By EditorDavid from Slashdot's identity-thief-crisis department
Equifax's data breach was colossal -- but what should happen next? The Guardian writes:
The problem is that companies like Equifax are able to accumulate -- essentially, without limit -- as much sensitive, personal data as they can get their hands on. There is an urgent need for strict regulations on what types of data companies can collect and how much data a company can possess, both in aggregate and about individuals. At the very least, this will lessen the severity and size of (inevitable) data breaches... Without putting hard limits on the data capitalists who extract and exploit our personal information, they will continue to reap the benefit while we bear the risks.
Marc Rotenberg, president of the Electronic Privacy Information Center, adds, "we need to penalize companies that collect SSNs but can't protect [them]." Wired reports:
Experts across numerous privacy and security fields agree that the solution to the over-collection and over-use of SSNs isn't one particular replacement, but a diverse array of authentications like individual codes (similar to passwords), biometrics, and even physical tokens to create more variation in the ID process. Some also argue that the government likely won't be the driving force behind the shift. "We have a government that works at a glacial pace in the best of times," says Brenda Sharton, who chairs the Privacy & Cybersecurity practice at the Goodwin law firm, which has worked on data privacy breach investigations since the early 2000s. "There will reach a point where SSN [exposure] becomes untenable. And it may push us in the direction of having companies require multi-factor authentication."
Meanwhile TechCrunch argues, "This crass, callow, and lazy treatment of our digital data cannot stand...":
< article continued at Slashdot's identity-thief-crisis department
>Read Replies (0)
By EditorDavid from Slashdot's unfree-software-foundations department
"Proprietary software makes it possible to design products to cheat ordinary users..." writes Richard Stallman -- linking to a new essay by Cory Doctorow:
Carriers adapted custom versions of Android to lock customers to their networks with shovelware apps that couldn't be removed from the home-screen and app store lock-in that forced customers to buy apps through their phone company. What began with printers and spread to phones is coming to everything: this kind of technology has proliferated to smart thermostats (no apps that let you turn your AC cooler when the power company dials it up a couple degrees), tractors (no buying your parts from third-party companies), cars (no taking your GM to an independent mechanic), and many categories besides.
All these forms of cheating treat the owner of the device as an enemy of the company that made or sold it, to be thwarted, tricked, or forced into conducting their affairs in the best interest of the company's shareholders. To do this, they run programs and processes that attempt to hide themselves and their nature from their owners, and proxies for their owners (like reviewers and researchers). Increasingly, cheating devices behave differently depending on who is looking at them. When they believe themselves to be under close scrutiny, their behavior reverts to a more respectable, less egregious standard. This is a shocking and ghastly turn of affairs, one that takes us back to the dark ages.Read Replies (0)
By EditorDavid from Slashdot's audio-APIs department
An anonymous reader quotes Wired:
Last fall, a group of music industry heavyweights gathered in New York City to do something they'd mostly failed to do up to that point: work together. Representatives from major labels like Universal, Sony, and Warner sat next to technologists from companies like Spotify, YouTube, and Ideo and discussed the collective issues threatening their industry... The participants of that confab would later form a group called the Open Music Initiative... "Pretty early on it was obvious that there's an information gap in the industry," says Erik Beijnoff, a product developer at Spotify and a member of the OMI.
That "information gap" refers to the data around who helped create a song. Publishers might keep track of who wrote the underlying composition of a song, or the session drummer on a recording, but that information doesn't always show up in a digital file's metadata. This disconnect between the person who composed a song, the person who recorded it, and the subsequent plays, has led to problems like writers and artists not getting paid for their work, and publishers suing streaming companies as they struggle to identify who is owed royalties. "It's a simple question of attribution," says Berklee College of Music's vice president of innovation and strategy, Panos A. Panay. "And payments follow attribution."
Over the last year, members of the OMI -- almost 200 organizations in total -- have worked to develop just that. As a first step, they've created an API that companies can voluntarily build into their systems to help identify key data points like the names of musicians and composers, plus how many times and where tracks are played. This information is then stored on a decentralized database using blockchain technology -- which means no one owns the information, but everyone can access it.Read Replies (0)
By EditorDavid from Slashdot's creating-a-buzz department
An anonymous reader quotes VentureBeat:
Native honeybees, one of the most prolific pollinators in the animal kingdom, are dying off at an unprecedented rate from Colony Collapse Disorder and threatening an ecosystem service worth about $15 billion. Supported by the National Science Foundation, the RoboBees project looks to minimize the loss of this critical resource with new microbots that can mimic the pollinating role of a honeybee... In a remarkable display of biomimicry, scientists have developed a flight-capable robot that's just half the size of a paperclip and weighs in at one tenth of a gram... The RoboBees project pushes the boundaries of research in a variety of fields, from micromanufacturing to energy storage and even the computer algorithms that control the robots by the swarm...
While the effect of a single robot might be miniscule, a coordinated group of hundreds, thousands, or millions of RoboBees could perform a host of unprecedented tasks. Aside from pollinating plants for agricultural purposes, the RoboBees could coordinate to digitally map terrain, monitor weather conditions, and even assist in relief efforts after a disaster, through data collection. While RoboBees are only intended as a stopgap measure for honeybee loss, the potential applications of the technology have the world holding its breath for the next breakthrough.Read Replies (0)
What's Causing The Hurricanes?
Posted by News Fetcher on September 10 '17 at 07:41 AM
By EditorDavid from Slashdot's sources-of-cyclones department
An anonymous reader quotes AFP:
Hurricane Irma, now taking aim at Florida, has stunned experts with its sheer size and strength, churning across the ocean with sustained Category 5 winds of 183 miles per hour (295 kilometers per hour) for more than 33 hours, making it the longest-lasting, top-intensity cyclone ever recorded. Meanwhile Jose, a Category 4 on the Saffir Simpson scale of 1 to 5, is fast on the heels of Irma, pummeling the Caribbean for the second time in the span of a few days. Many have wondered what is contributing to the power and frequency of these extreme storms. "Atlantic hurricane seasons over the years have been shaped by many complex factors," said Jim Kossin, a NOAA hurricane scientist at the University of Wisconsin. "Those include large scale ocean currents, air pollution -- which tends to cool the ocean down -- and climate change"...
Some think a surge in industrial pollution after World War II may have produced more pollutant particles that blocked the Sun's energy and exerted a cooling effect on the oceans. "The pollution reduced a lot of hurricane activity," said Gabriel Vecchi, professor of geosciences at Princeton University's Environmental Institute. Pollution began to wane in the 1980s due to regulations such as the Clean Air Act, allowing more of the Sun's rays to penetrate the ocean and provide warming fuel for storms. Vecchi said the "big debate" among scientists is over which plays a larger role -- variations in ocean currents or pollution cuts. There is evidence for both, but there isn't enough data to answer a key question...
< article continued at Slashdot's sources-of-cyclones department
>Read Replies (0)
By EditorDavid from Slashdot's jailer's-jurisdiction department
A 31-year-old autistic man in the U.K. is suspected of hacking U.S. government computer systems in 2013 -- and he has one final chance to appeal his extradition. An anonymous reader quotes the Guardian
Even if Love is guilty, however, there are important legal and moral questions about whether he should be extradited to the US -- a nation that has prosecuted hackers with unrivalled severity, and one where Love could be sentenced to spend the rest of his life in prison... His remaining hope for mercy is a final appeal against extradition in the high court in November. Love's hope is for a full and fair trial in Britain.
Even if he is found guilty in a British court of the most serious crimes in the US government's indictment, his legal team estimate that he faces just a few months in prison. Failure means Love will be flown to a holding facility in New York, placed on suicide watch and probably forced to take antidepressants, prior to a trial. If he refuses to accept a plea deal and is convicted, he will face $9m (£6.8m) in fines and, experts estimate, a prison term of up to 99 years, a punishment illustrative of the US's aggressive sentencing against hackers under the controversial Computer Fraud and Abuse Act.
Naomi Colvin, from the human rights group the Courage Foundation, tells the Guardian that "Lauri's case is critically important in determining the reach of America's unusually harsh punitive sanctions for computer crimes."Read Replies (0)
By EditorDavid from Slashdot's no-headphone-jacks department
Though Apple officially unveils their newest iPhone on Tuesday, information is already leaking on the internet.
Mashable: "Physically, it's expected to be about the same size as an iPhone 7, but with an edge-to-edge OLED display that's bigger than what is currently on the iPhone 7 Plus. It won't have a home button or Touch ID, and will likely use some kind of facial recognition tech to unlock." MacRumors cites a report from KGI Securities analyst Ming-Chi Kuo suggesting facial recognition may just be one feature of a complex front camera with 3D sensing hardware, including a proximity sensor, ambient light sensor, and a structured light transmitter (using a surface-emitting laser) and receiver. CNET: "Irish iPhone programming guru Steve Troughton-Smith now feels sure he has the names of the three phones to be launched by Apple on Tuesday.... they'll (probably) be called the iPhone 8, iPhone 8 Plus and -- ta-da -- the iPhone X." Troughton-Smith also predicts a 3x screen at 1125x2436 resolution Fortune: "Apple's iPhone line is expected to catch up with Android phones in the area of wireless charging this year... just lay the phone down on a compatible charger mat or base or dock, and watch the battery fill up."
9to5Mac: "We've found a brand new feature called 'Animoji', which uses the 3D face sensors to create custom 3D animated emoji based on the expressions you make into the camera. Users will be able to make Animoji of unicorns, robots, pigs, pile of poo and many more."Read Replies (0)
By EditorDavid from Slashdot's serious-replies-only department
Slashdot reader unixisc writes:
While it's always been well known that Windows phones in the market have floundered, one saving grace has always been that one could at least use it for the barest minimum of apps, even if updates have stopped... Aside from a door stop or a hand me down to someone who'll use it like a dumb phone, what are your suggested uses for this phone? A music player (if the songs are on an SD card)? Games? As far as phones go, I have what I need, so for this, anything it's good for?
The original submission suggests problems connecting to wi-ifi -- something partially corroborated by complaints at Windows Central -- though Microsoft's site says they're still supporting wifi connections.
Slashdot reader thegreatbob suggested "shuffleboard puck" -- then added, "Snark aside, if you're into writing custom applications and such for them, there's probably a bootloader/root solution for you out there."
Leave your own best suggestions in the comments. What can you do with an old Windows Phone?Read Replies (0)
By EditorDavid from Slashdot's discredit-reports department
An anonymous reader quotes security researcher Brian Krebs:
The web site that Equifax advertised as the place where concerned Americans could go to find out whether they were impacted by this breach -- equifaxsecurity2017.com -- is completely broken at best, and little more than a stalling tactic or sham at worst. In the early hours after the breach announcement, the site was being flagged by various browsers as a phishing threat. In some cases, people visiting the site were told they were not affected, only to find they received a different answer when they checked the site with the same information on their mobile phones.
TechCrunch has concluded that "the checker site, hosted by Equifax product TrustID, seems to be telling people at random they may have been affected by the data breach." One user reports that entering the same information twice produced two different answers. And ZDNet's security editor reports that even if you just enter Test or 123456, "it says your data has been breached." TechCrunch writes:
The assignment seems random. But, nevertheless, they were still asked to continue enrolling in TrustID. What this means is not only are none of the last names tied to your Social Security number, but there's no way to tell if you were really impacted. It's clear Equifax's goal isn't to protect the consumer or bring them vital information. It's to get you to sign up for its revenue-generating product TrustID. Meanwhile, one web engineer claims the secret 10-digit "security freeze" PIN being issued by Equifax "is just a timestamp of when you made the freeze."Read Replies (0)
By EditorDavid from Slashdot's is-simple-better-than-complex? department
An anonymous reader quotes Stack Overflow Blog:
< article continued at Slashdot's is-simple-better-than-complex? department
>Read Replies (0)
By EditorDavid from Slashdot's internet-never-forgets department
Slashdot reader troublemaker_23 writes, "A number of security researchers have dismissed an article by reporter Brian Krebs about Marcus Hutchins, the Briton who is awaiting trial in the US on charges of writing and distributing the Kronos banking malware, by pointing out that it has nothing to do with the case." An anonymous reader writes:
Krebs investigated dozens of hacker forum pseudonyms, concluding "The clues suggest that Hutchins began developing and selling malware in his mid-teens -- only to later develop a change of heart and earnestly endeavor to leave that part of his life squarely in the rearview mirror." Krebs believes 15-year-old Hutchins registered a domain he'd later advertise as "mainly for blackhats wanting to phish," and in 2010 may have filmed YouTube videos about password-stealing malware. Krebs says the early activities are "fairly small-time -- and hardly rise to the level of coding from scratch a complex banking trojan and selling it to cybercriminals," though he believes Hutchins moved on to advertising exploit kits, password-stealers, and bot rentals.
Krebs also talked to 27-year-old Brendan Johnston, a friend of Hutchins who did time in prison in 2014 for selling Trojans, who "said his old friend sincerely tried to turn things around in late 2012... 'I feel like I know Marcus better than most people do online, and when I heard about the accusations I was completely shocked,. He tried for such a long time to steer me down a straight and narrow path that seeing this tied to him didn't make sense to me at all." Krebs stresses that Hutchins didn't try to hide the fact that he'd written malware, "which in the United States at least is a form of protected speech." And his essay concludes, "Let me be clear: I have no information to support the claim that Hutchins authored or sold the Kronos banking trojan."
< article continued at Slashdot's internet-never-forgets department
>Read Replies (0)
By EditorDavid from Slashdot's gnitupmoc-elbisrever department
"It's not about an undo button," writes Slashdot reader marcle, sharing an article by a senior member of the technical staff at Sandia National Laboratories who's studying advanced technologies for computation. "Just reading this story bends my mind." From IEEE Spectrum:
[F]or several decades now, we have known that it's possible in principle to carry out any desired computation without losing information -- that is, in such a way that the computation could always be reversed to recover its earlier state. This idea of reversible computing goes to the very heart of thermodynamics and information theory, and indeed it is the only possible way within the laws of physics that we might be able to keep improving the cost and energy efficiency of general-purpose computing far into the future...
Today's computers rely on erasing information all the time -- so much so that every single active logic gate in conventional designs destructively overwrites its previous output on every clock cycle, wasting the associated energy. A conventional computer is, essentially, an expensive electric heater that happens to perform a small amount of computation as a side effect... [I]t's really hard to engineer a system that does something computationally interesting without inadvertently incurring a significant amount of entropy increase with each operation. But technology has improved, and the need to minimize energy use is now acute... In 2004 Krishna Natarajan (a student I was advising at the University of Florida) and I showed in detailed simulations that a new and simplified family of circuits for reversible computing called two-level adiabatic logic, or 2LAL, could dissipate as little as 1 eV of energy per transistor per cycle -- about 0.001 percent of the energy normally used by logic signals in that generation of CMOS. Still, a practical reversible computer has yet to be built using this or other approaches.
< article continued at Slashdot's gnitupmoc-elbisrever department
>Read Replies (0)
By EditorDavid from Slashdot's free-and-open-source-media-player-applications department
Friday the makers of an open source media player Kodi called out trademark trolls who they say have "attempted to register the Kodi name in various countries outside the United States with the goal of earning money off the Kodi name without doing any work beyond sending threatening letters." BrianFagioli shares an article in which BetaNews quotes Kodi community and project manager Nathan Betzen:
"At least one trademark troll has so far not agreed to voluntarily release their grasp on their registration of our trademark and is actively blackmailing hardware vendors in an entire country, trying to become as rich as possible off of our backs and the backs of Kodi volunteers everywhere. His name is Geoff Gavora. He had written several letters to the Foundation over the years, expressing how important XBMC and Kodi were to him and his sales. And then, one day, for whatever reason, he decided to register the Kodi trademark in his home country of Canada. We had hoped, given the positive nature of his past emails, that perhaps he was doing this for the benefit of the Foundation. We learned, unfortunately, that this was not the case," says Nathan Betzen, Kodi Project Manager.
"Instead, companies like Mygica and our sponsor Minix have been delisted by Gavora on Amazon, so that only Gavora's hardware can be sold, unless those companies pay him a fee to stay on the store. Now, if you do a search for Kodi on Amazon.ca, there's a very real chance that every box you see is giving Gavora money to advertise that they can run what should be the entirely free and open Kodi. Gavora and his company are behaving in true trademark troll fashion."Read Replies (0)