By msmash from Slashdot's house-of-cards department
The invasion exploited weaknesses in those companies, their customers, and the Western system of technological defense, Reuters reported on Wednesday. From the report: Hacked by suspected Chinese cyber spies five times from 2014 to 2017, security staff at Swedish telecoms equipment giant Ericsson had taken to naming their response efforts after different types of wine. Pinot Noir began in September 2016. After successfully repelling a wave of attacks a year earlier, Ericsson discovered the intruders were back. And this time, the company's cybersecurity team could see exactly how they got in: through a connection to information-technology services supplier Hewlett Packard Enterprise. Teams of hackers connected to the Chinese Ministry of State Security had penetrated HPE's cloud computing service and used it as a launchpad to attack customers, plundering reams of corporate and government secrets for years in what U.S. prosecutors say was an effort to boost Chinese economic interests.
The hacking campaign, known as "Cloud Hopper," was the subject of a U.S. indictment in December that accused two Chinese nationals of identity theft and fraud. Prosecutors described an elaborate operation that victimized multiple Western companies but stopped short of naming them. A Reuters report at the time identified two: Hewlett Packard Enterprise and IBM. Yet the campaign ensnared at least six more major technology firms, touching five of the world's 10 biggest tech service providers. Also compromised by Cloud Hopper, Reuters has found: Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation and DXC Technology. HPE spun-off its services arm in a merger with Computer Sciences Corporation in 2017 to create DXC.Read Replies (0)
By msmash from Slashdot's out-of-the-box department
sciencehabit writes: To gauge the performance of a supercomputer, computer scientists turn to a standard tool: a set of algorithms called LINPACK that tests how fast the machine solves problems with huge numbers of variables. For quantum computers, which might one day solve certain problems that overwhelm conventional computers, no such benchmarking standard exists. One reason is that the computers, which aim to harness the laws of quantum mechanics to accelerate certain computations, are still rudimentary, with radically different designs contending. In some, the quantum bits, or qubits, needed for computation are embodied in the spin of strings of trapped ions, whereas others rely on patches of superconducting metal resonating with microwaves. Comparing the embryonic architectures "is sort of like visiting a nursery school to decide which of the toddlers will become basketball stars," says Scott Aaronson, a computer scientist at the University of Texas in Austin.
Yet researchers are making some of their first attempts to take the measure of quantum computers. Last week, Margaret Martonosi, a computer scientist at Princeton University, and colleagues presented a head-to-head comparison of quantum computers from IBM, Rigetti Computing in Berkeley, California, and the University of Maryland (UMD) in College Park. The UMD machine, which uses trapped ions, ran a majority of 12 test algorithms more accurately than the other superconducting machines, the team reported at the International Symposium on Computer Architecture in Phoenix. Christopher Monroe, a UMD physicist and founder of the company IonQ, predicts such comparisons will become the standard. "These toy algorithms give you a simple answer -- did it work or not?" But even Martonosi warns against making too much of the tests. In fact, the analysis underscores how hard it is to compare quantum computers -- which leaves room for designers to choose metrics that put their machines in a favorable light.Read Replies (0)
By msmash from Slashdot's closer-look department
Telecommunications gear made by China's Huawei is far more likely to contain flaws that could be leveraged by hackers for malicious use than equipment from rival companies, according to new research by cybersecurity experts that top U.S. officials said appeared credible. From a report: Over half of the nearly 10,000 firmware images encoded into more than 500 variations of enterprise network-equipment devices tested by the researchers contained at least one such exploitable vulnerability, the researchers found. Firmware is the software that powers the hardware components of a computer. The tests were compiled in a new report that has been submitted in recent weeks to senior officials in multiple government agencies in the U.S. and the U.K., as well as to lawmakers. The report is notable both for its findings and because it is circulating widely among Trump administration officials who said it further validated their policy decisions toward Huawei.
"This report supports our assessment that since 2009, Huawei has maintained covert access to some of the systems it has installed for international customers," said a White House official who reviewed the findings. "Huawei does not disclose this covert access to customers nor local governments. This covert access enables Huawei to record information and modify databases on those local systems." The report, reviewed by The Wall Street Journal, was prepared by Finite State, a Columbus, Ohio-based cybersecurity firm.Read Replies (0)
By BeauHD from Slashdot's be-afraid-be-very-afraid department
A new study by Oxford Economics, a private British-based research and consulting firm, says robots are expected to take over some 20 million manufacturing jobs worldwide by 2030, extending a trend of worsening social inequality while boosting overall economic output. "The forecast set to be released Wednesday highlights growing concerns that automation and robots, while offering economic benefits, are disproportionately killing low-skill jobs and aggravating social and economic stress," reports France 24. From the report: Robots have already taken over millions of manufacturing jobs and are now gaining in services, helped by advances in computer vision, speech recognition and machine learning, the study noted. In lower-skilled regions, job losses will be twice as high as those in higher-skilled regions, even in the same country, the study concluded. According to the latest study, the current wave of "robotization" is likely ultimately to boost productivity and economic growth, generating roughly as many new jobs as it destroys. At the high end of the forecast, the researchers see a $5 trillion "robotics dividend" for the global economy by 2030 from higher productivity.Read Replies (0)
By BeauHD from Slashdot's somewhat-Orwellian department
A new system to assess the performance of employees is claimed to be more objective and thus more accurate by utilizing smartphones and fitness trackers. New Atlas reports: The passive system incorporates an app known as PhoneAgent, which was developed by Prof. Andrew Campbell at New Hampshire's Dartmouth College. Using the smartphone's own sensors, that app continuously monitors factors such as the worker's phone usage, physical activity level, geographical location, and the ambient light levels of their environment. PhoneAgent is also Bluetooth-linked to a fitness bracelet worn by the employee, which transmits data including their heart functions, sleep quality, stress levels, and calorie consumption. Additionally, Bluetooth locational beacons in the person's home and workplace monitor how much time they spend at each place, and how often they leave their workstation.
All of the phone, bracelet and beacon data is transmitted to a cloud-based server, where it's processed via machine-learning algorithms that were "trained" on the habits of people already known to be high- or low-level performers. When tested on 750 workers across the U.S. over a one-year period, the system was reportedly able to distinguish between individuals' performance levels (in a variety of industries) with an accuracy of 80 percent. That number should rise as the system is developed further.Read Replies (0)
By BeauHD from Slashdot's life-is-a-series-of-trade-offs department
An anonymous reader quotes a report from CBS News: A college education is still considered a pathway to higher lifetime earnings and gainful employment for Americans. Nevertheless, two-thirds of employees report having regrets when it comes to their advanced degrees, according to a PayScale survey of 248,000 respondents this past spring that was released Tuesday. Student loan debt, which has ballooned to nearly $1.6 trillion nationwide in 2019, was the No. 1 regret among workers with college degrees. About 27% of survey respondents listed student loans as their top misgiving, PayScale said. College debt was followed by chosen area of study (12%) as a top regret for employees, though this varied greatly by major. Other regrets include poor networking, school choice, too many degrees, time spent completing education and academic underachievement. "Those with science, technology, engineering and math majors, who are typically more likely to enjoy higher salaries, reported more satisfaction with their degrees," the report adds. "About 42% of engineering grads and 35% of computer science grads said they had no regrets."
Those with the most regrets include humanities majors, who are least likely to earn higher pay post-graduation. "About 75% of humanities majors said they regretted their college education," report says. "About 73% of graduates who studied social sciences, physical and life sciences, and art also said the same." Somewhere in the middle were 66% of business graduates, 67% of health sciences graduates and 68% of math graduates who said they regretted their education.Read Replies (0)
By BeauHD from Slashdot's where's-my-money department
Spotify is reportedly seeking a refund for overpayments made to songwriters and publishers last year, according to a report from Music Business Worldwide. CNET reports: Last year, a royalty rate-setting panel in the U.S., called the Copyright Royalty Board, ruled that a particular kind of royalty paid to songwriters and publishers should rise 44% or more for 2018 through 2022. The board finalized that rate -- called a mechanical royalty -- earlier this year. Then streaming services like Spotify, Amazon, Google and Pandora appealed the payment increases in March. Now Spotify is saying it paid too much last year and wants a refund, according to Music Business Worldwide.
The CRB rules say the annual streaming royalty rate for US songwriters and publishers between 2018 and 2022 should be set by choosing the highest outcome of three different models, with one model based on a flat fee per subscriber, Consequence of Sound noted. But Spotify's student discount and family plan bundles add a layer of complexity. The Copyright Royalty Board's rules say a family plan is be worth 1.5 subscribers per month and a student plan is equal to half a subscriber per month. The family plan lets six people subscribe for $15 a month, while students pay $5 a month. (A regular subscriber pays $10.) The argument by Spotify seems to be that it didn't take some subscribers into account and overpaid publishers. It's not seeking the 2018 money back immediately, but "offered to extend the recoupment period" until the end of 2019, according to Music Business Worldwide.Read Replies (0)
By BeauHD from Slashdot's fiber-fraud department
An anonymous reader quotes a report from Ars Technica: The former head of FCC Chairman Ajit Pai's Broadband Deployment Advisory Committee (BDAC) was sentenced to five years in prison for defrauding investors. Elizabeth Ann Pierce was CEO of Quintillion, an Alaskan telecom company, when she lied to two investment firms in New York in order to raise $270 million to build a fiber network. She also defrauded two individual investors out of $365,000 and used a large chunk of that money for personal expenses. Pierce, 55, pleaded guilty and last week was given the five-year prison sentence in U.S. District Court for the Southern District of New York, U.S. Attorney Geoffrey Berman announced. Pierce was also "ordered to forfeit $896,698.00 and all of her interests in Quintillion and a property in Texas." She will also be subject to a restitution order to compensate her victims "at a later date." Pierce landed the top sot on Pai's broadband advisory committee in April 2017. "But she left Quintillion in July 2017 as her scheme unraveled, and she resigned from the FCC advisory panel," reports Ars. "Pai appointed a new chair for his committee two months later; he thanked Pierce for her service, saying she did 'an excellent job' chairing the committee and 'wish[ed] her all the best in her future endeavors.'" According to Berman's announcement, Pierce forged contracts in order to raise $270 million from investors.Read Replies (0)
By msmash from Slashdot's fight-continues department
The US government announced a nationwide crackdown on illegal robocalls on Tuesday, targeting companies and individuals who have collectively placed over 1 billion unwanted calls for financial schemes and other services, according to the Federal Trade Commission. From a report: The crackdown involves nearly 100 cases, five of which are criminal enforcement actions. They were brought by the FTC, Justice Department, 15 states and a slew of local authorities. It marks the latest effort by regulators to battle back the tide of unwanted and illegal calls from telemarketers and scammers. Some of those targeted by the action were a major source of robocalls. Derek Jason Bartoli, a Florida man who allegedly developed, sold and used a form of software that allows millions of calls to be placed in quick succession, was responsible for 57 million calls to US phone numbers over six months in 2017, according to a federal complaint. [...] The joint action includes the states of Alabama, Arizona, Colorado, Florida, Illinois, Indiana, Michigan, Missouri, North Carolina, North Dakota, Ohio, Oregon, Pennsylvania, Texas, and Virginia.Read Replies (0)
By msmash from Slashdot's security-woes department
A new strain of malware is wiping the firmware of IoT devices in attacks reminiscent of the old BrickerBot malware that destroyed millions of devices back in 2017. From a report: Named Silex, this malware began operating earlier today, about three-four hours before this article's publication. The malware had bricked around 350 devices when this reporter began investigating its operations, and the number quickly spiked to 2,000 wiped devices by the time we published, an hour later. Attacks are still ongoing, and according to an interview with the malware's creator, they are about to intensify in the coming days. According to Akamai researcher Larry Cashdollar, who first spotted the malware earlier today, Silex works by trashing an IoT device's storage, dropping firewall rules, removing the network configuration, and then halting the device. It's as destructive as it can get without actually frying the IoT device's circuits. To recover, victims must manually reinstall the device's firmware, a task too complicated for the majority of device owners.Read Replies (0)
By msmash from Slashdot's how-about-that department
Maybe American kids will only have to live through one Christmas without Toys "R" Us. About a year after shuttering U.S. operations, the remnant of the defunct toy chain is set to return this holiday season by opening about a half dozen U.S. stores and an e-commerce site, according to a report. From the report: Richard Barry, a former Toys "R" Us executive who is now CEO of new entity Tru Kids, has been pitching his vision to reincarnate the chain to toymakers, including at an industry conference this week, said the people, who asked not to be identified because the plans aren't public. The stores are slated to be about 10,000-square feet, roughly a third of the size of the brand's big-box outlets that closed last year, the people said. The locations will also have more experiences, like play areas. The startup costs could be minimized with a consignment inventory model in which toymakers ship goods but don't get paid until consumers buy them, some of the people said.Read Replies (0)
By msmash from Slashdot's tussle-continues department
An anonymous reader shares a report: The most astonishing thing about cement is how much air pollution it produces. Manufacturing the stone-like building material is responsible for 7% of global carbon dioxide emissions, more than what comes from all the trucks in the world. And with that in mind, it's surprising that leading cement makers from LafargeHolcim in Switzerland to Votorantim Cimentos in Brazil are finding customers slow to embrace a greener alternative. Their story highlights the difficulties of taking greenhouse gases out of buildings, roads and bridges. After wresting deep cuts from the energy industry, policymakers looking to extend the fight against global warming are increasingly focusing on construction materials and practices as a place to make further reductions. The companies are working on solutions, but buyers are reluctant to pay more.
While architects and developers concentrate on the energy used by their buildings, it's actually the materials supporting the structure that embody the biggest share of its lifetime carbon footprint. Cement's contribution to emissions is especially immense because of the chemical process required to make it. About two-thirds of the polluting gases that come from cement production stem from burning limestone. Kilns are heated to more than 1,400 degrees Celsius (2,600 Fahrenheit), about four times hotter than a home oven set to the self-clean cycle. Inside the kiln, carbon trapped in the limestone combines with oxygen and is released as CO2, the most abundant greenhouse gas.Read Replies (0)
By msmash from Slashdot's shape-of-things-to-come department
The world is increasingly at risk of "climate apartheid," where the rich pay to escape heat and hunger caused by the escalating climate crisis while the rest of the world suffers, a report from a UN human rights expert has said. From a report: Philip Alston, UN special rapporteur on extreme poverty and human rights, said the impacts of global heating are likely to undermine not only basic rights to life, water, food, and housing for hundreds of millions of people, but also democracy and the rule of law. Alston is critical of the "patently inadequate" steps taken by the UN itself, countries, NGOs and businesses, saying they are "entirely disproportionate to the urgency and magnitude of the threat." His report to the UN human rights council (HRC) concludes: "Human rights might not survive the coming upheaval."
The report also condemns Donald Trump for "actively silencing" climate science, and criticises the Brazilian president, Jair Bolsonaro, for promising to open up the Amazon rainforest to mining. But Alston said there were also some positive developments, including legal cases against states and fossil fuel companies, the activism of Greta Thunberg and the worldwide school strikes, and Extinction Rebellion.Read Replies (0)