Department of Mathematics
 Search | Help | Login | pdf version | printable version

Math @ Duke





.......................

.......................


Yunliang Yu, IT Senior Manager

Yunliang Yu

Open source is an investment in the future.

FDS Motto: we serve and empower the faculty.

Contact Info:
Office Location:  029D Physics
Office Phone:  (919) 660-2803
Email Address:   send me a message
Web Page:   http://www.math.duke.edu/~yu

Office Hours:

12:01AM - 12:02AM every other day except today.
Not by appt :-)
Specialties:

Mathematics
Recent Publications

  1. Y. Yu, test 123 (March, 2010). [PNG, PDF]

Famous Sayings:
Your dream will come true, if you eat your soup.
    --- Angela Yu
Don't be a turkey; read a book.
    --- Christina Yu
Security = avoid "unexpected inputs for unintended results".
    --- moi
Attitude is half reality.
    --- me?
To learn and practice what is learned from time to time is pleasure, is it not? To have friends from afar is happiness, is it not? To be unperturbed when not appreciated by others is a gentleman, is it not?
    --- Kungfu Zi
Better to light a candle than to curse the darkness.
    --- Chinese Proverb

mathprograms.org, academicjobsonline.org, mathjobs.org, ShortURLs, sharedworkingplace.org, chinesecalligraphyandwoodcarving.

/. headline news :-)

  • A Corporate-issued Laptop Stolen From a Lenovo Employee in September Contained Unencrypted Payroll Data on APAC Staff
    2018-12-14T14:00:00+00:00
    A corporate-issued laptop lifted from a Lenovo employee in Singapore contained a cornucopia of unencrypted payroll data on staff based in the Asia Pacific region, news outlet The Register reports. From the report: Details of the massive screw-up reached us from Lenovo staffers, who are simply bewildered at the monumental mistake. Lenovo has sent letters of shame to its employees confessing the security snafu. "We are writing to notify you that Lenovo has learned that one of our Singapore employees recently had the work laptop stolen on 10 September 2018," the letter from Lenovo HR and IT Security, dated 21 November, stated. "Unfortunately, this laptop contained payroll information, including employee name, monthly salary amounts and bank account numbers for Asia Pacific employees and was not encrypted." Lenovo employs more than 54,000 staff worldwide, the bulk of whom are in China.

    Read more of this story at Slashdot.

  • The Painful, Costly Journey of Returned Goods -- and How You End Up Purchasing Some of Them Again
    2018-12-14T13:30:00+00:00
    Buyers return a huge number of packages they buy from Amazon and other e-commerce sites, so much so that retailers are sometimes left with little choice but to get rid of large swaths of inventory at a cost. Last year, customers in the U.S. returned about $351 billion worth of items that they had purchased from brick-and-mortar retailers and online stores, according to estimates by National Retail Federation. CNBC: There's a good chance that the $100 printer, the $300 wide-screen monitor, or the $170 router you recently bought from Amazon weren't supplied to the e-commerce giant by their original manufacturers. In fact, the order may have been fulfilled by someone like Casey Parris, who resells items that customers previously returned to retailers. Based in Florida, Parris spends about five hours each day visiting thrift stores and scanning auction and liquidation websites for interesting items, he told CNBC. Sometimes he finds auto parts, other times it's a pair of sneakers, and occasionally he purchases printer cartridges -- all with the goal of reselling them. Walter Blake, who lives in Michigan, does the same. For years, he's been selling electronic items on Amazon that he acquires from a network of places. Blake and Parris are part of a growing cottage industry where dealers acquire discarded items at very low prices, only to resell some of them back on Amazon and eBay at a premium.

    Read more of this story at Slashdot.

  • Facebook Doesn't Care About Fixing Fake News Problem On Its Platform
    2018-12-14T13:00:00+00:00
    An anonymous reader quotes a report from The Guardian: Journalists working as factcheckers for Facebook have pushed to end a controversial media partnership with the social network, saying the company has ignored their concerns and failed to use their expertise to combat misinformation. Current and former Facebook factcheckers told the Guardian that the tech platform's collaboration with outside reporters has produced minimal results and that they've lost trust in Facebook, which has repeatedly refused to release meaningful data about the impacts of their work. Some said Facebook's hiring of a PR firm that used an antisemitic narrative to discredit critics -- fueling the same kind of propaganda factcheckers regularly debunk -- should be a deal-breaker. Facebook now has more than 40 media partners across the globe, including the Associated Press, PolitiFact and the Weekly Standard, and has said false news on the platform is "trending downward." While some newsroom leaders said the relationship was positive, other partners said the results were unclear and that they had grown increasingly resentful of Facebook. Facebook has said that third-party factchecking is one part of its strategy to fight misinformation, and has claimed that a "false" rating leads an article to be ranked lower in news feed, reducing future views by 80% on average. The company has refused, however, to publicly release any data to support these claims. Facebook said in a statement that it had "heard feedback from our partners that they'd like more data on the impact of their efforts," adding that it has started sending "quarterly reports" with "customized statistics" to partners and would be"looking for more statistics to share externally in early 2019." Facebook declined to share the reports with the Guardian.

    Read more of this story at Slashdot.

  • NASA's Jupiter Mission Juno Reveals Giant Polar Storms
    2018-12-14T10:00:00+00:00
    NASA's Juno mission to the gas giant Jupiter has reached its halfway mark and has revealed new views of cyclones at the poles. The BBC reports: As it orbits the planet every 53 days - Juno performs a science-gathering dive, speeding from pole to pole. Its sensors take measurements of the composition of the planet, in an effort to decipher how the largest world in our Solar System formed. Mapping the magnetic and gravity fields should also expose Jupiter's structure. But images from JunoCam -- a camera that was intended to capture images that could be shared with the public -- has already given us some surprising insights. "When we made our first pass over the poles, we knew we were seeing a territory on Jupiter we had never seen before," said Dr Candice Hansen, from the Planetary Science Institute in Arizona. "What we did not expect was that we would see these orderly polygons of cyclones; huge storms - twice the size of Texas."

    Read more of this story at Slashdot.

  • Supernovae May Explain Mass Extinctions of Marine Animals During Pliocene Era
    2018-12-14T07:00:00+00:00
    "The Register has an article on the possibility that a supernova or a series of them could explain a mass die-off of marine animals around 2.6 million years ago," writes Slashdot reader KindMind. From the report: A gigantic supernova explosion may have triggered mass extinctions for creatures living in Earth's prehistoric oceans some 2.6 million years ago, according to new research published in Astrobiology. Marine animals like the megalodon [...] suddenly disappeared during the late Pliocene. Around the same time, scientists [...] noticed a peak in the iron-60 isotope in ancient seabeds. "As far back as the mid-1990s, people said, "Hey, look for iron-60. It's a telltale because there's no other way for it to get to Earth but from a supernova.' Because iron-60 is radioactive, if it was formed with the Earth it would be long gone by now. So, it had to have been rained down on us" explained Adrian Melott, lead author of the paper and a physics and astronomy professor at the University of Kansas. The team believes that a supernova located 150 light years away set of a chain of supernovae bursts and covered the Earth in a shroud of deadly cosmic ray radiation. This was amplified, Melott said, because the Solar System is right on the edge of an area of the interstellar medium called the Local Bubble. The Local Bubble extends about 300 light years across and contains the two main clouds of dust and gas: Local Interstellar Cloud and the G-Cloud. As the supernovae ejected cosmic rays, these beams of energetic particles would have repeatedly bounced off the clouds to create a "cosmic-ray bath" that could have lasted 10,000 to 100,000 years. Some of that radiation such as cosmic ray muons would have leaked onto Earth, and over time it could have led to genetic mutations and cancers [that would have caused animals like the megalodon to die off prematurely].

    Read more of this story at Slashdot.

  • Neurosurgery Could Spread Protein Linked To Alzheimer's, Study Finds
    2018-12-14T03:30:00+00:00
    An anonymous reader quotes a report from The Guardian: Surgical instruments used in brain operations should be treated to ensure they are not contaminated with proteins linked to Alzheimer's disease, according to scientists who found evidence that they may be spread by certain medical procedures. The researchers urged doctors to decontaminate neurosurgical tools more thoroughly as a precautionary measure to reduce the potential risk of spreading abnormal proteins known to build up in the brains of Alzheimer's patients. Prof John Collinge, director of the Medical Research Council prion unit at University College London, said that while Alzheimer's disease was not contagious, there was a slim risk that harmful proteins that drive the disease could spread through brain surgery and other rare procedures.

    Read more of this story at Slashdot.

  • Japan Plans For 100ft Tsunami
    2018-12-14T02:40:00+00:00
    schwit1 shares a report from The Times: It will shake houses and tall buildings, and unleash a 100ft tsunami on one of the most densely populated and industrialized coastlines in the world. It could kill and injure close to a million people. It will almost certainly come in the next few decades. Now, the Japanese government is making plans to evacuate millions of people in anticipation of what could be one of the worst natural disasters in history (Warning: source may be paywalled; alternative source). It is known as the Nankai Trough megaquake. The Japanese government has previously estimated that there is a 70 to 80 percent chance that such an event will take place in the next 30 years and that the earthquake, and subsequent tsunami, could kill 323,000 people and injure 623,000. Unfortunately, the report doesn't outline how the government plans to get people out of harm's way. The city with the most people in the danger zone is Nagoya, Japan's fourth largest city and home to 2.3 million people. "The home of the nation's industry Hamamatsu is also at risk and home to over 800,000 people," reports The Irish Sun.

    Read more of this story at Slashdot.

  • Microsoft Is Readying a Consumer Microsoft 365 Subscription Bundle
    2018-12-14T02:03:00+00:00
    Microsoft is working on a new "Microsoft 365 Consumer" bundle that "will be the consumer-focused complement to Microsoft's existing Microsoft 365 subscription bundle for business users," reports ZDNet. From the report: A couple of recent Microsoft job postings mention the consumer subscription bundle, which Microsoft has yet to announce publicly. One job posting for a Product Manager for the "M365 Consumer Subscription" notes: "The Subscription Product Marketing team is a new team being created to build and scale the Microsoft 365 Consumer Subscription." The job description says the product manager for this service will help "identify, build, position and market a great new Microsoft 365 Consumer Subscription." The job post notes that the team behind Microsoft 365 Consumer oversees the Windows platform, the Microsoft Surface device portfolio, Office 365 consumer plans, Skype, Cortana, Bing search, as well as the Microsoft Education team. If I were betting on what Microsoft 365 Consumer might include, I'd think some variant of Windows 10, Office 365 Home, Skype, Cortana, Bing, Outlook Mobile, Microsoft To-Do and maybe MSN apps and services could figure into the picture. Maybe this subscription will be tied to Surface devices only? Maybe a monthly leasing fee for Surfaces will be part of the bundle itself?

    Read more of this story at Slashdot.

  • Qualcomm Asks China To Ban the iPhone XS and XR
    2018-12-14T01:25:00+00:00
    After securing a win in court earlier this week to ban Apple's older phones, Qualcomm is trying to get the newer iPhones banned too. "According to the Financial Times, Qualcomm has now asked Chinese courts to issue an injunction that bans Apple from selling the iPhone XS, XS Max, and XR within the country due to the same case of possible patent infringement," reports The Verge. From the report: The new filing will escalate the companies' legal conflict in China, where Apple has so far ignored a court-ordered sales ban. Apple claims the ban only applied to phones running iOS 11 and earlier. Since its phones have now been updated to iOS 12, Apple believes they can remain on sale, and so it has continued to sell them. According to the Financial Times, the Chinese court's order doesn't specifically mention any version of Apple's operating system. That doesn't necessarily mean Apple is wrong, but it does mean that there's more to be hashed out.

    Read more of this story at Slashdot.

  • Iranian Phishers Bypass 2fa Protections Offered By Yahoo Mail, Gmail
    2018-12-14T00:45:00+00:00
    An anonymous reader quotes a report from Ars Technica: A recent phishing campaign targeting U.S. government officials, activists, and journalists is notable for using a technique that allowed the attackers to bypass two-factor authentication protections offered by services such as Gmail and Yahoo Mail, researchers said Thursday. The event underscores the risks of 2fa that relies on one-tap logins or one-time passwords, particularly if the latter are sent in SMS messages to phones. Attackers working on behalf of the Iranian government collected detailed information on targets and used that knowledge to write spear-phishing emails that were tailored to the targets' level of operational security, researchers with security firm Certfa Lab said in a blog post. The emails contained a hidden image that alerted the attackers in real time when targets viewed the messages. When targets entered passwords into a fake Gmail or Yahoo security page, the attackers would almost simultaneously enter the credentials into a real login page. In the event targets' accounts were protected by 2fa, the attackers redirected targets to a new page that requested a one-time password. "In other words, they check victims' usernames and passwords in realtime on their own servers, and even if 2 factor authentication such as text message, authenticator app or one-tap login are enabled they can trick targets and steal that information too," Certfa Lab researchers wrote. "We've seen [it] tried to bypass 2fa for Google Authenticator, but we are not sure they've managed to do such a thing or not," the Certfa representative wrote. "For sure, we know hackers have bypassed 2fa via SMS."

    Read more of this story at Slashdot.

  • Louisiana Adopts Digital Driver's Licenses
    2018-12-14T00:03:00+00:00
    Louisiana is rolling out a new digital driver's license app, called LA Wallet, that will let retailers digitally verify the age of their customers, if required. "According to IEEE Spectrum, Louisiana's Office of Alcohol and Tobacco Control is expected to announce that bars, restaurants, grocery stores and other retails are allowed to accept LA Wallet as proof of age, according to the app's developer, Envoc." From the report: The Baton Rouge-based company launched LA Wallet in June, after two years of collaboration with state officials. But so far only law enforcement officers making routine traffic stops are required to accept the digital driver's license. Next week's announcement would greatly broaden the scope of the app's use. About 71,000 people have downloaded LA Wallet so far, says Calvin Fabre, founder and president of Envoc. The app costs $5.99 in the Google Play and Apple App stores. Users buy it, create an account with some basic information from their physical driver's license, and create a password. That's it. No biometric security -- like iris scans or facial recognition -- required. The app links back to Louisiana's Office of Motor Vehicles database, which completes the digital license with the user's photo and additional information. Any changes to the license, like a suspension or renewal, are updated immediately in the app with a wireless network connection. To present the license -- say, to a cop during a traffic stop -- the driver (hoping his phone battery isn't dead) opens the app with a password, shows the cop the digital license image, and authenticates it by pressing and holding the screen to reveal a security seal. The license can be flipped over to show a scannable bar code on the back. There's also a handy security feature that allows anyone with the LA Wallet app to authenticate another person's Louisiana digital driver's license. It allows the bar patron to select which information she would like to reveal to the bartender -- in this case, simply the fact that she is over 21. That information is displayed on the phone with a photo and embedded QR code. The bartender scans the code with her app, which tells her that the woman seated on the other side of the bar is indeed over 21. None of the customer's personal information, such as her name, birth date, or address, is displayed or stored on the bartender's phone.

    Read more of this story at Slashdot.

  • Google Pledges To Hold Off On Selling Facial Recognition Technology
    2018-12-13T23:20:00+00:00
    In a blog post today, Google detailed how its facial recognition technology will and won't be used. Citing a number of risks associated with the technology, the company vowed to refrain from selling facial recognition products until it can come up with policies that prevent abuse. Engadget reports: "Like many technologies with multiple uses, facial recognition merits careful consideration to ensure its use is aligned with our principles and values, and avoids abuse and harmful outcomes," Google said. "We continue to work with many organizations to identify and address these challenges, and unlike some other companies, Google Cloud has chosen not to offer general-purpose facial recognition APIs before working through important technology and policy questions." "This is a strong first step," the ACLU's Nicole Ozer said in a statement about Google's announcement. "Google today demonstrated that, unlike other companies doubling down on efforts to put dangerous face surveillance technology into the hands of law enforcement and ICE, it has a moral compass and is willing to take action to protect its customers and communities. Google also made clear that all companies must stop ignoring the grave harms these surveillance technologies pose to immigrants and people of color, and to our freedom to live our lives, visit a church, or participate in a protest without being tracked by the government."

    Read more of this story at Slashdot.

  • Dozens of Bomb Threats Reported Across America In Apparent Bitcoin Ransom Scam
    2018-12-13T22:40:00+00:00
    An anonymous reader quotes a report from Gizmodo: On Wednesday afternoon, a wave of bomb threats were reported at various locations across the United States. On social media, numerous law enforcement departments issued alerts notifying citizens that they're looking into bomb threats targeting businesses, schools, government offices and even private residents. It appears the threats are being sent by email. NBC News said "dozens" of threats had been reported, but the full extent of these threats is not yet clear. A number of news organizations and law enforcement agencies report remarkably similar sounding emails mentioning a bitcoin ransom of $20,000. And some Twitter users have shared emails they've received demanding the cryptocurrency and warning that an explosion would only encourage others to pay up. NBC News quoted the NYPD's Counterterrorism Bureau's brief statement on the investigation: "We are currently monitoring multiple bomb threats that have been sent electronically to various locations throughout the city. These threats are also being reported to other locations nationwide and are not considered credible at this time."

    Read more of this story at Slashdot.

  • Sting on Amazon Booksellers Aims To Weed Out Counterfeit Textbooks, But Small Sellers Getting Hurt
    2018-12-13T22:01:00+00:00
    Amazon upended the book industry more than two decades ago by bringing sales onto the web. Now, during the heart of the holiday shopping season, the company is wreaking havoc on used booksellers who have come to rely on Amazon for customers. From a report: In the past two weeks, Amazon has suspended at least 20 used book merchants for allegedly selling one or more counterfeit textbooks. They all received the same generic email from Amazon informing them that their account had been "temporarily deactivated" and reminding them that "the sale of counterfeit products on Amazon is strictly prohibited." [...] The crackdown on textbook sellers stands out at a time when Amazon is dramatically stepping up its broader anti-counterfeiting efforts, suspending third-party sellers across all its popular categories. Unlike most suspensions, which tend to occur after complaints from consumers or from brand owners who are monitoring the site for counterfeits, these booksellers got caught up in what appears to be a coordinated sting operation.

    Read more of this story at Slashdot.

  • Windows Server 2019 Officially Supports OpenSSH For the First Time
    2018-12-13T21:20:00+00:00
    Microsoft said in 2015 that it would build OpenSSH, a set of utilities that allow clients and servers to connect securely, into Windows, while also making contributions to its development. Neowin: Since then, the company has delivered on that promise in recent releases of Windows 10, being introduced as a feature-on-demand in version 1803. However, Windows Server hadn't received the feature until now, at least not in an officially supported way -- Windows Server version 1709 included it as a pre-release feature. But that's finally changed, as Microsoft this week revealed that Windows Server 2019, which was made available (again) in November, includes OpenSSH as a supported feature.

    Read more of this story at Slashdot.

 

dept@math.duke.edu
ph: 919.660.2800
fax: 919.660.2821

Mathematics Department
Duke University, Box 90320
Durham, NC 27708-0320