Department of Mathematics
 Search | Help | Login | pdf version | printable version

Math @ Duke





.......................

.......................


Yunliang Yu, IT Senior Manager

Yunliang Yu

Open source is an investment in the future.

FDS Motto: we serve and empower the faculty.

Contact Info:
Office Location:  029D Physics
Office Phone:  (919) 660-2803
Email Address:   send me a message
Web Page:   http://www.math.duke.edu/~yu

Office Hours:

12:01AM - 12:02AM every other day except today.
Not by appt :-)
Specialties:

Mathematics
Recent Publications

  1. Y. Yu, test 123 (March, 2010). [PNG, PDF]

Famous Sayings:
Your dream will come true, if you eat your soup.
    --- Angela Yu
Don't be a turkey; read a book.
    --- Christina Yu
Security = avoid "unexpected inputs for unintended results".
    --- moi
Attitude is half reality.
    --- me?
To learn and practice what is learned from time to time is pleasure, is it not? To have friends from afar is happiness, is it not? To be unperturbed when not appreciated by others is a gentleman, is it not?
    --- Kungfu Zi
Better to light a candle than to curse the darkness.
    --- Chinese Proverb

mathprograms.org, academicjobsonline.org, mathjobs.org, ShortURLs, sharedworkingplace.org, chinesecalligraphyandwoodcarving.

/. headline news :-)

  • New Gene Editing Tool Could Fix Most Harmful DNA Mutations
    2019-10-21T20:50:00+00:00
    Scientists have raised fresh hopes for treating people with genetic disorders by inventing a powerful new molecular tool that, in principle, can correct the vast majority of mutations that cause human genetic diseases. From a report: The procedure, named "prime editing," can mend about 89% of the 75,000 or so harmful mutations known to mangle the human genome and lead to conditions such as cystic fibrosis, sickle cell anaemia, and a nerve-destroying illness called Tay-Sachs disease. The landmark work opens the door to a new era of genome editing, but scientists caution that more research is needed before it can be safely used in humans. Beyond proving its safety, another major hurdle is how to deliver the molecular machinery to cells that need it in sufficient amounts to treat a disorder. "This first report of prime editing is the beginning rather than the end of a longstanding aspiration in the life sciences to be able to make any DNA change in any position of a living cell or organism, including potentially human patients with genetic diseases," said David Liu at the Broad Institute of MIT and Harvard in Cambridge, Massachusetts. The ability to rewrite the genetic code is one of the most striking scientific advances of recent years. The most common approach, known as Crispr-Cas9, has been likened to "molecular scissors" which home in on a particular DNA sequence and then cut it in two. The procedure allows scientists to disable specific genes and even correct harmful mutations by providing cells with fresh strands of DNA with which to repair the cut.

    Read more of this story at Slashdot.

  • Apple CEO Tim Cook Joins Influential Chinese University Board
    2019-10-21T20:10:00+00:00
    Apple CEO Tim Cook has been appointed chairman of the advisory board at Tsinghua University School of Economics and Management in Beijing, a role that could provide access to top Chinese leaders at a time the iPhone manufacturer is facing mounting challenges in the world's second largest economy. From a report: Cook will assume the role for three years and replace Jim Breyer, the founder and chief executive of Breyer Capital, according to a statement from the university released on Friday. Cook said he would work with other members on the board, who have not been named, to make the Beijing-based school into a "world-class" education institution. Apple's market share in China is sliding as nationalist rhetoric calling for consumers to switch to Chinese phone manufacturer Huawei has gained momentum amid the trade war between China and the United States. New appointments to the board, which is usually stacked with business and political leaders, could offer clues on the relationship between Beijing and some of the world's most influential business leaders at a time when trade tensions have reached new highs.

    Read more of this story at Slashdot.

  • Bank of America Says It Saves $2 Billion Per Year By Ignoring Amazon and Microsoft and Building Its Own Cloud Instead
    2019-10-21T19:30:00+00:00
    Bank of America has bucked the Wall Street trend by building its own private cloud software rather than outsourcing to companies like Amazon, Microsoft, and Google. From a report: The investment, including a $350 million charge in 2017, hasn't been cheap, but it has had a striking payoff, CEO Brian Moynihan said during the company's third-quarter earnings call. He said the decision helped reduce the firm's servers to 70,000 from 200,000 and its data centers to 23 from 60, and it has resulted in $2 billion in annual infrastructure savings.

    Read more of this story at Slashdot.

  • Traffic Lights Worldwide Set To Change
    2019-10-21T18:51:00+00:00
    A Swedish engineer's umbrage at a traffic ticket has led to a six-year legal fight and now a global change in the speed with which traffic light signals are timed. From a report: After Mats Jarlstrom lost an initial legal challenge in 2014, a federal judge in January this year ruled Oregon's rules prohibiting people from representing themselves as engineers without a professional license from the state are unconstitutional. And now Jarlstrom's calculations and advocacy have led the Institute of Transportation Engineers (ITE) to revisit its guidelines for the timing of traffic signals. As a result, yellow lights around the globe could burn for longer -- ITE is an international advisory group with members in 90 countries. Jarlstrom discovered a problem with the timing of traffic lights in Beaverton, Oregon, after his wife Laurie received a $260 ticket for a red light violation from an automated traffic light camera in 2013. Jarlstrom, who studied electrical engineering in Sweden, challenged the ticket, arguing the timing interval for yellow lights fails to account for scenarios like a driver entering an intersection and slowing to make a turn. A slightly longer interval, he argued, would allow drivers making turns on a yellow light to exit intersections before the light turned red. Even a small timing increase would help -- the automatically generated ticket in this case was issued 0.12 seconds after the light turned red.

    Read more of this story at Slashdot.

  • Avast Says Hackers Breached Internal Network Through Compromised VPN Profile
    2019-10-21T18:11:00+00:00
    An anonymous reader writes: Czech cyber-security software maker Avast disclosed today a security breach that impacted its internal network. In a statement published today, the company said it believed the attack's purpose was to insert malware into the CCleaner software, similar to the infamous CCleaner 2017 incident. Avast said the breach occurred because the attacker compromised an employee's VPN credentials, gaining access to an account that was not protected using a multi-factor authentication solution. The intrusion was detected on September 23, but Avast said it found evidence of the attacker targeting its infrastructure going as far back as May 14, this year. The identity of the attacker is currently unknown, but the company said hackers didn't manage to modify CCleaner downloads this time around.

    Read more of this story at Slashdot.

  • The Chinese Threat To American Speech
    2019-10-21T17:38:00+00:00
    American companies have an obligation to defend the freedom of expression, even at the risk of angering China, writes The New York Times' Editorial Board. From the article: China's assertive campaign to police discourse about its policies, even outside of its borders, and the acquiescence of American companies eager to make money in China, pose a dangerous and growing threat to one of this nation's core values: the freedom of expression. The Communist state is becoming more and more aggressive in pressuring foreign companies to choose between self-censorship and the loss of access to what will soon be the world's largest market. An old list of taboo topics, sometimes described as the "three Ts" -- Tibet, Tiananmen and Taiwan -- has been joined by newer subjects that must not be mentioned, including protests in Hong Kong and China's mistreatment of its Muslim minority. The Constitutions of China and the United States both enshrine freedom of speech, but China's totalitarian regime has long taken a narrow view of that freedom -- and American companies have long accepted those restrictions while doing business in China. Now, however, China is seeking to control not just what is said in China but what is said about China, too. If China has its way, any topic it deems off limits will be scrubbed from global discourse. For the first time since the end of the Cold War, the United States finds itself in a contest of ideas and principles with a country in its own weight class. But this time is different. The United States and China are economically intertwined: The trade volume between the two countries is the greatest of any between two countries in the history of the world. There is no reasonable prospect of disengagement, nor is that a desirable outcome. The clear necessity is for the two countries to find ways of living together, and coexistence requires respect for differences. Instead, China is engaged in the kind of cultural imperialism it often decries. China insists that its national interest is at stake. So is the national interest of the United States and other free nations. China has taken a hard line, and it's time for the United States to respond in kind. The United States and American businesses have a duty to not appease the censors in Beijing -- even if the price of insisting on free expression is a loss of access to the Chinese market.

    Read more of this story at Slashdot.

  • Microsoft Announces Secured-core PCs To Counter Firmware Attacks
    2019-10-21T16:51:00+00:00
    Microsoft today announced a new initiative to combat threats specifically targeted at the firmware level and data stored in memory: Secured-core PCs. From a report: Microsoft partnered with chip and computer makers to apply "security best practices of isolation and minimal trust to the firmware layer, or the device core, that underpins the Windows operating system." Secured-core PCs will be available from Dell, Dynabook, HP, Lenovo, Panasonic, and Surface. Microsoft hasn't released a full list of Secured-core PCs, but two examples include HP's Elite Dragonfly and Microsoft's Surface Pro X. Firmware is used to initialize the hardware and other software on the device. The firmware layer runs underneath the OS, where it has more access and privilege than the hypervisor and kernel. Firmware is thus emerging as a top target for attackers since the malicious code can be hard to detect and difficult to remove, persisting even with an OS reinstall or a hard drive replacement. Microsoft points to the National Vulnerability Database, which shows the number of discovered firmware vulnerabilities growing each year. As such, Secured-core PCs are designed for industries like financial services, government, and healthcare. They are also meant for workers who handle highly sensitive IP, customer, or personal data that poses higher-value targets for nationstate attackers.

    Read more of this story at Slashdot.

  • Equifax Used 'admin' as Username and Password for Sensitive Data: Lawsuit
    2019-10-21T16:10:00+00:00
    AndrewFlagg writes: When it comes to using strong username and passwords for administrative purposes let alone customer facing portals, Equifax appears to have dropped the ball. Equifax used the word "admin" as both password and username for a portal that contained sensitive information, according to a class action lawsuit filed in federal court in the Northern District of Georgia. The ongoing lawsuit, filed after the breach, went viral on Twitter Friday after Buzzfeed reporter Jane Lytvynenko came across the detail. "Equifax employed the username 'admin' and the password 'admin' to protect a portal used to manage credit disputes, a password that 'is a surefire way to get hacked,'" the lawsuit reads. The lawsuit also notes that Equifax admitted using unencrypted servers to store the sensitive personal information and had it as a public-facing website. When Equifax, one of the three largest consumer credit reporting agencies, did encrypt data, the lawsuit alleges, "it left the keys to unlocking the encryption on the same public-facing servers, making it easy to remove the encryption from the data." The class-action suit consolidated 373 previous lawsuits into one. Unlike other lawsuits against Equifax, these don't come from wronged consumers, but rather shareholders that allege the company didn't adequately disclose risks or its security practices.

    Read more of this story at Slashdot.

  • Lawmakers Slam Apple for 'Censorship' of Apps at China's Behest
    2019-10-21T15:50:00+00:00
    U.S. lawmakers from both parties slammed Apple and Chief Executive Officer Tim Cook last week for "censorship of apps" at the "behest of the Chinese government." From a report: Senators Ted Cruz, Ron Wyden, Tom Cotton, Marco Rubio and Representatives Alexandria Ocasio-Cortez, Mike Gallagher and Tom Malinowski expressed concern about the removal of an app that let Hong Kong protesters track police movement in the city. "Apple's decisions last week to accommodate the Chinese government by taking down HKmaps is deeply concerning," they wrote in a letter to Cook, urging Apple to "reverse course, to demonstrate that Apple puts values above market access, and to stand with the brave men and women fighting for basic rights and dignity in Hong Kong." Apple didn't respond to a request for comment on Friday. Apple removed the HKmap.live app from the App Store in China and Hong Hong earlier this month, saying it violated local laws. The company also said it received "credible information" from Hong Kong authorities indicating the software was being used "maliciously" to attack police. The decision, and the reasoning, was questioned widely. Cook, in a recent memo to Apple employees, said that "national and international debates will outlive us all, and, while important, they do not govern the facts."

    Read more of this story at Slashdot.

  • Popular VPN Service NordVPN Says it Was Hacked
    2019-10-21T14:48:00+00:00
    NordVPN, a virtual private network provider that promises to "protect your privacy online," has confirmed it was hacked. From a report: The admission comes following rumors that the company had been breached. It first emerged that NordVPN had an expired internal private keys exposed, potentially allowing anyone to spin out their own servers imitating NordVPN. For its part, NordVPN has claimed a "zero logs" policy. "We don't track, collect, or share your private data," the company says. But the breach is likely to cause alarm that hackers may have been in a position to access some user data. NordVPN told TechCrunch that one of its datacenters was accessed in March 2018. "One of the datacenters in Finland we are renting our servers from was accessed with no authorization," said NordVPN spokesperson Laura Tyrell. The attacker gained access to the server -- which had been active for about a month -- by exploiting an insecure remote management system left by the datacenter provider, which NordVPN said it was unaware that such a system existed.

    Read more of this story at Slashdot.

  • Venezuela's Water System is Collapsing
    2019-10-21T14:05:00+00:00
    In Venezuela, a crumbling economy and the collapse of even basic state infrastructure means water comes irregularly -- and drinking it is an increasingly risky gamble. Venezuela's current rate of infant mortality from diarrhea, which is closely related to water quality, is six times higher than 15 years ago, according to the World Health Organization. From a report: But the government stopped releasing official public health data years ago. So The New York Times commissioned researchers from the Universidad Central de Venezuela to recreate the water quality study they had conducted regularly for the water utility in Caracas from 1992 until 1999. The scientists found that about a million residents were exposed to contaminated supplies. This puts them at risk of contracting waterborne viruses that could sicken them and threatens the lives of children and the most vulnerable. "This is a potential epidemic," said Jose MarÃa De Viana, who headed Caracas's water utility, Hidrocapital, until 1999. "It's very serious. It's unacceptable." In the latest study, 40 samples were taken from the capital's main water systems and tested for bacteria and for chlorine, which keeps water safe. The study also tested alternative water sources used by city residents during supply outages. One third of the samples did not meet national norms. This should have required Hidrocapital to issue a sanitation alert, according to the utility's own internal regulations. But Venezuela's government has not issued any alerts at least since President Nicolas Maduro's Socialist Party took power 20 years ago. "The biggest health risk that we see there right now is water -- water and sanitation," the head of the International Federation of the Red Cross, Francesco Rocca, told foreign reporters this week, referring to Venezuela.

    Read more of this story at Slashdot.

  • Researchers Tricked Google Home and Alexa Into Eavesdropping and Password Phishing
    2019-10-21T11:34:00+00:00
    What if Google and Amazon employees weren't the only ones who'd listened through your voice assistant? Ars Technica reports: The threat isn't just theoretical. Whitehat hackers at Germany's Security Research Labs developed eight apps -- four Alexa "skills" and four Google Home "actions" -- that all passed Amazon or Google security-vetting processes. The skills or actions posed as simple apps for checking horoscopes, with the exception of one, which masqueraded as a random-number generator. Behind the scenes, these "smart spies," as the researchers call them, surreptitiously eavesdropped on users and phished for their passwords... The apps gave the impression they were no longer running when they, in fact, silently waited for the next phase of the attack.... The apps quietly logged all conversations within earshot of the device and sent a copy to a developer-designated server. The phishing apps follow a slightly different path by responding with an error message that claims the skill or action isn't available in that user's country. They then go silent to give the impression the app is no longer running. After about a minute, the apps use a voice that mimics the ones used by Alexa and Google home to falsely claim a device update is available and prompts the user for a password for it to be installed.... In response, both companies removed the apps and said they are changing their approval processes to prevent skills and actions from having similar capabilities in the future.

    Read more of this story at Slashdot.

  • Teenagers Are Easily Bypassing Apple's Parental Controls
    2019-10-21T07:34:00+00:00
    "Kids are outsmarting an army of engineers from Cupertino, California," reports the Washington Post: And Apple, which introduced "Screen Time" a year ago in response to pressure to address phone overuse by kids, has been slow to make fixes to its software that would close these loopholes. It's causing some parents to raise questions about Apple's commitment to safeguarding children from harmful content and smartphone addiction. When Screen Time blocks an app from working, it becomes grayed out, and clicking on it does nothing unless parents approve a request for more time. Or, at least, it's supposed to work that way. On Reddit and YouTube, kids are sharing tips and tricks that allow them to circumvent Screen Time. They download special software that can exploit Apple security flaws, disabling Screen Time or cracking their parents' passwords. They search for bugs that make it easy to keep using their phones, unbeknown to parents, such as changing the time to trick the system or using iMessage to watch YouTube videos. "These are not rocket science, backdoor, dark Web sort of hacks," said Chris McKenna, founder of the Internet safety group Protect Young Eyes. "It blows me away that Apple hasn't thought through the fact that a persistent middle school boy or girl can bang around and find them."

    Read more of this story at Slashdot.

  • 40% Of America's Schools Have Now Dropped Their SAT/ACT Testing Requirement
    2019-10-21T04:34:00+00:00
    "A record number" of U.S. schools are now accepting nearly all of their students without requiring an SAT or ACT test score, reports the Washington Post: Robert A. Schaeffer, public education director of FairTest, which opposes the misuse of standardized tests, said the past year has seen the "fastest growth spurt ever" of schools ending the SAT/ACT test score as an admission requirement. Over the summer, more than one school a week announced the change. Nearly 50 accredited colleges and universities that award bachelor's degrees announced from September 2018 to September 2019 that they were dropping the admissions requirement for an SAT or ACT score, FairTest said. That brings the number of accredited schools to have done so to 1,050 -- about 40 percent of the total, the nonprofit said. While the test-optional list has some schools with specific missions -- there are religious colleges, music and art conservatories, nursing schools -- it also includes more than half of the top 100 liberal arts colleges on the U.S. News & World Report list, FairTest said. Also on the list are the majority of colleges and universities in Maryland, Pennsylvania, Virginia, the District of Columbia and the six New England states... Research has consistently shown that ACT and SAT scores are strongly linked to family income, mother's education level and race... The University of Chicago, which abandoned the requirement last year, reported in July that its decision, along with an increase in financial aid and outreach, led to a 20 percent increase in first-generation, low-income and rural students and veterans to commit to the school.

    Read more of this story at Slashdot.

  • Is AT&T Hiding A Widespread Voicemail Outage?
    2019-10-21T01:39:00+00:00
    Though people can still leave voicemail messages, "Some AT&T customers say they have not had access to their voicemail since the beginning of October," one local news site reported this week: An AT&T spokesperson sent the following statement to ABC11 about the issue: "We're aware that some customers may be having difficulty retrieving their voicemail due to a vendor server problem. We're in contact with the vendor as they work to fix it and apologize for any inconvenience this may cause." ABC11 received several messages from frustrated AT&T customers. "I have been told multiple times that it would be fixed the same day. Today I was told there is no estimated repair date. I don't know what to do. I am a psychologist and people who have mental health issues call me," one said. "They get my message and leave me a voicemail. There is no indication that I won't be able to access it." "Voicemail is a crucial function on most people's devices. Having it down for weeks is unacceptable," another said. "If they don't fix this issue they will be losing lot of customers. I am been calling daily, but no result." Slashdot reader amxcoder writes today that AT&T eventually cited their vendor's server issue back on October 9th in their help forum, and that in the 11 days since, "the problem appear to be spreading." After contacting Tech Support on October 20th, it appears that Level One tech support is not aware of the problem, and Level Two reports the problem is affecting Alabama, Louisiana, Arkansas, Maryland, Florida, Mississippi, Georgia, Kentucky, North Carolina and Tennessee. However California and possibly other states seem to be affected as well. Because AT&T is being tight-lipped about this outage, even to it's own customers that it is affecting, it's difficult to know how many customers this is impacting. No official statement is being sent to customers, nor are customers being updated on progress or given an ETA on resolving the problem. Some online chatter is wondering if AT&T is trying to keep this "under the radar" as long as they can because of something more nefarious, such as a data breach, hacked servers, or even ransomware. Anyone's guess is a good as another without official public statement from AT&T.

    Read more of this story at Slashdot.

 

dept@math.duke.edu
ph: 919.660.2800
fax: 919.660.2821

Mathematics Department
Duke University, Box 90320
Durham, NC 27708-0320