By BeauHD from Slashdot's behind-the-scenes department
hmckee writes: OSNews was offline for a few days for upgrades. It is now back up with a message that indicates they encountered a data breach and considered going offline for good due to maintenance and financial difficulties. "Our best guess is that someone was able to exploit a vulnerability in old, unmaintained code in the site's content management system, and made off with at least some user data, which may be as little as a few user records or, at worst, our entire database," writes Publisher David Adams. "Your email addresses were in there, and the encryption on the passwords wasn't up to modern standards (unsalted SHA1). [...] Other than potential spam, though, we're not aware of any other nefarious use of your data, we don't store much beyond email addresses and passwords..." David goes on to cite poor advertising revenues and a lack of time for reasons to throw in the towel and go offline permanently.Read Replies (0)
By BeauHD from Slashdot's lie-through-your-teeth department
An anonymous reader quotes a report from Ars Technica: A new lawsuit filed against Comcast details an extensive list of lies the cable company allegedly told customers in order to hide the full cost of service. Minnesota Attorney General Lori Swanson sued Comcast in Hennepin County District Court on December 21, seeking refunds for all customers who were harmed by Comcast's alleged violations of the state's Prevention of Consumer Fraud Act and Uniform Deceptive Trade Practices Act. The complaint alleges, among other things, that Comcast reps falsely told customers that the company's "Regional Sports Network (RSN)" and "Broadcast TV" fees were mandated by the government and not controlled by Comcast itself. These two fees, which are not included in Comcast's advertised rates, have gone up steadily and now total $18.25 a month.
Comcast has responded to some lawsuits -- including this one -- by saying that the company had already stopped the practices that triggered the court actions. But Minnesota says that Comcast's lies about the sports and broadcast fees continued into 2017, which is after Comcast knew about identical allegations raised in a separate class action complaint filed in 2016. (That case was settled out of court.) When contacted by Ars, a Comcast spokesperson yesterday said that "our policy is to be very clear to our customers about the broadcast TV and RSN fees and [tell them] that these are not government-mandated fees." But employees make mistakes, the Comcast spokesperson said. "Employees may go off script and incorrectly characterize things, but that is not in line with our policy because [the broadcast TV and sports charges] are not government-mandated fees," Comcast said. According to Massachusetts Attorney General Maura Healey, Comcast agreed in November to pay $700,000 in refunds "and cancel debts for more than 20,000 Massachusetts customers" to settle allegations that it used deceptive advertising to promote long-term cable contracts.Read Replies (0)
By msmash from Slashdot's up-next department
An anonymous reader shares a report: Still using your ex-roommates cable credentials to watch "Game of Thrones?" That may soon be getting a lot harder, thanks to new efforts to crack down on password sharing for pay TV and online video services. One of these efforts, launched by London-based Synamedia ahead of next week's Consumer Electronics Show (CES), even uses artificial intelligence to uncover notorious password sharers. Credentials Sharing Insight, as the new service is being called, targets both casual password sharing as well as criminal enterprises looking to resell pay TV login information. However, the focus clearly is on friends and family taking their generosity a bit too far, explained Symanedia chief product officer Jean-Marc Racine in an interview with Variety this week.
[...] Most services have tried to curtail password sharing by limiting the number of simultaneous streams, with little else to go by to identify abuse. "Today, you are in the dark," he said. Synamedia's solution on the other hand digs through lots of data to cluster users based on their streaming behavior. This can include user's physical location (someone streaming from both coasts at the same time) as well as general usage patterns (someone streaming 24/7). The company can even take a look at the specific content streamed by a user to identify unusual patterns. Based on these clues, Synamedia trains models to score users on a scale of 1 to 10, indicating whether they are likely sharing their passwords or not.Read Replies (0)
By msmash from Slashdot's a-lot-of-work-ahead department
Rather than serving up platitudes about innovation, the man charged with saving former unicorn Evernote says his priority this year is addressing the long list of user complaints. From a report: Despite some progress, Evernote continued to struggle last year, cutting 15 percent of its staff and losing many top executives.So what doesn't work? Lots of stuff, much of it very basic, new CEO Ian Small says: "Frankly, it's a bit disingenuous for me to try to get our most dedicated users all fired up about inventing the future of Evernote when exactly those same people are the ones who know best that sync doesn't always work right. Or that Evernote on Windows is a bit tired, and is missing features that are found on the Mac version. Or that each version of Evernote seems to work slightly differently, and exhibits its own unique collection of bugs and undesirable behaviors. Or that Evernote on mobile devices sometimes feels like a pared-down version of a powerful desktop app, instead of a mobile-first view into a powerful cloud-enabled productivity environment." Small says these problems have lingered for years and were well-known, but he didn't want to get into why they weren't fixed sooner. Instead, he promises the main focus of 2019 will be dealing with these and numerous other issues.Read Replies (0)
By msmash from Slashdot's in-the-aftermath department
Throughout 2018, researchers inside and outside Intel continued to find exploitable weaknesses related to Meltdown and Spectre class of "speculative execution" vulnerabilities. Fixing many of them takes not just software patches, but conceptually rethinking how processors are made. From a report: At the center of these efforts for Intel is STORM, the company's strategic offensive research and mitigation group, a team of hackers from around the world tasked with heading off next-generation security threats. Reacting to speculative execution vulnerabilities in particular has taken extensive collaboration among product development teams, legacy architecture groups, outreach and communications departments to coordinate response, and security-focused research groups at Intel. STORM has been at the heart of the technical side. "With Meltdown and Spectre we were very aggressive with how we approached this problem," says Dhinesh Manoharan, who heads Intel's offensive security research division, which includes STORM. "The amount of products that we needed to deal with and address and the pace in which we did this -- we set a really high bar."
< article continued at Slashdot's in-the-aftermath department
>Read Replies (0)
By msmash from Slashdot's closer-look department
On Wednesday, Apple CEO Tim Cook issued a dire warning to his investors. Apple, the world's first trillion dollar company, lowered its revenue forecast for the first time since 2002, thanks primarily to China, he said. But there was at least one more issue at play.
Motherboard: The lengthy letter cites, specifically, that people are buying fewer iPhones because they are repairing their old ones. Apple has long fought efforts that would make iPhones easier to repair: It has lobbied against right to repair efforts in several states, doesn't sell iPhone replacement parts, sued an independent repair professional in Norway, worked with Amazon to get iPhone and MacBook refurbishers kicked off Amazon Marketplace, and has deals with electronics recyclers that require them to shred iPhones and MacBooks (as opposed to allowing them to be refurbished.) The Department of Homeland Security, meanwhile, has seized iPhone replacement parts from prominent right to repair activists in the United States.
[...] Apple has never clearly articulated why it doesn't want people to fix their own iPhones or to have independent experts repair them. It has previously said that iPhones are "too complex" for users to repair them, even though replacing a battery is pretty easy and is done by average users all the time. But the fact that repair hurts Apple's bottom line came out in Cook's official communication with shareholders, who he is legally obligated to tell the truth to.Read Replies (0)
By msmash from Slashdot's important-questions department
dryriver writes: A relative of mine has been left with extremely low speech volume -- about 25% of a normal speaker -- and lack of high pitch capability after a major throat surgery. He cannot speak on the phone at all now -- you cannot hear him properly on the other end of the line, even though you can understand his speech OK when you are standing in the room next to him. Is there an assistive Android app that can:
1. Significantly boost the output volume (e.g. X 4) of the Android phone microphone he speaks into.
2. Add voice box, equalizer, autotune or audio filtering/bass boosting type audio effects in realtime to the microphone input to fix the speaker's pitch.
3. Can filter out background noise to some extent (so it doesn't get boosted as well).
4. Allows these effects to be used easily during phonecalls?
All the Android microphone/equalizer/megaphone type apps I've tried so far have huge problems -- some are novelty voice-changer apps for teens, some demand ridiculously broad permissions to everything on the phone including realtime location data of the user, some demand that an external mic is attached to the phone, some are too simple technically to do anything useful and some are advertising-fests that are plain unusable. Is there a good Android -- or iOS -- app for the speech impaired that would give this person a chance to make audio phonecalls on a smartphone again? Thanks for any advice!Read Replies (0)
By msmash from Slashdot's breaking-news department
Russian investigative agencies on Thursday indicted Whelan, a 48-year-old former U.S. Marine, on charges of spying, Interfax cited an informed source as saying. From a report: Mr. Whelan's lawyer, Vladimir A. Zherebenkov, who said he spent much of Wednesday with Mr. Whelan, said he had found his client in an upbeat mood despite the long legal road that he faces. "I was surprised to see him being so confident," said Mr. Zherebenkov, a high-profile criminal defense lawyer. Mr. Whelan, 48, the head of global security for the Michigan auto parts maker BorgWarner and a Marine Corps veteran, was arrested last Friday and is being held in solitary confinement in Moscow's notorious Lefortovo Prison. Russia's domestic security agency, the F.S.B., issued a brief statement on Monday saying that Mr. Whelan had been caught in "an act of espionage" but provided no other details.
Mr. Zherebenkov said that he had not seen all the evidence, but that he suspected that the American had been under surveillance for some time. "I presume that he is innocent, because for now I haven't seen any evidence against him that would prove otherwise," said Mr. Zherebenkov, who said that Mr. Whelan would petition the court for bail. Rosbalt, a Russian news agency close to the security services, quoted an unidentified intelligence source on Wednesday as saying that Mr. Whelan had been apprehended during a meeting with a Russian citizen in his room at the Metropol Hotel in Moscow. He is accused of trying to recruit this person to obtain classified information about staff members at various Russian agencies, the account said. Mr. Whelan was arrested five minutes after receiving a USB stick containing a list of all the employees at a classified security agency, the report said.Read Replies (0)
By msmash from Slashdot's security-woes department
Abine, the company behind the Blur password manager and the DeleteMe online privacy protection service, revealed on Monday a data breach impacting nearly 2.4 million Blur users, ZDNet reports. From the report: The breach came to light last year, on December 13, when a security researcher contacted the company about a server that exposed a file containing sensitive information about Blur users, an Abine spokesperson told ZDNet via email. The company said it followed this initial report with an internal security audit to determine the size of the breach. The audit concluded last week, and the company made the data leak public on Monday in a post on its blog. The data that was available on the web included each user's email addresses, some users' first and last names, some users' password hints but only from our old MaskMe product, and each user's encrypted Blur password.Read Replies (0)
By msmash from Slashdot's marching-forward department
A Chinese space probe successfully touched down on the far side of the moon on Thursday, China's space agency said, hailing the event as a historic first and a major achievement for the country's space program. From a report: The Chang'e-4 lunar probe, launched in December, made the "soft landing" at 0226 GMT and transmitted the first-ever "close range" image of the far side of the moon, the China National Space Administration said. The moon is tidally locked to Earth, rotating at the same rate as it orbits our planet, so most of the far side -- or "dark side" -- is never visible to us. Previous spacecraft have seen the far side, but none has landed on it. The landing "lifted the mysterious veil" of the far side of the moon and "opened a new chapter in human lunar exploration", the agency said in a statement on its website, which included a wide-angle color picture of a crater from the moon's surface.Read Replies (0)
By BeauHD from Slashdot's better-than-ever department
An anonymous reader quotes a report from The Verge: Speaking with Bloomberg last week, Sony's sensor division boss Satoshi Yoshihara said Sony plans to ramp up production of chips to power front and rear 3D cameras in late summer, responding to demand from multiple smartphone manufacturers. Though Yoshihara is geeked about the potential for augmented reality applications, the most intriguing aspect of this new tech would appear to be a better form of face identification than we currently have. The Face ID approach that Apple first brought into use on the iPhone X -- and others like Xiaomi, Huawei, and Vivo have since emulated -- works by projecting out a grid of invisible dots and detecting the user's face by the deformations of that grid in 3D space. Sony's 3D sensor, on the hand, is said to deploy laser pulses, which, much like a bat's echolocation, creates a depth map of its surroundings by measuring how long a pulse takes to bounce back. Sony's sensor chief argues this produces more detailed models of users' faces, plus it apparently works from as far away as five meters (16 feet).Read Replies (0)