By BeauHD from Slashdot's gone-in-the-blink-of-an-eye department
An anonymous reader quotes a report from Ars Technica: Microsoft has removed a trio of references to Markus "Notch" Persson, the creator of Minecraft, from the game's opening menu screen. Random messages known as "splash text" are printed in yellow on this screen, and they used to include "Made by Notch!", "The Work of Notch", and "110813!" (a reference to the day Persson got married), but now all three mentions are gone. Notch is still included in the game's credits, but the change means that Minecraft players will no longer be randomly referenced.
Persson first released the blocky building game in 2009. Five years later, after the game had become a global smash hit, he sold his company Mojang to Microsoft for $2.5 billion, giving Redmond ownership of Minecraft. The references to Notch have remained a feature until their removal in this latest patch. They're reported to have been removed both from the original Java edition played on PCs and the legacy console edition used on PlayStation 4. No official rationale has been offered for the change, but Persson has become something of a polarizing figure on Twitter...Read Replies (0)
By BeauHD from Slashdot's don't-do-the-crime-if-you-can't-do-the-time department
24-year-old security researcher Zammis Clark pleaded guilty today to hacking into Microsoft and Nintendo servers and stealing confidential information. Clark, known online as Slipstream or Raylee, "was charged on multiple counts of computer misuse offenses in a London Crown Court on Thursday, and pleaded guilty to hacking into Microsoft and Nintendo networks," reports The Verge. From the report: Prosecutors revealed that Clark had gained access to a Microsoft server on January 24th, 2017 using an internal username and password, and then uploaded a web shell to remotely access Microsoft's network freely for at least three weeks. Clark then uploaded multiple shells which allowed him to search through Microsoft's network, upload files, and download data. In total, around 43,000 files were stolen after Clark targeted Microsoft's internal Windows flighting servers. These servers contain confidential copies of pre-release versions of Windows, and are used to distribute early beta code to developers working on Windows. Clark targeted unique build numbers to gain information on pre-release versions of Windows in around 7,500 searches for unreleased products, codenames, and build numbers.
< article continued at Slashdot's don't-do-the-crime-if-you-can't-do-the-time department
>Read Replies (0)
By BeauHD from Slashdot's cease-and-desist department
Russian authorities have ordered ten major VPN providers to begin blocking sites on the country's blacklist. "NordVPN, ExpressVPN, IPVanish and HideMyAss are among those affected," reports TorrentFreak. "TorGuard also received a notification and has pulled its services out of Russia with immediate effect." From the report: During the past few days, telecoms watch Roscomnadzor says it sent compliance notifications to 10 major VPN services with servers inside Russia -- NordVPN, ExpressVPN, TorGuard, IPVanish, VPN Unlimited, VyprVPN, Kaspersky Secure Connection, HideMyAss!, Hola VPN, and OpenVPN. The government agency is demanding that the affected services begin interfacing with the FGIS database, blocking the sites listed within. Several other local companies -- search giant Yandex, Sputnik, Mail.ru, and Rambler -- are already connected to the database and filtering as required.
"In accordance with paragraph 5 of Article 15.8 of the Federal Law No. 149-FZ of 27.07.2006 'On Information, Information Technology and on Protection of Information' hereby we are informing you about the necessity to get connected to the Federal state informational system of the blocked information sources and networks [FGIS] within thirty working days from the receipt [of this notice]," the notice reads. A notice received by TorGuard reveals that the provider was indeed given just under a month to comply. The notice also details the consequences for not doing so, i.e being placed on the blacklist with the rest of the banned sites so it cannot operate in Russia. The demand from Roscomnadzor sent to TorGuard and the other companies also requires that they hand over information to the authorities, including details of their operators and places of business. The notice itself states that for foreign entities, Russian authorities require the full entity name, country of residence, tax number and/or trade register number, postal and email address details, plus other information.Read Replies (0)
By BeauHD from Slashdot's nothing-is-free department
An anonymous reader quotes a report from TechCrunch: Moolah Mobile is teaming up with SurgePhone Wireless to offer people a new way to pay their cell phone bills -- by putting ads on their homescreens. Moolah CEO Vernell Woods (pictured above) said the startup has already been offering gift cards and other rewards to users who view its homescreen ads. So this is a similar model, except instead of earning gift cards, the ads are subsidizing cell phone service from Surge. The ads show up on users' homescreens during interstitial moments between using apps, so the goal is to offer free service without consumers having to change their behavior. Woods said all that ad time adds up, with "the average person who's using their phone on a consistent basis" viewing "easily between two to three hours" of homescreen ads each day. And that's enough to pay for the "equivalent" of Surge's $10 monthly plan. On the other hand, if for some reason a subscriber isn't hitting the necessary total, Woods said they can also earn more points by accepting offers or taking surveys. The subsidized wireless service will roll out in Florida, Virginia, Georgia and Texas initially, with an aim of reaching 40,000 locations by the end of the year.Read Replies (0)
By BeauHD from Slashdot's top-secret department
Google executives are conducting a secret internal assessment of work on a censored search engine for China. "A small group of top managers at the internet giant are conducting a 'performance review' of the controversial effort to build the search platform, known as Dragonfly, which was designed to blacklist information about human rights, democracy, religion, and peaceful protest," reports The Intercept. From the report: Performance reviews at Google are undertaken annually to evaluate employees' output and development. They are usually carried out in an open, peer review-style process: Workers grade each other's projects and the results are then assessed by management, who can reward employees with promotion if they are deemed ready to progress at the company. In the case of Dragonfly, however, the peer review aspect has been removed, subverting the normal procedure. In a move described as highly unusual by two Google sources, executives set up a separate group of closed "review committees," comprised of senior managers who had all previously been briefed about the China search engine.
The existence of the Dragonfly review committees has not been disclosed to rank-and-file Google employees, except for the few who have been evaluated by the committees because they worked on China search. Fewer than a dozen top managers at the company are said to be looped in on the review, which has involved studying documents and technical work related to Dragonfly. "Management has decided to commit to keeping this stuff secret," said a source with knowledge of the review. They are "holding any Dragonfly-specific documents out of [employees'] review tools, so that promotion is decided only by a committee that is read in on Dragonfly." Executives likely feared that following the normal, more open performance review process with Dragonfly would have allowed workers across the company to closely scrutinize it, according to two Google sources.Read Replies (0)
By msmash from Slashdot's slow-expansion department
An anonymous reader shares a report: What better way to replace New York City's thousands of aging pay phones than with 9.5-foot-tall kiosks outfitted with 55-inch HD displays, gigabit internet, and Android tablets preloaded with informational apps? So went the thinking back in 2014, when then-mayor Michael Bloomberg launched a competition -- the Reinvent Payphones initiative -- calling on private enterprises, residents, and nonprofits to submit designs for spruced-up, publicly accessible hubs that would provide advertising-subsidized services to the public. CityBridge's LinkNYC beat out piezoelectric pressure plates, EV charging stations, and other competing proposals for a contract, and the consortium wasted no time in getting to work.
Intersection -- which with Qualcomm and CIVIQ Smartscapes manages the kiosks -- said it plans to spend $200 million laying down 400 miles of new communication cables and installing as many as 10,000 Links that supply free Wi-Fi to passersby within a 150-foot radius. The first kiosk went online in January, though the project has quite a ways to go -- 1,780 Links are active currently, short of the initial goal of 4,500 kiosks by July of this year. [...] And the initial kiosks have really taken off. According to Intersection, the LinkNYC network now has more than 6 million unique users who have used 8.597 terabytes of data collectively -- equivalent to about 1.3 billion songs or 292 billion WhatsApp messages. And the project facilitates 600,000 phone calls every month, up from 500,000 in September of last year. Further reading: Free Municipal Wi-Fi May Be the Next Front In the War Against Privacy.Read Replies (0)
By BeauHD from Slashdot's lost-and-found department
An anonymous reader quotes a report from ZDNet: A group of academics from South Korea have identified 36 new vulnerabilities in the Long-Term Evolution (LTE) standard used by thousands of mobile networks and hundreds of millions of users across the world. The vulnerabilities allow attackers to disrupt mobile base stations, block incoming calls to a device, disconnect users from a mobile network, send spoofed SMS messages, and eavesdrop and manipulate user data traffic. They were discovered by a four-person research team from the Korea Advanced Institute of Science and Technology Constitution (KAIST), and documented in a research paper they intend to present at the IEEE Symposium on Security and Privacy in late May 2019.
The Korean researchers said they found 51 LTE vulnerabilities, of which 36 are new, and 15 have been first identified by other research groups in the past. They discovered this sheer number of flaws by using a technique known as fuzzing --a code testing method that inputs a large quantity of random data into an application and analyzes the output for abnormalities, which, in turn, give developers a hint about the presence of possible bugs. The resulting vulnerabilities, see image below or this Google Docs sheet, were located in both the design and implementation of the LTE standard among the different carriers and device vendors. The KAIST team said it notified both the 3GPP (industry body behind LTE standard) and the GSMA (industry body that represents mobile operators), but also the corresponding baseband chipset vendors and network equipment vendors on whose hardware they performed the LTEFuzz tests.Read Replies (0)
By msmash from Slashdot's how-about-that department
Modern Labor promises to teach you to code in five months and help find you a job when you graduate -- but you're on the hook for the next two years. From a report: Most coding bootcamps almost sound like get-rich-quick schemes: Devote a few months to learning a new skill from home, and walk into a job that could pay you $70,000 a year to start. For the most immersive programs, you'll need to put your life on hold while you learn full-time. Usually, students pay for those coding bootcamps upfront while they take time off their jobs to learn.
Startup coding bootcamp Modern Labor pays people $2,000 a month for five months while they learn to code, following a curriculum remotely from wherever they live for at least 30 hours every week (working out to roughly minimum wage). After graduation, if they land a job that pays at least $40,000, Modern Labor takes 15 percent of their salary for the next two years. For example, if they find a job that pays $80,000, they'll pay Modern Labor $24,000 over two years. [...] Modern Labor's business model is an example of an "income sharing agreement," a scheme that's on-trend for Wall Street and Silicon Valley entrepreneurs looking to disrupt education.Read Replies (0)
By msmash from Slashdot's closer-look department
A leaked internal document outlines a program that looks almost exactly like the requirements of right to repair legislation that has been proposed in 20 states. From a report: As Apple continues to fight legislation that would make it easier for consumers to repair their iPhones, MacBooks, and other electronics, the company appears to be able to implement many of the requirements of the legislation, according to an internal presentation obtained by Motherboard. According to the presentation, titled "Apple Genuine Parts Repair" and dated April 2018, the company has begun to give some repair companies access to Apple diagnostic software, a wide variety of genuine Apple repair parts, repair training, and notably places no restrictions on the types of repairs that independent companies are allowed to do. The presentation notes that repair companies can "keep doing what you're doing, with ... Apple genuine parts, reliable parts supply, and Apple process and training."
This is, broadly speaking, what right to repair activists have been asking state legislators to require companies to offer for years. "This looks to me like a framework for complying with right to repair legislation," Kyle Wiens, CEO of iFixit and a prominent member of the right to repair movement, told me on the phone. "Right now, they are only offering it to a few megachains, but it seems clear to me that it would be totally possible to comply with right to repair."Read Replies (0)
By msmash from Slashdot's marching-forward department
Gilles Dubuc, writing for the Wikimedia Foundation: We're excited to announce that we've become a member of the W3C, the main international standards organization for the World Wide Web. Founded by Tim Berners-Lee in 1994, W3C works with hundreds of organizations to ensure that the web's basic building blocks -- like HTML or CSS -- remain consistent across browsers, platforms, and more. You can learn more about what W3C does over on Wikipedia. Joining the W3C fits right into our 2030 strategy, which calls on the Wikimedia movement to "become the essential infrastructure of the ecosystem of free knowledge, and [ensure that] anyone who shares our vision will be able to join us."
The underlying technologies and standards of the web are a core part of the infrastructure that can facilitate knowledge equity, and so to achieve our vision, we need to participate and collaborate in designing the future of the web. As part of working groups, we will be collaborating directly with other major stakeholders on the web. Through attending meetings, providing feedback, helping with the drafting of standards, and performing some of the technical work necessary to put standards together (as well as participating in the decision-making process of their design), we're going to contribute to shaping a future of the web that helps everyone create and share free knowledge.Read Replies (0)
By msmash from Slashdot's how-about-that department
Joseph Tsidulko, writing for CRN: Oracle asked the U.S. Supreme Court on Wednesday to not review an appellate court's decision finding Google violated Oracle's copyright of the Java platform when building the Android mobile operating system. In that opposition brief, Oracle's attorneys said Google's copyright violation shut Oracle, the Java platform owner, out of the emerging smartphone market, causing incalculable harm to its business. The complex case pitting two Silicon Valley giants against each other has raged on since 2010, and already saw many twists in turns before a circuit court last year reversed a jury decision in favor of Oracle. That prompted Google's appeal to the nation's highest court. Oracle notes Google had previously asked for a writ of certiorari -- the legal term for review by the high court -- in 2015 without success in an earlier phase of the case, and the company argues nothing has changed in the time since.
Oracle believes Google destroyed its hopes of competing as a smartphone platform developer with the Java platform, which enables development and execution of software written in Java, including through APIs that access a vast software library. The lawsuit alleged Google copied those APIs without a proper license. Java was developed at Sun Microsystems, which Oracle acquired in 2010. "Google's theory is that, having invested all those resources to create a program popular with platform developers and app programmers alike, Oracle should be required to let a competitor copy its code so that it can coopt the fan base to create its own best-selling sequel," Oracle's brief states.Read Replies (0)
By msmash from Slashdot's new-lows department
Office Depot and Support.com have coughed up $35 million after they were accused of lying to people that their PCs were infected with malware in order to charge them cleanup fees. From a report: Late Wednesday, the pair of businesses settled a lawsuit brought against them by the US Federal Trade Commission, which alleged staff at the tech duo falsely claimed software nasties were lingering on customers' computers to make a fast buck. The lawsuit, filed in southern Florida, claimed the two companies, including Office Depot subsidiary OfficeMax, from 2009 until November 2016 misrepresented the state of consumers' computers by using a sales tool designed to convince people to pay for diagnostic and repair services.
"In numerous instances throughout this time period, Defendants used the PC Health Check Program to report to Office Depot Companies customers that the scan had found or identified 'Malware Symptoms' when it had not done so," the complaint stated. "Additionally, in numerous instances, the PC Health Check Program falsely reported to consumers that the program had found 'infections' on the consumerâ(TM)s computer." According to the watchdog's complaint, the PC Health Check Program was incapable of finding malware. Support.com allegedly programmed the software so that whenever an Office Depot Company employee checked any one of four checkboxes describing a generic concern, like slowness, before the scan started, the scan would automatically report the detection of malware symptoms, and for a time, infections.Read Replies (0)
By msmash from Slashdot's my-way-or-highway department
Apple News Plus, the company's new magazine (and news) subscription service, is the latest offender because of how easy Apple makes it to subscribe. From a report: Just tap that "Try it Free" button, confirm your payment, and you're off to the races. Thing is, Apple forbids developers from making things seem quite this simple. Typically, Apple protects users from recurring fees by requiring developers to make those numbers so large on the screen that it's painfully obvious what you're getting into, how often you'll pay, and how to cancel if you decide you're not interested anymore. Here are some screenshots from Apple's dev website so you can see just how crystal-clear the developer "guidelines" are. For whatever reason, Apple decided that a cleaner, more attractive layout, one that hides some of the information it asks of developers, was the right choice for Apple News Plus.Read Replies (0)