Slashdot

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 32 min 15 sec ago

Web Petition For 2nd EU Referendum Draws Huge Interest

6/25/2016 12:32pm
From an Associated Press report:An online petition seeking a second referendum on a British exit from the Europe Union has drawn more than 1.6 million names, a measure of the extraordinary divisiveness of Thursday's vote to leave the 28-nation bloc. The online petition site hosted by the House of Commons website even crashed Friday under the weight of the activity as officials said they'd seen unprecedented interest in the measure, which calls on the government to implement a rule that stating if that if "remain" or "leave" camps won less than 60 percent of the vote with less than a 75 percent turnout "there should be another referendum."According to reports, this is the biggest surge of support Parliament's website has ever seen. Looking at the keywords people were hitting up on Google after the news first broke, it was clear that a considerable portion of the population was clueless about the whole situation.

Read more of this story at Slashdot.

Java, PHP, NodeJS, and Ruby Tools Compromised By Severe Swagger Vulnerability

6/25/2016 11:33am
"Researchers have discovered a vulnerability within the Swagger specification which may place tools based on NodeJS, PHP, Ruby, and Java at risk of exploit," warns ZDNet's blog Zero Day, adding "the severe flaw allows attackers to remotely execute code." Slashdot reader msm1267 writes: A serious parameter injection vulnerability exists in the Swagger Code Generator that could allow an attacker to embed executable code in a Swagger JSON file. The flaw affects NodeJS, Ruby, PHP, Java and likely other programming languages. Researchers at Rapid7 who found the flaw disclosed details...as well as a Metasploit module and a proposed patch for the specification. The matter was privately disclosed in April, but Rapid7 said it never heard a response from Swagger's maintainers. Swagger produces and consumes RESTful web services APIs; Swagger docs can be consumed to automatically generate client-server code. As of January 1, the Swagger specification was donated to the Open API Initiative and became the foundation for the OpenAPI Specification. The vulnerability lies in the Swagger Code Generator, and specifically in that parsers for Swagger documents (written in JSON) don't properly sanitize input. Therefore, an attacker can abuse a developer's trust in Swagger to include executable code that will run once it's in the development environment.

Read more of this story at Slashdot.

From File-Sharing To Prison: The Story of a Jailed Megaupload Programmer

6/25/2016 10:31am
An anonymous reader writes: "I had to be made an example of as a warning to all IT people," says former Megaupload programmer Andrew Nomm, one of seven Megaupload employees arrested in 2012. Friday his recent interview with an Estonian journalist was republished in English by Ars Technica (which notes that at one point the 50 million users on Megaupload's file-sharing site created 4% of the world's internet traffic). The 37-year-old programmer pleaded guilty to felony copyright infringement in exchange for a one-year-and-one-day sentence in a U.S. federal prison, which the U.S. Attorney General's office called "a significant step forward in the largest criminal copyright case in US history." "It turned out that I was the only defendant in the last 29 years to voluntarily go from the Netherlands to the USA..." Nomm tells the interviewer, adding "I'll never get back the $40,000 that was seized by the USA." He describes his experience in the U.S. prison system after saying good-bye to his wife and 13-year-old son, adding that now "I have less trust in all sorts of state affairs, especially big countries. I saw the dark side of the American dream in all its glory..." In U.S. court documents Nomm "acknowledged" that the financial harm to copyright holders "exceeded $400 million."

Read more of this story at Slashdot.

Snowden Finally Identified As Target of Investigation That Ended Lavabit

6/25/2016 9:30am
An anonymous reader quotes a report from The Washington Times: Three years after a government investigation forced the shuttering of Lavabit, a Texas-based email provider, its CEO revealed Friday that an account belonging to Edward Snowden spurred the probe that put his company out of business. "Ladar Levison shut down his encrypted webmail service in August 2013 amid an FBI investigation focused on one of his company's nearly half-a-million customers," reports The Washington Times. "A gag-order that has just recently been vacated in federal has legally prevented him up until now from confirming the account in question was registered to none other than the NSA contractor attributed with one of the largest intelligence leaks in U.S. history. U.S. District Judge Claude Hilton nullified the mandatory non-disclosure orders in a June 13 court filing that went unnoticed until Lavabit released a statement Friday. Officially, the consent order approved by Judge Hilton in the Eastern District of Virginia earlier this month removes all gag-orders concerning Lavabit and Mr. Levison with regards to a grand jury investigation that led the FBI to Mr. Snowdenâ(TM)s email account. 'While Iâ(TM)m pleased that I can finally speak freely about the target of the investigation, I also know the fight to protect our collective freedom is far from over,' Mr. Levison said in a statement. He said he plans to discuss the case further during the DefCon security conference in Las Vegas this summer."

Read more of this story at Slashdot.

NASA Approves Five More Years For Hubble Space Telescope

6/25/2016 6:00am
An anonymous reader quotes a report from New Scientist: NASA has announced plans to extend operations of the famous space telescope for another five years, through to June 2021. That means it will still be on the job when its successor, the James Webb Space Telescope (JWST) launches in 2018, giving astronomers a dual view of the universe. "Hubble is expected to continue to provide valuable data into the 2020s, securing its place in history as an outstanding general-purpose observatory in areas ranging from our solar system to the distant universe," said a NASA statement. Squeezing more life out of Hubble means it will overlap with NASA's next big telescope, JWST when it launches in 2018. While Hubble sees the cosmos in visible and ultraviolet light, JWST operates in the infrared. The various wavelengths can reveal different aspects of stars and galaxies, so using the scopes in tandem will enable astronomers to study the heavens in even greater detail.

Read more of this story at Slashdot.

Sweden Tests World's First Electric Road For Trucks

6/25/2016 3:00am
Kristine Lofgren writes: Electric vehicles are cool, but for industrial vehicles it can be a challenge to get very far on just electric power. That's why Sweden is testing out an electric road where e-vehicles can jump on, get juiced while they travel, and get back on the road. The country just opened a two kilometer test stretch in Sandviken on the E16 where electric vehicles can connect to an overhead system that is very similar to light rail. It's another exciting step towards a fossil fuel-free Sweden. Trucks can use the electric power while riding on the special electric road system -- on regular roads they operate as hybrid vehicles. The testing is scheduled to take place until 2018, which should give the country enough time to see how the technology functions in the real world. Sweden's energy and sustainable growth agencies will fund the project in addition to the transport administration.

Read more of this story at Slashdot.

New Apps Let Women Obtain Birth Control Without Visiting a Doctor

6/24/2016 11:30pm
HughPickens.com writes: With nearly 40 percent of all pregnancies in the United States unintended, birth control is a critical public health issue. For short-term methods, visiting the doctor for a prescription can be time-consuming and sometimes costly and for some, like teenagers, it can be intimidating or embarrassing. Now Pam Belluck reports at the NYT that a growing assortment of new apps and websites now make it possible to get prescription contraceptives without going to the doctor as public health experts hope the new apps will encourage more women to start, or restart, using contraception and help reduce the country's stubbornly high rate of unintended pregnancies, as well as the rate of abortions. At least six digital ventures, by private companies and nonprofits, including Planned Parenthood, now provide prescriptions written by clinicians after women answer questions about their health online or by video. All prescribe birth control pills, and some prescribe patches, rings and morning-after pills and some ship contraceptives directly to women's doors. "At first I didn't believe it," said Susan Hashem, who wanted to restart birth control pills without missing work for a doctor's appointment. Hashem used an app called Lemonaid and paid $15 for a doctor to review her medical information and send a pill prescription to a local pharmacy. "I thought it was just a setup to get money," Hashem said. But after she answered the health questions one evening, "a doctor actually contacted me after office hours," and the next morning, she picked up three months' worth of pills.

Read more of this story at Slashdot.

Robot Pizza Company 'Zume' Wants To Be 'Amazon of Food'

6/24/2016 9:25pm
kheldan writes: Do you want robots making your pizza? Alex Garden, co-founder and executive chairman of Mountain View startup Zume, is betting you will. Garden, the former president of Zynga Studios, was previously a general manager of Microsoft's Xbox Live. Garden launched Zume in stealth mode last June, when he began quietly recruiting engineers under a pseudonym and building his patented trucks in an unmarked Mountain View garage. In September, he brought on Julia Collins, a 37-year-old restaurant veteran. She became chief executive officer and a co-founder. Collins was previously the vice president and CEO of Harlem Jazz Enterprises, the holding company for Minton's, a historic Harlem eatery. The company consists of an army of robot sauce-spreaders and trucks packed full of ovens. "In the back of Mountain View's newest pizzeria, Marta works tirelessly, spreading marinara sauce on uncooked pies. She doesn't complain, takes no breaks, and has never needed a sick day. She works for free." The pie then "travels on a conveyer belt to human employees who add cheese and toppings." From there, "The decorated pies are then scooped off the belt by a 5-foot tall grey automation, Bruno, who places each in a 850-degree oven. For now, the pizzas are fully cooked and delivered to customers in branded Fiats painted with slogans, including: 'You want a piece of this?' and 'Not part of the sharing economy.'" Garden says, "We are going to be the Amazon of food. [...] Just imagine Domino's without the labor component. You can start to see how incredibly profitable that can be."

Read more of this story at Slashdot.

Scientists Force Computer To Binge On TV Shows and Predict What Humans Will Do

6/24/2016 8:45pm
An anonymous reader quotes a report from GeekWire: Researchers have taught a computer to do a better-than-expected job of predicting what characters on TV shows will do, just by forcing the machine to study 600 hours' worth of YouTube videos. The researchers developed predictive-vision software that uses machine learning to anticipate what actions should follow a given set of video frames. They grabbed thousands of videos showing humans greeting each other, and fed those videos into the algorithm. To test how much the machine was learning about human behavior, the researchers presented the computer with single frames that showed meet-ups between characters on TV sitcoms it had never seen, including "The Big Bang Theory," "Desperate Housewives" and "The Office." Then they asked whether the characters would be hugging, kissing, shaking hands or exchanging high-fives one second afterward. The computer's success rate was 43 percent. That doesn't match a human's predictive ability (72 percent), but it's way better than random (25 percent) as well as the researchers' benchmark predictive-vision programs (30 to 36 percent). The point of the research is to create robots that do a better job of anticipating what humans will do. MIT's Carl Vondrick and his colleagues are due to present the results of their experiment next week at the International Conference on Computer Vision and Pattern Recognition in Las Vegas. "[The research] could help a robot move more fluidly through your living space," Vondrick told The Associated Press. "The robot won't want to start pouring milk if it thinks you're about to pull the glass away." You can watch their YouTube video to learn more about the experiment.

Read more of this story at Slashdot.

NASCAR Team Pays Ransomware Fee To Recover Files Worth $2 Million

6/24/2016 8:05pm
An anonymous reader writes: "NASCAR team Circle Sport-Leavine Family Racing (CSLFR) revealed today it faced a ransomware infection this past April when it almost lost access to crucial files worth nearly $2 million, containing car parts lists and custom high-profile simulations that would have taken 1,500 man-hours to replicate," reports Softpedia. "The infection took place on the computer belonging to CSLFR's crew chief. Winston's staff detected the infection when encrypted files from Winston's computer began syncing to their joint Dropbox account." It was later discovered that he was infected with the TeslaCrypt ransomware. Because the team had no backups of the crucial data, they eventually paid the ransom (around $500). This happened before TeslaCrypt's authors decided to shut down their operations and release free decryption keys.

Read more of this story at Slashdot.

You Could Be Paid To Post Snapchat Selfies With Products, Patent Filing Suggests

6/24/2016 7:20pm
An anonymous reader writes: According to Snapchat's latest patent filings, the company could begin paying users to post photos and videos. Los Angeles Times reports: "The filings reveal that Snapchat automatically could analyze annotations on an image, including text and digital stickers, to prompt users to place their image in a collective gallery. In other words, people who type some variation of 'Clippers!!!' on top of their photo during a Clippers basketball game would have access to a library of images related to the game. Especially intriguing, the company could use computer vision technology to identify objects in an image -- say, a Coke bottle -- to encourage a user to share the shot in a Coca-Cola-sponsored story. Contributors could walk away with cash through a flat fee or some other deal based on views or sales generated by the story. The idea in the patent filing also would give advertisers an official way to compensate people for creative posts, compared with the usual strategy of paying top users to turn their personal accounts into an ad. Other types of automatically generated galleries mentioned in the patent application include stories based on a time stamp, temperature or movement. People could definite their own categories too. Curation of the galleries could be optional, with object recognition and text analysis as potential ways to filter inappropriate submissions. Users who get into audio timeline could get paid too, the patent filing states."

Read more of this story at Slashdot.

Oculus Ditches DRM Hurdle, Allows HTC Vive Games On Rift Again

6/24/2016 6:40pm
An anonymous reader writes: After changing its DRM to exclude ReVive last month, Oculus has changed its mind again and is now allowing HTC Vive games to play on the Oculus Rift. "We continually revise our entitlement and anti-piracy systems, and in the June update we've removed the check for Rift hardware from the entitlement check. We won't use hardware checks as part of DRM on PC in the future," Oculus VR said. "We believe protecting developer content is critical to the long-term success of the VR industry, and we'll continue taking steps in the future to ensure that VR developers can keep investing in ground-breaking new VR content." VentureBeat reports: "ReVive developers have acted quickly following the removal of the check. An update to the software has been posted on GitHub to bring it back in line, meaning you'll now be able to access the games that were previously available without jumping through extra hoops. Perhaps even more games might work going forward. CrossVR, one of the system's developers, took to Reddit to thank Oculus for the decision. 'I'm delighted to see this change and I hope it can generate a lot of goodwill for Oculus.' CrossVR said."

Read more of this story at Slashdot.

Surface 3 Stocks Dwindling As Microsoft Plans System's Demise

6/24/2016 6:00pm
An anonymous reader writes: Microsoft's Surface 3 may be coming to an end. Brad Sams at Thurrott.com reports that many versions of the Surface 3 are listed as being out of stock in Microsoft's online store, with no expected availability. He notes that the only version in stock online is the version with 2GB RAM/64GB storage/LTE. There's more availability in-store, but stock appears to be limited overall. What this generally means is that manufacturing is slowing down or going to stop entirely. In a statement, Microsoft said: "Since launching Surface 3 over a year ago, we have seen strong demand and satisfaction amongst our customers. Inventory is now limited and by the end of December 2016, we will no longer manufacture Surface 3 devices." It's possible a Surface 3 successor is right around the corner, although Ars Technica notes "there hasn't even been the merest hint of a rumor about such a device." The Surface 3 is being powered by a Cherry Trail Atom processor, which hasn't seen a major upgrade or replacement since they were released in the first quarter of 2015. "Without new processors, there's little reason to update the Surface 3 line," writes Ars. Microsoft could equip the Surface 3 successor with a Core M processor, but the implications of that decision would likely cause the device's price to shoot up or cause the device's quality to significantly decrease. Microsoft may simply abandon the segment entirely and focus strictly on the Surface Pro line.

Read more of this story at Slashdot.

Valve Faces Lawsuit Over Video Game Gambling

6/24/2016 5:20pm
An anonymous reader writes from a report via Bloomberg: Valve's Counterstrike: Global Offensive game is being sued for its role in the multibillion-dollar gambling economy that has fueled the game's popularity. Michael John McLeod filed a lawsuit Thursday in the U.S. District Court in Connecticut alleging that Valve violated gambling laws and engaged in racketeering with a handful of off-shore gambling companies. McLeod, who has been gambling on CS:GO since 2014, is asking for class-action status for the suit. The suit was first reported by Polygon and doesn't give a specific request for damages, nor does it say how much money he lost by betting on the site. According to Bloomberg: "Valve provided for money, technical support, and advice to such websites as CSGO Lounge and Diamonds, which take bets, and OPSkins, which runs a market where virtual goods are traded and can be redeemed for cash." Valve has yet to respond to the suit.

Read more of this story at Slashdot.

Apple Won't Collect Your Data For Its AI Services Unless You Let It

6/24/2016 4:40pm
Apple doesn't like collecting your data. This is one of iPhone maker's biggest selling points. But this approach has arguably acted as a major roadblock for Apple in its AI and bots efforts. With iOS 10, the latest version of company's mobile operating system, Apple announced that it will begin collecting a range of new information as it seeks to make Siri and iPhone as well as other apps and services better at predicting the information its owner might want at a given time. Apple announced that it will be collecting data employing something called differential privacy. The company wasn't very clear at the event, which caused confusion among many as to what data Apple is exactly collecting. But now it is offering more explanation. Recode reports:As for what data is being collected, Apple says that differential privacy will initially be limited to four specific use cases: New words that users add to their local dictionaries, emojis typed by the user (so that Apple can suggest emoji replacements), deep links used inside apps (provided they are marked for public indexing) and lookup hints within notes. Apple will also continue to do a lot of its predictive work on the device, something it started with the proactive features in iOS 9. This work doesn't tap the cloud for analysis, nor is the data shared using differential privacy.Additionally, Recode adds that Apple hasn't yet begun collecting data, and it will ask for a user's consent before doing so. The company adds that it is not using a users' cloud-stored photos to power its image recognition feature.

Read more of this story at Slashdot.

Netflix to Soon Let Users Download Videos, Says Report

6/24/2016 4:00pm
Karl Bode, writing for DSLReport:Netflix will soon let users download and store videos locally, according to Penthera (a Pittsburgh-based firm that focuses on delivery of HD media to mobile devices by storing content on the recipient device) COO Dan Taitz and a report over at Light Reading. Taitz told the outlet that it shouldn't be long before the feature arrives. Netflix has been working harder to help consumers manage broadband caps, and being able to download a video on Wi-Fi for later viewing would go a long way in helping users (especially on wireless networks) that consistently find themselves hamstrung by their monthly usage allotments. "We know from our sources within the industry that Netflix is going to launch this product," Taitz tells the outlet. "My expectation is that by the end of the year Netflix will be launching download-to-go as an option for their customers."Bold move, if it does happen.

Read more of this story at Slashdot.

Piracy Phishing Scam Targets US ISPs and Subscribers

6/24/2016 3:20pm
According to a report on TorrentFreak, an elaborate piracy phishing operating is tageting US ISPs and subscribers. Scammers are reportedly masquerading as anti-piracy company IP-Echelon and rightholders such as Lionsgate to send fake DMCA notices and settlement demands to ISPs. From the report:TorrentFreak was alerted to a takedown notice Lionsgate purportedly sent to a Cox subscriber, for allegedly downloading a pirated copy of the movie Allegiant. Under threat of a lawsuit, the subscriber was asked to pay a $150 settlement fee. This request is unique as neither Lionsgate nor its tracking company IP-Echelon is known to engage in this practice. When we contacted IP-Echelon about Lionsgate's supposed settlement offer, we heard to our surprise that these emails are part of a large phishing scam, which has at least one large ISPs fooled. "The notices are fake and not sent by us. It's a phishing scam," IP-Echelon informed TorrentFreak. For a phishing scam the fake DMCA notice does its job well. At first sight the email appears to be legit, and for Cox Communications it was real enough to forward it to their customers.U.S. law enforcement has been notified and is currently investigating the matter.

Read more of this story at Slashdot.

Russia Lawmakers Pass Spying Law That Requires Encryption Backdoors, Call Surveillance

6/24/2016 2:40pm
A bill that was proposed recently in the Russian Duma to make cryptographic backdoors mandatory in all messaging apps, has passed. Patrick Howell O'Neill, reports for DailyDot:A massive surveillance bill is now on its way to becoming law in Russia. The "anti-terrorism" legislation includes a vast data-eavesdropping and -retention program so that telecom and internet companies have to record and store all customer communications for six months, potentially at a multitrillion-dollar cost. Additionally, all internet firms have to provide mandatory backdoor access into encrypted communications for the FSB, the Russian intelligence agency and successor to the KGB. The bill, with support from the ruling United Russia party, passed Friday in the Duma, Russia's lower legislative house, with 277 votes for, 148 against, and one abstaining. It now moves to Russia's Federal Council and the Kremlin, where it's expected to pass into law.

Read more of this story at Slashdot.

Net Neutrality Advocates To FCC: Put the Kibosh On Internet Freebies

6/24/2016 2:00pm
An anonymous reader cites a CNET report:Net neutrality advocates demand action. Representatives from Fight the Future, the Center for Media Justice and Free Press on Friday hand-delivered a 6-foot tall package containing 100,000 letters of complaint to the Federal Communications Commission. They ask the agency to take action against AT&T, Comcast, T-Mobile and Verizon for violating the agency's Open Internet order by offering so-called zero-rating service plans. While the practice offers some benefits to customers, critics say it violates the agency's Net neutrality principles, which requires all services on the internet be treated the same. They claim it puts smaller competitors at a disadvantage and highlights the fact that data caps are unnecessary. Carriers say they are simply experimenting with new business models that will make their service more affordable for consumers.

Read more of this story at Slashdot.

In the Aftermath Of Brexit, Brits Google About Irish Passport, Meaning Of EU, and Why it All Happened

6/24/2016 1:20pm
As the world makes peace with the news that the United Kingdom has voted to leave the European Union, people in the UK are increasingly trying to figure out what this means. Google noted on Twitter late Thursday that "What is the EU?" was the second top UK question on the EU since the news broke, with "Why did Britain leave the EU?" being the first. The questions also speak volume about the awareness of the issue among them. Understandably, some people also resorted to the search engine to look for Irish passports. "Getting an Irish passport" keywords saw a 100% surge.

Read more of this story at Slashdot.

novalug.com