By EditorDavid from Slashdot's I-know-what-you-typed-last-summer department
An anonymous reader quotes Bleeping Computer: Browser autofill profiles are a reliable phishing vector that allow attackers to collect information from users via hidden form fields, which the browser automatically fills with preset personal information and which the user unknowingly sends to the attacker when he submits a form... Finnish web developer Viljami Kuosmanen has published a demo on GitHub... A user looking at this page will only see a Name and Email input field, along with a Submit button. Unless the user looks at the page's source code, he won't know that the form also contains six more fields named Phone, Organization, Address, Postal Code, City, and Country. If the user has an autofill profile set up in his browser, if he decides to autofill the two visible fields, the six hidden fields will be filled in as well, since they're part of the same form, even if invisible to the user's eye.
Browsers that support autofill profiles are Google Chrome, Safari, and Opera. Browsers like Edge, Vivaldi, and Firefox don't support this feature, but Mozilla is currently working on a similar feature.Read Replies (0)
By EditorDavid from Slashdot's bye-bye-API department
"Once again we're seeing the hazards of developing using a third party service API," writes Slashdot reader BarbaraHudson, reporting that Google "will be discontinuing support for the Google Hangouts API going forward... Google Hangouts is now so insignificant that the cancellation didn't even rate an official blog post. As reported by TechCrunch, "just an updated FAQ and email notification to developers active on the API, forwarded to us by one of these devs."
As Google pushes Duo as its consumer video chat app and relegates Hangouts to the enterprise, it's dropping the flexibility to build these kinds of experiences. The email explains... "We understand this will impact developers who have invested in our platform. We have carefully considered this change and believe that it allows us to give our users a more targeted Hangouts desktop video experience going forward."
TechCrunch calls the move "a casualty of Google's fragmented messaging app strategy and the neglect of Hangouts itself." While some apps will continue working -- for example, integration with Slack -- their API's FAQ now ends with a reminder that "Users of apps will see a notice in the call letting them know that the app they're using will no longer work after April 25th."Read Replies (0)
By EditorDavid from Slashdot's leveraging-Linux department
Jim Whitehurst joined Red Hat in 2008, as its valuation rose past $10 billion and the company entered the S&P 500. He believes that leaders should engage people, and then provide context for self-organizing, and in 2015 even published The Open Organization: Igniting Passion and Performance (donating all proceeds to the Electronic Frontier Foundation). The book describes a post-bureaucratic world of community-centric companies led with transparency and collaboration, with chapters on igniting passion, building engagement, and choosing meritocracy over democracy.
Jim's argued that Red Hat exemplifies "digital disruption," and recently predicted a world of open source infrastructure running proprietary business software. Fortune has already called Red Hat "one of the geekiest firms in the business," and their open source cloud computing platform OpenStack now competes directly with Amazon Web Services. Red Hat also sponsors the Fedora Project and works with the One Laptop per Child initiative.
So leave your best questions in the comments. (Ask as many questions as you'd like, but please, one per comment.) We'll pick out the very best questions, and then forward them on for answers from Red Hat CEO Jim Whitehurst.Read Replies (0)
By EditorDavid from Slashdot's highways-as-dev-enviroment department
"We're at an inflection point where we can begin to realize the potential of this technology," the CEO of Waymo said today. An anonymous reader quotes The Verge:
Waymo, the self-driving car startup spun-off from Google late last year, will be deploying its fleet of self-driving Chrysler Pacifica minivans onto public roads for the first time later this month, the company announced at the North American International Auto Show. The minivans will be hitting the roads in Mountain View, California and Phoenix, Arizona, where the company's self-driving Lexus SUVs have already driven thousands of miles over the past few years...
But here's the thing about these minivans. Waymo says that for the first time, it's producing all the technology that enables its cars to completely drive themselves in-house... This allows the company to exert more control over its self-driving hardware, as well as bring the cost down to ridiculously cheap levels. In a speech in Detroit, Waymo CEO Jeff Krafcik said that by building its own LIDAR sensors, for example, the company was shaving 90 percent off its costs. That means sensors that Google purchased for $75,000 back in 2009 now only cost $7,500 for Waymo to build itself.
Waymo's CEO says that using high-resolution LIDAR sensors "helps us more accurately predict where someone will walk next."Read Replies (0)
By EditorDavid from Slashdot's sharing-ridesharing-data department
Uber is now "leveraging anonymous GPS information from hundreds of thousands of online Uber vehicles" using a new tool called Uber Movement. An anonymous reader quotes USA Today:
Uber is going to make urban traffic and mobility data gleaned from its millions of drivers and riders using the Uber app freely available to all. The data, which shows anonymized travel times between points in cities, will be available on a public website called Uber Movement. Uber says it will first invite planning agencies and researchers to access the information and then make the website free to the public... The San Francisco-based company decided to release the data when it realized it had "this very valuable but untapped resource for understanding a city's transportation infrastructure," said Andrew Salzberg, Uber's head of transportation policy...
Pegged to a transportation conference in DC on Sunday, the release is also likely is a bid to gain some goodwill with cities, with which Uber has often had bare-knuckled fights over regulation... Uber Movement doesn't map individuals rides, but rather segments of rides, focusing on travel time between specific points... The Uber data will give cities a low-cost way to do high-resolution travel time analysis
Boston's chief information officer says the new tool "gives people tools to ask us questions. That's really powerful."Read Replies (0)
By EditorDavid from Slashdot's seven-months-goes-by-fast department
Libreboot became an official GNU project in May. Now an anonymous Slashdot reader writes:
Richard Stallman has officially announced that Libreboot is no longer a GNU package. The maintainer of Libreboot had tried to leave the GNU project in September 2016, but the departure was not acknowledged until January 2017. Libreboot is a replacement for proprietary BIOS systems, effectively a distribution of coreboot without any binary blobs and adding an automated build/install process.
In the post titled "Goodbye to GNU Libreboot," Stallman wrote that "When a package's maintainer steps down, that doesn't by itself break the relationship between GNU and the package. If it is left without a maintainer but is still useful, the GNU Project will usually look for new maintainers to work on it. However, we can instead drop ties with the package, if that seems the right thing to do.
"A few months ago, the maintainer of GNU Libreboot decided not to work on Libreboot for the GNU Project any more. That was her decision to make. She also asserted that Libreboot was no longer a GNU package -- something she could not unilaterally do. The GNU Project had to decide what to do in regard to Libreboot. We have decided to go along with the former GNU maintainer's wishes in this case, for a combination of reasons: (1) it had not been a GNU package for very long, (2) she was the developer who had originally made it a GNU package, and (3) there were no major developers who wanted to continue developing Libreboot under GNU auspices."Read Replies (0)
By EditorDavid from Slashdot's losing-more-than-a-case department
"Forcing law firms to pay defendants' legal bills could undermine the business model of patent trolls," reports Computerworld. whoever57 writes: Patent trolls rely on the fact that they have no assets and, if they lose a case, they can fold the company that owned the patent and sued, thus avoiding paying any of the defendant's legal bills. However in a recent case, the judge told the winning defendant that it can claim its legal bills from the law firm. The decision is based on the plaintiff's law firm using a contract under which it would take a portion of any judgment, making it more than just counsel, but instead a partner with the plaintiff. This will likely result in law firms wanting to be paid up front, instead of offering a contingency-based fee.
The federal judge's decision "attacks the heart of the patent-troll system," according to the article, which adds that patent trolls are "the best evidence that pure evil exists."Read Replies (0)
By EditorDavid from Slashdot's war-of-the-voice-assistants department
Huawei announced its flagship handset will gives users access to Amazon's Alexa assistant in the U.S., suggesting a new worry for Google, according to Reuters. An anonymous reader writes:
"The adoption of Alexa by a prominent Android manufacturer indicates that Amazon may have opened up an early lead over Google as the companies race to present their digital assistants to as many people as possible, analysts said." Analyst Jan Dawson at Jackdaw Research even told Reuters that if Google's personal assistant lags in popularity when voice becomes the most popular interface, "thatâ(TM)s a huge loss for Google in terms of data gathering, training its AI, and ultimately the ability to drive advertising revenue."
Tension may have started when Google decided to debut Google Assistant on their own Pixel smartphones. "While Google has expressed an interest in bringing its assistant to other Android smartphones, the decision to debut the feature on its own hardware may have strained relations with manufacturers, Dawson said. 'It highlights just what a strategic mistake it can be for services companies to make their own hardware and give it preferential access to new services.'"
Nvidia announced this week at CES that they'd be using Google Assistant for their Shield TVs, while Whirlpool and Ford both announced Alexa-enabled products. But this article argues Google Assistant has one thing that Alexa doesn't have: a search engine.Read Replies (0)
By EditorDavid from Slashdot's government-hackathons department
An anonymous reader writes:
America's Federal Trade Commission has announced a $25,000 prize for whoever creates the best tool for securing consumers' IoT devices. The so-called "IoT Home Inspector Challenge" asks participants to create something that will work on current, already-on-the-market IoT devices, with extra points also awarded for scalability ad easy of use.
"Contestants have the option of adding features, such as those that would address hard-coded, factory default, or easy-to-guess passwords," according to the official site, but "The tool would, at a minimum, help protect consumers from security vulnerabilities caused by out-of-date software." The winning submission can't be just a policy (or legal) solution, and will be judged by a panel which includes two computer science professors and a vulnerability researcher from Carnegie Mellon University's CERT Coordination Center.
Computerworld points out that "This isn't the first time the FTC has offered cash for software tools. In 2015, it awarded $10,500 to developers of an app that could block robocalls."Read Replies (0)
By EditorDavid from Slashdot's compiling-statistics department
An anonymous reader writes:
Java overtook C as the most popular language in mid-2015 on the TIOBE Programming Community index. But now over the last 13 months, they show C's popularity consistently dropping more and more. C's score had hovered between 15% and 20% for over 15 years but as 2016 ended, the language's popularity is now down to 8.7%. "There is no clear way back to the top," reports the site, asking what happened to C? "It is not a language that you think of while writing programs for popular fields such as mobile apps or websites, it is not evolving that much and there is no big company promoting the language."
But the Insights blog at Dice.com counters that TIOBE "has hammered on C for quite some time. Earlier this year, it again emphasized how C is 'hardly suitable for the booming fields of web and mobile app development.' That being said, job postings on Dice (as well as rankings compiled by other organizations) suggest there's still widespread demand for C, which can be used in everything from operating systems to data-intensive applications, and serves many programmers well as an intermediate language."
i-programmer suggests this could just be an artifact of the way TIOBE calculates language popularity (by totaling search engine queries). Noting that Assembly language rose into TIOBE's top 10 this year, their editor wrote, "Perhaps it is something to do with the poor state of assembly language documentation that spurs on increasingly desperate searches for more information." Maybe C programmers are just referring to their K&R book instead of searching for solutions online?Read Replies (0)
By EditorDavid from Slashdot's waning-of-windows department
Gartner predicts Apple will ship more iOS and macOS devices in 2017 than Windows-powered devices "for the first time this century," and then increase their lead over the next two years. An anonymous reader quotes Computerworld:
Gartner predicted that iOS + macOS, unlike Windows, will recover in 2017. Apple's OSes will climb 8% to 268 million this year, add 3% in 2018 to reach 276 million, then increase another 3% in 2019, with that year's device shipment forecast at 285 million. Windows will dip this year, then stagnate for the following two years... The gap between Microsoft and Apple -- 12 million last year, with Microsoft atop -- will widen to 27 million by 2019, advantage Apple.
"The global devices market is stagnating," said Gartner analyst Ranjit Atwal in a statement Wednesday. Mobile phone shipments are growing only in emerging markets in the Asia and Pacific markets, Atwal added, and noted that "The PC market is just reaching the bottom of its decline." The PC industry's troubles have affected Microsoft most of all; Windows is almost entirely dependent on PC shipments, which have been stuck in a protracted slump. Future shipments were further hit when Microsoft walked away from the smartphone business last year.
The article also points out that even in 2016, Windows devices came in second, and "accounted for approximately 11.2% of the total devices, which overwhelmingly ran Google's Android."Read Replies (0)