By BeauHD from Slashdot's powering-down department
chicksdaddy writes: A sample of malicious software discovered at the site of a December, 2016 cyber attack on Ukraine's electrical grid is a previously unknown program that could be capable of causing physical damage to the electrical grid, according to reports by two security firms. The Security Ledger reports: "Experts at the firm ESET and Dragos Security said on Monday that the malicious software, dubbed CrashOverride (Dragos) or Industroyer (ESET) affected a 'single transmission level substation' in the Ukraine attack on December 17th, 2016 in what appears to have been a test run. Still, experts said that features in the malware show that adversaries are automating and standardizing what were previously manual attacks against critical infrastructure, while also adding features that could be used to physically disable or damage critical systems -- the first evidence of such activity since the identification of the Stuxnet malware in 2010. The Crash Override malware 'took an approach to understand and codify the knowledge of the industrial process to disrupt operations as STUXNET (sp) did,' wrote Dragos Security in a report. The malware improves on features seen in other malicious software that it knows to target industrial control systems. Specifically, the malware makes use of and manipulates industrial control system-specific communications protocols. That's similar to features in ICS malware known as Havex that targeted grid operators in Europe and the United States in 2014. The Crash Override malware also targeted the libraries and configuration files of so-called 'Human Machine Interfaces' (or HMIs) to understand the environment they have infected. It can use HMIs, which provide a graphical interface for managing industrial control system equipment, to connect spread to other Internet connected equipment and systems, Dragos said."Read Replies (0)
By BeauHD from Slashdot's well-preserved department
An anonymous reader quotes a report from The Hill: Rep. Mike Quigley (D-Ill.) introduced legislation Monday to classify presidential social media posts -- including President Trump's much-discussed tweets -- as presidential records. The Communications Over Various Feeds Electronically for Engagement (COVFEFE) Act, which has the same acronym as an infamous Trump Twitter typo last month, would amend the Presidential Records Act to include "social media." Presidential records must be preserved, according to the Presidential Records Act, which would make it potentially illegal for the president to delete tweets. "President Trump's frequent, unfiltered use of his personal Twitter account as a means of official communication is unprecedented. If the President is going to take to social media to make sudden public policy proclamations, we must ensure that these statements are documented and preserved for future reference. Tweets are powerful, and the President must be held accountable for every post," said Quigley in a statement. Most people took the "covfefe" tweet to be a typo, although press secretary Sean Spicer told the media that the term was used intentionally. "The president and a small group of people know exactly what he meant," he said.Read Replies (0)
By msmash from Slashdot's upping-the-ante department
An anonymous reader shares an article: In the study, published recently in PLoS One, the researchers quizzed 40 respondents about their personal details. Half of the respondents were asked to answer the questions truthfully, but the other half were given details about fake identities they had to memorize and use in the quiz.
The computer quiz kept track of the movement of each respondent's mouse as they answered the questions, and noted how the fakes differed from the truth-tellers when they moved the cursor from the bottom of the screen to the answers at the top. The quiz consisted of 12 questions like, "Do you live in Padua?" and "Are you Italian?" That covered details an identity thief could easily remember and answer, but then the quiz threw them a curve ball. "What is your zodiac sign," it asked in the second series of 12 questions, which were designed to be easy for the genuine respondents, but more difficult for the fakers to work out. After the researchers took the mouse-movement data collected from the quizzes and trained a machine-learning algorithm to analyze it, they found that was indeed the case. It was able to discern the fake responses from the real ones 95% of the time.Read Replies (0)
By msmash from Slashdot's no-escape department
An anonymous reader writes: After a long day, many of us try to set down our technology and unplug from the world around us. But, according to a new report by the Pew Research Center and Elon University's Imagining the Internet Center, over the next few years, that will become much more difficult to do. The Internet of things will continue to spread between now and 2026, until human and machine connectivity becomes ubiquitous and unavoidably present, according to experts who participated in what Pew described as a "nonscientific canvassing." About 1,200 participants were asked: "As automobiles, medical devices, smart TVs, manufacturing equipment and other tools and infrastructure are networked, is it likely that attacks, hacks or ransomware concerns in the next decade will cause significant numbers of people to decide to disconnect, or will the trend toward greater connectivity of objects and people continue unabated?" The answers they gave were telling: 15 percent said significant numbers of people would disconnect while 85 percent said most people would just move more deeply into connected life. Unplugging is futile, and plugging in is unavoidable. It's already difficult to create distance from the technology that surrounds us, but as connectivity increases, it might become impossible to do so.Read Replies (0)
By msmash from Slashdot's about-time department
Big changes are coming to the podcasting world: Apple is going to let the people who make podcasts learn what podcast listeners actually like -- and what they ignore. A new version of Apple's Podcasts, which is by far the most popular podcast app, will provide basic analytics to podcast creators, giving them the ability to see when podcast listeners play individual episodes, and -- more importantly -- what part of individual episodes they listen to, which parts they skip over, and when they bail out of an episode. From a report: New extensions to Apple's podcast feed specification will allow podcasts to define individual seasons and explain whether an episode is a teaser, a full episode, or bonus content. These extensions will be read by the Podcasts app and used to present a podcast in a richer way than the current, more linear, approach. Users will be able to download full seasons, and the Podcasts app will know if a podcast is intended to be listened to in chronological order -- "start at the first episode!" -- or if it's more timely, where the most recent episode is the most important. [...] Apple is also opening up in-episode analytics of podcasts. For the most part, podcasters only really know when an episode's MP3 file is downloaded. Beyond that, we can't really tell if anyone listens to an episode, or how long they listen -- only the apps know for sure.Read Replies (0)
By msmash from Slashdot's growing-abuse department
Anonymous online sales are surging, and people are dying. Despite dozens of arrests, new merchants -- many based in Asia -- quickly pop up. From a report on the New York Times: In a growing number of arrests and overdoses, law enforcement officials say, the drugs are being bought online. Internet sales have allowed powerful synthetic opioids such as fentanyl -- the fastest-growing cause of overdoses nationwide -- to reach living rooms in nearly every region of the country, as they arrive in small packages in the mail (syndicated source). The authorities have been frustrated in their efforts to crack down on the trade because these sites generally exist on the so-called dark web, where buyers can visit anonymously using special browsers and make purchases with virtual currencies like Bitcoin. The problem of dark web sales appeared to have been stamped out in 2013, when the authorities took down the most famous online marketplace for drugs, known as Silk Road. But since then, countless successors have popped up, making the drugs readily available to tens of thousands of customers who would not otherwise have had access to them. Among the dead are two 13-year-olds, Grant Seaver and Ryan Ainsworth, who died last fall in the wealthy resort town of Park City, Utah, after taking a synthetic opioid known as U-47700 or Pinky. The boys had received the powder from another local teenager, who bought the drugs on the dark web using Bitcoin, according to the Park City police chief.Read Replies (0)
By msmash from Slashdot's see-you-in-court department
Reader joshtops shares a report: Amazon.com is alleging that one of its former high-ranking executives violated a non-compete agreement when he accepted a job at Bellevue-based Smartsheet, GeekWire has learned. In a lawsuit filed Friday in King County Superior Court, Amazon alleges that Gene Farrell, who served as Vice President of the AWS Enterprise Applications -- EC2 Windows team, violated a non-compete agreement when he took the new job as head of product June 1 at the heavily-funded Bellevue online workplace collaboration platform. "This move is unthinkable," Amazon wrote in a motion for a temporary restraining order that would bar Farrell from working at Smartsheet. "he cannot possibly forget everything he knows about AWS's products and plans while he is working to develop products for its competitor." The suit also notes: "Farrell's role as "Head of Product" at Smartsheet will necessarily involve development of and strategy regarding competing cloud-based productivity products, including but not limited to those for project management, collaboration, and/or automation, and will therefore breach the Noncompetition Agreement and threaten the disclosure of Amazon's highly confidential information," Amazon wrote in its lawsuit.Read Replies (0)
By msmash from Slashdot's AI-for-good department
An anonymous reader writes: Colin Walsh, data scientist at Vanderbilt University Medical Center, and his colleagues have created machine-learning algorithms that predict, with unnerving accuracy, the likelihood that a patient will attempt suicide. In trials, results have been 80-90% accurate when predicting whether someone will attempt suicide within the next two years, and 92% accurate in predicting whether someone will attempt suicide within the next week. The prediction is based on data that's widely available from all hospital admissions, including age, gender, zip codes, medications, and prior diagnoses. Walsh and his team gathered data on 5,167 patients from Vanderbilt University Medical Center that had been admitted with signs of self-harm or suicidal ideation. They read each of these cases to identify the 3,250 instances of suicide attempts. This set of more than 5,000 cases was used to train the machine to identify those at risk of attempted suicide compared to those who committed self-harm but showed no evidence of suicidal intent.Read Replies (0)
By msmash from Slashdot's stuck-between-rock-and-a-hard-place department
BuzzFeed Editor-in-Chief Ben Smith describes a three-year-old meeting that Uber held -- which saw several influencers including actor Ed Norton among attendees -- as the beginning of the ride-hailing company's long slow meltdown. Later today, the company is expected to announce that its CEO Travis Kalanick would be temporarily stepping away, and his closest lieutenant is all set to hand his resignation. On Sunday, the company held a board meeting, which according to several journalists, lasted for nearly seven hours. The meeting capped a difficult stretch for the ride-hailing company, which is trying to weather an investigation into its workplace culture, a lawsuit by Google parent Alphabet over the alleged theft of self-driving car trade secrets, a federal probe into its business practices, and the recent departures of top executives. Back to Ben: At the dinner (which took place three years ago), Emil Michael, the right hand of CEO Travis Kalanick, heatedly complained to me about the press. The company, he told me, could hire a team of opposition researchers to fight fire with fire and attack the media -- specifically to smear a female journalist who has criticized the company. I suggested to him that this plan wouldn't really work because the story would immediately become a story about Uber behaving like maniacs. "Nobody would know it was us," Michael responded. "But you just told me!," I replied. [...] Instead of making any meaningful changes, Uber simply pressed on for years. It found both continued growth and accumulating scandals. Many of its crises, like those remarks to me, were tinged with misogyny, whether sexual harassment of its engineers or pulling a rape victim's medical files. After one of those engineers, Susan Fowler, stepped forward with a blog post detailing systemic sexual harassment and discrimination -- a post that was followed up by a series of devastating stories by The New York Times, Recode, and others -- the company invited former Attorney General Eric Holder to lead an internal investigation. Sunday, the Wall Street Journal reported that Michael is set to resign, and Reuters reported Kalanick will take a leave of absence ahead of what's expected to be a deeply damning Holder report. (Kalanick is also coping with a family tragedy.) They will leave having built the most valuable private company in the world. But it is a company whose cultural darkness is inseparable from its place as the icon of the tech boom. Uber -- and the boom -- have been defined both by massive new conveniences and by a corporate culture that is aggressive, paranoid, and dismissive of, in particular, complaints from women; a culture of enemies lists and cavalier approaches to the law.Read Replies (0)
By EditorDavid from Slashdot's internationa-innovation department
hackingbear quotes Dow Jones Newswire: Chinese technology companies have long had a reputation of being copycats of Western peers, but U.S. companies have recently begun to return the favor, said a partner at prominent venture-capital firm Andreessen Horowitz... China's internet titans such as Tencent Holdings Ltd. are influencing U.S. startups and majors alike, and many Chinese models are being replicated in the U.S., said Connie Chan, a partner at the Silicon Valley venture firm. LimeBike, a startup at San Mateo, Calif., adapted China's dockless bike-sharing model, first rolled out by Beijing-based Ofo Inc. and Beijing Mobike Technology Co., for U.S. consumers... Also, Apple Inc. recently added payment services to its iMessage chat service, taking a page from Tencent's playbook. "I love this reversal of what 'China copycat' can mean," she said. "It no longer just means a Chinese company copying the States, it can mean a U.S. company copying China."Read Replies (0)
By EditorDavid from Slashdot's Python-vs-PHP department
An anonymous reader shares their thoughts on language popuarity:
In the PYPL index, which is based on Google searches and is supposed to be forward looking, the trend is unmistakable. Python is rising fast and Java and others are declining. Combine this with the fact that Python is now the most widely taught language in the universities. In fields such as data science and machine learning, Python is already dominating. "Python where you can, C++ where you must" enterprises are following suit too, especially in data science but for everything else from web development to general purpose computing...
People who complain that you can't build large scale systems without a compiler likely over-rely on the latter and are slaves to IDEs. If you write good unit tests and enforce Test Driven Development, the compiler becomes un-necessary and gets in the way. You are forced to provide too much information to it (also known as boilerplate) and can't quickly refactor code, which is necessary for quick iterations.
The original submission ends with a question: "Is Python going to dominate in the future?" Slashdot readers should have some interesting opinions on this. So leave your own thoughts in the comments. Will Python become the dominant programming language?Read Replies (0)
By EditorDavid from Slashdot's bigger-than-Batman department
managerialslime shared an article about how Lego executed "the greatest turnaround in corporate history." The Guardian reports:
By 2003 Lego was in big trouble. Sales were down 30% year-on-year and it was $800m in debt. An internal report revealed it hadn't added anything of value to its portfolio for a decade... In 2015, the still privately owned, family controlled Lego Group overtook Ferrari to become the world's most powerful brand. It announced profits of £660m, making it the number one toy company in Europe and Asia, and number three in North America, where sales topped $1bn for the first time. From 2008 to 2010 its profits quadrupled, outstripping Apple's. Indeed, it has been called the Apple of toys: a profit-generating, design-driven miracle built around premium, intuitive, covetable hardware that fans can't get enough of. Last year Lego sold 75bn bricks. Lego people -- "Minifigures" -- the 4cm-tall yellow characters with dotty eyes, permanent grins, hooks for hands and pegs for legs -- outnumber humans. The British Toy Retailers Association voted Lego the toy of the century.
It's a good read. The article describes how CEO Vig Knudstorp curtailed the company's over-expansion -- at one point, Lego had "built its own video games company from scratch, the largest installation of Silicon Graphics supercomputers in northern Europe, despite having no experience in the field." And he also encouraged the company to interact with its fans on the internet -- for example, the crowdsourcing of Ninjago content -- while the company enjoyed new popularity with Mindstorms kits for building programmable Lego robots.Read Replies (0)
By EditorDavid from Slashdot's former-feds department
An anonymous reader quotes the New York Times:
James B. Comey, the former director of the F.B.I., testified that the Russians had not only intervened in last year's election, but would try to do it again... Russian hackers did not just breach Democratic email accounts; according to Mr. Comey, they orchestrated a "massive effort" targeting hundreds of -- and possibly more than 1,000 -- American government and private organizations since 2015... As F.B.I. director, he supervised counterintelligence investigations into computer break-ins that harvested emails from the State Department and the White House, and that penetrated deep into the computer systems of the Joint Chiefs of Staff. Yet President Barack Obama's administration did not want to publicize those intrusions, choosing to handle them diplomatically -- perhaps because at the time they looked more like classic espionage than an effort to manipulate American politics...
Graham Allison, a longtime Russia scholar at Harvard, said, "Russia's cyberintrusion into the recent presidential election signals the beginning of what is almost sure to be an intensified cyberwar in which both they -- and we -- seek to participate in picking the leaders of an adversary." The difference, he added, is that American elections are generally fair, so "we are much more vulnerable to such manipulation than is Russia," where results are often preordained... Similar warnings have been issued by others in the intelligence community, led by James R. Clapper Jr., who has sounded the alarm since retiring in January as director of national intelligence. "I don't think people have their head around the scope of what the Russians are doing," he said recently.
Daniel Fried, a career diplomat who oversaw sanctions imposed on Russia before retiring this year, told the Times that Comey "was spot-on right that Russia is coming after us, but not just the U.S., but the free world in general. And we need to take this seriously."Read Replies (0)