By msmash from Slashdot's bolstering-security department
With the arrival of USB-C a few years back, plugging into laptops, tablets and smartphones became even easier than before. But there are potential security risks. The USB Type-C Authentication Program launched today aims to address such issues. From a report: The new protocol from the USB Implementers Forum (USB-IF) can be used to validate the authenticity of a cable, charger or hardware at the moment of connection, and stop attacks in their tracks. The USB-IF has chosen DigiCert to operate registrations and certificate authority services for the new specification, which makes use of 128-bit cryptographic-based authentication for certificate format, digital signing, hash and random number generation.
"USB Type-C Authentication gives OEMs the opportunity to use certificates that enable host systems to confirm the authenticity of a USB device or USB charger, including such product aspects as the descriptors, capabilities and certification status," said DigiCert in a press release. "This protects against potential damage from non-compliant USB chargers and the risks from maliciously embedded hardware or software in devices attempting to exploit a USB connection."Read Replies (0)
By msmash from Slashdot's breaking-news department
An anonymous reader shares a report: On Monday, New Year's Eve, a hacker group announced it had breached a law firm handling cases related to the September 11 attacks, and threatened to publicly release a large cache of related internal files unless their ransom demands were met. The news is the latest public extortion attempt from the group known as The Dark Overlord, which has previously targeted a production studio working for Netflix, as well as a host of medical centres and private businesses across the United States. The announcement also signals a slight evolution in The Dark Overlord's strategy, which has expanded on leveraging the media to exert pressure on victims, to now distributing its threats and stolen data in a wider fashion.
In its announcement published on Pastebin, The Dark Overlord points to several different insurers and legal firms, claiming specifically that it hacked Hiscox Syndicates Ltd, Lloyds of London, and Silverstein Properties. "Hiscox Syndicates Ltd and Lloyds of London are some of the biggest insurers on the planet insuring everything from the smallest policies to some of the largest policies on the planet, and who even insured structures such as the World Trade Centers," the announcement reads.Read Replies (0)
By msmash from Slashdot's closer-look department
A fifth of Earth's geologic history might have vanished because planet-wide glaciers buried the evidence. From a report: The Grand Canyon is a gigantic geological library, with rocky layers that tell much of the story of Earth's history. Curiously though, a sizeable layer representing anywhere from 250 million years to 1.2 billion years is missing. Known as the Great Unconformity, this massive temporal gap can be found not just in this famous crevasse, but in places all over the world. In one layer, you have the Cambrian period, which started roughly 540 million years ago and left behind sedimentary rocks packed with the fossils of complex, multicellular life. Directly below, you have fossil-free crystalline basement rock, which formed about a billion or more years ago.
So where did all the rock that belongs in between these time periods go? Using multiple lines of evidence, an international team of geoscientists reckons that the thief was Snowball Earth, a hypothesized time when much, if not all, of the planet was covered in ice. According to the team, at intervals within those billion or so years, up to a third of Earth's crust was sawn off by Snowball Earth's roaming glaciers and their erosive capabilities. The resulting sediment was dumped into the slush-covered oceans, where it was then sucked into the mantle by subducting tectonic plates.
Effectively, in many locations, Earth buried the evidence of about a fifth of its geological history, the team argued this week in the Proceedings of the National Academy of Sciences. The notion is elegant but provocative, and the authors themselves predict that some geoscientists will express skepticism. "I think, though, we have extraordinary evidence to support that extraordinary claim," says study leader C. Brenhin Keller, a postdoctoral fellow at the Berkeley Geochronology Center.Read Replies (0)
By msmash from Slashdot's closer-look department
Why would you go with the smaller brand, faced with those offerings from tech's behemoths? Or, at the previous displays, why not just buy the cheaper models? Charles Arthur, writing for The Guardian: That's the challenge for many consumer electronics firms. Not how to make things, or how to distribute them and get them in front of potential buyers. It's how to make a profit. Out of Fitbit, GoPro, Parrot and Sonos -- each operating in different parts of the consumer electronics business -- only the latter made an operating profit in the last financial quarter, and all four have made a cumulative operating loss so far this year. Making a profit in hardware has always been difficult. By contrast, in software, all the significant costs are in development; reproduction and distribution are trivial -- a digital copy is perfect, and the internet will transport 0s and 1s anywhere, effectively for free. If your product is free and ad-supported, you don't even need anti-piracy measures; you want people to copy it and use it. Software companies typically have gross margins of around 80%, and operating profits of 40% or so.
In hardware, though, the world now seems full of companies living by the Amazon founder Jeff Bezos's mantra that "your [profit] margin is my opportunity". Indeed, Amazon is one of the reasons why long-term profit is more elusive: it provides a means for small startups to distribute products without formal warehousing arrangements, and compete with bigger businesses at lower cost. That, together with the rise of a gigantic electronic manufacturing capability in the southern Chinese city of Shenzhen, about an hour's drive north of Hong Kong, has made the modern hardware business one where only those with huge reserves of capital and brand recognition can hope to thrive.Read Replies (0)
By msmash from Slashdot's up-next department
For years, Mozilla has largely neglected development of Thunderbird, an email client it owns. But the company, which grew its team to eight staff last year, says it plans to address most of the issues that users have complained about and add six more people to Thunderbird staff this year, it said in a blog post. In the blog post Wednesday, the company said: Our hires are already addressing technical debt and doing a fair bit of plumbing when it comes to Thunderbird's codebase. Our new hires will also be addressing UI-slowness and general performance issues across the application. This is an area where I think we will see some of the best improvements in Thunderbird for 2019, as we look into methods for testing and measuring slowness -- and then put our engineers on architecting solutions to these pain points. Beyond that, we will be looking into leveraging new, faster technologies in rewriting parts of Thunderbird as well as working toward a multi-process Thunderbird.
[...] For instance, one area of usability that we are planning on addressing in 2019 is integration improvements in various areas. One of those in better Gmail support, as one of the biggest email providers it makes sense to focus some resources on this area. We are looking at addressing Gmail label support and ensuring that other features specific to the Gmail experience translate well into Thunderbird. We are looking at improving notifications in Thunderbird, by better integrating with each operating system's built-in notification system. By working on this feature Thunderbird will feel more "native" on each desktop and will make managing notifications from the app easier.
< article continued at Slashdot's up-next department
>Read Replies (0)
By msmash from Slashdot's up-next department
An anonymous reader shares a report: A common belief among tech industry insiders is that Silicon Valley has dominated the internet because much of the worldwide network was designed and built by Americans. Now a growing number of those insiders are worried that proposed export restrictions could short-circuit the pre-eminence of American companies in the next big thing to hit their industry, artificial intelligence.
In November, the Commerce Department released a list of technologies, including artificial intelligence, that are under consideration for new export rules because of their importance to national security. Technology experts worry that blocking the export of A.I. to other countries, or tying it up in red tape, will help A.I. industries flourish in those nations -- China, in particular -- and compete with American companies.
"The number of cases where exports can be sufficiently controlled are very, very, very small, and the chance of making an error is quite large," said Jack Clark, head of policy at OpenAI, an artificial intelligence lab in San Francisco. "If this goes wrong, it could do real damage to the A.I. community." The export controls are being considered as the United States and China engage in a trade war. The Trump administration has been critical of the way China negotiates deals with American companies, often requiring the transfer of technology to Chinese partners as the cost of doing business in the country. And federal officials are making an aggressive argument that China has stolen American technology through hacking and industrial espionage.Read Replies (0)
By msmash from Slashdot's closer-look department
The subways on the East Coast that allowed New York, Washington and Boston to thrive are showing their age and suffering from years of neglect, while cities on the West Coast are moving quickly to expand and improve their networks. From a report: The Los Angeles area, the ultimate car-centric region with its sprawling freeways, approved a sweeping $120 billion plan to build new train routes and upgrade its buses. Seattle has won accolades for its transit system, where 93 percent of riders report being happy with service -- a feat that seems unimaginable in New York, where subway riders regularly simmer with rage on stalled trains. "It's a tale of two systems," said Robert Puentes, the president of the Eno Center for Transportation, a nonpartisan research center in Washington. "These new ones are growing and haven't started to experience the pains of rehabilitation."
In New York, Polly Trottenberg, New York City's transportation commissioner, returned to a laundry list of messes: a subway crisis, buses that move at a snail's pace, the looming shutdown of the L train between Manhattan and Brooklyn, and the rebuilding of the dilapidated Brooklyn-Queens Expressway. "There is a political will to invest in expansion" on the West Coast, Ms. Trottenberg said in an interview, though she noted that New York's system was still the country's largest by far. Its daily subway and bus ridership of nearly 8 million dwarfs Los Angeles's 1.2 million riders. Still, transit systems on the East Coast are losing ridership. New York's subway has not expanded in decades, besides a handful of new stations in Manhattan -- one on the Far West Side and three on the Upper East Side.Read Replies (0)
By msmash from Slashdot's privacy-woes department
A popular weather app built by a Chinese tech conglomerate has been collecting an unusual amount of data from smartphones around the world and attempting to subscribe some users to paid services without permission, according to a London-based security firm's research.
From a report: The free app, one of the world's most-downloaded weather apps in Google's Play store, is from TCL Communication Technology Holdings, of Shenzhen, China. TCL makes Alcatel- and BlackBerry -branded phones, while a sister company makes televisions. The app, called "Weather Forecast --World Weather Accurate Radar," collects data including smartphone users' geographic locations, email addresses and unique 15-digit International Mobile Equipment Identity (IMEI) numbers on TCL servers in China, according to Upstream Systems, the mobile commerce and security firm that found the activity. Until last month, the app was known as "Weather -- Simple weather forecast."
The weather app also has attempted to surreptitiously subscribe more than 100,000 users of its low-cost Alcatel smartphones in countries such as Brazil, Malaysia and Nigeria to paid virtual-reality services, according to Upstream Systems. The security firm, which discovered the activity as part of its work for mobile operators, said users would have been billed more than $1.5 million had it not blocked the attempts.Read Replies (0)
By msmash from Slashdot's tussle-continues department
Add Bill Gates to the list of executives whose businesses have been ensnared by the Trump administration's battle with China over technology and trade. From a report: The tech tycoon and philanthropist said in an essay posted late last week that a nuclear-energy project in China by a company he co-founded called TerraPower LLC is now unlikely to proceed because of recent changes in U.S. policy toward China [Editor's note: the link may be paywalled; alternative source]. That leaves TerraPower, which had been working on the China project for more than three years, scrambling for a new partner and uncertain where it might be able to run a pilot of the nuclear reactor it has been developing, according to company officials.
Mr. Gates, TerraPower's chairman, helped start and fund the Bellevue, Wash., company, which incorporated in 2008, in a long-term bid to make nuclear reactors smaller, less expensive and safer than current nuclear energy sources. The company has been developing something called a traveling-wave reactor, which uses depleted uranium as fuel, something that TerraPower says can improve safety and reduce costs. Regulatory restrictions and limited federal funding made building the facility in the U.S. difficult and led TerraPower to look for partners abroad, Chief Executive Chris Levesque said in an interview.Read Replies (0)
By msmash from Slashdot's Old-Guard department
Glenn Fleishman, writing for MacWorld: It seems like it was only yesterday that I first used BareBones Software's BBEdit, but in actuality, yesterday is so far away -- 25 years, in fact. With all the twists and turns across more than two decades of Apple as a company, Mac hardware, and the underlying operating system, you might think that BBEdit stands alone as a continuously-developed app shepherded largely or exclusively by the same independent developer -- an app without a giant company behind it. As it turns out, BBEdit is one of several apps that's been around the block more than a few times.
The longevity of indie apps is more extraordinary when you consider the changes Apple put the Mac through from the early 1990s to 2018. Apple switched from Motorola 680x0 processors to PowerPC to Intel chips, from 32-bit to 64-bit code, and among supported coding languages. It revved System 7 to 8 to 9, then to Unix across now 15 major releases (from 10.0 to 10.14). That's a lot for any individual programmer or small company to cope with. Bare Bones's head honcho, Rich Siegel, and the developers behind three other long-running Mac software programs shared with me their insight on development histories for over 25 years, what's changed the most during that time, and any hidden treasures users haven't yet found. You can hear more on BareBones Software's in this recent episode of The Talk Show, a podcast by DaringFireball's John Gruber.Read Replies (0)