By EditorDavid from Slashdot's code-in-the-middle-attacks department
An anonymous reader quotes ITWire:
By EditorDavid from Slashdot's taken-for-a-ride department
CNET reports on what happened when a new Uber driver received a call from Uber telling him to cancel the trip and verify his account:
The caller asked for his email. He gave it. The caller asked for his Uber account password. He gave him that, too, after a brief hesitation. Then the caller said to tell him the confirmation code he'd be receiving shortly via text. The driver told him the code once he got the text. This was the two-factor authentication needed to get into the driver's Uber account. "Nothing happened for the rest of the week," the driver says. "I didn't think anything of this again until Saturday." But in those following three days, the scammer had changed the driver's account settings and waited for the perfect time to withdraw money.... By Saturday night, his $653.88 in earnings from that week had been nabbed from his account...
Apparently the scam has hit thousands of ride-hail drivers, and millions of dollars have been diverted from their accounts, according to a lawsuit brought by the U.S. Attorney's Office in New York's federal court last November... [A] couple of key elements about Uber make it possible. When passengers hail a ride with Uber, they see the name of the driver and the car's make, model and license number, and they get an anonymized phone number to call the driver. All of this ensures passengers safely connect with the right driver. But it also makes it possible for the wrong people to see lots of information about drivers.
When one of the scam victims complained to Uber, he "was told he had to wait until Monday when he could talk to a representative in person at one of its driver hubs," although eventually Uber "agreed to credit the $653.88 back to his account as a 'one-time repayment courtesy.'"
< article continued at Slashdot's taken-for-a-ride department
>Read Replies (0)
By EditorDavid from Slashdot's screen's-early-light department
An anonymous reader quotes the New York Times:
We've hit what I call Peak Screen. For much of the last decade, a technology industry ruled by smartphones has pursued a singular goal of completely conquering our eyes. It has given us phones with ever-bigger screens and phones with unbelievable cameras, not to mention virtual reality goggles and several attempts at camera-glasses. Tech has now captured pretty much all visual capacity. Americans spend three to four hours a day looking at their phones and about 11 hours a day looking at screens of any kind.
So tech giants are building the beginning of something new: a less insistently visual tech world, a digital landscape that relies on voice assistants, headphones, watches and other wearables to take some pressure off our eyes. This could be a nightmare; we may simply add these new devices to our screen-addled lives. But depending on how these technologies develop, a digital ecosystem that demands less of our eyes could be better for everyone -- less immersive, less addictive, more conducive to multitasking, less socially awkward, and perhaps even a salve for our politics and social relations. Who will bring us this future? Amazon and Google are clearly big players, but don't discount the company that got us to Peak Screen in the first place. With advances to the Apple Watch and AirPods headphones, Apple is slowly and almost quietly creating an alternative to its phones... If it works, it could change everything again.
Warning that screens are insatiable vampires for your attention, the piece argues we should be using our phones more mindfully -- and exploring "less immersive ways to interact with the digital world" like Google and Amazon voice assisants.
"The sooner we find something else, the better."Read Replies (0)
By EditorDavid from Slashdot's San-Francisco-treats department
The new tallest building on the San Francisco skyline -- and the tallest building in America west of the Mississippi -- includes a nine-story electronic sculpture that's been called the tallest piece of public art on Earth. It uses 11,000 LED bulbs reflected off the tower-topping aluminum panels -- each pixel created by a set of red, green, blue and white lights controlled by 8-bit PIC microcontrollers. "On a clear night, the show is visible for 30 miles," reports IEEE Spectrum.
Slashdot reader Tekla Perry shares their article about "the technology involved in the light show at the top of Salesforce Tower. Electrical engineer and artist Jim Campbell explains it all -- and how the window-washer problem stumped him for nearly a year."
"[O]n the 62nd floor, a central PC-based computer runs Ubuntu Linux, sending instructions to a communications control system that splits the data and sends it at 11 Mbit to the 32 enclosures using a custom communications protocol... We will capture images throughout the day, sending them to Amazon's cloud, and run some algorithms designed to identify visual interesting-ness. For example, at its simplest, when we look at the sky, if it's all blue, it's boring, if it's all white, it's boring, if it has white and blue it is likely to be interesting. We'll chose the best half hour of the day at each camera, based on movement and color, to display...."
And finally, when the main display shuts down late at night, another system designed by Campbell will kick in. In this static display, a set of 36 white LEDs will create a three-dimensional constellation of lights that will look like stars. "It's quieter, it has a random aspect to it," he says.
< article continued at Slashdot's San-Francisco-treats department
>Read Replies (0)
By EditorDavid from Slashdot's patching-things-up department
"Despite Microsoft's assurances, Windows 10 1803 isn't ready for prime time," writes ComputerWorld's Woody Leonhard, adding "Microsoft's patches in June took on some unexpected twists..."
Win10 1803 was declared fully fit for business, a pronouncement that was followed weeks later by fixes for a few glaring, acknowledged bugs -- and stony silence for other known problems. We're continuing the two-big-cumulative-updates-a-month pace for all supported versions of Windows 10. The second cumulative update frequently fixes bugs introduced by the first cumulative update. Microsoft may think that Win10 (1803) is ready for widespread deployment, but there are a few folks who would take issue with that stance...
Tuesday, Microsoft finally released a fix for two big bugs that have dogged Win10 1803 since its inception... In practice, life isn't so simple. WSUS (the Windows Update Server software) isn't "seeing" KB 4284848, as of late Wednesday afternoon -- which may be a good thing. Along with the second cumulative update this month, there are additional releases to fix the Servicing Stack, and a new "Compatibility update" that, per the documentation, is designed to make it easier to upgrade Win10 1803 Enterprise to Win10 1803 Enterprise (not a typo)...
One problem that has been acknowledged -- but only by a Microsoft Agent on an Answers Forum post -- says that installing 1803 can clobber your peer-to-peer network. That certainly matches my experience.
Woody concludes, "If you think Win10 1803 is ready for prime time, you're welcome to give it a try."Read Replies (0)
By EditorDavid from Slashdot's 20-second-rule department
97% of us don't wash our hands properly, a new government study concludes. An anonymous reader quotes CNN:
The study from the U.S. Department of Agriculture shows most consumers failed to wash their hands and rub with soap for 20 seconds. That's the amount of time recommended by the Centers for Disease Control and Prevention, which says that washing for shorter periods means fewer germs are removed. "Numerous" study participants also didn't dry their hands with a clean towel.
The study involved 383 people in six test kitchen facilities in the metro Raleigh-Durham area of North Carolina and in rural Smithfield, North Carolina, the USDA said... About half the time, participants spread bacteria to spice containers while preparing burgers, and 11% of the time, they spread bacteria to refrigerator handles... The results from the USDA's study indicate our hand-washing habits may be getting worse. A study done in 2013 by Michigan State University found only 5% of people washed their hands correctly....
A separate study released this month found 49 of 100 towels tested showed growth of bacteria normally found in or on the human body.
CNN helpfully provides the proper method for handwashing. (Wet hands, lather them with soap -- between fingers and under fingernails -- and then scrub for at least 20 seconds.) They recommend singing the alphabet song once or "Happy Birthday" twice.
Just in America, foodborne illnesses sicken 48 million people each year, sending 128,000 to hospitals and resulting in 3,000 deaths.Read Replies (0)
By EditorDavid from Slashdot's magic-disappearing-money department
An anonymous reader quotes Reuters:
Bitcoin's value slid to its lowest level since November on Friday, as waning investor interest and recent negative headlines from global regulators weakened demand for the cryptocurrency and most of its rivals. Virtual currencies, including the best-known and biggest, bitcoin, have been stuck in a downward trend for most of 2018 after last year's frenzied interest fizzled. Recent hacks and the "cyber intrusion" of cryptocurrency exchanges in key Asian markets has also encouraged investors to exit.
Bitcoin fell to as low as $5,774 on the Bitstamp exchange, the lowest since November 12... So far in 2018, bitcoin has tumbled almost 60 percent after soaring more than 1,300 percent last year. It is now down 70 percent from its December peak... The total market capitalization of cryptocurrencies has fallen to around $230 billion from a peak of around $800 billion in January.
Will Hobbs, Head of Investment Strategy at Barclays Smart Investor, now tells Reuters that "None of the crypto currencies currently fulfill any of the criteria that we would look for in an investible asset, and we would continue to advise extreme caution. The rout in crypto currencies is still not finished."Read Replies (0)
By EditorDavid from Slashdot's space-rocks department
Bloomberg Businessweek Middle East reports:
India's space program wants to go where no nation has gone before -- to the south side of the moon. And once it gets there, it will study the potential for mining a source of waste-free nuclear energy that could be worth trillions of dollars. The nation's equivalent of NASA will launch a rover in October to explore virgin territory on the lunar surface and analyze crust samples for signs of water and helium-3. That isotope is limited on Earth yet so abundant on the moon that it theoretically could meet global energy demands for 250 years if harnessed....
[A]ccomplishing feats on the cheap has been a hallmark of the agency since the 1960s. The upcoming mission will cost about $125 million -- or less than a quarter of Snap Inc. co-founder Evan Spiegel's compensation last year, the highest for an executive of a publicly traded company, according to the Bloomberg Pay Index... The upcoming launch of Chandrayaan-2 includes an orbiter, lander and a rectangular rover. The six-wheeled vehicle, powered by solar energy, will collect information for at least 14 days and cover an area with a 400-meter radius. The rover will send images to the lander, and the lander will transmit those back to ISRO for analysis. A primary objective, though, is to search for deposits of helium-3. Solar winds have bombarded the moon with immense quantities of helium-3 because it's not protected by a magnetic field like Earth is.
The European Space Agency points out that helium-3 isotope isn't radioactive and "would not produce dangerous waste products." And one former member of the NASA Advisory Council estimates that the moon-derived fuel could generate enough power to meet the world's energy demands for between two at least two centuries.Read Replies (0)
By EditorDavid from Slashdot's Uber-for-coders department
"Where I can meet up with people who just need solutions implemented?" asks Slashdot reader datavirtue:
Somewhere people can go when they have a solution designed in-house with documented requirements and are in need of a competent engineer(s) to assist with implementation. Where timelines and price estimates and rates are well defined and enforced. If they like me, and agree to the terms, we can proceed with the project -- expecting solid deliveries at each milestone....
I have been on some gig projects where the relationship was well structured by a third party and it was a lot of fun. I know a lot of engineers who would use a system like this if it streamlines entering the freelance tech market for them. People who would rarely take gigs otherwise. I have looked around but the services feel dead. I have been approached by startups in the past wanting to sign me up their service...but they didn't really go anywhere.
The original submission complains that many projects end up going to consulting firms that just scrounge up candidates from job boards. But what's the alternative? "Am I missing some great online community or website that has already solved this?"
Leave your own thoughts in the comments. Is there a 'gig economy' site for tech skills?Read Replies (0)
By EditorDavid from Slashdot's pointing-and-clicking department
An anonymous reader quotes HotHardware:
Every so often, a company will tap into our penchant for nostalgia. That is the case right now with Microsoft bringing back its iconic IntelliMouse, which was first introduced back in 1996... Microsoft continued to update the IntelliMouse for several years, up through 2003 when it released the IntelliMouse 3.0. The new 'Classic IntellMouse' for 2018 is based on that 15-year-old design with the same classic ergonomic look and feel, but with improved performance and features built around modern technology.
So, what exactly is different? "We improved two really important factors, the tracking sensor and the tactility and feel of the buttons. What we know our fans will see and feel is that it's the exact same shape and size of the IntelliMouse Explorer 3.0 from 2003. However, underneath the hood it's all brand-new technology, brand new mechanical engineering and brand-new structures so it's a lot more rigid than the original. The build quality is really excellent," Microsft explains.
HardOCP notes that Microsoft has also released "a fantastic Rube Goldberg machine video unveiling the mouse."Read Replies (0)
By BeauHD from Slashdot's finger-pointing department
The Defense Advanced Research Projects Agency (DARPA) will invest $100 million into two research programs over the next four years to create the equivalent of a silicon compiler aimed at significantly lowering the barriers to design chips. "The two programs are just part of the Electronics Resurgence Initiative (ERI) expected to receive $1.5 billion over the next five years to drive the U.S. electronics industry forward," reports EE Times. "ERI will disclose details of its other programs at an event in Silicon Valley in late July." From the report: Congress recently added $150 million per year to ERI's funding. The initiative, managed by the Defense Advanced Research Projects Agency (DARPA), announced on Monday that the July event will also include workshops to brainstorm ideas for future research programs in five areas ranging from artificial intelligence to photonics. With $100 million in finding, the IDEAS and POSH programs represent "one of the biggest EDA research programs ever," said Andreas Olofsson, who manages the two programs.
Together, they aim to combat the growing complexity and cost of designing chips, now approaching $500 million for a bleeding-edge SoC. Essentially, POSH aims to create an open-source library of silicon blocks, and IDEAS hopes to spawn a variety of open-source and commercial tools to automate testing of those blocks and knitting them into SoCs and printed circuit boards. If successful, the programs "will change the economics of the industry," enabling companies to design in relatively low-volume chips that would be prohibitive today. It could also open a door for designers working under secure regimes in the government to make their own SoCs targeting nanosecond latencies that are not commercially viable, said Olofsson.Read Replies (0)
By BeauHD from Slashdot's fountain-of-youth department
An anonymous reader quotes a report from Smithsonian: The science of longevity is surprisingly controversial, mainly because there are so few people of extreme old age -- defined at 110 years or older -- around to study. So researchers look to statistics to try and figure out how long people can live. [Ben Guarino reports via The Washington Post] that in 1825, actuary Benjamin Gompertz put forth the idea that the odds of dying grow exponentially as we age. Further research bears that out. Between the age of 30 and 80, the odds of dying double every 8 years. What happens after that, however, is not completely figured out. According to a controversial study released in 2016, which analyzed data from 40 different countries, the average person could make it to 115 with the right genes and interventions, and a few genetic superstars would be able to make it to 125. But that was it, they argued. There was a wall of mortality that medicine and positive thinking simply cannot overcome.
But not everyone is convinced by that data. That's why for the new paper in the journal Science, researchers looked at the lifespans of 3,836 people in Italy who reached the age of 105 or older between 2009 and 2015, with their ages verified by birth certificates. What they found is that the Gompertz law goes a little haywire around the century mark. According to a press release, a 90 year old woman has a 15 percent chance of dying in the next year, and an estimated six years left to live. At age 95, the chance of dying per year jumps to 24 percent. At the age of 105, the chance of dying makes another leap to 50 percent. But then, surprisingly, it levels off, even past 110. In other words, at least statistically, each year some lucky person could flip the coin of life, and if it comes up heads every time, they could live beyond 115 or 125.Read Replies (0)
By BeauHD from Slashdot's mind-of-its-own department
Researchers from Google's DeepMind subsidiary have developed deep neural networks that "have a remarkable capacity to understand a scene, represent it in a compact format, and then 'imagine' what the same scene would look like from a perspective the network hasn't seen before," writes Timothy B. Lee via Ars Technica. From the report: A DeepMind team led by Ali Eslami and Danilo Rezende has developed software based on deep neural networks with these same capabilities -- at least for simplified geometric scenes. Given a handful of "snapshots" of a virtual scene, the software -- known as a generative query network (GQN) -- uses a neural network to build a compact mathematical representation of that scene. It then uses that representation to render images of the room from new perspectives -- perspectives the network hasn't seen before.
Under the hood, the GQN is really two different deep neural networks connected together. On the left, the representation network takes in a collection of images representing a scene (together with data about the camera location for each image) and condenses these images down to a compact mathematical representation (essentially a vector of numbers) of the scene as a whole. Then it's the job of the generation network to reverse this process: starting with the vector representing the scene, accepting a camera location as input, and generating an image representing how the scene would look like from that angle. The team used the standard machine learning technique of stochastic gradient descent to iteratively improve the two networks. The software feeds some training images into the network, generates an output image, and then observes how much this image diverged from the expected result. [...] If the output doesn't match the desired image, then the software back-propagates the errors, updating the numerical weights on the thousands of neurons to improve the network's performance.Read Replies (0)
By BeauHD from Slashdot's climate-immune department
Engineers at Penn State have created a battery that can self-heat, allowing for rapid charging regardless of the outside cold. The battery can reportedly provide a 15-minute rapid charge at all temperatures, even when the cold is as low as minus 45 degrees Fahrenheit. Popular Mechanics reports: Batteries have both positive and negative terminals. The scientists placed thin nickel foil with one end attached to the negative terminal and the other end creating a third terminal. When a temperature sensor attached to a battery detects that the battery is below room temperature, it then sends electrons flowing through the nickel foil. This heats the battery up until it's above room temperature again. When the sensor detects that the battery is above room temperature, that's the sign that charging that can begin again. Electric current flows into the battery, rapidly charging in a more efficient state. After 4,500 cycles of testing, the new battery only showed a 20 percent capacity loss, which could provide approximately 280,000 miles of driving and a lifetime of 12.5 years. This is compared to a conventional battery that "showed a 20 percent capacity loss after only 50 charges," reports Popular Mechanics. Penn State released a press statement with more details.Read Replies (0)
By BeauHD from Slashdot's money-talks department
An anonymous reader quotes a report from TechCrunch: Google is turning startup investor to further its goal of putting Google services like search, maps, and its voice assistant front and center for the next billion internet users in emerging markets. It has invested $22 million into KaiOS, the company that has built an eponymous operating system for feature phones that packs a range of native apps and other smartphone-like services. As part of the investment, KaiOS will be working on integrating Google services like search, maps, YouTube and its voice assistant into more KaiOS devices, after initially announcing Google apps for KaiOS-powered Nokia phones earlier this year.
KaiOS is a U.S.-based project that started in 2017, built on the ashes of Mozilla's failed Firefox OS experiment, as a fork of the Linux codebase. Firefox OS was intended to be the basis of a new wave of HTML-5, low-cost smartphones. And while those devices and the wider ecosystem never really took off, KaiOS has fared significantly better. KaiOS powers phones made by OEMs including Nokia (HMD), Micromax and Alcatel, and it works with carriers including Sprint and AT&T -- it counts offices in North America, Europe and Asia. But its most significant deployment to date has been with India's Reliance Jio, the challenger telco that disrupted the Indian market with affordable 4G data packages. "This funding will help us fast-track development and global deployment of KaiOS-enabled smart feature phones, allowing us to connect the vast population that still cannot access the internet, especially in emerging markets," said KaiOS CEO Sebastien Codeville in a statement.Read Replies (0)
By BeauHD from Slashdot's critical-process-error department
"Last week, a California judge decided to allow a class action lawsuit filed in December 2017 against Fiat Chrysler to proceed," reports IEEE Spectrum. "The lawsuit, which could have major ramifications for car makers, was filed in response to stalling issues with 2017 Chrysler Pacifica minivans that the plaintiffs allege were caused by known software defects." From the report: The plaintiffs allege that Fiat Chrysler, despite numerous owner complaints about the Pacifica stalling out, concealed knowledge of defects in Pacifica's powertrain control module (PCM) to keep customers from having concerns about buying the vehicle. Fiat Chrysler attempted to get the lawsuit dismissed, arguing that consumer complaints don't prove that a vehicle defect exists, or demonstrate that the company knew about the alleged defect a priori and concealed it.
The judge agreed with Fiat Chrysler on those points, ruling that the plaintiffs could not use consumer complaints alone as evidence of a defect. However, he pointed out that Fiat Chrysler had issued two technical service bulletins relating to Pacifica's PCM software before the plaintiffs had purchased their vehicle, and two more following their purchase. The judge ruled that there was sufficient evidence to believe it was "at least plausible" that Fiat Chrysler knew that there was a stalling problem with the vehicles before the plaintiffs bought them.Read Replies (0)
By BeauHD from Slashdot's opened-can-of-worms department
schwit1 quotes a report from the Electronic Frontier Foundation: We are asking a court to declare the Allow States and Victims to Fight Online Sex Trafficking Act of 2017 ("FOSTA") unconstitutional and prevent it from being enforced. The law was written so poorly that it actually criminalizes a substantial amount of protected speech and, according to experts, actually hinders efforts to prosecute sex traffickers and aid victims. In our lawsuit, two human rights organizations, an individual advocate for sex workers, a certified non-sexual massage therapist, and the Internet Archive, are challenging the law as an unconstitutional violation of the First and Fifth Amendments. Although the law was passed by Congress for the worthy purpose of fighting sex trafficking, its broad language makes criminal of those who advocate for and provide resources to adult, consensual sex workers and actually hinders efforts to prosecute sex traffickers and aid victims. The EFF goes on to cite some examples of how FOSTA has already censored the internet. Most notably, two days after FOSTA was passed in the Senate, "Craigslist eliminated its Personals section, including non-sexual subcategories such as 'Missed Connections' and 'Strictly Platonic,'" reports the EFF. Reddit even removed some of its subreddits out of fear of future lawsuits.Read Replies (0)