By BeauHD from Slashdot's consumer-focused department
Microsoft is working on a new "Microsoft 365 Consumer" bundle that "will be the consumer-focused complement to Microsoft's existing Microsoft 365 subscription bundle for business users," reports ZDNet. From the report: A couple of recent Microsoft job postings mention the consumer subscription bundle, which Microsoft has yet to announce publicly. One job posting for a Product Manager for the "M365 Consumer Subscription" notes: "The Subscription Product Marketing team is a new team being created to build and scale the Microsoft 365 Consumer Subscription." The job description says the product manager for this service will help "identify, build, position and market a great new Microsoft 365 Consumer Subscription."
The job post notes that the team behind Microsoft 365 Consumer oversees the Windows platform, the Microsoft Surface device portfolio, Office 365 consumer plans, Skype, Cortana, Bing search, as well as the Microsoft Education team. If I were betting on what Microsoft 365 Consumer might include, I'd think some variant of Windows 10, Office 365 Home, Skype, Cortana, Bing, Outlook Mobile, Microsoft To-Do and maybe MSN apps and services could figure into the picture. Maybe this subscription will be tied to Surface devices only? Maybe a monthly leasing fee for Surfaces will be part of the bundle itself?Read Replies (0)
By BeauHD from Slashdot's add-it-to-the-list department
After securing a win in court earlier this week to ban Apple's older phones, Qualcomm is trying to get the newer iPhones banned too. "According to the Financial Times, Qualcomm has now asked Chinese courts to issue an injunction that bans Apple from selling the iPhone XS, XS Max, and XR within the country due to the same case of possible patent infringement," reports The Verge. From the report: The new filing will escalate the companies' legal conflict in China, where Apple has so far ignored a court-ordered sales ban. Apple claims the ban only applied to phones running iOS 11 and earlier. Since its phones have now been updated to iOS 12, Apple believes they can remain on sale, and so it has continued to sell them. According to the Financial Times, the Chinese court's order doesn't specifically mention any version of Apple's operating system. That doesn't necessarily mean Apple is wrong, but it does mean that there's more to be hashed out.Read Replies (0)
By BeauHD from Slashdot's security-breaches department
An anonymous reader quotes a report from Ars Technica: A recent phishing campaign targeting U.S. government officials, activists, and journalists is notable for using a technique that allowed the attackers to bypass two-factor authentication protections offered by services such as Gmail and Yahoo Mail, researchers said Thursday. The event underscores the risks of 2fa that relies on one-tap logins or one-time passwords, particularly if the latter are sent in SMS messages to phones.
Attackers working on behalf of the Iranian government collected detailed information on targets and used that knowledge to write spear-phishing emails that were tailored to the targets' level of operational security, researchers with security firm Certfa Lab said in a blog post. The emails contained a hidden image that alerted the attackers in real time when targets viewed the messages. When targets entered passwords into a fake Gmail or Yahoo security page, the attackers would almost simultaneously enter the credentials into a real login page. In the event targets' accounts were protected by 2fa, the attackers redirected targets to a new page that requested a one-time password. "In other words, they check victims' usernames and passwords in realtime on their own servers, and even if 2 factor authentication such as text message, authenticator app or one-tap login are enabled they can trick targets and steal that information too," Certfa Lab researchers wrote. "We've seen [it] tried to bypass 2fa for Google Authenticator, but we are not sure they've managed to do such a thing or not," the Certfa representative wrote. "For sure, we know hackers have bypassed 2fa via SMS."Read Replies (0)
By BeauHD from Slashdot's surprisingly-progressive-for-Louisiana department
Louisiana is rolling out a new digital driver's license app, called LA Wallet, that will let retailers digitally verify the age of their customers, if required. "According to IEEE Spectrum, Louisiana's Office of Alcohol and Tobacco Control is expected to announce that bars, restaurants, grocery stores and other retails are allowed to accept LA Wallet as proof of age, according to the app's developer, Envoc." From the report: The Baton Rouge-based company launched LA Wallet in June, after two years of collaboration with state officials. But so far only law enforcement officers making routine traffic stops are required to accept the digital driver's license. Next week's announcement would greatly broaden the scope of the app's use. About 71,000 people have downloaded LA Wallet so far, says Calvin Fabre, founder and president of Envoc. The app costs $5.99 in the Google Play and Apple App stores. Users buy it, create an account with some basic information from their physical driver's license, and create a password. That's it. No biometric security -- like iris scans or facial recognition -- required. The app links back to Louisiana's Office of Motor Vehicles database, which completes the digital license with the user's photo and additional information. Any changes to the license, like a suspension or renewal, are updated immediately in the app with a wireless network connection.
< article continued at Slashdot's surprisingly-progressive-for-Louisiana department
>Read Replies (0)
By BeauHD from Slashdot's important-decisions department
In a blog post today, Google detailed how its facial recognition technology will and won't be used. Citing a number of risks associated with the technology, the company vowed to refrain from selling facial recognition products until it can come up with policies that prevent abuse. Engadget reports: "Like many technologies with multiple uses, facial recognition merits careful consideration to ensure its use is aligned with our principles and values, and avoids abuse and harmful outcomes," Google said. "We continue to work with many organizations to identify and address these challenges, and unlike some other companies, Google Cloud has chosen not to offer general-purpose facial recognition APIs before working through important technology and policy questions." "This is a strong first step," the ACLU's Nicole Ozer said in a statement about Google's announcement. "Google today demonstrated that, unlike other companies doubling down on efforts to put dangerous face surveillance technology into the hands of law enforcement and ICE, it has a moral compass and is willing to take action to protect its customers and communities. Google also made clear that all companies must stop ignoring the grave harms these surveillance technologies pose to immigrants and people of color, and to our freedom to live our lives, visit a church, or participate in a protest without being tracked by the government."Read Replies (0)
By msmash from Slashdot's about-time department
Microsoft said in 2015 that it would build OpenSSH, a set of utilities that allow clients and servers to connect securely, into Windows, while also making contributions to its development. Neowin: Since then, the company has delivered on that promise in recent releases of Windows 10, being introduced as a feature-on-demand in version 1803. However, Windows Server hadn't received the feature until now, at least not in an officially supported way -- Windows Server version 1709 included it as a pre-release feature. But that's finally changed, as Microsoft this week revealed that Windows Server 2019, which was made available (again) in November, includes OpenSSH as a supported feature.Read Replies (0)
By msmash from Slashdot's new-lows department
When the Trump administration laid out a plan this year that would eventually allow cars to emit more pollution, automakers, the obvious winners from the proposal, balked. The changes, they said, went too far even for them. But it turns out that there was a hidden beneficiary of the plan that was pushing for the changes all along: the nation's oil industry. From an investigation by The New York Times: In Congress, on Facebook and in statehouses nationwide, Marathon Petroleum, the country's largest refiner, worked with powerful oil-industry groups and a conservative policy network financed by the billionaire industrialist Charles G. Koch to run a stealth campaign to roll back car emissions standards, a New York Times investigation has found. The campaign's main argument for significantly easing fuel efficiency standards -- that the United States is so awash in oil it no longer needs to worry about energy conservation -- clashed with decades of federal energy and environmental policy.
"With oil scarcity no longer a concern," Americans should be given a "choice in vehicles that best fit their needs," read a draft of a letter that Marathon helped to circulate to members of Congress over the summer. Official correspondence later sent to regulators by more than a dozen lawmakers included phrases or sentences from the industry talking points, and the Trump administration's proposed rules incorporate similar logic. The industry had reason to urge the rollback of higher fuel efficiency standards proposed by former President Barack Obama. A quarter of the world's oil is used to power cars, and less-thirsty vehicles mean lower gasoline sales.Read Replies (0)
By msmash from Slashdot's tussle-continues department
An anonymous reader writes: A new variant of the Shamoon malware was discovered on the network of an Italian and UAE oil and gas companies. While the damage at the UAE firm is currently unknown, the malware has been confirmed to have destroyed files on about ten percent of the Italian company's PC fleet.
Shamoon is one of the most dangerous strains of malware known to date. It was first deployed in two separate incidents that targeted the infrastructure of Saudi Aramco, Saudi Arabia's largest oil producer, in 2012 and 2016. During those incidents, the malware wiped files and replaced them with propaganda images (burning US flag, body of Alan Kurdi). The 2012 attack was devastating in particular, with Shamoon wiping data on over 30,000 computers, crippling the company's activity for weeks. Historically, the malware has been tied to the Iranian regime, but it's unclear if Iranian hackers were behind this latest attacks. This new Shamoon version was revealed to the world when an Italian engineer uploaded the malware on VirusTotal, triggering detections at all major cyber-security firms across the globe.Read Replies (0)
By msmash from Slashdot's circle-of-life department
Buyers return a huge number of packages they buy from Amazon and other e-commerce sites, so much so that retailers are sometimes left with little choice but to get rid of large swaths of inventory at a cost. Last year, customers in the U.S. returned about $351 billion worth of items that they had purchased from brick-and-mortar retailers and online stores, according to estimates by National Retail Federation. CNBC: There's a good chance that the $100 printer, the $300 wide-screen monitor, or the $170 router you recently bought from Amazon weren't supplied to the e-commerce giant by their original manufacturers. In fact, the order may have been fulfilled by someone like Casey Parris, who resells items that customers previously returned to retailers. Based in Florida, Parris spends about five hours each day visiting thrift stores and scanning auction and liquidation websites for interesting items, he told CNBC. Sometimes he finds auto parts, other times it's a pair of sneakers, and occasionally he purchases printer cartridges -- all with the goal of reselling them.
Walter Blake, who lives in Michigan, does the same. For years, he's been selling electronic items on Amazon that he acquires from a network of places. Blake and Parris are part of a growing cottage industry where dealers acquire discarded items at very low prices, only to resell some of them back on Amazon and eBay at a premium.Read Replies (0)
By msmash from Slashdot's elephant-in-the-room department
The blockchain system has daunting technical problems to fix. But first, its disciples need to figure out how to govern themselves. From a report: The handful of idealistic researchers, developers, and administrators in charge of maintaining its software are under increasing pressure to overcome technical limitations that stymie the network's growth. At the same time, well-funded competitors have emerged, claiming that their blockchains perform better. Crackdowns by regulators, and a growing understanding of how far most blockchain applications are from ready for prime time, have scared many cryptocurrency investors away: Ethereum's market value in dollars has fallen more than 90% since its peak last January.
The reason Devcon (the annual "family reunion" organized by the Ethereum Foundation; this year's edition was held in October) feels so upbeat despite these storm clouds is that the people building Ethereum have something bigger in mind -- something world-changing, in fact. Yet to achieve its goal, this ragtag community needs to crack a problem as complicated as any of the toe-curling technical challenges it faces: how to govern itself. It must find a way to organize a scattered global network of contributors and stakeholders without sacrificing "decentralization" -- the principle, which any cryptocurrency community strives for, that no one entity or group should be in control.Read Replies (0)
By msmash from Slashdot's security-woes department
Forbes magazine tested four of the most popular handsets running Google's operating systems and Apple's iPhone to see how easy it'd be to break into them with a 3D-printed head. All of the Android handsets opened with the fake. Apple's phone, however, was impenetrable. From the report: For our tests, we used my own real-life head to register for facial recognition across five phones. An iPhone X and four Android devices: an LG G7 Linq, a Samsung S9, a Samsung Note 8 and a OnePlus 6. I then held up my fake head to the devices to see if the device would unlock. For all four Android phones, the spoof face was able to open the phone, though with differing degrees of ease. The iPhone X was the only one to never be fooled.
There were some disparities between the Android devices' security against the hack. For instance, when first turning on a brand new G7 Linq, LG actually warns the user against turning facial recognition on at all. No surprise then that, on initial testing, the 3D-printed head opened it straightaway. [...] The OnePlus 6 came with neither the warnings of the other Android phones nor the choice of slower but more secure recognition.Read Replies (0)
By msmash from Slashdot's good-samaritan department
Apple said Thursday it plans to invest $1 billion building a new corporate campus in Austin, Texas, that could eventually create 15,000 jobs. From a report: The iPhone maker will also set up new offices in Seattle, San Diego and Culver City, Los Angeles County, as well as expanding operations in Pittsburgh, New York and Boulder, Colorado, according to the press release.
The Austin campus will be located less than a mile away from Apple's existing facilities in the Texas city, which already employ 6,200 people (its largest group of employees outside Cupertino). The new area will initially hold 5,000 employees, with capacity to grow to 15,000 over time.Read Replies (0)
By BeauHD from Slashdot's bitter-legal-battles department
An anonymous reader quotes a report from CNBC: Tesla is seeking more than $167 million in a lawsuit against former employee Martin Tripp, recent legal filings revealed. In the lawsuit, which was filed by the electric car maker in June, Tesla alleges that Tripp, a former process engineer, had illegally exported data and made false claims to reporters, among other things. Tripp had earlier claimed in a number of press interviews that Tesla engaged in poor manufacturing practices at its massive battery plant outside of Reno, Nevada, and that it may have used damaged battery modules in its Model 3 vehicles, posing a risk to drivers.
An interim case management report published on Nov. 27 reveals that Tripp's attorneys aim to depose Tesla CEO Elon Musk and more than 10 people involved with the company. Tesla has refused to make Musk available and sought to limit the number of people deposed by Tripp's defense team at the law firm Tiffany & Bosco. Tripp's lawyers wrote in that report: "Tesla has objected to Mr. Tripp's desire to take more than ten depositions... In this case, where Mr. Tripp is being sued for more than $167,000,000 and has asserted counterclaims against Tesla, more than ten depositions is certainly reasonable and appropriate." Tripp attorney Robert D. Mitchell said in an email to CNBC: "The purported damage amount claimed by Tesla relates to supposed dips in Tesla's stock price by virtue of the information Mr. Tripp provided to the press last summer." He characterized the damage claims as "absurd."Read Replies (0)