By EditorDavid from Slashdot's whatever-happened-to-apples? department
Tomorrow's "Hour of Code" kick-off event features Melinda Gates, Facebook COO Sheryl Sandberg, YouTube CEO Susan Wojcicki, and "multiple state governors," reports theodp -- who has some concerns.
With Microsoft boasting that nearly 70 million of its Minecraft Hour of Code sessions have been launched, and tech companies pushing coding and their products into classrooms, it's probably no surprise that the 2017 Hour of Code -- organized by tech-bankrolled Code.org -- seems to have presented a too-hard-to-resist branding opportunity for Google, Microsoft, Apple and Amazon. And, in what might evoke memories of Dollars for Doctors, some teachers will even be rewarded for steering their kids to Google's Hour of Code lesson. "Thanks to our friends at Google," explains crowdfunding website DonorsChoose.org, "4th-8th grade public school teachers who engage their students in a 'Create your own Google logo' Hour of Code activity can earn a $100 DonorsChoose.org gift code -- and have the opportunity to receive one of five other grand prizes (including $5,000 in DonorsChoose.org credits for your school!)."Read Replies (0)
By EditorDavid from Slashdot's mismanagement-engine department
An anonymous reader quotes Liliputing.com
Linux computer vendor System76 announced this week that it will roll out a firmware update to disable Intel Management Engine on laptops sold in the past few years. Purism will also disable Intel Management Engine on computers it sells moving forward. Those two computer companies are pretty small players in the multi-billion dollar PC industry. But it turns out one of the world's largest PC companies is also offering customers the option of buying a computer with Intel Management Engine disabled. At least three Dell computers can be configured with an "Intel vPro -- ME Inoperable, Custom Order" option, although you'll have to pay a little extra for those configurations... While Intel doesn't officially provide an option to disable its Management Engine, independent security researchers have discovered methods for doing that and we're starting to see PC makers make use of those methods.
The option appears to be available on most of Dell's Latitude laptops (from the 12- to 15-inch screens), including the 7480, 5480, and 5580 and the Latitude 14 5000 Series (as well as several "Rugged" and "Rugged Extreme" models).
Dell is charging anywhere from $20.92 to $40 to disable Intel's Management Engine.Read Replies (0)
By EditorDavid from Slashdot's Merry-coding-to-all department
An anonymous reader writes:
"On December 1st, 24 Pull Requests will be opening its virtual doors once again, asking you to give the gift of a pull request to an open source project in need," writes UK-based software developer Andrew Nesbitt -- noting that last year the site registered more than 16,000 pull requests. "And they're not all by programmers. Often the contribution with the most impact might be an improvement to technical documentation, some tests, or even better -- guidance for other contributors."
This year they're even touting "24 Pull Requests hack events," happening around the world from Lexington, Kentucky to Torino, Italy. (Last year 80 people showed up for an event in London.) "You don't have to hack alone this Christmas!" suggests the site, also inviting local communities and geek meetups (as well as open source-loving companies) to host their own events. Contributing to open source projects can also beef up your CV (for when you're applying for your next job), the site points out, and "Even small contributions can be really valuable to a project."
"You've been benefiting from the use of open source projects all year. Now is the time to say thanks to the maintainers of those projects, and a little birdy tells me that they love receiving pull requests!"Read Replies (0)
By EditorDavid from Slashdot's un-cert-ainty department
thegarbz writes: Startcom, a certificate authority which as we covered previously has been distrusted by Mozilla, by Google, and recently also by Microsoft, has announced that it will cease trading as a Certificate Authority. While their website currently shows no indication that their certificates have any problems, a news posting has announced their intentions to stop providing certificates as of January 2018, and to revoke all remaining certificates in 2020.
The original submission also says StartCom sent an email to all their former customers -- including customers of their free StartSSL certificates -- announcing their intentions.
As you are surely aware, the browser makers distrusted StartCom around a year ago and therefore all the end entity certificates newly issued by StartCom are not trusted by default in browsers.
The browsers imposed some conditions in order for the certificates to be re-accepted. While StartCom believes that these conditions have been met, it appears there are still certain difficulties forthcoming. Considering this situation, the owners of StartCom have decided to terminate the company as a Certification Authority as mentioned in Startcoms website.
StartCom will stop issuing new certificates starting from January 1st, 2018 and will provide only CRL and OCSP services for two more years.
StartCom would like to thank you for your support during this difficult time.Read Replies (0)
By EditorDavid from Slashdot's expanding-encryption department
An anonymous reader quotes Bleeping Computer: PHP got a whole lot more secure this week with the release of the 7.2 branch, a version that improves and modernizes the language's support for cryptography and password hashing algorithms. Of all changes, the most significant is, by far, the support for Argon2, a password hashing algorithm developed in the early 2010s. Back in 2015, Argon2 beat 23 other algorithms to win the Password Hashing Competition, and is now in the midst of becoming a universally recognized Internet standard at the Internet Engineering Task Force (IETF), the reward for winning the contest. The algorithm is currently considered to be superior to Bcrypt, today's most widely used password hashing function, in terms of both security and cost-effectiveness, and is also slated to become a favorite among cryptocurrencies, as it can also handle proof-of-work operations. The other major change in PHP 7.2 was the removal of the old Mcrypt cryptographic library from the PHP core and the addition of Libsodium, a more modern alternative.Read Replies (0)
By EditorDavid from Slashdot's watch-ing-your-health department
An anonymous reader quotes USA Today:
Might wearing an Apple Watch save you from a stroke or cardio problem? Apple is careful not to make that direct claim. But the company, in collaboration with Stanford University School of Medicine, launched the Apple Heart Study app on Thursday that uses the heart rate sensor inside the Apple Watch to collect data on irregular heart rhythms... If an irregular heart rhythm is detected, participants in the study will be notified through the Apple Watch and on their iPhones. Should that occur, you'll be offered a free consultation with a study doctor, and possibly an electrocardiogram patch for additional monitoring...
A participant in the study merely has to download the app and wear the watch... The way Apple explains it, a sensor inside the watch uses green LED lights flashing hundreds of times per second and light-sensitive photodiodes to detect the amount of blood flowing through the wrist. The sensor has an optical design that gathers signals from four distinct points on the wrist. Using software algorithms, the Apple Watch can isolate heart rhythms from other noise, and identify an irregular heart rhythm.
The FDA has also approved the first personal electrocardiogram accessory for the Apple Watch, according to TechNewsWorld. "The KardiaBand" also detects and records atrial fibrillation that can lead to strokes or other heart problems. "The user simply touches an integrated sensor, and the results are then displayed on the face of the Apple Watch."
An irregular, bloodflow-disrupting heartbeat is the top cause of strokes, which kill 130,000 people every year just in the U.S. -- in many case before they've experienced any symptoms.Read Replies (0)
By EditorDavid from Slashdot's criticizing-cryptocurrencies department
Bitcoin "is drawing harsh criticism from Wall Street investment firms," writes Slashdot reader rmdingler -- and even from some prominent economists. CNN reports:
The harshest assessment came from Nobel laureate Joseph Stiglitz, who said that bitcoin "ought to be outlawed. Bitcoin is successful only because of its potential for circumvention," he told Bloomberg TV. "It doesn't serve any socially useful function." Robert Shiller, who won a Nobel for his work on bubbles, said the currency appeals to some investors because it has an "anti-government, anti-regulation feel. It's such a wonderful story," he said at a conference in Lithuania, according to Bloomberg. "If it were only true."
Wall Street titans were getting in on the action, too. Goldman Sachs CEO Lloyd Blankfein told Bloomberg that the currency serves as "a vehicle for perpetrating fraud." Billionaire investor Carl Icahn said on CNBC that it "seems like a bubble." The digital currency previously attracted the derision of JPMorgan boss Jamie Dimon, who called it a "fraud" that would "eventually blow up." Warren Buffett has warned of a "real bubble."
Wednesday the price of bitcoin shot past $11,000 -- just ten days after rising past $8,000.Read Replies (0)
By EditorDavid from Slashdot's get-onto-my-cloud department
InfoWorld published an interesting essay from Matt Asay, former COO at Canonical (and an emeritus board member of the Open Source Initiative), about innovation from the big public cloud vendors, which "even when open-sourced, doesn't really help the community at large... All this innovation is available to buy; none of it is available to build. Not for mere mortals, anyway."
Google in particular has figured out how to both open-source code in a useful way and make it pay. As Server Density CEO David Mytton has underlined, Google hopes to "standardize machine learning on a single framework and API," namely TensorFlow, then supplement it "with a service that can [manage] it all for you more efficiently and with less operational overhead," namely Google Cloud. By open-sourcing TensorFlow and backing it with machine-learning-heavy Google Cloud, Google has open-sourced a great on-ramp to future revenue.
My question: why not do this with the rest of its code? The simple answer is "Because it's a lot of work." That is, Google could open-source everything tomorrow without any damage to its revenue, but the code itself would provide other providers and enterprises only limited ability to increase their revenue unless Google did all the necessary prep work to make it useful to mere mortals not running superhuman Google infrastructure. This is the trick that AWS, Microsoft, and Google are all racing to figure out today. Not open source, per se, because that's the easy table stakes. No, the AWS/Microsoft Azure/Google Cloud trio are figuring out how to turn their innovations into open source on-ramps to their proprietary services. Companies used to lock up their code to sell it. Today, it's the opposite: They need to open it up to make their ability to operate the code at scale more valuable. For them.Read Replies (0)
By EditorDavid from Slashdot's what-we-learned-in-school-today department
14 terabytes of "highly confidential" data about 5,120 financial aid applications over seven years were exposed in a breach at Stanford's Graduate School of Business -- proving that the school "misled thousands of applicants and donors about the way it distributes fellowship aid and financial assistance to its MBA students," reports Poets&Quants.
The information was unearthed by a current MBA student, Adam Allcock, in February of this year from a shared network directory accessible to any student, faculty member or staffer of the business school. In the same month, on Feb. 23, the student reported the breach to Jack Edwards, director of financial aid, and the records were removed within an hour of his meeting with Edwards. Allcock, however, says he spent 1,500 hours analyzing the data and compiling an 88-page report on it...
Allcock's discovery that more money is being used by Stanford to entice the best students with financial backgrounds suggests an admissions strategy that helps the school achieve the highest starting compensation packages of any MBA program in the world. That is largely because prior work experience in finance is generally required to land jobs in the most lucrative finance fields in private equity, venture capital and hedge funds.
Half the school's students are awarded financial aid, and though Stanford always insisted it was awarded based only on need, the report concluded the school had been "lying to their faces" for more than a decade, also identifying evidece of "systemic biases against international students."
< article continued at Slashdot's what-we-learned-in-school-today department
>Read Replies (0)
By EditorDavid from Slashdot's not-avoiding-the-Noid department
Despite the fact that 60% of its pizza orders arrive digitally, "A growing number of Domino's delivery customers are casting a critical eye at the company's online pizza-tracking app," reports the lifestyle editor at Fox News. "More specifically, they think it's a bunch of crap."
Fault-finding app users -- or "app truthers," as The Wall Street Journal calls them -- are subscribing to the notion that the Domino's pizza tracker is nothing but a bunch of smoke and mirrors. One user who spoke with the Journal claims his app told him that "Melinda" would be arriving shortly with his order, but when he opened the door, a delivery man he already knew handed him the pizza. "Ever since then, I knew everything they said, I felt, was made up," he said.
Another man claims the tracker told him his pizza was en route, even though he could see the Domino's restaurant from his house, and there was no sign of the pizza being out for delivery. Others claim the pizza app told them their food had been delivered when it hadn't, or that there were huge discrepancies between when their pies were supposed to be delivered and when they actually arrived. A whole thread on Reddit suggests that the app is just an automated timer disguised to look like a real-time tracker.
In a statement Domino's blamed the problem on employees not entering correct data, while also insisting that "the vast majority of the time Pizza Tracker works as designed."
According to the article, "A person who claimed to be a Domino's employee also said nearly as much in a 2015 Reddit thread. He/she added that the name of the person preparing the pizza -- as far as the app is concerned -- is usually the manager.Read Replies (0)
By EditorDavid from Slashdot's turbocharging-the-web department
Slashdot reader Beeftopia shares "a detailed history of WebAssembly...from one of the developers." IEEE Spectrum reports that "Like a lot of stories about tech innovation, this one started with video games."
This brings us to the present... Emscripten can take code written in C++ and convert it directly into WebAssembly. And there will be ways in time to run other languages as well, including Rust, Lua, Python, Java, and C#. With WebAssembly, multimillion-line code bases can now load in a few seconds and then run at 80 percent of the speed of native programs. And both load time and execution speed are expected to improve as the browser engines that run the code are made better.
By EditorDavid from Slashdot's saying-hello-to-the-future department
An anonymous reader quotes MarketWatch:
A group of global activists stormed and occupied several Apple Stores in France on Saturday in a move aimed at pressuring the company to pay up on a €13 billion ($15.5 billion) tax bill to the European Union. In a press release, the France unit of the Association for the Taxation of Financial Transactions and Citizen's Action organization (Attac), said 100 of its members occupied the Opera Apple Store in Paris, demanding the company pay its taxes... Attac said dozens of protests were organized at other Apple store locations throughout France on Saturday. In the Paris store, activists were seen via videos circulating on Twitter, pushing past security and hanging a banner that said "We will stop when Apple pays." Security in Paris reportedly evacuated Apple workers from the building as those protests began.
After three hours they left the store -- leaving behind protest messages on the iPads on display. The group claims that Apple has stashed $230 billion in tax havens around the world, but also hopes to raise awareness about other issues.
"Attac said the action was part of the #PhoneRevolt movement aimed at highlighting unfair practices by Apple, that are not just about taxes, but also pollution via extraction of metals for its phones, worker exploitation and driving a global consumption binge."Read Replies (0)
By EditorDavid from Slashdot's a-House-divided department
Staffers for Senate Republicans' campaign arm seized information on more than 200,000 donors from the House GOP campaign committee over several months this year by breaking into its computer system, three sources with knowledge of the breach told Politico... Multiple NRSC staffers, who previously worked for the NRCC, used old database login information to gain access to House Republicans' donor lists this year. The donor list that was breached is among the NRCC's most valuable assets, containing not only basic contact information like email addresses and phone numbers but personal information that could be used to entice donors to fork over cash -- information on top issues and key states of interest to different people, the names of family members, and summaries of past donation history... Donor lists like these are of such value to party committees that they can use them as collateral to obtain loans worth millions of dollars when they need cash just before major elections...
"The individuals on these lists are guaranteed money," said a Republican fundraiser. "They will give. These are not your regular D.C. PAC list"... The list has helped the NRCC raise over $77 million this year to defend the House in 2018... Though the House and Senate campaign arms share the similar goal of electing Republican candidates and often coordinate strategy in certain states, they operate on distinct tracks and compete for money from small and large donors.
Long-time Slashdot reader SethJohnson says the data breach "is the result of poor deprovisioning policies within the House Republican Campaign Committee -- allowing staff logins to persist after a person has left the organization."
NRCC officials who learned of the breach "are really pissed," one source told the site.Read Replies (0)
By EditorDavid from Slashdot's suing-8th-graders department
Bizzeh shared this report from the BBC:
A mother has written a letter in defense of her 14-year-old son who is facing a lawsuit over video game cheats in the US. Caleb Rogers is one of two people facing legal action from gaming studio Epic Games for using cheat software to play the free game Fortnite. The studio says it has taken the step because the boy declined to remove a YouTube video he published which promoted how to use the software... "This company is in the process of attempting to sue a 14-year-old child," she wrote in the letter which has been shared online by the news site Torrentfreak.
Ms. Rogers added that she had not given her son parental consent to play the game as stated in its terms and conditions, and that as the game was free to play the studio could not claim loss of profit as a result of the cheats... In a statement given to the website Kotaku, Epic Games said the lawsuit was a result of Mr. Rogers "filing a DMCA counterclaim to a takedown notice on a YouTube video that exposed and promoted Fortnite Battle Royale cheats and exploits... Epic is not OK with ongoing cheating or copyright infringement from anyone at any age," it said.
Cory Doctorow counters that the 14-year-old "correctly asserted that there was no copyright infringement here. Videos that capture small snippets of a videogame do not violate that game creator's copyrights, because they are fair use..."Read Replies (0)
By EditorDavid from Slashdot's gang's-all-here department
Bruce Perens co-founded the Open Source Initiative with Eric Raymond -- and he's also Slashdot reader #3872. Bruce Perens writes: Red Hat, IBM, Google, and Facebook announced that they would give infringers of their GPL software up to a 30-day hold-off period during which an accused infringer could cure a GPL violation after one was brought to their attention by the copyright holder, and a 60 day "statute of limitations" on an already-cured infringement when the copyright holder has never notified the infringer of the violation. In both cases, there would be no penalty: no damages, no fees, probably no lawsuit; for the infringer who promptly cures their infringement.
Perens sees the move as "obviously inspired" by the kernel team's earlier announcement, and believes it's directed against one man who made 50 copyright infringement claims involving the Linux kernel "with intent to collect income rather than simply obtain compliance with the GPL license."
Unfortunately, "as far as I can tell, it's Patrick McHardy's legal right to bring such claims regarding the copyrights which he owns, even if it doesn't fit Community Principles which nobody is actually compelled to follow."Read Replies (0)
By EditorDavid from Slashdot's wrong-trajectory department
An anonymous reader quotes Ars Technica's report on Russia's failed attempt to launch 19 satellites into orbit on Tuesday:
Instead of boosting its payload, the Soyuz 2.1b rocket's Fregat upper stage fired in the wrong direction, sending the satellites on a suborbital trajectory instead, burning them up in Earth's atmosphere... According to normally reliable Russian Space Web, a programming error caused the Fregat upper stage, which is the spacecraft on top of the rocket that deploys satellites, to be unable to orient itself. Specifically, the site reports, the Fregat's flight control system did not have the correct settings for a mission launching from the country's new Vostochny cosmodrome. It evidently was still programmed for Baikonur, or one of Russia's other spaceports capable of launching the workhorse Soyuz vehicle. Essentially, then, after the Fregat vehicle separated from the Soyuz rocket, it was unable to find its correct orientation. Therefore, when the Fregat first fired its engines to boost the satellites into orbit, it was still trying to correct this orientation -- and was in fact aimed downward toward Earth.
Though the Fregat space tug has been in operation since the 1990s, this is its fourth failure -- all of which have happened within the last 8 years.
"In each of the cases, the satellite did not reach its desired orbit," reports Ars Technica, adding "As the country's heritage rockets and upper stages continue to age, the concern is that the failure rate will increase."Read Replies (0)
By EditorDavid from Slashdot's Hey-Siri-where's-your-source-code? department
Mozilla's VP of Technology Strategy, Sean White, writes:
I'm excited to announce the initial release of Mozilla's open source speech recognition model that has an accuracy approaching what humans can perceive when listening to the same recordings... There are only a few commercial quality speech recognition services available, dominated by a small number of large companies. This reduces user choice and available features for startups, researchers or even larger companies that want to speech-enable their products and services. This is why we started DeepSpeech as an open source project. Together with a community of likeminded developers, companies and researchers, we have applied sophisticated machine learning techniques and a variety of innovations to build a speech-to-text engine that has a word error rate of just 6.5% on LibriSpeech's test-clean dataset. vIn our initial release today, we have included pre-built packages for Python, NodeJS and a command-line binary that developers can use right away to experiment with speech recognition.
The announcement also touts the release of nearly 400,000 recordings -- downloadable by anyone -- as the first offering from Project Common Voice, "the world's second largest publicly available voice dataset." It launched in July "to make it easy for people to donate their voices to a publicly available database, and in doing so build a voice dataset that everyone can use to train new voice-enabled applications." And while they've started with English-language recordings, "we are working hard to ensure that Common Voice will support voice donations in multiple languages beginning in the first half of 2018."
< article continued at Slashdot's Hey-Siri-where's-your-source-code? department
>Read Replies (0)
By EditorDavid from Slashdot's no-fly-zones department
"A man with an anti-media agenda was arrested in Oakland after he flew a drone over two different stadiums to drop leaflets" last Sunday, writes Slashdot reader execthis. A local CBS station reports:
According to investigators, [55-year-old Tracy] Mapes piloted his drone over Levi's Stadium during the second quarter of the 49ers-Seattle game and released a load of pamphlets. He then quickly landed the drone, loaded it up and drove over to Oakland. He flew a similar mission over the Raiders-Broncos game. Santa Clara Police Lt. Dan Moreno said after Mapes was apprehended he defended the illegal action as a form of free speech.
USA Today reports there's now also an ongoing federal investigation "because the Federal Aviation Administration prohibits the flying of drones within five miles of an airport. Both Levi's Stadium and Oakland Coliseum are within that range."
"The San Francisco Chronicle added that the drone was a relatively ineffective messenger because 'most of the drone-dropped leaflets were carried away by the wind.'"Read Replies (0)