By BeauHD from Slashdot's can't-get-off-the-hook-that-easy department
dryriver shares a report from the BBC: PayPal wrote to a woman who had died of cancer saying her death had breached its rules and that it might take legal action as a consequence. The firm has since acknowledged that the letter was "insensitive," apologized to her widower, and begun an inquiry into how it came to be sent.
Lindsay Durdle died on May 31 aged 37. She had been first diagnosed with breast cancer about a year-and-a-half earlier. The disease had later spread to her lungs and brain. PayPal was informed of Mrs Durdle's death three weeks ago by her husband Howard Durdle. He provided the online payments service with copies of her death certificate, her will and his ID, as requested. He has now received a letter addressed in her name, sent to his home in Bucklebury, West Berkshire. It was headlined: "Important: You should read this notice carefully." It said that Mrs Durdle owed the company about 3,200 pounds (~$4,200) and went on to say: "You are in breach of condition 15.4(c) of your agreement with PayPal Credit as we have received notice that you are deceased... this breach is not capable of remedy." According to a PayPal staff member, there were three possible explanations for how the letter was sent: a bug, a bad letter template, or human error. PayPal is continuing to work with Mr Durdle and has written off the debt in the meantime.Read Replies (0)
By BeauHD from Slashdot's gotta-collect-em-all department
He Who Has No Name writes: Those who remember Cody Wilson and Defense Distributed -- the self-described cryptoanarchist and his organization that published plans for 3D printable firearm parts, respectively -- also remember that not long after the plans for the printable Liberator single-shot pistol hit the web, the Department of State seized the Defense Distributed website and prohibited Wilson from publishing 3D printable firearm plans, claiming violations of ITAR -- the International Traffic in Arms Regulation, a U.S. law taxing and restricting the distribution of a wide variety of physical goods listed as having military value. Slashdot covered the website seizure here (the Department of Defense was initially misreported in sources to have been the agency responsible).
In both a First and Second Amendment win, the Second Amendment Foundation has settled with the Department of State after suing on behalf of Defense Distributed. Slashdot reader schwit1 shares an excerpt from the report: "Under terms of the settlement, the government has agreed to waive its prior restraint against the plaintiffs, allowing them to freely publish the 3-D files and other information at issue. The government has also agreed to pay a significant portion of the plaintiffs' attorney's fees, and to return $10,000 in State Department registration dues paid by Defense Distributed as a result of the prior restraint. Significantly, the government expressly acknowledges that non-automatic firearms up to .50-caliber -- including modern semi-auto sporting rifles such as the popular AR-15 and similar firearms -- are not inherently military."Read Replies (0)
By BeauHD from Slashdot's don't-mention-it department
Security researcher Patrick Wardle helped Apple fix a bug that would crash apps displaying the word "Taiwan" or the Taiwanese flag emoji. Some iPhones could be remotely crashed by something as simple as receiving a text message with the Taiwanese flag. Apple confirmed the fix in a security update Monday. Wired reports: "Basically Apple added some code to iOS with the goal that phones in China wouldn't display a Taiwanese flag," Wardle says, "and there was a bug in that code." Since at least early 2017, iOS has included that Chinese censorship function: Switch your iPhone's location setting to China, and the Taiwanese flag emoji essentially disappears from your phone, evaporating from its library of emojis and appearing as a "missing" emoji in any text that appears on the screen. That code likely represents a favor from Apple to the Chinese government, which for the last 70 years has maintained that Taiwan is a part of China and has no legitimate independent government.
But Wardle found that in some edge cases, a bug in the Taiwan-censorship code meant that instead of treating the Taiwan emoji as missing from the phone's library, it instead considered it an invalid input. That caused phones to crash altogether, resulting in what hackers call a "denial of service" attack that would let anyone crash a vulnerable device on command. Wardle's still not sure how many devices are affected, or what caused that bug to be triggered only in some iOS devices and not others, but he believes it has something to do with the phone's location and language settings. Wardle has more details of the bug on his blog.Read Replies (0)
By msmash from Slashdot's closer-look department
Sean Michael Kerner, writing for eSecurity Planet: Back in 1999, Eric Raymond coined the term "Linus' Law," which stipulates that given enough eyeballs, all bugs are shallow. Linus' Law, named in honor of Linux creator Linus Torvalds, has for nearly two decades been used by some as a doctrine to explain why open source software should have better security. In recent years, open source projects and code have experienced multiple security issues, but does that mean Linus' Law isn't valid? According to Dirk Hohndel, VP and Chief Open Source Officer at VMware, Linus' Law still works, but there are larger software development issues that impact both open source as well as closed source code that are of equal or greater importance. "I think that in every development model, security is always a challenge," Hohndel said. Hohndel said developers are typically motivated by innovation and figuring out how to make something work, and security isn't always the priority that it should be. "I think security is not something we should think of as an open source versus closed source concept, but as an industry," Hohndel said.Read Replies (0)
By msmash from Slashdot's up-next department
Jonathan S. Geller, reporting for BGR: Apple acquires an average of 15 to 20 companies a year, according to CEO Tim Cook. Of that number, we only hear about a couple, as most of these acquisitions or aqcui-hires are not consumer-facing, nor disclosed. However, we have exclusively learned that Apple is planning an interesting partnership and a potential acquisition of AgileBits, maker of the popular password manager 1Password. According to our source, after many months of planning, Apple plans to deploy 1Password internally to all 123,000 employees. This includes not just employees in Cupertino, but extends all the way to retail, too. Furthermore, the company is said to have carved out a deal that includes family plans, giving up to 5 family members of each employee a free license for 1Password. With more and more emphasis on security in general, and especially at Apple, there are a number of reasons this deal makes sense. We're told that 100 Apple employees will start using 1Password through this initiative starting this week, with the full 123,000+ users expected to be activated within the next one to two months.Read Replies (0)
By msmash from Slashdot's security-woes department
Security researchers have discovered a new malicious campaign that utilizes stolen D-Link certificates to sign malware. From a report: A lesser-known cyber-espionage group known as BlackTech was caught earlier this month using a stolen D-Link certificate to sign malware deployed in a recent campaign. "The exact same certificate had been used to sign [official] D-Link software; therefore, the certificate was likely stolen," says Anton Cherepanov, a security researcher for Slovak antivirus company ESET, and the one who discovered the stolen cert. Cherepanov says BlackTech operators used the stolen cert to sign two malware payloads -- the first is the PLEAD backdoor, while the second is a nondescript password stealer. According to a 2017 Trend Micro report, the BlackTech group has used the PLEAD malware in the past. Just like in previous attacks, the group's targets for these most recent attacks were again located in East Asia, particularly in Taiwan. The password stealer isn't anything special, being capable of extracting passwords from only four apps -- Internet Explorer, Google Chrome, Mozilla Firefox, and Microsoft Outlook.Read Replies (0)
By BeauHD from Slashdot's winners-and-losers department
An anonymous reader quotes a report from Bloomberg: About 56 percent of crypto startups that raise money through token sales die within four months of their initial coin offerings. That's the finding of a Boston College study that analyzed the intensity of tweets from the startups' Twitter accounts to infer signs of life. The researchers determined that only 44.2 percent of startups survive after 120 days from the end of their ICOs. The researchers, Hugo Benedetti and Leonard Kostovetsky, examined 2,390 ICOs that were completed before May.
Acquiring coins in an ICO and selling them on the first day is the safest investment strategy, Kostovetsky said in a phone interview. But many individual investors can't participate in ICOs, so this option isn't open to them. Still, all investors should probably sell their coins within the first six months, the study found. "What we find is that once you go beyond three months, at most six months, they don't outperform other cryptocurrencies," Kostovetsky said. "The strongest return is actually in the first month." The Boston College study also found that ICO returns are declining, as startups have becoming savvier about pricing coin offerings and more people have jumped into ICO investing. According to Bloomberg, "Returns of people who sold tokens on the first day they were listed on an exchange have been declining by four percentage points a month, Kostovetsky said."Read Replies (0)
By BeauHD from Slashdot's color-me-impressed department
1.1 billion-year-old bright pink pigments extracted from rocks deep beneath the Sahara desert in Africa are the oldest colors on record. They were discovered by scientists from The Australian National University (ANU), with support from Geoscience Australia and researchers in the United States and Japan. Phys.Org reports: Dr. Nur Gueneli from ANU said the pigments taken from marine black shales of the Taoudeni Basin in Mauritania, West Africa, were more than half a billion years older than previous pigment discoveries. The fossils range from blood red to deep purple in their concentrated form, and bright pink when diluted. The researchers crushed the billion-year-old rocks to powder, before extracting and analyzing molecules of ancient organisms from them.
"The precise analysis of the ancient pigments confirmed that tiny cyanobacteria dominated the base of the food chain in the oceans a billion years ago, which helps to explain why animals did not exist at the time," Dr. Gueneli said. Senior lead researcher Associate Professor Jochen Brocks from ANU said that the emergence of large, active organisms was likely to have been restrained by a limited supply of larger food particles, such as algae. "Algae, although still microscopic, are a thousand times larger in volume than cyanobacteria, and are a much richer food source," said. The study has been published in the journal PNAS.Read Replies (0)
China Internet Report 2018
Posted by News Fetcher on July 10 '18 at 02:40 AM
By msmash from Slashdot's closer-look department
At Rise Conference in Hong Kong on Tuesday, Abacus executive producer Ravi Hiranand, South China Morning Post technology editor Chua Kong Ho, and 500 Startups partner Edith Yeung presented China Internet Report 2018, highlighting the big names and wider trends shaping China's technology. The takeaway: China has nearly 3 times the number of internet users as the United States, and the gap will only widen: China has 772 million internet users, vastly more than the 292 million in the US. And there's still plenty of room to grow -- internet penetration is only at 55% in China, while in the US, it's 89%. Beijing is China's unicorn capital: Some of China's biggest tech giants may have started in Shenzhen, but Beijing leads the way with 31 tech unicorns. (Shenzhen has just 11!) China's internet giants are doing everything: From streaming video to self-driving cars, the big three (Baidu, Alibaba and Tencent) are present in almost every tech sector, either by investing in startups or by building it themselves. Government policy continue to actively shape China's tech industry. China's online shopping giants are going offline. China loves short videos. WeChat's mini-programs are cementing its place as China's virtual mobile operating system: Mini-programs, which are no bigger than 10 megabytes and running in the WeChat app are gaining ground -- WeChat now hosts 1 million mini-apps, and the number of people who use them daily is expected to reach 400 million. China lags behind the US in AI, but the government wants to catch up -- soon. China is making smart speakers but Chinese users aren't buying them: There are now over 100 smart speaker developers in the country (including all of the tech giants), but demand isn't there yet -- in 2017, only 350,000 smart speakers were sold in China, compared to 25 million in the US. China is now the world's biggest gaming market: It accounts for more than aquarter of the world's total gaming revenue (the US is close behind in second). And it's dominated by two players: Tencent and NetEase, who jointly have over 60% market share in China.Read Replies (0)
By BeauHD from Slashdot's state-to-state department
hackingbear writes: A team of scientists from China, the U.S., and U.K. successfully turned nitrogen, the dominant gas in Earth's atmosphere, into a metallic fluid by subjecting it to the extreme pressure and temperature conditions found deep inside the Earth and other planets. Their findings have been published in the journal Nature Communications . "Our findings could inform the efforts to create forms of energetic nitrogen polymers as well as superconducting, metallic states of a sister diatomic molecule, hydrogen or H2, which could revolutionize the energy sector if reliably synthesized," according to team member Nicholas Holtgrewe. The project was funded by by the (U.S.) National Science Foundation, the (U.S.) Army Research Office, the National Natural Science Foundation of China, the Chinese Academy of Science, the British Council Researcher Links Program, and other sources. According to EurekAlert, "The researchers found that the temperature at which nitrogen transitions from insulating to metallic decreases as the pressure increases -- starting at about 1,180,000 times normal atmospheric pressure (120 gigapascals) and 2,720 degrees Celsius (3,000 kelvin)." "This means that, theoretically, nitrogen would remain in its diatomic state in the Earth's mantle but would disassociate into a fluid metal in or just above the core, which potentially has implications for our understanding of the planet's deep nitrogen cycle," said team member Sergey Lobanov.Read Replies (0)