By manishs from Slashdot's indie-vs-pop department
An anonymous reader points us to an opinion piece by Apple blogger Rene Ritchie on the dim prospects for indie app developers, in the face of mass-market, big-name competition. From his piece: Big apps get all the attention these days, just like big movie, music, or book releases and indies get what little is left, when there's even a little left. The App Store is big business, and that's how big business works. [...] Apple could use its considerable power and influence to help shape the App Store economy into one more hospitable to indie developers. After all, those are the apps I love and the ones that dominate my home screens. But the truth is, even if Apple gave indie developers everything they wanted, it wouldn't matter much over the long term. It may help a few for a while, and a very few for a while longer, but the app economy and apps themselves are evolving. Brent Simmons has offered his opinion on the matter. He writes, The Mac has for a long time been overlooked -- first because Windows was so huge, and then web apps, and now iOS. For my entire career people have said that the Mac is a bad bet, that it's dumb to write Mac apps. [...] There was never a golden age for indie iOS developers. It was easier earlier on, but it was never golden. (Yes, some people made money, and some are today. I don't mean that there were zero successes.) And there's a good chance that many of the people you currently think of as thriving iOS indie developers are making money in other ways: contracting, podcast ads, Mac apps, etc.Read Replies (0)
By BeauHD from Slashdot's survey-says department
An anonymous reader writes: The study, published in The Lancet, used a cross-sectional, state-level dataset relating to a host of topics associated with firearm mortality including gun ownership and even unemployment from across the U.S. to examine the relationship between recorded gun deaths and gun-control legislation. The study found that some laws, such as those that restrict gun access to children through locks and age restrictions, were simply ineffective while others, such as the stand-your-ground law that allows individuals to use deadly force in self-defense, actually increase gun-related deaths significantly. According to the study's model, a federal law expanding background checks for all gun purchases could reduce the national gun death rate by 57%, lowering it from 10.35 to 4.46 per 100,000 people while background checks for all ammunition purchases could lower the rate by 81% to 1.99 per 100,000 and firearm identification could reduce it by 83% to 1.81 per 100,000. If the federal government implemented all three laws, the scholars predict that the overall national rate of firearm deaths would drop by over 90% to 0.16 per 100,000.Read Replies (0)
By BeauHD from Slashdot's guide-to-parenting department
HughPickens.com writes: Sites like Facebook and Instagram are now baked into the world of today's families. Many, if not most, new parents post images of their newborn online within an hour of birth, and some parents create social media accounts for the children themselves -- often to share photos and news with family, although occasionally in the pursuit of "Instafame" for their fashionably clad, beautifully photographed sons and daughters. Now, KJ Dell'Antonia writes in the NYT about the growing disconnect between parents and their children and the one surprising rule children want their parents to know: Don't post anything about me on social media without asking me. "As these children come of age, they're going to be seeing the digital footprint left in their childhood's wake," says Stacey Steinberg. "While most of them will be fine, some might take issue with it." Alexis Hiniker studied 249 parent-child pairs distributed across 40 states and found about three times more children than parents thought there should be rules about what parents shared on social media. "Twice as many children as parents expressed concerns about family members oversharing personal information about them on Facebook and other social media without permission," says co-author Sarita Schoenebeck. "Many children said they found that content embarrassing and felt frustrated when their parents continued to do it."
When researchers asked kids what technology rules they wished their parents would follow -- a less common line of inquiry -- the answers fell into seven general categories:
1) Be present -- Children felt there should be no technology at all in certain situations, such as when a child is trying to talk to a parent.
2) Child autonomy -- Parents should allow children to make their own decisions about technology use without interference.
3) Moderate use -- Parents should use technology in moderation and in balance with other activities.
< article continued at Slashdot's guide-to-parenting department
>Read Replies (0)
By BeauHD from Slashdot's trail-of-evidence department
An anonymous reader writes from an article published on TorrentFreak: [A] criminal complaint details the FBI's suspicions that 25-year-old Preston McWaters had conveyed "false or misleading information regarding an explosive device." The FBI started digging and in February 2016 two search warrants against Twitter and Facebook required them to turn over information on several accounts. Both did and the criminal complaint makes it clear that the FBI believes that McWaters was behind the accounts and the threats. With McWaters apparently leaving incriminating evidence all over the place (including CCTV at Walmart where he allegedly purchased a pre-paid Tracfone after arriving in his own car), the FBI turned to IP address evidence available elsewhere. "During the course of the investigation, subpoenas and search warrants have been directed to various companies in an attempt to identify the internet protocol (IP) address from where the email messages are being sent," the complaint reads. "All the responses from [email provider] 1&1, Facebook, Twitter, and Tracfone have been traced by IP address back to a company named London Trust Media [doing business as] PrivateInternetAccess.com. A subpoena was sent to London Trust Media and the only information they could provide is that the cluster of IP addresses being used was from the east coast of the United States," the FBI's complain reads. "However, London Trust did provide that they accept payment for their services through credit card with a vendor company of Stripe and/or Amazon. They also accept forms of payment online through PayPal, Bitpay, Bit Coin, Cash You, Ripple, Ok Pay, and Pay Garden." While McWaters is yet to be found guilty, it's a sad fact that some people will use anonymizing services such as VPNs, pre-paid phones and anonymous email providers to harass others. And thankfully, as this case shows, they'll need to hide a lot more than their IP address to get away with that level of crime.Read Replies (0)
By manishs from Slashdot's fixing-the-education-system department
An anonymous reader writes: E-commerce giant Amazon is planning to launch a new education platform which would enable educators to upload, manage, share, and discover open education resources. Earlier this month, the company quietly opened an Amazon Education Wait List to allow educators to be alerted about the availability of the platform. The website currently reads, "The future of education is open. Someday soon, educators everywhere will have free and unlimited access to first-class course materials from a revolutionary platform. Get on the wait list to be notified when the platform is available for all schools and classrooms!" The webpage, do note, could be related to some other project. This isn't the first time Amazon has shown interest in the education sector. In 2013, it acquired TenMarks, a company that offers mathematics learning materials. Amazon, which lets you purchase or rent books for Kindle, is also a major name in the publishing world. Over the years, Apple, Google, and Microsoft have also become increasingly interested in seeing their hardware and software in classrooms.Read Replies (0)
By BeauHD from Slashdot's insecure-home-automation-deployment department
jones_supa writes: The hotel in which Matthew Garrett was staying at, had decided that light switches are unfashionable and replaced them with a series of Android tablets. In his tour to the system, one was quickly met with a glitch message "UK_bathroom isn't responding." Anyway, two of the tablets had convenient-looking ethernet cables plugged into the wall, so MacGyver began hacking. He managed to borrow a couple of USB ethernet adapters, set up a transparent bridge and then stick his laptop between the tablet and the wall. Tcpdump showed traffic, and Wireshark revealed that it was Modbus over TCP. Modbus is a pretty trivial protocol, and does not implement authentication. The Pymodbus tool could be used to control lights, turn the TV on/off, and even close and open the curtains. Then he noticed something. His room number was 714. The IP address he was communicating with was 172.16.207.14. They wouldn't, would they? Indeed, he could access the control systems on every floor and query other rooms to figure out whether the lights were on or not, which strongly implies that he could control them as well.Read Replies (0)
By manishs from Slashdot's government-vs-open-source department
An anonymous reader points to an official announcement made by TP-Link, which confirms a report from last month that it is blocking open source firmware: The FCC requires all manufacturers to prevent users from having any direct ability to change RF parameters (frequency limits, output power, country codes, etc.) In order to keep our products compliant with these implemented regulations, TP-LINK is distributing devices that feature country-specific firmware. Devices sold in the United States will have firmware and wireless settings that ensure compliance with local laws and regulations related to transmission power. As a result of these necessary changes, users are not able to flash the current generation of open-source, third-party firmware. We are excited to see the creative ways members of the open-source community update the new firmware to meet their needs. However, TP-LINK does not offer any guarantees or technical support for customers attempting to flash any third-party firmware to their devices.
Don't lose all your hopes yet. Developer Sebastian Gottschall, who works on DD-WRT Linux-based firmware, believes that TP-Link hasn't blocked third-party firmware. He adds, "Just the firmware header has been a little bit changed and a region code has been added. This has been introduced in September 2015. DD-WRT for instance does still provide compatible images... in fact it's no lock." Furthermore, Cisco insists that FCC's existing or proposed rules doesn't limit or eliminate the ability of a developer to use open source software.Read Replies (0)
By BeauHD from Slashdot's violent-expectations department
dcblogs writes: About 300 Hertz IT employees, most located in Oklahoma City, are being impacted [by] a decision to expand its outsourcing to IBM. About 75 will be hired by IBM and those workers [are expected] to receive offers this week while others are facing layoffs. The news was a shock for IT employees. There was "anger, resentment," especially by employees who "sacrificed that work/life balance to keep things going here," said one employee. Hertz took precautions. On the day that IT employees learned that their work was shifting to IBM, employees noticed Oklahoma sheriff patrol vehicles in the building's parking lot. They believed plainclothes officers were inside the building.
"We consider the safety and security of our people whenever there are circumstances or events that could increase the risk of a disturbance or some form of workplace violence," said Bill Masterson, a Hertz spokesman. "Knowing that this was a difficult announcement, we had additional security on hand," said Masterson. "Going forward, Hertz IT resources will be focused on development of future products and services for customers," he said. The majority of services will be cloud-based. According to the Computerworld article, along with severance pay, benefits also include three months of outplacement assistance. IT employees can receive up to $4,000 toward retraining or skill certification, said Masterson. IBM India Private Limited, a IBM subsidiary, has filed paper for H-1B visa workers for Hertz Technology offices.Read Replies (0)
By BeauHD from Slashdot's new-and-improved department
An anonymous reader writes: Apparently, during the past months it has started coming to the surface the fact that most top-tier Android malware was actually related, coming from a common malware variant called GM Bot, and sold for only $5,000 on underground hacking forums. Taking advantage of his new found glory, the coder behind that malware has now released a second version, three times the price of the first, complete with 3 exploits that can guarantee root access on older versions of Android (which are plenty thanks to [ignorant] OEMs and carriers). Some of the malware that originated from GM Bot includes: SimpleLocker (first crypto-ransomware for Android), AceCard (considered the most sophisticated Android malware to date), Bankosy and SlemBunk (banking trojan and backdoor), and Mazar Bot (banking trojan, backdoor and ransomware). To make things worse, GM Bot v1's source code also got leaked online, making it available to any halfwit developer that wants a crack at a cybercrime career.Read Replies (0)
By timothy from Slashdot's or-is-that-have-been-released department
Burz writes: Invisible Things Labs has released Qubes OS 3.1. Some of the features recently introduced into this secure concept, single-user desktop OS are Salt management, the Odyssey abstraction layer, and UEFI boot support. The 3.x series also lays the groundwork for distributed verifiable builds, Whonix VMs for Tor isolation, split-GPG key management, USB sandboxing, and a host of others.
Qubes has recently gained a following among privacy advocates, notable among them journalist J.M. Porup, Micah Lee at The Intercept and Edward Snowden.
Embodying a shift away from complex kernel-based security and towards bare metal hypervisors and IOMMUs for strict isolation of hardware components, Qubes seals off the usual channels for 'VM breakout' and DMA attacks. It isolates NICs and USB hardware within unprivileged VMs which are themselves are a re-working of the usual concept, each booting from read-only OS 'templates' which can be shared. Graphics are also virtualized behind a simple, hardened interface. Some of the more interesting attacks mitigated by Qubes are Evil Maid, BadBIOS, BadUSB and Mousejack.Read Replies (0)