By EditorDavid from Slashdot's infecting-an-iPhone department
Trailrunner7 quotes a report from On The Wire: Apple has patched three critical vulnerabilities in iOS that were identified when an attacker targeted a human rights activist in the UAE with an exploit chain that used the bugs to attempt to remotely jailbreak and infect his iPhone. The vulnerabilities include two kernel flaws and one in WebKit and Apple released iOS 9.3.5 to fix them. The attack that set off the investigation into the vulnerabilities targeted Ahmed Mansoor, an activist living in the UAE. Earlier this month, he received a text message that included a link to what was supposedly new information on human rights abuses. Suspicious, Manor forwarded the link to researchers at the University of Toronto's Citizen Lab, who recognized what they were looking at. "On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising ;new secrets' about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based 'cyber war' company that sells Pegasus, a government-exclusive "lawful intercept" spyware product," Citizen Lab said in a new report on the attack and iOS flaws.Read Replies (0)
By EditorDavid from Slashdot's view-comments department
The U.S. government announced plans to require some foreign travelers to provide their social media account names when entering the country -- and in June requested comments. Now the plan is being called "ludicrous," an "all-around bad idea," "blatant overreach," "desperate, paranoid heavy-handedness," "preposterous," "appalling," and "un-American," reports Slashdot reader dcblogs:
That's just a sampling of the outrage. Some 800 responded to the U.S. request for comments about a proposed rule affecting people traveling from "visa waiver" countries to the U.S., where a visa is not required. This includes most of Europe, Singapore, Chile, Japan, South Korea, Australia and New Zealand... In a little twist of irony, some critics said U.S. President Obama's proposal for foreign travelers is so bad, it must have been hatched by Donald Trump.
"Travelers will be asked to provide their Twitter, Facebook, Instagram, LinkedIn, Google+, and whatever other social ID you can imagine to U.S. authorities," reports Computer World. "It's technically an 'optional' request, but since it's the government asking, critics believe travelers will fear consequences if they ignore it..."Read Replies (0)
By EditorDavid from Slashdot's transporting-tomato-sauce department
An anonymous Slashdot reader quotes CNN Money's report that "pizzas will soon be dropping from the heavens":
Domino's demonstrated its ability to deliver food via a drone Thursday in New Zealand and plans to test actual deliveries to customers next month. "It doesn't add up to deliver a two kilogram package in a two-ton vehicle," said Scott Bush, a general manager for Domino's Pizza Enterprises, which is independent of the U.S. chain and operates in seven countries. "In Auckland, we have such massive traffic congestion it just makes sense to take to the airways."
A Domino's customer who requests a drone delivery will receive a notification when their delivery is approaching. After going outside and hitting a button on their smartphone, the drone will lower the food via a tether. Once the package is released, the drone pulls the tether back up and flies back to the Domino's store.
Robotics Trends has video from the flight, and reports that Domino's is also testing a pizza-delivering robot. Their Domino's Robotics Unit "has four wheels, is less than three feet tall, and has a heated compartment that can hold up to 10 pizzas. It can deliver pizzas within a 12.5-mile radius before needing to be recharged."Read Replies (0)
By EditorDavid from Slashdot's medicine-money department
"The incredible increase in the cost of EpiPens, auto-injectors that can stop life-threatening emergencies caused by allergic reactions, has hit home on Capitol Hill," reports CNN. Slashdot reader Applehu Akbar reports that the argument "has now turned into civil war in the US Senate":
One senator's daughter relies on Epi-Pen, while another senator's daughter is CEO of Mylan, the single company that is licensed to sell these injectors in the US. On the worldwide market there is no monopoly on these devices... Is it finally time to allow Americans to go online and fill their prescriptions on the world market?
Time reports some patients are ordering cheaper EpiPens from Canada and other countries online, "an act that the FDA says is technically illegal and potentially dangerous." But the FDA also has "a backlog of about 4,000 generic drugs" awaiting FDA approval, reports PRI, noting that in the meantime prices have also increased for drugs treating cancer, hepatitis C, and high cholesterol. In Australia, where the drug costs just $38, one news outlet reports that the U.S. "is the only developed nation on Earth which allows pharmaceutical companies to set their own prices."Read Replies (0)
By EditorDavid from Slashdot's GNU-for-nerds department
Long-time Slashdot reader sfcrazy writes: During LinuxCon, Torvalds was full of praise for GNU GPL: "The GPL ensures that nobody is ever going to take advantage of your code. It will remain free and nobody can take that away from you. I think that's a big deal for community management... FSF [Free Software Foundation] and I don't have a loving relationship, but I love GPL v2. I really think the license has been one of the defining factors in the success of Linux because it enforced that you have to give back, which meant that the fragmentation has never been something that has been viable from a technical standpoint." And he thinks the BSD license is bad for everyone: "Over the years, I've become convinced that the BSD license is great for code you don't care about," Torvalds said. But Linus also addressed the issue of enforcing the GPL on the Linux foundation mailing list when someone proposed a discussion of it at Linuxcon. "I think the whole GPL enforcement issue is absolutely something that should be discussed, but it should be discussed with the working title 'Lawyers: poisonous to openness, poisonous to community, poisonous to projects'... quite apart from the risk of loss in a court, the real risk is something that happens whether you win or lose, and in fact whether you go to court or just threaten: the loss of community, and in particular exactly the kind of community that can (and does) help. You lose your friends."Read Replies (0)
By EditorDavid from Slashdot's officially-released department
Continuing its rapid release cycle, ReactOS has unveiled version 0.4.2 of its free "open-source binary-compatible Windows re-implementation." Slashdot reader jeditobe reports that this new version can now read and write various Linux/Unix file systems like Btrfs and ext (and can read ReiserFS and UFS), and also runs applications like Thunderbird and 7-Zip.
ReactOS 0.4.2 also features Cygwin support, .NET 2.0 and 4.0 application support, among other updated packages and revised external dependencies such as Wine and UniATA. The team also worked to improve overall user experience...
ReactOS is free. You can boot your desktop or laptop from it. It looks like Windows (a 10-year-old version, anyway), so you already know how to use it. And it'll run some Windows and DOS applications, maybe including DOS games that regular 64-bit Windows can no longer touch.
These videos even show ReactOS running Elder Scrolls: Skyrim and Doom 3.Read Replies (0)
By EditorDavid from Slashdot's three's-a-crowd department
An anonymous Slashdot reader writes:
Security expert Anthony Zboralski posted on HERT a social engineering attack for Tinder that lets you perform a man-in-the-middle attack against unsuspecting users. Zboralski says, "Not only we can eavesdrop on the conversation of two strangers, we can also change their reality." The attack can easily be extended to SMS, Whatsapp, iMessage and voice.
"At some point people exchange phone numbers and the Tinder convo stops. That's not a problem..." Zboralski explains, suggesting more ways to continue the man-in-the-middle exploits..
His article drew a response from Tinder, arguing they "employ several manual and automated mechanisms" to deter fake and duplicate profiles. But while they're looking for ways to improve, "ultimately, it is unrealistic for any company to positively validate the real-world identity of millions of users while maintaining the commonly expected level of usability."Read Replies (0)
By BeauHD from Slashdot's overseas-recruits department
Peter Hudson writes from a report via Recode: "After failing to get Congress to pass a 'startup visa' as part of broad immigration reform, the Obama administration is moving ahead with an alternative that would allow overseas entrepreneurs to live in the U.S. for up to five years to help build a company," reports Recode. "Already speaking out in favor of the new rules is PayPal co-founder Max Levchin: 'I believe that the most promising entrepreneurs from around the world should have the same opportunity I had -- the chance to deliver on their potential, here in America.' Levchin moved to the U.S. from the Soviet Union in 1991." There are three conditions that need to be met in order to be eligible to work in the U.S. under the new rule: the foreigner would have to own at least 15 percent of a U.S.-based startup, the foreigner would need to have a central role in the startup's operations, and the startup would need to have "potential for rapid business growth and job creation." The third requirement could be met by having at least $100,000 in government grants or $345,000 invested from U.S. venture investors. "Under [the International Entrepreneur Rule (PDF)] being formally proposed on Friday, the Department of Homeland Security would be empowered to use its existing authority to allow entrepreneurs to legally work in the country for two years, possibly followed by a one-time three-year extension," reports Recode. "While the public will have 45 days to comment, the rules aren't subject to congressional approval."Read Replies (0)
By BeauHD from Slashdot's blind-spot department
An anonymous reader quotes a report from Ars Technica: Researchers from MIT and the Masdar Institute of Science and Technology, led by George Ni, describe a prototype design that boils water under ambient sunlight. Central to their floating solar device is a "selective absorber" -- a material that both absorbs the solar portion of the electromagnetic spectrum well and emits little back as infrared heat energy. For this, the researchers turn to a blue-black commercial coating commonly used in solar photovoltaic panels. The rest of the puzzle involves further minimizing heat loss from that absorber, either through convection of the air above it or conduction of heat into the water below the floating prototype. The construction of the device is surprisingly simple. At the bottom, there is a thick, 10-centimeter-diameter puck of polystyrene foam. That insulates the heating action from the water and makes the whole thing float. A cotton wick occupies a hole drilled through the foam, which is splayed and pinned down by a square of thin fabric on the top side. This ensures that the collected solar heat is being focused into a minute volume of water. The selective absorber coats a disc of copper that sits on top of the fabric. Slots cut in the copper allow water vapor from the wick to pass through. And the crowning piece of this technological achievement? Bubble wrap. It insulates the top side of the absorber, with slots cut through the plastic to let the water vapor out. Tests in the lab and on the MIT roof showed that, under ambient sunlight, the absorber warmed up to 100 degrees Celsius in about five minutes and started making steam. That's a first. The study has been published in two separate Nature articles: "Steam by thermal concentration" and "Steam generation under one sun enabled by a floating structure with thermal concentration."Read Replies (0)
By BeauHD from Slashdot's celestial-events department
NASA's Juno spacecraft will get its first up-close view at Jupiter this Saturday. Space.com reports: "At 8:51 a.m. EDT (1251 GMT) on Saturday (Aug. 27), Juno will zoom within 2,600 miles (4,000 kilometers) of Jupiter's cloud tops -- closer than the probe is scheduled to come during its entire mission, NASA officials said. And Juno will have all of its science instruments during Saturday's flyby. This was not the case during the spacecraft's only previous close approach to Jupiter, which occurred July 4 when Juno arrived in orbit around the giant planet. During Saturday's close pass, all eight of Juno's science instruments will be collecting data, and the probe's visible-light imager, known as JunoCam, will take close-up photos." You can also look forward to Venus-Jupiter Conjunction 2016, an event happening on August 27 where Venus and Jupiter's respective orbits will bring the two planets the closest that they'll be to each other until 2065. The two planets will be positioned roughly five degrees above the Western horizon on August 27.Read Replies (0)
By BeauHD from Slashdot's step-in-the-right-direction department
In honor of Women's Equality Day, an anonymous reader shares with us a festive report from Fortune: More than two months after the White House first announced its Equal Pay Pledge for the private sector, Facebook, Apple, Microsoft and other major industry players have signed on. By taking the pledge, which was first introduced at the United State of Women Summit in June of this year, companies promise to help close the national gender pay gap, conduct annual, company-wide pay analyses, and review hiring and promotion practices. The new signees were announced in a White House statement on Friday -- which also happens to be Women's Equality Day, the anniversary of the ratification of the 19th amendment, which gave women the right to vote. Apple, which announced earlier this year that it has no pay gap, released a statement promising to dig even deeper into compensation. "We're now analyzing the salaries, bonuses, and annual stock grants of all our employees worldwide. If a gap exists, we'll address it," the company said in a statement. Twenty-nine companies signed the pledge on Friday, bringing the total number of signatories to 57. The pledge is part of a $50-million, White House-led initiative to expand opportunities for and improve the lives of women and girls. The consortium members issued a statement via Whitehouse.gov's press release: "The Employers for Pay Equity consortium is comprised of companies that understand the importance of diversity and inclusion, including ensuring that all individuals are compensated equitably for equal work and experience and have an equal opportunity to contribute and advance in the workplace. We are committed to collaborating to eliminate the national pay and leadership gaps for women and ethic minorities. Toward that end, we have come together to share best practices in compensation, hiring, promotion, and career development as well as develop strategies to support other companies' efforts in this regard. By doing so, we believe we can have a positive effect on our workforces that, in turn, makes our companies stronger and delivers positive economic impact." The consortium members include: Accenture, Airbnb, BCG, Care.com, CEB, Cisco, Deloitte, Dow, Expedia, EY, Glassdoor, GoDaddy, Jet.com, L'Oreal USA, Mercer, PepsiCo, Pinterest, Rebecca Minkoff, Salesforce, Spotify, Staples, Stella McCartney, and Visa.Read Replies (0)
By BeauHD from Slashdot's new-release department
An anonymous reader quotes a report from BetaNews: Today, the first beta of Ubuntu Linux 16.10 sees release. Once again, a silly animal name is assigned, this time being the letter "Y" for the horned mammal, "Yakkety Yak." This is also a play on the classic song "Yakety Yak" by The Coasters. Please be sure not to "talk back" while testing this beta operating system! "Pre-releases of the Yakkety Yak are not encouraged for anyone needing a stable system or anyone who is not comfortable running into occasional, even frequent breakage. They are, however, recommended for Ubuntu flavor developers and those who want to help in testing, reporting and fixing bugs as we work towards getting this bos grunniens ready. Beta 1 includes a number of software updates that are ready for wider testing. These images are still under development, so you should expect some bugs," says Set Hallstrom, Ubuntu Studio project lead. He adds: "While these Beta 1 images have been tested and work, except as noted in the release notes, Ubuntu developers are continuing to improve the Yakkety Yak. In particular, once newer daily images are available, system installation bugs identified in the Beta 1 installer should be verified against the current daily image before being reported in Launchpad. Using an obsolete image to re-report bugs that have already been fixed wastes your time and the time of developers who are busy trying to make 16.10 the best Ubuntu release yet. Always ensure your system is up to date before reporting bugs." Here are the following download links: Lubuntu, Ubuntu GNOME, Ubuntu Kylin, Ubuntu MATE, Ubuntu Studio.Read Replies (0)
By BeauHD from Slashdot's cease-and-desist department
Twitter CEO Jack Dorsey has made it a top priority for company to limit hateful conduct. In late December 2015, for example, the company changed its rules to explicitly ban "hateful conduct" for the first time. A new report says Twitter is working to further curb the rise of hateful conduct as it is "working on a keyword-based tool that will let people filter the posts they see, giving users a more effective way to block out harassing and offensive tweets." Bloomberg reports: "The San Francisco-based company has been discussing how to implement the tool for about a year as it seeks to stem abuse on the site, said the people [familiar with the matter], who asked not to be identified because the initiative isn't public. By using keywords, users could block swear words or racial slurs, for example, to screen out offenders. The filtering tool could eventually become a moderator for any kind of content, the people said. For example, users could block a hashtag about an event they don't care to read about."Read Replies (0)
By BeauHD from Slashdot's eyes-on-the-prize department
An anonymous reader quotes a report from Digital Trends: Among the 100 new products the company founder James Dyson wants to invent by 2020, the greatest investment in people and money is to improve rechargeable lithium-ion batteries, as reported by Forbes (Warning: paywalled). And Dyson is not planning incremental improvements. His opinion is that current Li-ion batteries don't last long enough and aren't safe enough -- the latter as evidenced by their propensity to spontaneously catch on fire, which is rare but does happen. Dyson believes the answer lies in using ceramics to create solid-state lithium-ion batteries. Dyson says he intended to spend $1.4 billion in research and development and in building a battery factory over the next five years. Last year Dyson bought Ann Arbor, Michigan-based Sakti3, which focuses on creating advanced solid-state batteries, for $90 million. The global lithium-ion battery market accounts for $40 billion in annual sales, according to research firm Lux as cited by Forbes. Dyson's company (which is an accurate description since he has 100-percent ownership) currently employs 3,000 engineers worldwide. He intends to hire another 3,000 by 2020. Their average age is 26. Dyson values young engineers, saying, "The enthusiasm and lack of fear is important. Not taking notice of experts and plowing on because you believe in something is important. It's much easier to do when you're young."Read Replies (0)
By manishs from Slashdot's "open-network" department
Following a former Facebook journalist's report that the company's workers routinely suppressed news stories of interest to conservative readers from the social network's Trending Topics section, the company has been in damage control mode. First, the company announced it would tweak its Trending Topics section and revamp how editors find trending stories. Specifically, they will train the human editors who work on Facebook's trending section and abandon several automated tools it used to find and categorize trending news in the past. Most recently, Facebook added political scenarios to its orientation training following the concerns. Now, it appears that Facebook will "end its practice of writing editorial descriptions for topics, replacing them with snippets of text pulled from news stories." Kurt Wagner, writing for Recode: It's been more than three months since Gizmodo first published a story claiming Facebook's human editors were suppressing conservative news content on the site's Trending Topics section. Facebook vehemently denied the report, but has been dealing with the story's aftermath ever since. On Friday, Facebook announced another small but notable change to Trending Topics: Human editors will no longer write the short story descriptions that accompany a trending topic on the site. Instead, Facebook is going to use algorithms to "pull excerpts directly from stories." It is not, however, cutting out humans entirely. In fact, Facebook employees will still select which stories ultimately make it into the trending section. An algorithm will surface popular stories, but Facebook editors will weed out the inappropriate or fake ones. "There are still people involved in this process to ensure that the topics that appear in Trending remain high-quality," the company's blog reads.Read Replies (0)