make sure they have working smoke detectors in their home.

"As the agency investigates some reported incidents associated with this popular product, fidget spinner users or potential buyers should take some precautions," Ann Marie Buerkle, acting chief of the Consumer Product Safety Commission, said in a statement. "Keep them from small children; the plastic and metal spinners can break and release small pieces that can be a choking hazard; and older children should not put fidget spinners in their mouths." Fidget spinners should be kept away from children under the age of 3, the statement said.

Security

Scientists Create DNA-Based Exploit of a Computer System (technologyreview.com) 43

Archeron writes: It seems that scientists at University of Washington in Seattle have managed to encode malware into genomic data, allowing them to gain full access to a computer being used to analyze the data. While this may be a highly contrived attack scenario, it does ask the question whether we pay sufficient attention to data-driven exploits, especially where the data is instrument-derived. What other systems could be vulnerable to a tampered raw data source? Perhaps audio and RF analysis systems? MIT Technology Review reports: "To carry out the hack, researchers led by Tadayoshi Kohno and Luis Ceze encoded malicious software in a short stretch of DNA they purchased online. They then used it to gain 'full control' over a computer that tried to process the genetic data after it was read by a DNA sequencing machine. The researchers warn that hackers could one day use faked blood or spit samples to gain access to university computers, steal information from police forensics labs, or infect genome files shared by scientists. To make the malware, the team translated a simple computer command into a short stretch of 176 DNA letters, denoted as A, G, C, and T. After ordering copies of the DNA from a vendor for $89, they fed the strands to a sequencing machine, which read off the gene letters, storing them as binary digits, 0s and 1s. Yaniv Erlich, a geneticist and programmer who is chief scientific officer of MyHertige.com, a genealogy website, says the attack took advantage of a spill-over effect, when data that exceeds a storage buffer can be interpreted as a computer command. In this case, the command contacted a server controlled by Kohno's team, from which they took control of a computer in their lab they were using to analyze the DNA file." You can read their paper here.
AMD

AMD Ryzen Threadripper Launched: Performance Benchmarks Vs Intel Skylake-X (hothardware.com) 122

Reader MojoKid writes: AMD continues its attack on the desktop CPU market versus Intel today, with the official launch of the company's Ryzen Threadripper processors. Threadripper is AMD's high-end, many-core desktop processor, that leverages the same Zen microarchitecture that debuted with Ryzen 7. The top-end Ryzen Threadripper 1950X is a multi-chip module featuring 16 processor cores (two discrete die), with support for 32 threads. The base frequency for the 1950X is 3.4GHz, with all-core boost clocks of up to 3.7GHz. Four of the cores will regularly boost up to 4GHz, however, and power and temperature permitting, those four cores will reach 4.2GHz when XFR kicks in. The 12-core Threadripper 1920X has very similar clocks and its boost and XFR frequencies are exactly the same. The Threadripper 1920X's base-clock, however, is 100MHz higher than its big brother, at 3.5GHz. In a litany of benchmarks with multi-threaded workloads, Threadripper 1950X and 1920X high core-counts, in addition to strong SMT scaling, result in the best multi-threaded scores seen from any single CPU to date. Threadripper also offers massive amounts of memory bandwidth and more IO than other Intel processors. Though absolute power consumption is somewhat high, Threadrippers are significantly more efficient than AMD's previous-generation processors. In lightly-threaded workloads, Threadripper trails Intel's latest Skylake-X CPUs, however, which translates to lower performance in applications and games that can't leverage all of Threadripper's additional compute resources. Threadripper 1950X and 1920X processors are available starting today at $999 and $799, respectively. On a per-core basis, they're less expensive than Intel Skylake-X and very competitively priced.
Hardware

Consumer Reports Pulls Microsoft Laptop Recommendation (go.com) 126

The breakage rate for Microsoft's Surface devices is significantly worse than for other manufacturers' laptops and tablets, Consumer Reports said, adding that it was removing its "recommended" designation for Surface products. From a report: The consumer advocacy group said Thursday that it can no longer recommend Microsoft laptops or tablets because of poor reliability compared to other brands. Microsoft said the findings don't accurately reflect Surface owners' "true experiences." The consumer group says Microsoft machines have performed well in laboratory testing. But a subscriber survey found start-up and freezing problems. The devices losing their "recommended" status are the Surface Laptop (128GB and 256GB versions) and Surface Book (128GB and 512GB versions).
Software

Researchers Build True Random Number Generator From Carbon Nanotubes (ieee.org) 144

Wave723 writes: IEEE Spectrum reports on a true random number generator that was created with single-walled semiconducting carbon nanotubes. Researchers at Northwestern University printed a SRAM cell with special nanotube ink, and used it to generate random bits based on thermal noise. This method could be used to improve the security of flexible or printed electronics. From the report: "Once Mark Hersam, an expert in nanomaterials at Northwestern University, and his team had printed their SRAM cell, they needed to actually generate a string of random bits with it. To do this, they exploited a pair of inverters found in every SRAM cell. During normal functioning, the job of an inverter is to flip any input it is given to be the opposite, so from 0 to 1, or from 1 to 0. Typically, two inverters are lined up so the results of the first inverter are fed into the second. So, if the first inverter flips a 0 into a 1, the second inverter would take that result and flip it back into a 0. To manipulate this process, Hersam's group shut off power to the inverters and applied external voltages to force the inverters to both record 1s. Then, as soon as the SRAM cell was powered again and the external voltages were turned off, one inverter randomly switched its digit to be opposite its twin again. 'In other words, we put [the inverter] in a state where it's going to want to flip to either a 1 or 0,' Hersam says. Under these conditions, Hersam's group had no control over the actual nature of this switch, such as which inverter would flip, and whether that inverter would represent a 1 or a 0 when it did. Those factors hinged on a phenomenon thought to be truly random -- fluctuations in thermal noise, which is a type of atomic jitter intrinsic to circuits." Hersam and his team recently described their work in the journal Nano Letters.

Slashdot Top Deals