By BeauHD from
Slashdot's double-agent department:
An anonymous reader quotes a report from Gizmodo: Late this afternoon, Nilay Patel, the editor-in-chief of The Verge, published a post detailing the circumstances around the departure of Chris Ziegler, a founding member of the site. As it turns out, according to Patel, Ziegler had been pulling double duty as an employee of both The Verge and Apple. "The circumstances of Chris' departure from The Verge raised ethical issues which are worth disclosing in the interests of transparency and respect for our audience," Patel wrote. "We're confident that there wasn't any material impact on our journalism from these issues, but they are still serious enough to merit disclosure." According to Patel, Ziegler, whose most recent post was published in July, began working for Apple in July but didn't disclose his new job; The Verge apparently didn't discover he'd been working there until early September. Patel noted that Ziegler continued to work for The Verge in July, but "was not in contact with us through most of August and into September." What's not clear is how The Verge leadership went six weeks without hearing from their deputy editor or taking serious action (like filing a missing person's report) to try to find him. Patel says they "made every effort to contact him and to offer him help if needed." Patel noted the obvious conflict of interest, and added that Ziegler was fired the same day they verified his employment at Apple. "Chris did not attempt to steer any coverage towards or away from Apple, and any particular decisions he helped make had the same outcomes they would have had absent his involvement," Patel wrote. However, it's still unclear how exactly the team at Vox Media, The Verge's parent company, ascertained there was no editorial consequences from the dual-employment. You can read Patel's full statement here. Vox Media's Fay Sliger followed up with a statement to Gizmodo: "Chris is no longer an employee of The Verge or Vox Media. Chris accepted a position with Apple, stopped communicating with The Verge's leadership, and his employment at The Verge was terminated. Vox Media's editorial director Lockhart Steele conducted an internal review of this conflict of interest, and after a thorough investigation, it was determined that there was no impact on editorial decisions or journalism produced at The Verge or elsewhere in Vox Media. We've shared details about this situation with The Verge's audience and will continue to be transparent should any new information come to light."
Read Replies (0)
By BeauHD from
Slashdot's leaky-faucet department:
The Earth's atmosphere has been leaking oxygen and scientists don't know why. Researchers discovered that over the past 800,000 years, atmospheric oxygen levels have dropped by 0.7 percent. How exactly did they discover the leak? By observing ice cores from Greenland and Antarctica, which contain trapped air bubbles representing snapshots of our atmosphere over the past million-odd years. Gizmodo reports: By examining the ratio of oxygen to nitrogen isotopes within these cores, the researchers were able to pull out a trend: oxygen levels have fallen by 0.7 percent over the past 800,000 years, meaning sinks are roughly 2 percent larger than sources. Writing today in Science, the researchers offer a few possible explanations. For one, erosion rates appear to have sped up in recent geologic history, causing more fresh sediment to be exposed and oxidized by the atmosphere, causing more oxygen to be consumed. Long-term climate change could also be responsible. Recent human-induced warming aside, our planet's average temperature had been declining a bit over the past few million years. [Princeton University geologist Daniel Stolper] added that there could be other explanations, too, and figuring out which is correct could prove quite challenging. But learning what controls the knobs in our planet's oxygen cycle is worth the effort. It could help us understand what makes a planet habitable at all -- something scientists are rather keen on, given recent exoplanet discoveries. Stolper's analysis excluded one very unusual part of the record: the last 200 years of industrial human society. "We are consuming O2 at a rate a factor of a thousand times faster than before," Stolper said. "Humankind has completely short-circuited the cycle by burning tons of carbon."
Read Replies (0)
By BeauHD from
Slashdot's fraternizing-with-the-enemy department:
An anonymous reader quotes a report from Softpedia: Ardit Ferizi, aka Th3Dir3ctorY, 20, a citizen of Kosovo, will spend 20 years in a U.S. prison for providing material support to ISIS hackers by handing over data for 1,351 U.S. government employees. Ferizi obtained the data by hacking into a U.S. retail company on June 13, 2015. The hacker then filtered the stolen information and put aside records related to government officials, which he later handed over to Junaid Hussain, the then leader of the Islamic State Hacking Division (ISHD). Hussain then uploaded this information online, asking fellow ISIS members to seek out these individuals and execute lone wolf attacks. Because of this leak, the U.S. Army targeted and killed Hussain in a drone strike in Syria in August 2015. Before helping ISIS, Ferizi had a prodigious hacking career as the leader of Kosova Hacker's Security (KHS) hacking crew. He was arrested on October 6, 2015, at the international airport in Kuala Lumpur, Malaysia, while trying to catch a flight back to Kosovo. Ferizi was in Kuala Lumpur studying computer science.
Read Replies (0)
By msmash from
Slashdot's empire-stikes-back department:
Yahoo apparently took two years to investigate and tell people that its service had been breached, and that over 500 million users were affected. Amid the announcement, a user is suing Yahoo, accusing the company of gross negligence. From a Reuters report: The lawsuit was filed in the federal court in San Jose, California, one day after Yahoo disclosed the hacking, unprecedented in size, by what it believed was a "state-sponsored actor." Ronald Schwartz, a New York resident, sued on behalf of all Yahoo users in the United States whose personal information was compromised. The lawsuit seeks class-action status and unspecified damages. A Yahoo spokeswoman said the Sunnyvale, California-based company does not discuss pending litigation. The attack could complicate Chief Executive Marissa Mayer's effort to shore up the website's flagging fortunes, two months after she agreed to a $4.8 billion sale of Yahoo's Internet business to Verizon Communications. Yahoo on Thursday said user information including names, email addresses, phone numbers, birth dates and encrypted passwords had been compromised in late 2014.
Read Replies (0)
By BeauHD from
Slashdot's new-chapter department:
An anonymous reader quotes a report from Ars Technica: For the better part of a day, KrebsOnSecurity, arguably the world's most intrepid source of security news, has been silenced, presumably by a handful of individuals who didn't like a recent series of exposes reporter Brian Krebs wrote. The incident, and the record-breaking data assault that brought it on, open a troubling new chapter in the short history of the Internet. The crippling distributed denial-of-service attacks started shortly after Krebs published stories stemming from the hack of a DDoS-for-hire service known as vDOS. The first article analyzed leaked data that identified some of the previously anonymous people closely tied to vDOS. It documented how they took in more than $600,000 in two years by knocking other sites offline. A few days later, Krebs ran a follow-up piece detailing the arrests of two men who allegedly ran the service. A third post in the series is here. On Thursday morning, exactly two weeks after Krebs published his first post, he reported that a sustained attack was bombarding his site with as much as 620 gigabits per second of junk data. That staggering amount of data is among the biggest ever recorded. Krebs was able to stay online thanks to the generosity of Akamai, a network provider that supplied DDoS mitigation services to him for free. The attack showed no signs of waning as the day wore on. Some indications suggest it may have grown stronger. At 4 pm, Akamai gave Krebs two hours' notice that it would no longer assume the considerable cost of defending KrebsOnSecurity. Krebs opted to shut down the site to prevent collateral damage hitting his service provider and its customers. The assault against KrebsOnSecurity represents a much greater threat for at least two reasons. First, it's twice the size. Second and more significant, unlike the Spamhaus attacks, the staggering volume of bandwidth doesn't rely on misconfigured domain name system servers which, in the big picture, can be remedied with relative ease. The attackers used Internet-of-things devices since they're always-connected and easy to "remotely commandeer by people who turn them into digital cannons that spray the internet with shrapnel." "The biggest threats as far as I'm concerned in terms of censorship come from these ginormous weapons these guys are building," Krebs said. "The idea that tools that used to be exclusively in the hands of nation states are now in the hands of individual actors, it's kind of like the specter of a James Bond movie." While Krebs could retain a DDoS mitigation service, it would cost him between $100,000 and $200,000 per year for the type of protection he needs, which is more than he can afford. What's especially troubling is that this attack can happen to many other websites, not just KrebsOnSecurity.
Read Replies (0)
By BeauHD from
Slashdot's responsible-living department:
jenningsthecat writes: The Swedish government is putting its money where its mouth is when it comes to encouraging the repair of stuff that would otherwise be thrown away, according to both The Guardian and Fast Company. The country's Social Democrat and Green party coalition have submitted proposals to Parliament that would reduce the value-added-tax (VAT) on bicycle, clothing, and shoe repairs from 25% to 12%. Also proposed is an income tax deduction equalling half the labor cost of repairing household appliances. According to The Guardian, "the incentives are part of a shift in government focus from reducing carbon emissions produced domestically to reducing emissions tied to goods produced elsewhere." Per Bolund, Sweden's Minister for Financial Markets and Consumer Affairs, said the policy also tied in with international trends around reduced consumption and crafts, such as the "maker movement" and the sharing economy, both of which have strong followings in Sweden. The VAT cut may create more jobs for immigrants as it could spur the creation of a new home-repairs service industry. Also, from a science standpoint, the incentives could help cut the cost of carbon emissions on the planet as it should in theory reduce emissions linked to consumption. "I believe there is a shift in view in Sweden at the moment. There is an increased knowledge that we need to make our things last longer in order to reduce materials' consumption," Bolund said. The Guardian's report concludes: "The proposals will be presented in parliament as part of the government's budget proposals and if voted through in December will become law from January 1, 2017."
Read Replies (0)
By BeauHD from
Slashdot's one-step-forward-two-steps-back department:
While the IT industry is making progress in securing information and communications systems from cyberattacks, a new survey from cybersecurity company CyberArk says several critical areas, such as privileged account security, third-party vendor access and cloud platforms are undermining them. An anonymous Slashdot reader shares with us the details of the report via eSecurity Planet: According to the results of a recent survey of 750 IT security decision makers worldwide, 40 percent of organizations store privileged and administrative passwords in a Word document or spreadsheet, while 28 percent use a shared server or USB stick. Still, the survey, sponsored by CyberArk and conducted by Vanson Bourne, also found that 55 percent of respondents said they have evolved processes for managing privileged accounts. Fully 79 percent of respondents said they have learned lessons from major cyberattacks and have taken appropriate action to improve security. Sixty-seven percent now believe their CEO and board of directors provide sound cybersecurity leadership, up from 57 percent in 2015. Three out of four IT decision makers now believe they can prevent attackers from breaking into their internal network, a huge increase from 44 percent in 2015 -- and 82 percent believe the security industry in general is making progress against cyberattackers. Still, 36 percent believe a cyberattacker is currently on their network or has been within the past 12 months, and 46 percent believe their organization was a victim of a ransomware attack over the past two years. And while 95 percent of organizations now have a cybersecurity emergency response plan, only 45 percent communicate and regularly test that plan with all IT staff. Sixty-eight percent of organizations cite losing customer data as one of their biggest concerns following a cyberattack, and 57 percent of organizations that store information in the cloud are not completely confident in their cloud provider's ability to protect their data.
Read Replies (0)
By BeauHD from
Slashdot's life-saving department:
An anonymous reader quotes a report from Quartz: UPS announced Sept. 23 that it has begun testing drone deliveries in the U.S. with drone manufacturer CyPhy Works. The two companies yesterday completed a test of delivering medicine from the coastal town of Beverly, Massachusetts, to Children's Island, a small island about three miles into the Atlantic Ocean. CyPhy's drone has night-vision capabilities, according to a release shared with Quartz. The test yesterday involved a trial situation where an asthmatic child urgently needed an inhaler, which was dispatched from the mainland to the island, arriving far more quickly than it would've taken a boat to get there. CyPhy's drone autonomously flew supplies over the ocean to a group waiting to receive them on the other end, although there was no actual child with asthma in danger. In May, UPS had announced that it was partnering with the drone company Zipline to deliver medical supplies to rural Rwanda, having invested nearly $1 million into the company. UPS has also invested an undisclosed amount in CyPhy. UPS told Quartz that the FAA was aware of its test, and Houston Mills, a commercial pilot with UPS for over a decade and the company's director of airline safety, was recently announced as a member of the FAA's Drone Advisory Committee. The committee is working with industry experts and companies to figure out how to safely integrate a network of commercial drones into U.S. airspace. You can watch the heroic footage of the trial run here.
Read Replies (0)
By BeauHD from
Slashdot's not-so-secret-anymore department:
After it was revealed that Oculus founder Palmer Luckey backed a pro-Trump political organization called Nimble America that is dedicated to "shitposting" and spreading inflammatory memes about Hillary Clinton, several developers of the Oculus Rift virtual-reality headset have announced that they will stop supporting the headset until its founder steps down. One of the biggest developers for Oculus Rift, Insomniac Games, told Motherboard, "Insomniac Games condemns all forms of hate speech. While everyone has a right to express his or her political opinion, the behavior and sentiments reported do not reflect the values of our company. We are also confident that his behavior and sentiment does not reflect the values of the many Oculus employees we work with on a daily basis." Fez and Superhypercube developer Polytron also said in a statement, "In a political climate as fragile and horrifying as this one, we cannot tacitly endorse these actions by supporting Luckey or his platform." Motherboard reports: Motherboard has reached out to several other, more well-known VR developers who work with Oculus including Fantastic Contraption makers Northway Games and Job Simulator makers Owlchemy Labs. Northway Games couldn't be reached immediately for comment but tweeted the following: "What. The. Fuck. [accompanied with a link to the news via Kotaku]" and "Definitely using every fibre of my 'professionalism' to not tweet some tweets right now." Owlchemy Labs, which is currently developing for Job Simulator for the Oculus Touch controls, declined to comment either way. E McNeill, who has developed a couple of games for Oculus Rift and GearVR, suggested that like-minded VR developers raise money for Hillary Clinton's campaign to counter the money Luckey has raised for Trump. [E McNeill tweeted: "Idle Q: Would any Oculus devs join me in a donation drive for HIllary? We could aim to beat Nimble America's $11k. I'd start with $1k myself."] "This backlash is nonsense," said James Green, co-founder of VR developer Carbon Games. "I absolutely support him doing whatever he wants politically if it's legal. To take any other position is against American values."
Read Replies (0)
By BeauHD from
Slashdot's slow-roast department:
An anonymous reader quotes a report from Ars Technica: The federal judge who presided over the Google-Oracle API copyright infringement trial excoriated one of Oracle's lawyers Thursday for disclosing confidential information in open court earlier this year. The confidential information included financial figures stating that Google generated $31 billion in revenue and $22 billion in profits from the Android operating system in the wake of its 2008 debut. The Oracle attorney, Annette Hurst, also revealed another trade secret: Google paid Apple $1 billion in 2014 to include Google search on iPhones. Judge William Alsup of San Francisco has been presiding over the copyright infringement trial since 2010, when Oracle lodged a lawsuit claiming that Google's Android operating system infringed Oracle's Java APIs. After two trials and various trips to the appellate courts, a San Francisco federal jury concluded in May that Google's use of the APIs amounted to fair use. Oracle's motion before Alsup for a third trial is pending. Oracle argues that Google tainted the verdict by concealing a plan to extend Android on desktop and laptop computers. As this legal saga was playing out, Hurst blurted out the confidential figures during a January 14 pre-trial hearing, despite those numbers being protected by a court order. The transcript of that proceeding has been erased from the public record. But the genie is out of the bottle. Google lodged a motion (PDF) for sanctions and a contempt finding against Hurst for unveiling a closely guarded secret of the mobile phone wars. During a hearing on that motion Thursday, Judge Alsup had a back-and-forth with Hurst's attorney, former San Francisco U.S. Attorney Melinda Haag. According to the San Francisco legal journal The Recorder, Haag said that her client Hurst -- of the law firm Orrick, Herrington and Sutcliffe -- should not be sanctioned because of "one arguable mistake made through the course of a very complex litigation."
Read Replies (0)
By BeauHD from
Slashdot's do-it-yourself department:
TechRax -- a popular YouTuber who destroys technology for fame and riches -- has uploaded a video where he drills a hole into an iPhone 7, claiming it to be a "secret hack" to reinstall a headphone jack in the device. The only problem is that he didn't tell people it was a joke, and of course, some people fell for it. Crave Online reports: The YouTube video has amassed over 7.5 million views since being posted online last week, with it attracting 81,000 dislikes in the process. The comments section is currently torn between people who are in on the joke, people who criticize TechRax for damaging his iPhone 7, and most unfortunately, people who have tried the "hack" out for themselves. Although this is YouTube so you can never be quite sure of whether or not these folks are trolling, parsing the comments section reveals some pretty convincing complaints lobbed in TechRax's direction. It's also firmly believable that there are people dumb enough to attempt drilling a hole into their iPhone 7, which is unfortunate but that's the way the world is in 2016. You can read the comments under the YouTube video for more "convincing complaints." But as if the report didn't make it clear enough already, the video is a joke. Apple removed the headphone jack and there's no way to get it back, unless you use an adapter.
Read Replies (0)
By BeauHD from
Slashdot's connected-appliances department:
Android Police has learned of a new Google device that will launch alongside the Google Pixel smartphones, Google Home, and 4K 'Chromecast Ultra' dongle on October 4th. Called Google Wifi, the Wi-Fi router will cost $129 and contain several "smart" features. Android Police reports: [The] source additionally claims that Google will advertise the router as having "smart" features -- probably similar to OnHub in some respects -- and that Google will claim it provides enhanced range over typical Wi-Fi routers (a claim we see basically every router make, to be fair). But the one thing that will make it an insta-buy for many over OnHub? Our source claims multiple Google Wifi access points (two or more) can be linked together to create one large wireless network. We don't have any details on how this works, unfortunately. But one source claims that Google Wifi device will essentially be like a little white Amazon Echo Dot. So, relatively small and inconspicuous. In a separate report, Android Police details Google's upcoming smart speaker called Google Home, along with their upcoming 4K 'Chromecast Ultra' devices. Specifically, they will be priced at $129 and $69 respectively: Google Home was announced at Google I/O in May. Our sources also confirmed that the personalized base covers Google showed at I/O will be a feature of the final device. $129 also undercuts Amazon's Echo by a full $40, and though matches the price of the portable Amazon Tap, it's clear Google has Amazon's flagship smart home product in its sights with Home. Chromecast Ultra, which we are now all but certain is the name of Google's upcoming 4K version of Chromecast, will come in at $69 retail. As for what it brings beyond 4K, one of our sources claims that HDR is indeed on the list of bullet points.
Read Replies (0)
By manishs from
Slashdot's sad-reality department:
It's no secret that more companies are getting hacked now than ever. The government is getting hacked, major corporate companies are getting hacked, and even news outlets are getting hacked. This raises the obvious question: why aren't people investing more in bolstering their security? The answer is, as a report on The Register points out, money. Despite losing a significant sum of money on a data breach, it is still in a company's best interest to not spend on upgrading their security infrastructure. From the report: A study by the RAND Corporation, published in the Journal of Cybersecurity, looked at the frequency and cost of IT security failures in US businesses and found that the cost of a break-in is much lower than thought -- typically around $200,000 per case. With top-shelf security systems costing a lot more than that, not beefing up security looks in some ways like a smart business decision. "I've spent my life in security and everyone expects firms to invest more and more," the report's author Sasha Romanosky told The Reg. "But maybe firms are making rational investments and we shouldn't begrudge firms for taking these actions. We all do the same thing, we minimize our costs." Romanosky analyzed 12,000 incident reports and found that typically they only account for 0.4 per cent of a company's annual revenues. That compares to billing fraud, which averages at 5 per cent, or retail shrinkage (ie, shoplifting and insider theft), which accounts for 1.3 per cent of revenues. As for reputational damage, Romanosky found that it was almost impossible to quantify. He spoke to many executives and none of them could give a reliable metric for how to measure the PR cost of a public failure of IT security systems.
Read Replies (0)
By manishs from
Slashdot's tv-charges department:
According to data from Leichtman Research's annual study, pay TV subscriptions keep going up and up. So much so that in the last five years, they have gone up by 40 percent. In 2011, subscribers were paying an average of $73.63 for cable or satellite, but now that average stands at roughly $103. From a BusinessInsider report: And it's not helping subscriber growth. "About 82% of households that use a TV currently subscribe to a pay-TV service," Bruce Leichtman said in a statement. "This is down from where it was five years ago, and similar to the penetration level eleven years ago." The pay-TV industry lost 800,000 last quarter subscribers last quarter, according to the research firm SNL Kagan. Putting that on a personal level, NBCUniversal CEO Steve Burke recently said his own kids don't even pay for TV. Burke has five "millennial" children, ages 19 to 28, and exactly "none" subscribe to cable or satellite, he said at a conference last week.
Read Replies (0)
By manishs from
Slashdot's living-room-tech department:
An anonymous reader writes: Siri may soon be making the jump from your pocket to your end table. Apple has been working on a standalone product to control internet-of-things devices for a while, but a new report from Bloomberg suggests that the company has moved the project from a research phase to prototyping. It would theoretically be pitted against other smart-home devices, including Amazon's sleeper hit, the Echo, and Google's forthcoming Home Hub. According to the report, Apple's device would be controlled using its Siri voice assistant technology. It would be able to perform the same functions that it can complete now on iPhones, Macs, and other Apple products, such as being able to tell you when the San Francisco Giants are next playing, or possibly send a poorly transcribed text message. The device would also be able to control other internet-connected devices in the home, such as lights, door locks, and web-enabled appliances, as Google and Amazon's products can. It would also have the same ability to play music through built-in speakers.
Read Replies (0)
By manishs from
Slashdot's you-have-got-a-package department:
Amazon UK has been found guilty and fined 65,000 euro for breaking aviation safety laws after repeatedly trying to send dangerous goods by airmail, reports The Guardian. From the article: A judge at Southwark crown court in London said on Friday that Amazon knew the rules, had been warned repeatedly, but had failed to take reasonable care. Although the risks from the goods sent for shipment by air were low, he blamed the breaches on "systemic failure" at the online retailer. As well as the fine, Amazon was ordered to pay 60,000 euro towards prosecution costs. Earlier in the week, the jury found Amazon guilty of breaching rules for shipping dangerous goods by airmail on four counts between November 2013 and May 2015. The prosecution was brought by the Civil Aviation Authority, after a complaint from Royal Mail. Some offences took place after Amazon knew it was under investigation. In each case, the items -- two packages containing laptop lithium batteries and two containing aerosols that used flammable gas propellant -- had been flagged up by Amazon's computer systems as possibly dangerous goods, and subject to restricted shipping rules.
Read Replies (0)