By EditorDavid from Slashdot's free-as-in-labor department
"Open source maintainers are exhausted and rarely paid," writes TechCrunch's editorial manager. "A new generation wants to change the economics."
An anonymous reader quotes their report:
Tidelift is designed to offer assurances "around areas like security, licensing, and maintenance of software," CEO Donald Fischer explained... In addition, Tidelift handles the mundane tasks of setting up open source for commercialization such as handling licensing issues... Open Collective wants to open source the monetization of open source itself. Open Collective is a non-profit platform that provides tools to "collectives" to receive money while also offering mechanisms to allow the members of those collectives to spend their money in a democratic and transparent way.
TechCrunch warns that "It's not just that people are free riding, it's often that they don't even realize it. Software engineers can easily forget just how much craftsmanship has gone into the open source code that powers the most basic of applications...
< article continued at Slashdot's free-as-in-labor department
>Read Replies (0)
By EditorDavid from Slashdot's meet-the-midi-chlorians department
In an interview with James Cameron, George Lucas reveals what he'd planed for the final three Star Wars films:
"[The next three 'Star Wars' films] were going to get into a microbiotic world," he told Cameron. "There's this world of creatures that operate differently than we do. I call them the Whills. And the Whills are the ones who actually control the universe. They feed off the Force...." In terms of his storytelling, Lucas regarded individuals as "vehicles for the Whills to travel around in... And the conduit is the midi-chlorians. The midi-chlorians are the ones that communicate with the Whills. The Whills, in a general sense, they are the Force."
Lucas is confident that had he kept his company, the Whills-focused films "would have been done. Of course, a lot of the fans would have hated it, just like they did 'Phantom Menace' and everything, but at least the whole story from beginning to end would be told."
Lucas acknowledges in the interview that "Everybody hated it in 'Phantom Menace' [when] we started talking about midi-chlorians," prompting one Ars Technica editor to add "Because it was a really dumb idea." He speculates that if the final three Star Wars movies followed Lucas's original plan, "Imagine, if you can, our heroes shrinking down like the Fantastic Voyage to go meet some midi-chlorians."
Knowing Lucas's plans for the franchise "should make every Star Wars fan send a note of gratitude to whoever at Disney decided to buy the franchise and take it away and out from under Lucas' control."Read Replies (0)
By EditorDavid from Slashdot's Nathan-vs-NASA department
An anonymous reader quotes Qz:
NASA is not going to be able to find all the asteroids big enough to cause serious devastation on Earth by 2020 -- or even 2033. Also: For a hypothetical attempt to send a spacecraft to divert an seriously dangerous incoming asteroid, we'll need a ten year heads-up to build it and get it to the asteroid.
The good news? They're working on it. "If a real threat does arise, we are prepared to pull together the information about what options might work and provide that information to decision-makers," Lindley Johnson, NASA's Planetary Defense Officer, told reporters.
But NASA's methodology is now being criticized by former Microsoft CTO Nathan Myhrvold -- in the peer-reviewed journal Icarus. An anonymous reader quotes Scientific American:
Since 2016, Nathan Myhrvold has argued that there are fatal flaws in the data from NASA's NEOWISE mission to hunt space rocks... NASA is working to develop a follow-up space telescope that would use the same scientific approach to fulfill a mandate from the US Congress to discover nearly all of the space rocks that could pose a threat to Earth.
After 18 months of peer review, and plenty of acrimony on both sides, Myhrvold's latest critique appeared on 22 May on the website of the journal Icarus. Among other things, he argues that NEOWISE estimates of asteroid diameters should not be trusted -- a crucial challenge, because the size of an asteroid determines how much damage it would cause if it hit Earth. "These observations are the best we're going to have for a very long time," says Myhrvold. "And they weren't really analysed very well at all."
NASA hasn't responded in detail to Myhrvold's criticism, though a June 14th statement said their team "stands by its data and scientific findings," noting that they'd also been published in several peer-reviewed journals.Read Replies (0)
By EditorDavid from Slashdot's zero-cool department
America's Department of Defense "has quietly empowered the United States Cyber Command to take a far more aggressive approach to defending the nation against cyberattacks, a shift in strategy that could increase the risk of conflict with the foreign states that sponsor malicious hacking groups," reports the New York Times. Long-time Slashdot reader TheSauce shares their report:
In the spring, as the Pentagon elevated the command's status, it opened the door to nearly daily raids on foreign networks, seeking to disable cyberweapons before they can be unleashed, according to strategy documents and military and intelligence officials... The new strategy envisions constant, disruptive "short of war" activities in foreign computer networks... "Continuous engagement imposes tactical friction and strategic costs on our adversaries, compelling them to shift resources to defense and reduce attacks"...
The risks of escalation -- of U.S. action in foreign networks leading to retaliatory strikes against U.S. banks, dams, financial markets or communications networks -- are considerable, according to current and former officials... The chief risk is that the internet becomes a battleground of all-against-all, as nations not only place "implants" in the networks of their adversaries -- something the United States, China, Russia, Iran and North Korea have done with varying levels of sophistication -- but also begin to engage in daily attack and counterattack.
An article shared by schwit1 notes that officials in the Obama administration "were also worried that a vigorous cyber response...could escalate into a full scale cyber war."
Yet the Times reports that this new policy reflects "a widespread view that the United States has mounted an inadequate defense against the rising number of attacks aimed at America."Read Replies (0)
By EditorDavid from Slashdot's bleep-bleep-bloop-play-ball department
Long-time Slashdot reader Esther Schindler writes: Everyone who watches sports spends some amount of time yelling at the umpire or sports referee. For the past few years we've also been shouting, "Replace that ump with a robot!"
But is it technically feasible? Is the current level of AI and robotics tech up to the job? This article starts with the assumption that someone seriously wants to create a robot umpire or sports referee and then evaluates whether it possible to build an accurate and trustworthy augmented reality solution today.
The article points out that professional tennis matches already apply AI to high-definition video feeds from up to six different cameras to dispense binding judgments on whether a ball was in or out. At the same time, not every officiating decision in every sport is so easily automated, since AI "can't yet handle calls that hinge on judgment of players' intent."
But there's a larger question: do we really want to remove those human watchers from our sports? "Sports is a human activity," argues a professor of social sciences at Cardiff University in Wales, suggesting that human officials continue a cultural tradition which reminds us of who we are. "Humans are imperfect; that's OK."
What do Slashdot's readers think? Should professional sports switch to robot referees?Read Replies (0)
By EditorDavid from Slashdot's Turing-tests department
DevNull127 writes: A grateful reporter whose father-in-law liberated a concentration camp after D-Day reports on a high-tech team that "accomplished in 13 minutes what took Alan Turing years to do — and at a cost of just $7."
"In late 2017, at the Imperial War Museum in London, developers applied modern AI techniques to break the 'unbreakable' Enigma machine used by the Nazis to encrypt their correspondences in World War II."
Two Polish co-founders of a company called Enigma Pattern decided to honor Alan Turing's ground-breaking work at Bletchley Park, where Turing had automated the testing of over 15 billion possible passwords each day by building what's considered the first modern computer. They took the problem to a modern cloud infrastructure provider, renting what one describes as "2,000 minions that do the tedious work" — specifically, crunching 41 million combinations each second — using Grimm's Fairy Tales to train an algorithm to recognize when they had found a commonly-used German word (including familiar bedtime stories like Hansel & Gretl and Rumpelstiltskin). "In the end the AI could not understand German. But it did what machine learning does best: recognize patterns."
"After 13 minutes of minion work, boom! The new Bombe had broken the code."
Turing's birthday is Saturday — and it's nice to see him being remembered so fondly.Read Replies (0)
By EditorDavid from Slashdot's installment-plans department
A reminder for commenters: non-commercial use of Java remains free. An anonymous reader quotes InfoWorld:
Oracle has revamped its commercial support program for Java SE (Standard Edition), opting for a subscription model instead of one that has had businesses paying for a one-time perpetual license plus an annual support fee... It is required for Java SE 8, and includes support for Java SE 7. (As of January 2019, Oracle will require a subscription for businesses to continue getting updates to Java SE 8.)
The price is $25 per month per processor for servers and cloud instances, with volume discounts available. For PCs, the price starts at $2.50 per month per user, again with volume discounts. One-, two-, and three-year subscriptions are available... The previous pricing for the Java SE Advanced program cost $5,000 for a license for each server processor plus a $1,100 annual support fee per server processor, as well as $110 one-time license fee per named user and a $22 annual support fee per named user (each processor has a ten-user minimum)...
If users do not renew a subscription, they lose rights to any commercial software downloaded during the subscription. Access to Oracle Premier Support also ends. Oracle recommends that those choosing not to renew transition to OpenJDK binaries from the company, offered under the GPL, before their subscription ends. Doing so will let users keep running applications uninterrupted.
Oracle's senior director of product management stresses that the company is "working to make the Oracle JDK and OpenJDK builds from Oracle interchangeable -- targeting developers and organisations that do not want commercial support or enterprise management tools."Read Replies (0)
By EditorDavid from Slashdot's taking-licenses department
An anonymous reader quotes ZDNet:
When leading Linux company Red Hat announces that -- from here on out -- all new Red Hat-initiated open-source projects that use the GNU General Public License (GPLv2) or GNU Lesser General Public License (LGPL) v2.1 licenses will be expected to supplement the license with GPL version 3 (GPLv3)'s cure commitment language, it's a big deal. Both older open-source licenses are widely used.
When the GPLv3 was released, it came with an express termination approach that offered developers the chance to cure license compliance errors. This termination policy in GPLv3 provided a way for companies to repair licensing errors and mistakes... Other companies -- CA Technologies, Cisco, HPE, Microsoft, SAP, and SUSE -- have taken similar GPL positions... In its new position statement, Red Hat explained that the GPLv2 and LGPL, as written, has led to the belief that automatic license termination and copyright infringement claims can result from a single act of inadvertent non-compliance.
"We hope that others will also join in this endeavor," says Red Hat's senior commercial counsel, Richard Fontana, "to reassure the open source community that good faith efforts to fix noncompliance will be embraced."
ZDNet points out that the move to new licenses "doesn't apply, of course, to Linux itself. Linus Torvalds has made it abundantly clear that Linux has been, will now, and always shall be under the GPLv2."Read Replies (0)
By EditorDavid from Slashdot's third-party-favors department
U.S. states can now require online retailers to collect local sales taxes, according to a recent Supreme Court ruling that could affect thousands of third-party sellers on top tech sites. An anonymous reader quotes The Verge:
In fact, Amazon, which last year started collecting sales tax in all 45 states that require it by law, may have a substantial amount of work to do to help its Amazon Marketplace sellers stay compliant. Yet we don't know if that burden will fall primarily on Amazon or if it will be the responsibility of the sellers. More than 50 percent of all sales on the site are conducted via third-party sellers, some of which use Amazon for fulfillment but otherwise operate independent small- to medium-sized businesses... Etsy, eBay, and others are in similar boats. According to the US Government Accountability Office, as much as $13 billion in annual sales tax revenue is at stake....
Etsy is concerned about what it sees as "significant complexities in the thousands of state and local sales tax laws" and that by overruling the Quill decision, the Supreme Court has put the ball in Congress' court. "We believe there is now a call to action for Congress to create a simple, fair federal solution for micro-businesses," Silverman added.
The Verge writes that "the case may be litigated for years to come to figure out how to account for the over 10,000 state jurisdictions that govern sales tax across the country. That is, unless congressional legislation supersedes the state court decisions... Even groups that were in favor of the ruling, like the nonpartisan research institute the Information Technology and Innovation Foundation, are imploring Congress to act."
< article continued at Slashdot's third-party-favors department
>Read Replies (0)
By BeauHD from Slashdot's new-and-improved department
Valve's "Knuckles" controllers for VR, first introduced in 2016, are getting upgraded. According to Engadget, Valve is "sending game makers another version, the EV2, that has revamped buttons, straps and a slew of sensors that essentially translate finger motion and pressure to let you touch, grab and squeeze objects inside games." From the report:
Some of the EV2's changes are evident: The old Steam Controller-style touchpad that dominated the controller's top has been shrunken to an oval 'track button' that measures touch and force. That's flanked by traditional inputs: A joystick (by developer demand, Valve noted in a blog post) and standard circular buttons. The strap is adjustable for different hand sizes and pulls tight to let players let go of the controller completely without dropping it -- which could be key for the pressure inputs.
While last year's model had touch inputs tracking each finger in the 'grip' area, the EV2 introduces pressure sensors that measure how much force the wielder is using. Obviously, this has implications for VR developers who want players to grip or squeeze objects in the world, but as Valve's blog post points out, combining those with the touch sensors tells games when players let go of the grips -- like, say, when they're throwing things in-game. Lastly, the battery life has been extended to last six hours.Read Replies (0)
By BeauHD from Slashdot's copy-and-paste department
Bethesda, the video game publisher behind Fallout and The Elder Scrolls, is suing Warner Bros. and Fallout Shelter co-developer Behavior Interactive over the recently released Westworld, alleging that the mobile game based on HBO's TV series is a "blatant rip-off" of Fallout Shelter. Polygon reports: In a suit filed in a Maryland U.S. District Court, Bethesda alleges that Westworld -- developed by Behaviour and released this week for Android and iOS -- "has the same or highly similar game design, art style, animations, features and other gameplay elements" as Fallout Shelter. Fallout Shelter was originally released in 2015 for mobile devices. The game was later ported to Nintendo Switch, PlayStation 4, Windows PC and Xbox One.
Bethesda said in its suit that Behaviour uses "the same copyrighted computer code created for Fallout Shelter in Westworld," alleging that a bug evident in an early version of Fallout Shelter (which was later fixed) also appears in Westworld. Bethesda alleges the companies "copied Fallout Shelter's features and then made cosmetic modifications for Westworld's 'western' theme."Read Replies (0)
By BeauHD from Slashdot's sorry-not-sorry department
An anonymous reader quotes a report from The Register: Legendary games company Atari has accused a Register reporter of making stuff up and acting unprofessionally following an interview earlier this year in San Francisco at the launch of its new games console, the Atari VCS. In that article, we were critical of the fact that the machine did not work, and that its chief operating officer Michael Arzt, whom we spoke to, appeared unable to answer even the most basic questions about the product. We were shown "engineering design models" that were said to be "real" yet turned out did not work, and pointed out as much.
In the article, we wrote: "What happens if we plug this into our laptop, we ask Mike. I don't know, he says. Will it work? I don't know. If we plug it into a different games machine, will it work? No. So it's custom hardware and software? I don't know about that." Presumably this is where Atari feels that the reporter "wrote what he wanted instead of what was discussed with him." Which makes this clip tough to explain -- and we'll give you a clue: your humble Reg hack is the one with the British accent... This is a clip of Atari having no idea about its own controller. The Register goes on to provide more examples of how Atari "is so full of crap..." The accusations started via the company's Facebook page, where a potential buyer of an Atari VCS posted a link to the Reg article and asked the company to explain it. The full interview between the journalist and Atari can be found here.Read Replies (0)
By msmash from Slashdot's a-notable-victory department
Exploit kits, once a preferred choice of attackers to invade a victim's browser and find way to their computer, are increasingly diminishing in their effectiveness. If you have an updated browser, chances are it packs adequate resources to fight such attacks. Catalin Cimpanu, writing for BleepingComputer: Exploit kits (EK) have been around on the criminal underground for more than a decade and were once pretty advanced, often being a place where researchers found zero-days on a regular basis. But as browsers got more secure in recent years, exploit kits started to die out in 2016-2017. Most operators were arrested, moved to other things, and nobody developed new exploits to add to the arsenal of EK left on the market, which slowly began falling behind when it came to their effectiveness to infect new victims. A Palo Alto Networks report published yesterday details statistics about the vulnerabilities used by current exploit kits in the first three months of the year (Q1 2018). According to the gathered data, researchers found 1,583 malicious URLs across 496 different domains, leading to landing pages (URLs) where an EK attempted to run exploits only for only a meager eight vulnerabilities. All eight were old and known bugs, with the newest dating back to 2016. Seven of the eight vulnerabilities targeted Internet Explorer, meaning that using a more modern browser like Chrome and Firefox is a simple, yet effective way of avoiding falling victim to exploit kits.Read Replies (0)