By msmash from Slashdot's college-in-2017 department
Millennial college students have become far too casual when they talk with their professors, reads an opinion piece on The New York Times. Addressing professors by their first names and sending misspelled, informal emails with text abbreviations have become common practices (Editor's note: the link could be paywalled; here's a syndicated source) among many students than educators would like, Molly Worthen, an assistant professor of history at the University of North Carolina, Chapel Hill adds. From the article: Over the past decade or two, college students have become far more casual in their interactions with faculty members. My colleagues around the country grumble about students' sloppy emails and blithe informality. "When students started calling me by my first name, I felt that was too far, and I've got to say something," Mark Tomforde, a math professor at the University of Houston said. Sociologists who surveyed undergraduate syllabuses from 2004 and 2010 found that in 2004, 14 percent addressed issues related to classroom etiquette; six years later, that number had more than doubled, to 33 percent. This phenomenon crosses socio-economic lines. My colleagues at Stanford gripe as much as the ones who teach at state schools, and students from more privileged backgrounds are often the worst offenders. [...] Insisting on traditional etiquette is also simply good pedagogy. It's a teacher's job to correct sloppy prose, whether in an essay or an email. And I suspect that most of the time, students who call faculty members by their first names and send slangy messages are not seeking a more casual rapport. They just don't know they should do otherwise -- no one has bothered to explain it to them. Explaining the rules of professional interaction is not an act of condescension; it's the first step in treating students like adults.Read Replies (0)
By msmash from Slashdot's dirt-cheap-smartphones department
We have seen over hundreds of manufacturers launch over thousands of smartphone models in the past three years. One of the remarkable smartphones, aimed at those who aren't planning to break a bank for it, has been Motorola's Moto E. Priced at $129, unlocked, without a contract, the handset was immensely popular in the developing markets. It changed the smartphone ecosystem at places like Indonesia and India, pushing several other Android OEMs to step up their game -- and they did. Three years later, after a series of "overpriced" phones, Motorola is attempting to break the affordable smartphone market again. From a report on CNET: The most important thing to know about the Moto C and C Plus, it seems, is that the phones are cheap. Like, really cheap. Motorola's Moto C starts at 89 euros (which converts to $98), and the more advanced C Plus begins at 119 euros (that coverts to $131). As for the specs, the Moto C sports a 5-inch display (854x480 pixel-resolution), 5-megapixel rear camera, 2-megapixel front-facing camera with flash, 1.3GHz quad-core processor (unspecified model), 4G support, 2,350mAh removable battery, 8GB storage, 1GB RAM, and support for two-SIM cards. The handsets run Android 7.0.Read Replies (0)
By msmash from Slashdot's how-things-fell-apart department
Not very pleased with your internet speeds? Think about the people Down Under. Australia's "bungled" National Broadband Network (NBN) has been used as a "cautionary tale" for other countries to take note of. Despite the massive amount of money being pumped into the NBN, the New York Times reports, the internet speeds still lagged behind the US, most of western Europe, Japan and South Korea -- even Kenya. The article highlights that Australia was the first country where a national plan to cover every house or business was considered and this ambitious plan was hampered by changes in government and a slow rollout (Editor's note: the link could be paywalled; alternative source), partly because of negotiations with Telstra about the fibre installation. From the report: Australia, a wealthy nation with a widely envied quality of life, lags in one essential area of modern life: its internet speed. Eight years after the country began an unprecedented broadband modernization effort that will cost at least 49 billion Australian dollars, or $36 billion, its average internet speed lags that of the United States, most of Western Europe, Japan and South Korea. In the most recent ranking of internet speeds by Akamai, a networking company, Australia came in at an embarrassing No. 51, trailing developing economies like Thailand and Kenya. For many here, slow broadband connections are a source of frustration and an inspiration for gallows humor. One parody video ponders what would happen if an American with a passion for Instagram and streaming "Scandal" were to switch places with an Australian resigned to taking bathroom breaks as her shows buffer. The article shares this anecdote: "Hundreds of thousands of people from around the world have downloaded Hand of Fate, an action video game made by a studio in Brisbane, Defiant Development. But when Defiant worked with an audio designer in Melbourne, more than 1,000 miles away, Mr. Jaffit knew it would be quicker to send a hard drive by road than to upload the files, which could take several days."Read Replies (0)
By msmash from Slashdot's catching-the-wrong-fish department
Earlier this month, technology publication Gizmodo published a report on how it "phished" members of the administration and campaign teams of President Donald Trump. The blog said it identified 15 prominent figures on Trump's team and sent e-mails to each posing as friends, family members, or associates containing a faked Google Docs link. But did the publication inadvertently break the law? ArsTechnica reports: "This was a test of how public officials in an administration whose president has been highly critical of the security failures of the DNC stand up to the sort of techniques that hackers use to penetrate networks," said John Cook, executive editor of Gizmodo's Special Projects Desk, in an e-mail conversation with Ars. Gizmodo targeted some marquee names connected to the Trump administration, including Newt Gingrich, Peter Thiel, (now-ex) FBI director James Comey, FCC chairman Ajit Pai, White House press secretary Sean Spicer, presidential advisor Sebastian Gorka, and the administration's chief policymakers for cybersecurity. The test didn't appear to prove much. Gingrich and Comey responded to the e-mail questioning its provenance. And while about half of the targeted officials may have clicked the link -- eight devices' IP addresses were recorded accessing the linked test page -- none entered their login credentials. The test could not determine whose devices clicked on the link. What the test did manage to do is raise the eyebrows of security experts and some legal experts. That's because despite their efforts to make it "reasonably" apparent that this was a test, Gizmodo's phishing campaign may have violated several laws, ignoring many of the restrictions usually placed on similar tests by penetration-testing and security firms. At a minimum, Gizmodo danced along the edges of the Computer Fraud and Abuse Act (CFAA).Read Replies (0)
By msmash from Slashdot's business-vs-moral-responsibility department
In the aftermath of ransomware spread over the weekend, Zeynep Tufekci, an associate professor at the School of Information and Library Science at the University of North Carolina, writes an opinion piece for The New York Times: At a minimum, Microsoft clearly should have provided the critical update in March to all its users, not just those paying extra. Indeed, "pay extra money to us or we will withhold critical security updates" can be seen as its own form of ransomware. In its defense, Microsoft probably could point out that its operating systems have come a long way in security since Windows XP, and it has spent a lot of money updating old software, even above industry norms. However, industry norms are lousy to horrible, and it is reasonable to expect a company with a dominant market position, that made so much money selling software that runs critical infrastructure, to do more. Microsoft supported Windows XP for over a decade before finally putting it to sleep. In the wake of ransomware attacks, it stepped forward to release a patch -- a move that has been lauded by columnists. That said, do you folks think it should continue to push security updates to older operating systems as well?Read Replies (0)
By EditorDavid from Slashdot's protecting-privacy department
An anonymous reader quotes The Guardian:
The human rights group Cage is preparing to mount a legal challenge to UK anti-terrorism legislation over a refusal to hand over mobile and laptop passwords to border control officials at air terminals, ports and international rail stations... The move comes after its international director, Muhammad Rabbani, a UK citizen, was arrested at Heathrow airport in November for refusing to hand over passwords. Rabbani, 35, has been detained at least 20 times over the past decade when entering the UK, under schedule 7 of terrorism legislation that provides broad search powers, but this was the first time he had been arrested... On previous occasions, when asked for his passwords, he said he had refused and eventually his devices were returned to him and he was allowed to go. But there was a new twist this time: when he refused to reveal his passwords, he was arrested under schedule 7 provisions of the terrorism act and held overnight at Heathrow Polar Park police station before being released on bail. He expects to be charged on Wednesday.
Rabbani "argues that the real objective...is not stopping terrorists entering the UK, but as a tool to build up a huge data bank on thousands of UK citizens." And his position drew support from Jim Killock, executive director of the UK-based Open Rights Group. "Investigations should take place when there is actual suspicion, and the police should be able to justify their actions on that basis, rather than using wide-ranging powers designed for border searches."Read Replies (0)
By EditorDavid from Slashdot's search-and-destroy department
An anonymous reader writes: "The Wana Decrypt0r ransomware -- also known as WCry, WannaCry, WannaCrypt, and WanaCrypt0r -- infected a honeypot server made to look like a vulnerable Windows computer six times in the span of 90 minutes, according to an experiment carried out by a French security researcher that goes online by the name of Benkow," reports BleepingComputer. "During one of those infections, Wana Decrypt0r infected the honeypot in a mere three minutes after it was reset, showing the aggressive nature of the ransomware's scanning module, which helps it spread to new victims... Three minutes is about the same amount of time IoT malware will infect a vulnerable home router left connected to the Internet without patches." The article also highlights the fact that the group behind this threat is possibly made of inexperienced coders, who just stumbled upon a way to weaponize an NSA exploit. Their three previous WanaDecrypt0r campaigns were mundane, and one researcher called their code "utter [expletive]." This is because WanaDecrypt0r is actually made of two main modules, the ransomware itself, and the SMB worm (based on the NSA exploit). While the SMB worm is top-shelf code, the ransomware itself is quite unsophisticated, making a lot of operational errors, including using only 3 Bitcoin wallets to handle payments, instead of one per infected user, as most top-shelf ransomware does. This makes it difficult to tell which victims paid and who didn't, as anyone could claim "x" transaction is theirs, even if they didn't pay.Read Replies (0)
By EditorDavid from Slashdot's Boston-tier-party department
An anonymous reader writes:Thursday the FCC stopped accepting comments as part of long-standing rules "to provide FCC decision-makers with a period of repose during which they can reflect on the upcoming items" before their May 18th meeting. Techdirt wondered if this time to reflect would mean less lobbying from FCC Chairman Ajit Pai, but on Friday Pai recorded a Jimmy Kimmel-style video mocking mean tweets, with responses Gizmodo called "appalling" and implying "that anyone who opposes his cash grab for corporations is a moron."
Meanwhile, Wednesday The Consumerist reported the FCC's sole Democrat "is deploying some scorched-earth Microsoft Word table-making to use FCC Chair Ajit Pai's own words against him." (In 2014 Pai wrote "A dispute this fundamental is not for us five, unelected individuals to decide... We should also engage computer scientists, technologists, and other technical experts to tell us how they see the Internet's infrastructure and consumers' online experience evolving.") But Pai seemed to be mostly sticking to friendlier audiences, appearing with conservative podcasters from the Taxpayer Protection Alliance, the AEI think tank and The Daily Beast.
The Verge reports the flood of fake comments opposing Net Neutrality may have used names and addresses from a breach of 1.4 billion personal information records from marketing company River City Media. Reached on Facebook Messenger, one woman whose named was used "said she hadn't submitted any comments, didn't live at that address anymore and didn't even know what net neutrality is, let alone oppose it."
Techdirt adds "If you do still feel the need to comment, the EFF is doing what the FCC itself should do and has set up its own page at DearFCC.org to hold any comments."Read Replies (0)
By EditorDavid from Slashdot's writer-rights department
An anonymous reader quotes Deadline:
Netflix, Amazon and Hulu will be paying a lot more in writers' residuals under the new WGA film and TV contract. New details, outlined by WGA West, reveal that high-budget shows they run will generate anywhere between $3,448-$34,637 more residuals per episode over the life of the three-year contract than they did under the old contract, depending on the platform and the length of the show. Essentially, it's the same deal the Director's Guild of America got in their negotiations last December. The WGA contract, which has been unanimously approved by the WGA West board and the WGA East council, now goes to the guilds' members for final ratification. Voting begins Friday and concludes May 24.
For every half-hour of a high-budget show, Netflix will be paying $19,058 more in residuals than it did under the old contract.Read Replies (0)
By EditorDavid from Slashdot's AMT-vs-EFF department
The EFF is issuing a warning about the "tiny homunculus computer" in most of Intel's chipsets -- the largely-undocumented "Management Engine" which houses more than just the AMT module. An anonymous reader quotes their report:
While AMT can be disabled, there is presently no way to disable or limit the Management Engine in general. Intel urgently needs to provide one....vulnerabilities in any of the other modules could be as bad, if not worse, for security. Some of the other modules include hardware-based authentication code and a system for location tracking and remote wiping of laptops for anti-theft purposes... It should be up to hardware owners to decide if this code will be installed in their computers or not. Perhaps most alarmingly, there is also reportedly a DRM module that is actively working against the user's interests, and should never be installed in a Management Engine by default...
While Intel may put a lot of effort into hunting for security bugs, vulnerabilities will inevitably exist, and having them lurking in a highly privileged, low-level component with no OS visibility or reliable logging is a nightmare for defensive cybersecurity. The design choice of putting a secretive, unmodifiable management chip in every computer was terrible, and leaving their customers exposed to these risks without an opt-out is an act of extreme irresponsibility... EFF believes that Intel needs to provide a minimum level of transparency and user control of the Management Engines inside our computers, in order to prevent this cybersecurity disaster from recurring. Unless that happens, we are concerned that it may not be appropriate to use Intel CPUs in many kinds of critical infrastructure systems.
TLDR: "We have reason to fear that the undocumented master controller inside our Intel chips could continue to be a source of serious vulnerabilities in personal computers, servers, and critical cybersecurity and physical infrastructure."Read Replies (0)
By EditorDavid from Slashdot's what's-in-Vogue department
Slashdot reader Dan Drollette shares an article by the executive director and publisher of the Bulletin of the Atomic Scientists:On Friday, an elite group of the world's nuclear experts and advisers launched a Nuclear Crisis Group, to help manage the growing risk of nuclear conflict. The group includes leading diplomats with decades of experience, and retired military officers who were once responsible for launching nuclear weapons if given the order to do so. China, India, Pakistan, Russia, and the United States, all countries that have nuclear weapons, are represented. The group intends to create a "shadow security council," or an expert group capable of providing advice to world leaders on nuclear matters...
Building on grass-roots support, the Nuclear Crisis Group could serve as a brake on nuclear escalation and be an early step in reversing the downward nuclear security spiral. Not only will they be able to offer expertise to inexperienced leaders who are dabbling in nuclear security, but they will be able to develop and endorse proposals that could make the world safer such as expanding the decision time that leaders have to respond to a nuclear threat, further protecting nuclear systems against cyber attacks and unintended escalations, reenergizing the appetite for arms control negotiations, and questioning global nuclear upgrade programs.Read Replies (0)