Slashdot

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 29 min 52 sec ago

Alibaba Engineers Fired for Mooncake Hacking

9/15/2016 12:07pm
On the eve of Mid-Autumn Festival, some people will go to great lengths to get mooncakes, the traditional gift for family, friends and colleagues. At Alibaba Group Holding Ltd., four engineers tried to rig the distribution system of the e-commerce giant's mooncake selloff -- and were fired for their effort (Editor's note: the link could be paywalled; alternate source), reports WSJ. From the report: Alibaba confirmed it fired the four this week, after they hacked into the internal website that allows employees to purchase the company's signature mooncakes, with an orange fluffy Alibaba mascot inside. The Hangzhou-based company allocates one free box to each employee for the holiday, and sells extras on the site at cost -- 59 yuan (about $9) for a box of four.

Read more of this story at Slashdot.

Android Wear Hopefuls Call Timeout On Smartwatches

9/15/2016 11:21am
Things are not looking good for Google's Android Wear. Three of the top Android Wear smartwatches maker have confirmed that they won't be releasing a smartwatch in the waning months of the year. From a CNET report:While LG launched a watch in the first half, it'll have been more than a year since Huawei and Motorola offered an update on their wearables. That marks a reversal from last year, when all three companies launched Android Wear smartwatches at the early September IFA trade show in Berlin in what was supposed to be a resurgence of the platform. At this year's show, Chinese maker Asus was the only major tech company to return with a new Android Wear watch. The poor showing underscores the general lack of enthusiasm for smartwatches, which the industry has touted as the next hot trend in tech. Consumers, however, continue to question the usefulness of these gadgets. Even Apple, which leads the market for smartwatches, saw its shipments fall 55 percent from a year ago in the second quarter, according to IDC. "Smartwatches still have yet to make a significant impression on consumers as a must-have device," said Ramon Llamas, an analyst at IDC. Time stands still for some in the smartwatch market.

Read more of this story at Slashdot.

Mobileye Says Tesla Was Dropped Because of Safety Concerns

9/15/2016 10:40am
An anonymous reader writes: On Wednesday, Mobileye revealed that it ended its relationship with Tesla because "it was pushing the envelope in terms of safety." Mobileye's CTO and co-founder Amnon Shashua told Reuters that the electric vehicle maker was using his company's machine vision sensor system in applications for which it had not been designed. "No matter how you spin it, (Autopilot) is not designed for that. It is a driver assistance system and not a driverless system," Shashua said. In a statement to Reuters, Tesla said that it has "continuously educated customers on the use of the features, reminding them that they're responsible to keep their hands on the wheel and remain alert and present when using Autopilot" and that the system has never been described as autonomous or self-driving. (This statement appears to be at odds with statements made by Musk at shareholder meetings.) It is also emerging that the crash which cost Joshua Brown his life in May of this year was unlikely to have been the first such fatal crash involving Tesla's Autopilot. In January of this year in China, a Tesla ploughed into the back of a stationary truck at speed, killing the driver.

Read more of this story at Slashdot.

Apple Explores the Idea Of Killing Headphone Jack On the MacBook Pro

9/15/2016 10:00am
Less than two weeks after Apple unveiled its headphone jack-less iPhone 7 and iPhone 7 Plus, the company is already exploring the idea of doing the same on its flagship computing lineup. An anonymous reader shares a report on The Next Web: Apple might be going all-in with the wireless revolution as the company is now allegedly considering killing the headphone jack on the MacBook Pro. Users are reporting that as of recently Apple has been asking them to fill in a survey about the way they use their MacBook Pro and one of the questions pertains particularly to the headphone jack. Shared by Blake A. via Twitter, the question reads "Do you ever use the headphone port on your MacBook Pro with Retina display?", suggesting Apple is exploring going jackless with its laptops in the future. Given the Cupertino company just ditched the audio jack on the iPhone 7, the change is likely to eventually come to other Apple products too -- the real question is when.Several Slashdot readers have also confirmed that they have participated in a similar survey with some noting that Apple also asked them about the removable of headphone jack on some of its other computing lineup including the iMac.

Read more of this story at Slashdot.

FBI Director James Comey: Cover Up Your Webcam

9/15/2016 9:00am
An anonymous reader quotes a report from The Hill: The head of the FBI on Wednesday defended putting a piece of tape over his personal laptop's webcam, claiming the security step was a common sense one that most should take. "There's some sensible things you should be doing, and that's one of them," Director James Comey said during a conference at the Center for Strategic and International Studies. "You go into any government office and we all have the little camera things that sit on top of the screen," he added. "They all have a little lid that closes down on them. "You do that so that people who don't have authority don't look at you. I think that's a good thing." Comey was pilloried online earlier this year, after he revealed that he puts a piece of tap over his laptop camera to keep away prying eyes. The precaution is a common one among security advocates, given the relative ease of hacking laptop cameras. But many found it ironic for Comey, who this year launched a high profile battle against Apple to gain access to data locked inside of the iPhone used by one of the San Bernardino, Calif., terrorists. Many viewed that fight as a referendum on digital privacy.

Read more of this story at Slashdot.

None of Your Pixelated or Blurred Information Will Stay Safe On The Internet

9/15/2016 6:00am
The University of Texas at Austin and Cornell University are saying blurred or pixelated images are not as safe as they may seem. As machine learning technology improves, the methods used to hide sensitive information become less secure. Quartz reports: Using simple deep learning tools, the three-person team was able to identify obfuscated faces and numbers with alarming accuracy. On an industry standard dataset where humans had 0.19% chance of identifying a face, the algorithm had 71% accuracy (or 83% if allowed to guess five times). The algorithm doesn't produce a deblurred image -- it simply identifies what it sees in the obscured photo, based on information it already knows. The approach works with blurred and pixelated images, as well as P3, a type of JPEG encryption pitched as a secure way to hide information. The attack uses Torch (an open-source deep learning library), Torch templates for neural networks, and standard open-source data. To build the attacks that identified faces in YouTube videos, researchers took publicly-available pictures and blurred the faces with YouTube's video tool. They then fed the algorithm both sets of images, so it could learn how to correlate blur patterns to the unobscured faces. When given different images of the same people, the algorithm could determine their identity with 57% accuracy, or 85% percent when given five chances. The report mentions Max Planck Institute's work on identifying people in blurred Facebook photos. The difference between the two research is that UT and Cornell's research is much more simple, and "shows how weak these privacy methods really are."

Read more of this story at Slashdot.

Samsung Stops Airing Galaxy Note 7 Commercials, Preps Early Launch of Galaxy S8

9/15/2016 3:00am
An anonymous reader writes: Given the bad press surrounding Samsung in regard to the faulty Galaxy Note 7 batteries, the company appears to have stopped airing Galaxy Note 7 commercials on TV. You know it's bad when they have reportedly stopped airing commercials in their home country, South Korea. One of the reasons behind the move is because sales of the Galaxy Note 7 have been suspended for over a week now, and will not be resuming until there is enough inventory to replace all Galaxy Note 7 units that have already been shipped. Some analysts believe sales might not be resumed until next month. Samsung will be using the ad space to market their other products like TVs and refrigerators. In addition, the company may be looking to launch the successor to the Galaxy S7 ahead of schedule. Kim Sang-pyo, an analyst for KB Investment and Securities said in a report: "If Samsung's flagship smartphone launch is delayed to the end of the first quarter of next year, the profitability of the mobile business division could be worsened next year," states the analyst. SamMobile also recently revealed the new model numbers for the Galaxy S8: the SM-G950 and the SM-G955. One model will feature a smaller screen, the other larger -- similar to the Galaxy S7 and S7 edge, though both phones might have a curved display this time around.

Read more of this story at Slashdot.

The Sixth Mass Extinction Will Hit The Biggest Animals The Hardest, Says Stanford Study

9/14/2016 11:30pm
The sixth mass extinction will be an event triggered by people and will hit the biggest animals the hardest. "There is no past event that looks biologically like what's happening today," says lead study author Jonathan Payne of Stanford University. "Processes like warming and ocean acidification are not the dominant cause of threat in the modern ocean." Gizmodo reports: A paleontologist by training, Payne and his research group started compiling data on modern marine organisms several years back, in order to study how body size and ecological traits have changed over evolutionary time. Payne, who has studied the End Permian extinction event that wiped out more than 95 percent of all marine species 250 million years ago, soon realized that his dataset -- which included living and extinct members of nearly 2,500 marine genera -- could serve another purpose. By comparing the extinction threat faced by modern marine genera (as indicated by their official conservation status) with their ancestral counterparts, Payne and his colleagues discovered that modern extinction threat is more strongly associated with body size. Larger animals face a greater risk of disappearing than smaller animals. Today, the dominant driver of marine extinction is people, and people aren't terribly selective about which environments they pluck animals from. We go for the biggest game, fishing down the food web and removing top predators. Within species, too, we tend to hunt the largest individuals, which is why North Atlantic cod and Chesapeake oysters were historically much larger. "In a sense, we're driving evolution [toward smaller individuals]," Payne said. What's worth noting is that the Stanford researchers only looked at organisms whose extinction risk has been assessed by the International Union for the Conservation of Nature (IUCN), which creates a bias towards big, charismatic groups like fish, sea turtles, marine mammals, etc. The marine genera that were analyzed only had fossil counterparts, too. Gizmodo also notes that the study "excluded corals, which are currently in the midst of a catastrophic, global die-off."

Read more of this story at Slashdot.

A Teenage Hacker Figured Out How To Get Free Data On His Phone

9/14/2016 9:30pm
An anonymous reader quotes a report from Motherboard: Jacob Ajit is 17 and he just hacked his way to getting free phone data, presumably so that he can do whatever it is that teens do online these days without alerting his parents with overage fees. According to a Medium post Ajit posted on Wednesday, he made his discovery while playing around with a prepaid T-Mobile phone with no service. The phone was still able to connect to the network, although it would only take him to a T-Mobile portal asking him to renew the prepaid phone plan. For some reason, though, Ajit wrote that his internet speed test app still worked, albeit through a T-Mobile server. Ajit figured out that he was able to access media sent from any folder labelled "/speedtest," possibly because T-Mobile whitelists media files from speed tests regardless of the host. He tested his theory by setting up a "/speedtest" folder on his own site and filled it with media, including a Taylor Swift music video, which he was able to access. Ajit writes that he then created a proxy server that allows users to access any site with this method. All a T-Mobile user has to do is go to this page and input any URL they want to visit. "Just like that, I now had access to data throughout the T-Mobile network without maintaining any sort of formal payments or contract," Ajit wrote on Medium. "Just my phone's radios talking to the network's radios, free of any artificial shackles."

Read more of this story at Slashdot.

Hacker George Hotz Unveils $999 Self-Driving Add-On

9/14/2016 8:50pm
An anonymous reader quotes a report from PC Magazine: Hacker George Hotz is gearing up to launch his automotive AI start-up's first official product. In December, the 26-year-old -- known for infiltrating Apple's iPhone and Sony's PlayStation 3J -- moved on to bigger things: turning a 2016 Acura ILX into an autonomous vehicle. According to Bloomberg, Hotz outfitted the car with a laser-based radar (lidar) system, a camera, a 21.5-inch screen, a "tangle of electronics," and a joystick attached to a wooden board. Nine months later, the famed hacker this week unveiled the Comma One. As described by TechCrunch, the $999 add-on comes with a $24 monthly subscription fee for software that can pilot a car for miles without a driver touching the wheel, brake, or gas. But unlike systems currently under development by Google, Tesla, and nearly every major vehicle manufacturer, Comma.ai's "shippable" Comma One does not require users to buy a new car. "It's fully functional. It's about on par with Tesla Autopilot," Hotz said during this week's TechCrunch Disrupt in San Francisco.

Read more of this story at Slashdot.

EU Commission Proposes Mandatory Piracy Filters For Online Services

9/14/2016 8:10pm
An anonymous reader quotes a report from TorrentFreak: During his State of the Union address today, EU Commission President Jean-Claude Juncker announced several plans (PDF) to modernize copyright law in Europe. One of the suggestions that has a lot of people worried is Article 13, which requires online services to police pirated content. This means that online services, which deal with large volumes of user-uploaded content, must use fingerprinting and filtering mechanisms to block copyright infringing files. While the Commission stresses that small content platforms won't be subject to the requirement, the proposal doesn't define what "small" means. It also fails to define what "appropriate" or "effective" content recognition systems are, creating a fair bit of uncertainty. Commenting on the proposal, Digital rights group EDRi says that it will put many European companies at risk while endangering users' right to free speech. "The text that was launched today includes a proposal to potentially filter all uploads to the Internet in Europe. The draft text would destroy users' rights and legal certainty for European hosting companies," EDRi notes. The Commission, however, notes that the changes are needed to reinforce the negotiating position of copyright holders, so they can sign licensing agreements with services that provide access to user uploaded content.

Read more of this story at Slashdot.

Bank of America Analysts Say There's A 50% Chance We Live In The Matrix

9/14/2016 7:30pm
Bank of America analysts have suggested that there is a 20 to 50 percent chance that the world around us is a "Matrix-style virtual reality." The report stated, "It is conceivable that with advancements in artificial intelligence, virtual reality, and computing power, members of future civilizations could have decided to run a simulation of their ancestors." The idea is certainly nothing new, as many influential visionaries have come to similar theories. What some may find most unusual about the report is who issued it. According to Business Insider, Merrill Lynch, Bank of America's wealth management company, sent out a briefing to investors outlining their Matrix theory. In response, Slashdot reader marmot7 writes: Personally, I'd like to see all that brain power go toward a better and more stable banking system, not toward the promoting the nihilistic and self-indulgent idea that this might be the Matrix. Don't worry that banks behave in ways that create instability, it's not real. Just relax and enjoy the ones and zeroes. I have no doubt there are good, well meaning people there. I just don't really need my bank weighing in on the mystery of reality any more than I need them to come up with a unified theory of physics at long last. Well, unless it's in their spare time then by all means.

Read more of this story at Slashdot.

It's Not Just Wells Fargo - How Sales Targets Can Encourage Wrongdoing

9/14/2016 6:50pm
The revelation of Wells Fargo employees opening more than two million unauthorized customers accounts to hit the sales target might have come as a shock to many, but they are just the tip of a very old problem the industry has been facing. Bloomberg has an article today in which documents several similar incidents when employees went a little inventive to keep their jobs afloat. Marc Hodak, an adjunct professor of business ethics at NYU's Stern School of Business and managing director of Hodak Value Advisors says, "Companies tend to forget that an incentive to perform is identical to an incentive to cheat." In the early '90s, Sears "switched the compensation system in its auto centers from an hourly wage to a system that had more upside potential based on commissions and sales quotas." In the wake of this program, Sears customers were reported to keep running to the store for cheap brake jobs. The Bausch & Lomb scandal was also similar, with the employees were found manipulating earnings to reach financial goals using a trick called "channel stuffing" (in which someone ships goods and then book them as sales without having actually sold them. There are several similar examples in the story. From the artic;e:"Every large organization in the world has got these land mines of perverse incentives," said Hodak. "It's just a matter of degree to which of these things are allowed to run amok" because of those three factors. Barry Schwartz, an emeritus professor of psychology at Swarthmore College, goes farther: "Incentives poison people's will to do the right thing. It's the worst way to get people to do the things you want to do."

Read more of this story at Slashdot.

Colin Powell's Private Email Account Has Been Hacked

9/14/2016 6:10pm
According to The New York Times, Former Secretary of State Colin Powell has been hacked and a password-protected archive of his personal emails has been published by DC Leaks. The Verge reports: DC Leaks is the same site that first published emails stolen from the Democratic National Committee, which many took as an explicit effort to influence the U.S. election process. Many experts in the U.S. intelligence apparatus have attributed that attack to the Russian government, although no public attribution has been made. Thus far, there's no evidence tying Powell's hack to Russia, and similar hacks have been carried out by mischievous teens without government affiliation. The immediate result of the hack has been political fallout for Powell himself. Last night, BuzzFeed News reported on an email in which Powell called Republican nominee Donald Trump a "national disgrace," and another in which he said the candidate was "in the process of destroying himself."

Read more of this story at Slashdot.

NYC Threatens To Sue Verizon Over FiOS Shortfalls

9/14/2016 5:30pm
An anonymous reader quotes a report from Ars Technica: New York City officials yesterday notified Verizon that the company is in default of an agreement to bring fiber connections to all households in the city and could file a lawsuit against the company. The road to a potential lawsuit has been a long one. In June 2015, New York released an audit that found Verizon failed to meet a commitment to extend FiOS to every household in the five boroughs by June 2014. City officials and Verizon have been trying to resolve the matter since then with no success, as Verizon says that it hasn't actually broken the agreement. The default letter (full text) sent yesterday by the city Department of Information Technology and Telecommunications (DoITT) says Verizon has failed to pass all residential buildings in the city with fiber. As of October 2015, there were at least 38,551 addresses where Verizon hadn't fulfilled installation service requests that were more than a year old, the letter said. "Moreover, Verizon improperly reduced, from $50 million to $15 million, the performance bond required [by] the Agreement on the basis of Verizon's incorrect representations that Verizon had met the prescribed deployment schedule, when in fact it had not," the letter said. City officials demanded that Verizon restore the bond and wants a response within 30 days. The default letter also accuses Verizon of failing to make records related to its provision of cable service available to the city during its audit. "Officials say they could sue Verizon unless the carrier shows clear plans for stepping up installations," and that the notice is the first step in that process, The Wall Street Journal reported. The citywide fiber agreement lets NYC seek monetary damages from Verizon if it fails to deliver on the fiber promises.

Read more of this story at Slashdot.

Google Is Offering $200K To Hack Android Phones Using Email and A Phone Number

9/14/2016 4:50pm
Google is feeling so confident about the security of their latest Android 7.0 Nougat operating system that they're offering $200,000 to anyone who can remotely execute code on a Nexus 6P or 5X running Android 7.0. The Next Web reports: Today, Google is launching the Project Zero Security Contest and awarding over $300,000 in prizes to anyone who can hack Nexus 6P and 5X knowing only the devices' phone number and email address. To be eligible to win, contestants are required to dig up vulnerabilities that can be exploited remotely -- by sending a text message or an email, for instance. All winning participants will be invited to describe the bugs they've discovered in a short technical report that will appear on the Project Zero Blog. The winner will scoop $200,000, while the runner-up will receive $100,000. There's also another $50,000 in the prize pool for any additional winning entries.

Read more of this story at Slashdot.

Google-Funded Free Wi-Fi Kiosks Are Scrapping Web Browsing Because Too Many People Were Using it For Porn

9/14/2016 4:10pm
This is why New Yorkers can't have nice things. LinkNYC, the initiative to install super-fast wifi hubs in New York City, is suspending web browsing on all its tablets after 8 months due to "inappropriate behavior," the company says, according to a report on BusinessInsider. From the article:Google parent company Alphabet funds LinkNYC through its spinoff Sidewalk Labs. "... Some users have been monopolizing the Link tablets and using them inappropriately, preventing others from being able to use them while frustrating the residents and businesses around them," the company writes in a statement. DNAInfo previously reported that people were using the hubs to watch porn.

Read more of this story at Slashdot.

Desktop Apps Make Their Way Into the Windows Store

9/14/2016 3:30pm
With Windows 8, Microsoft introduced Windows Store, which consisted of "Metro / Modern UI" apps which worked best on touch capable devices. Since the release of Windows 8, many users complained that they wanted traditional apps -- the applications they had grown accustomed to -- to be included in Windows Store. This would have come in handy to especially Windows RT users, who couldn't easily get traditional applications installed on their devices. Well, guess, what, that's changing now. Though only for Windows 10 users who have gotten the Anniversary Update -- and guess what, many haven't and might not for another month and a half. At any rate, ArsTechnica elaborates: Until now, applications built for and sold through the Windows Store in Windows 10 have been built for the Universal Windows Platform (UWP), the common set of APIs that spans Windows 10 across all the many devices it supports. This has left one major category of application, the traditional desktop application built using the Win32 API, behind. Announced at Build 2015, codename Project Centennial -- now officially titled the Desktop App Converter -- is Microsoft's solution to this problem. It allows developers to repackage existing Win32 applications with few or no changes and sell them through the store. Applications packaged this way aren't subject to all the sandbox restrictions that UWP applications are, ensuring that most will work unmodified. But they are also given the same kind of clean installation, upgrading, and uninstallation that we've all come to expect from Store-delivered software. Centennial is designed to provide not just a way of bringing Win32 apps into the store; it also provides a transition path so that developers can add UWP-based functionality to their old applications on a piecemeal basis. Evernote, one of the launch applications, uses UWP APIs to include support for Live Tiles and Windows' notification system. In this way, developers can create applications that work better on Windows 10 but without having to rewrite them entirely for Windows 10.

Read more of this story at Slashdot.

Someone Is Learning How To Take Down the Internet, Warns Bruce Schneier

9/14/2016 2:50pm
Some of the major companies that provide the basic infrastructure that makes the internet work have seen an increase in DDoS attacks against them, says Bruce Schneier. He adds that these attacks are of much larger scale -- including the duration -- than the ones we have seen previously. These attacks, he adds, are also designed to test what all defense measures a company has got -- and they ensure that the company uses every they have got, leaving them with no choice but to demonstrate their defense capabilities to the attacker. He hasn't specifically shared details about the organizations that are under attack, but what little he has elaborated should give us a chill. From his blog post: [...] This all is consistent with what Verisign is reporting. Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains. Every quarter, Verisign publishes (PDF) a DDoS trends report. While its publication doesn't have the level of detail I heard from the companies I spoke with, the trends are the same: "in Q2 2016, attacks continued to become more frequent, persistent, and complex." There's more. One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services. Who would do this? It doesn't seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It's not normal for companies to do that. Furthermore, the size and scale of these probes -- and especially their persistence -- points to state actors. It feels like a nation's military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US's Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.

Read more of this story at Slashdot.

10 Years in Prison For Online Pirates a Step Closer in the UK

9/14/2016 2:11pm
The UK Government's Digital Economy Bill has moved a step closer to becoming law after its second reading in Parliament. With unanimous support, the current two-year maximum custodial sentence for online piracy is almost certain to increase to a decade, TorrentFreak reports. From the article: Due to UK copyright law allowing for custodial sentences of 'just' two years for online offenses, anti-piracy groups such as the Federation Against Copyright Theft have chosen to pursue their own private prosecutions. These have largely taken place under legislation designed for those who have committed fraud, rather than the more appropriate offense of copyright infringement. Physical pirates (CDs, DVDs) can be jailed for up to 10 years under current legislation. During the past few years, there have been lobbying efforts for this punishment to apply both on and offline. That resulted in a UK Government announcement last year indicating that it would move to increase the maximum prison sentence for online copyright infringement to ten years. They also urge Google to do something about growing incidents of piracy.

Read more of this story at Slashdot.

novalug.com