By EditorDavid from Slashdot's thinking-of-the-children department
An anonymous reader quotes CBS News:
The governor of Washington state declared a state of emergency Friday over a measles outbreak that has sickened dozens of people in a county with one of the state's lowest vaccination rates. Gov. Jay Inslee said in a statement that the outbreak in Clark County "creates an extreme public health risk" that could spread throughout the state...
Clark County Public Health has confirmed 30 measles cases since January 1 and identified another nine suspected cases. Twenty-six of the confirmed cases were people who were not immunized for measles, the agency said... Only 77.4 percent of all public students there complete their vaccinations, according to state records cited by the Oregonian...Most of the confirmed cases -- 21 -- were with children between 1 and 10 years old. Eight cases involved people 11 to 18 years old, and one case was someone 19 to 29.
Time magazines also reports that authorities in the neighboring states of Oregon and Idaho "have issued warnings to residents."
In November the World Health Organization warned that measles cases worldwide had jumped more than 30% from 2016 to 2017, according to AFP, "in part because of children not being vaccinated."Read Replies (0)
By EditorDavid from Slashdot's robo-shop department
An anonymous reader quotes Fortune:
The future is now: Starting this week, Amazon is testing autonomous package delivery with adorable little robot vehicles in a northern Seattle suburb. Six of the Amazon Scouts, the company announced yesterday, are now delivering packages in Snohomish County in a trial run that complements its existing delivery options... The six-wheeled vehicles are fully electric and will move at "walking pace," for the time being only during daylight hours on weekdays while accompanied by Amazon employees for safety's sake.... [C]onsidering the drone delivery Prime Air program never got off the ground, Amazon Scout already seems like a more sensible solution to the last-mile problem: the time-intensive activity of getting packages from distribution centers to homes.
Wired points out some particular problems, though: "A delivery robot can't open gates without hands, and it can't climb steps to get right to your door. And if the robot requires the customer to enter a PIN to get the package out, how can the robot leave the package if you're not home?" And compared to the orderly structure of roads, sidewalks are pure chaos, with people, pets and objects sharing the space. Whether autonomous delivery vehicles are allowed to share the sidewalks varies by state and by city too; San Francisco has severely restricted them since 2017. Amazon's road test in Seattle may determine whether the delivery method finally arrives.Read Replies (0)
By EditorDavid from Slashdot's mis-delivered-packages department
"Time and again, security experts and vendors alike will recommend to organizations and end users to keep software and systems updated with the latest patches," reports eWeek. "But what happens when the application infrastructure that is supposed to deliver those patches itself is at risk?"
That's what open-source and Linux users were faced with this past week with a pair of projects reporting vulnerabilities. On January 22, the Debian Linux distribution reported a vulnerability in its APT package manager that is used by end users and organizations to get application updates. That disclosure was followed a day later, on January 23, with the PHP PEAR (PHP Extension and Application Repository) shutting down its primary website, warning that it was the victim of a data breach. PHP PEAR is a package manager that is included with many Linux distributions as part of the open-source PHP programming language binaries....
In the Debian APT case, a security researcher found a flaw, reported it, and the open-source project community responded rapidly, fixing the issue. With PHP PEAR issue, researchers with the Paranoids FIRE (Forensics, Incident Response and Engineering) Team reported that they discovered a tainted file on the primary PEAR website... Both PHP PEAR and Debian have issued updates fixing their respective issues. While both projects are undoubtably redoubling their efforts now with different security technologies and techniques, the simple fact is that the two issues highlight a risk with users trusting updating tools and package management systems.Read Replies (0)
By EditorDavid from Slashdot's cross-country-crossfire department
A Canadian diplomat on Thursday contradicted what he'd said on Wednesday, according to a story shared by hackingbear:
John McCallum, Canada's ambassador in China, appeared to provide legal advice to Meng Wanzhou, who is fighting extradition to the U.S. over fraud allegations. Saying she had a "strong case", McCallum outlined numerous weaknesses of the legal proceedings: political interference from Donald Trump, the extraterritorial nature of the charges and the fact that Canada is not party to American sanctions against Iran.
"I regret that my comments with respect to the legal proceedings of Ms Meng have created confusion. I misspoke," McCallum said in a statement released late on Thursday afternoon. "These comments do not accurately represent my position on the issue. As the government has consistently made clear, there has been no political involvement in this process."
But ABC News reports that the same diplomat then said Friday that it would be "great" for Canada if the U.S. dropped its extradition request, "in what seem like off script remarks again...."
"The Canadian government didn't return multiple messages in response to questions about whether McCallum is speaking for the Canadian government."Read Replies (0)
By EditorDavid from Slashdot's Russian-reversal department
"Russian oligarchs and Kremlin apparatchiks may find the tables turned on them," writes Kevin Poulsen at The Daily Beast, reporting on a new leak site that's unleashed "a compilation of hundreds of thousands of hacked emails and gigabytes of leaked documents."
"Think of it as WikiLeaks, but without Julian Assange's aversion to posting Russian secrets." Slashdot reader hyades1 shared their report:
The site, Distributed Denial of Secrets, was founded last month by transparency activists. Co-founder Emma Best said the Russian leaks, slated for release Friday, will bring into one place dozens of different archives of hacked material that, at best, have been difficult to locate, and in some cases appear to have disappeared entirely from the web. "Stuff from politicians, journalists, bankers, folks in oligarch and religious circles, nationalists, separatists, terrorists operating in Ukraine," said Best, a national-security journalist and transparency activist. "Hundreds of thousands of emails, Skype and Facebook messages, along with lots of docs...."
The site is a kind of academic library or a museum for leak scholars, housing such diverse artifacts as the files North Korea stole from Sony in 2014, and a leak from the Special State Protection Service of Azerbaijan.
< article continued at Slashdot's Russian-reversal department
>Read Replies (0)
By EditorDavid from Slashdot's game-over department
"Three men allegedly conspired with admitted 'swatter' Tyler Barriss to make hoax reports of bombs and murders to police departments, high schools and a convention center across the United States, according to three indictments unsealed today," reports America's Department of Justice.
An anonymous reader quotes NBC News:
The three people charged -- Neal Patel, 23, of Des Plaines, Illinois; Tyler Stewart, 19, of Gulf Breeze, Florida; and Logan Patten, 19, of Greenwood, Missouri -- are not accused in the "swatting" call allegedly made by another man that preceded the police shooting of Andrew Finch, a 28, in Wichita on Dec. 28, 2017. But they are accused of asking the suspect in the fatal Kansas case, Tyler Barriss, through Twitter direct messages to make false reports of bombs or threats of shootings that would trigger a law enforcement response and the evacuation of buildings against other targets, including a high school and a Dallas video game tournament....
Patel allegedly conspired with Barriss to make false reports to police in Milford, Connecticut, in December of 2017, and to make a false bomb threat targeting a video game convention in Dallas, according to the U.S. Attorney's Office for the Central District of California in Los Angeles. Stewart is accused of conspiring with Barriss to make two false bomb threats about a high school in Gurnee, Illinois, in early December of 2017, and Patten is charged with hiring Barriss to "swat" people in Indiana and Ohio, also in December of 2017, and of scheming with Barriss to "swat" a high school in Missouri, according to prosecutors.
After this week's arrests, the three men each face up to 15 years in federal prison. Patel allegedly also used "unauthorized" credit cards to pay Barriss -- and now faces two more bank fraud charges which each carry up to 30 years in federal prison.
< article continued at Slashdot's game-over department
>Read Replies (0)
By BeauHD from Slashdot's back-to-normal department
The president of a top-10 maker of solar panels said the global solar power industry is about to lose a major competitive windfall as prices of Chinese-made solar panels begin to recover after a collapse last year. "The party is definitely over," said Eric Luo, president of China's GCL System Integration Technology Co. Reuters reports: Solar panel prices tumbled around 30 percent last year after China, the world's largest producer, cut subsidies to shrink its bloated solar industry, pushing smaller manufacturers to the brink of collapse. To raise cash and stay afloat, manufacturers cleared inventory and diverted sales offshore, sending prices into a downward spiral - offering up a windfall for solar power generators and investors in solar farms.
Luo, speaking to Reuters at the World Economic Forum in the Swiss ski resort of Davos this week, said GCL's vertically integrated business model cushioned it from the downturn in prices as its solar farms benefited from cheaper panels. The pain will mostly be felt by smaller Chinese producers, which lack international supply chains, triggering industry consolidation or forcing them to close, he added. Luo said solar panel prices were already stabilizing and he expected them to rebound by 10 to 15 percent as the Chinese industry consolidates over the next year or two. Luo also said that China was getting to the point where the solar industry could operate without any form of subsidy. Northwest China, where the sun is more plentiful and land is less expensive, has already reached that point, he said.Read Replies (0)
By BeauHD from Slashdot's medical-advances department
An anonymous reader quotes a report from The Guardian: People who stutter are being given electrical brain stimulation in a clinical trial aimed at improving fluency without the need for grueling speech training. If shown to be effective, the technique -- which involves passing an almost imperceptible current through the brain -- could be routinely offered by speech therapists. The latest treatment, which is combined with fluency training, is not expected to completely cure people of their stutter but could potentially give them more control over it. The brain stimulation, known as transcranial direct current stimulation (tDCS), involves strapping electrodes on each temple and then passing a current through the head. The current is weak enough that people are either oblivious to the electrodes being switched on or feel just a slight tingling.
The stimulation increases the firing rate of neurons in certain brain regions, which scientists believe could make it quicker to learn thought patterns associated with fluent speech, and make the effects of training more permanent. In the trial, the 40 participants are asked to speak in time with a metronome, saying one syllable on every beat. During this task, people who stutter typically become completely fluent. "The idea is that if you stimulate them while they're fluent, you're reinforcing that fluent speech process," said Jennifer Chesters, a speech and language researcher at the University of Oxford who is involved in the trial. "And hopefully that will make it more likely for them to use that process in their normal life." Each time a neuron fires in the brain, its connections with neighbouring neurons are strengthened or weakened slightly -- this is how learning occurs. With stimulation, the threshold for neurons firing is lower, so this could accelerate the rewiring that occurs during fluency training.Read Replies (0)
By BeauHD from Slashdot's follow-the-data department
A paper in Nature Human Behaviour this week drew on the listening data of nearly a million Spotify listeners from around the world, describing the daily and seasonal variations in how people listen. The researchers suggest that the results point to a universal human habit that probably sounds familiar: choosing your music to both match and change your mood. Ars Technica reports: The researchers took data from listeners in 51 countries, making sure that their samples matched the demographics of each country but otherwise selecting users randomly. Using Spotify-provided data on the music, they tracked a variable they called musical intensity, "ranging from highly relaxing (acoustic, instrumental, ambient, and flat or low tempo) to highly energetic (strong beat, danceable, loud, and bouncy)." Those intensity preferences tracked daily rhythms more or less exactly as you might expect: lower-intensity songs in the morning, rising until normal work hours, then staying steady before dropping off in the evening, with weekends looking a little different. These results matched up neatly with a previous study tracking emotions in Twitter users' speech, but it differed on one point: language showed an afternoon slump, but there was no such slump in the music choices. It's possible, the authors suggest, that people might be choosing music that gives them a boost.
< article continued at Slashdot's follow-the-data department
>Read Replies (0)
By BeauHD from Slashdot's worse-than-previously-thought department
An anonymous reader quotes a report from TechCrunch: [M]illions of documents were found leaking after an exposed Elasticsearch server was found without a password. The documents contained highly sensitive financial data on tens of thousands of individuals who took out loans or mortgages over the past decade with U.S. financial institutions. The documents were converted using a technology called OCR from their original paper documents to a computer readable format and stored in the database, but they weren't easy to read. That said, it was possible to discern names, addresses, birth dates, Social Security numbers and other private financial data by anyone who knew where to find the server. Independent security researcher Bob Diachenko and TechCrunch traced the source of the leaking database to a Texas-based data and analytics company, Ascension. When reached, the company said that one of its vendors, OpticsML, a New York-based document management startup, had mishandled the data and was to blame for the data leak.
< article continued at Slashdot's worse-than-previously-thought department
>Read Replies (0)
By BeauHD from Slashdot's mark-your-calendar department
Twitter user Till Kottmann used a shortcut accidentally hidden in a puzzle Google tweeted out this morning to figure out that the company's next I/O developer conference will be taking place at the Shoreline Amphitheater in Mountain View, CA starting May 7th. The Verge reports: Typically, the I/O puzzle takes a little longer to solve. This year, Google tweeted out an enigmatic, 12-line block of tweet with an accompanying URL that led to a video with equally enigmatic voiced narration of said text, put to a string of cryptic images and some pleasant ambient music. It's not entirely clear what Google was going for here, but it's safe to say it was likely some form of programming puzzle that most standard Twitter users would not have been able to easily decode.
Duplex will certainly be a hot topic at this year's I/O, as well as the standard updates to Google Lens, Maps, and News, as well as the next version of Android. Hanging over the company's developer efforts this year, however, will be increased scrutiny around Google's plans to work with the US military, following backlash over its involvement with a Department of Defense drone project it has pledged to distance itself from, and the continued murkiness around its plans to launch a search product for the China market.Read Replies (0)
By BeauHD from Slashdot's hands-off-approach department
An anonymous reader quotes a report from Gizmodo: Newly unsealed court documents show that Facebook was aware that underage children routinely used their parents' payment information to spend large sums of money on in-game purchases, and the company chose not to fix the problem. For years, it allowed for what it called "friendly fraud" because it feared implementing protections would harm revenue, according to the documents. In 2016, Facebook settled a class-action lawsuit brought by parents of children who were tricked into unwittingly making purchases with real money while playing free video games hosted on the social media platform. Despite its recognition of the problem, internal discussions show that Facebook decided it would be best to fight refund requests and allow the problem to persist. Documents related to the case were placed under seal because Facebook successfully argued that releasing them to the public could harm its business. Reveal, a publication run by the Center for Investigative Reporting, argued that these documents were in the public interest; last week, a judge granted Reveal's request to release the documents. On Thursday night, 135 pages from the court proceedings were unsealed, though Facebook was allowed to maintain some redactions.Read Replies (0)
By msmash from Slashdot's closer-look department
In October last year, Bloomberg Businessweek published an alarming story: Operatives working for China's People's Liberation Army had secretly implanted microchips into motherboards made in China and sold by U.S.-based Supermicro.
While Bloomberg's story -- which has been challenged by numerous players -- may well be completely (or partly) wrong, the danger of China compromising hardware supply chains is very real, judging from classified intelligence documents, reports The Intercept.
From the report: U.S. spy agencies were warned about the threat in stark terms nearly a decade ago and even assessed that China was adept at corrupting the software bundled closest to a computer's hardware at the factory, threatening some of the U.S. government's most sensitive machines, according to documents provided by National Security Agency whistleblower Edward Snowden. The documents also detail how the U.S. and its allies have themselves systematically targeted and subverted tech supply chains, with the NSA conducting its own such operations, including in China, in partnership with the CIA and other intelligence agencies. The documents also disclose supply chain operations by German and French intelligence.
What's clear is that supply chain attacks are a well-established, if underappreciated, method of surveillance -- and much work remains to be done to secure computing devices from this type of compromise. "An increasing number of actors are seeking the capability to target ... supply chains and other components of the U.S. information infrastructure," the intelligence community stated in a secret 2009 report. "Intelligence reporting provides only limited information on efforts to compromise supply chains, in large part because we do not have the access or technology in place necessary for reliable detection of such operations."Read Replies (0)
By msmash from Slashdot's meanwhile-in-domain-registry-world department
ICANN has responded to a request for it to reduce the $25,000 annual fee it charges gTLD registries. The answer is no. From a report: That wholly unsurprising reply came in a letter from registry services director Russ Weinstein to John McCabe, CEO of failing new gTLD operator Who's Who Registry. McCabe, in November, had asked ICANN to reduce its fees for TLDs, such as its own .whoswho, that have zero levels of abuse. ICANN fees are the "single biggest item" in the company's budget, he said. His request coincided with ICANN commencing compliance proceedings against the company for failure to pay these fees.
Weinstein wrote, in a letter [PDF] published today: "We sympathize with the financial challenges that some new gTLD registry operators may be facing in the early periods of these new businesses. New gTLD operators face a challenging task of building consumer awareness and this can and may take significant time and effort." But he goes on to point out that the $25,000-a-year fee was known to all applicants before they applied, and had been subject to numerous rounds of public comment before the Applicant Guidebook was finalized.Read Replies (0)