By EditorDavid from Slashdot's tele-presents department
An anonymous reader writes:
An investigation by Sophos has uncovered a new, lazy but effective ransomware attack where hackers brute force passwords on computers with [Microsoft's] Remote Desktop Protocol enabled, use off-the-shelf privilege escalation exploits to make themselves admins, turn off security software and then manually run fusty old versions of ransomware.
They even delete the recovery files created by Windows Live backup -- and make sure they can also scramble the database. "Because they've used their sysadmin powers to rig the system to be as insecure as they can, they can often use older versions of ransomware, perhaps even variants that other crooks have given up on and that are now floating around the internet 'for free'."
Most of the attacks hit small-to-medium companies with 30 or fewer employees, since "with small scale comes a dependence on external IT suppliers or 'jack-of-all-trades' IT generalists trying to manage cybersecurity along with many other responsibilities. In one case a victim was attacked repeatedly, because of a weak password used by a third-party application that demanded 24-hour administrator access for its support staff."Read Replies (0)
By EditorDavid from Slashdot's ready-for-winter department
An anonymous reader quotes Ars Technica:
Apple released iOS 11.1.2 for iPhones and iPads Thursday afternoon. It's a minor, bug-fix update that benefits iPhone X users who encountered issues after acquiring the new phone just under two weeks ago... The update fixes just two problems. The first is "an issue where the iPhone X screen becomes temporarily unresponsive to touch after a rapid temperature drop." Last week, some iPhone X owners began reporting on Reddit and elsewhere that their touchscreens became temporarily unresponsive when going outside into the cold... The update also "addresses an issue that could cause distortion in Live Photos and videos captured with iPhone X."
The article notes that the previous update "fixed a strange and widely mocked autocorrect bug that turned the letter 'i' into strange characters."
"To date, iOS 11's updates have largely been bug fixes."Read Replies (0)
By EditorDavid from Slashdot's then-there's-neurodiversity department
"James Damore opens up about his regrets -- and how autism may have shaped his experience of the world," writes the west coast bureau chief for the Guardian. An anonymous reader quotes their report:
The experience has prompted some introspection. In the course of several weeks of conversation using Google's instant messaging service, which Damore prefers to face-to-face communication, he opened up about an autism diagnosis that may in part explain the difficulties he experienced with his memo. He believes he has a problem understanding how his words will be interpreted by other people... It wasn't until his mid-20s, after completing research in computational biology at Princeton and MIT, and starting a PhD at Harvard, that Damore was diagnosed with autism, although he was told he had a milder version of the condition known as "high-functioning autism"...
Damore argues that Google's focus on avoiding "micro-aggressions" is "much harder for someone with autism to follow". But he stops short of saying autistic employees should be given more leniency if they unintentionally offend people at work. "I wouldn't necessarily treat someone differently," he explains. "But it definitely helps to understand where they're coming from." I ask Damore if, looking back over the last few months, he feels that his difficult experience with the memo and social media may be related to being on the spectrum. "Yeah, there's definitely been some self-reflection," he says. "Predicting controversies requires predicting what emotional reaction people will have to something. And that's not something that I excel at -- although I'm working on it."Read Replies (0)
By EditorDavid from Slashdot's hammering-on-headphones department
Google's new Pixel Buds "are really bad" and "not worth buying," according to CNBC's technology products editor:
The stand-out feature of Google Pixel Buds is that they're supposed to be able to translate spoken languages in near real-time. In my real-world tests, however, that wasn't the case at all. I took the Pixel Buds out on the streets of Manhattan, speaking to a Hungarian waiter in Little Italy, multiple vendors in Chinatown and more. If you press the right earbud and say "help me speak Chinese," for example, the buds will launch Google Translate, you can speak what you'd like to ask someone in another language, and a voice will read out the translated speech through your smartphone's speakers. Then, when someone replies, you'll hear that response through the Pixel Buds.
The microphone on the Pixel Buds is really bad, so it barely picked up my voice queries that I wanted to translate. I stood on the side of the road in Chinatown repeating myself at least 10 times trying to get the phone to pick up my speech in order to begin translation. It barely worked, even if I took the buds out and spoke directly into the microphone on the right earbud, and often only translated half of what I was trying to ask. In a quiet place, I was able to allow someone to respond to me, after which I'd hear the English translation through the headphones. That was neat, but it barely ever actually worked that way. To mitigate this, I found it was just easier to manually open the Google translate app, speak into my phone's microphone, and then let someone else also speak right into my phone. This executed the translation nearly perfectly, and meant that I didn't need the Pixel Buds at all.
The article ends by answering the question, Should you buy them? "Nope. There's nothing I recommend about the Pixel Buds.
< article continued at Slashdot's hammering-on-headphones department
>Read Replies (0)
By EditorDavid from Slashdot's scary-movies department
An anonymous reader quotes Space.com:
A graphic new video posits a very scary future in which swarms of killer microdrones are dispatched to kill political activists and U.S. lawmakers. Armed with explosive charges, the palm-sized quadcopters use real-time data mining and artificial intelligence to find and kill their targets. The makers of the seven-minute film titled Slaughterbots are hoping the startling dramatization will draw attention to what they view as a looming crisis -- the development of lethal, autonomous weapons, that select and fire on human targets without human guidance.
The Future of Life Institute, a nonprofit organization dedicated to mitigating existential risks posed by advanced technologies, including artificial intelligence, commissioned the film. Founded by a group of scientists and business leaders, the institute is backed by AI-skeptics Elon Musk and Stephen Hawking, among others. The institute is also behind the Campaign to Stop Killer Robots, a coalition of non-governmental organizations which have banded together to call for a preemptive ban on lethal autonomous weapons... The film will be screened this week at the United Nations in Geneva during a meeting of the Convention on Certain Conventional Weapons... The Campaign to Stop Killer Robots is hosting a series of meetings at this year's event to propose a worldwide ban on lethal autonomous weapons, which could potentially be developed as flying drones, self-driving tanks, or automated sentry guns.
"This short film is more than just speculation," says Stuart Russell, a U.C. Berkeley considered an expert in artificial intelligence.
"It shows the results of integrating and miniaturizing technologies we already have."Read Replies (0)
By EditorDavid from Slashdot's bug-bounty-bugs department
An anonymous reader quotes Ars Technica:
DJI, the Chinese company that manufactures the popular Phantom brand of consumer quadcopter drones, was informed in September that developers had left the private keys for both the "wildcard" certificate for all the company's Web domains and the keys to cloud storage accounts on Amazon Web Services exposed publicly in code posted to GitHub. Using the data, researcher Kevin Finisterre was able to access flight log data and images uploaded by DJI customers, including photos of government IDs, drivers licenses, and passports. Some of the data included flight logs from accounts associated with government and military domains.
Finisterre found the security error after beginning to probe DJI's systems under DJI's bug bounty program, which was announced in August. But as Finisterre worked to document the bug with the company, he got increasing pushback -- including a threat of charges under the Computer Fraud and Abuse Act. DJI refused to offer any protection against legal action in the company's "final offer" for the data. So Finisterre dropped out of the program and published his findings publicly yesterday, along with a narrative entitled, "Why I walked away from $30,000 of DJI bounty money."
The company says they're now investigating "unauthorized access of one of DJI's servers containing personal information," adding that "the hacker in question" refused to agree to their terms and shared "confidential communications with DJI employees."Read Replies (0)
By EditorDavid from Slashdot's ongoing-investigations department
An anonymous reader quotes the New York Daily News:
Authorities in Texas served Apple with a search warrant in order to gain access to the Sutherland Springs church shooter's cellphone files. Texas Ranger Kevin Wright obtained the warrant last week, according to San Antonio Express-News.
Investigators are hoping to gain access to gunman Devin Patrick Kelley's digital photos, messages, calls, videos, social media passwords, address book and data since January 2016. Authorities also want to know what files Kelley stored in his iCloud account.
Fast Company writes that "it's very likely that Apple will give the Rangers the same answer it gave the FBI in 2016 (in effect, hell no!)... That may be why, in the Texas case, the FBI and the Rangers didn't even bother calling Apple, but rather went straight to court."Read Replies (0)
By EditorDavid from Slashdot's jobs-for-Wozniaks department
Slashdot reader jonyen writes: For generations, apprenticeships have been the way of working life; master craftsmen taking apprentices under their wing, teaching them the tools of the trade. This declined during the Industrial Revolution as the advent of the assembly line enabled mass employment for unskilled laborers. The master-apprentice model went further out of focus as higher education and formal training became increasingly more valuable.
Fast forward to the 21st century, where employers are turning back the page to apprenticeships in an effort to fill a growing skills gap in the labor force in the digital age. Code.org estimates there will be a million unfulfilled tech jobs by 2020.
jonyen shared this article by IBM's Vice President of Talent:IBM is committed to addressing this shortage and recently launched an apprenticeship program registered with the US Department of Labor, with a plan to have 100 apprentices in 2018. ... Other firms have taken up the apprenticeship challenge as well. Salesforce CEO Marc Benioff, for example, has called for creating 5 million American apprentices in the next five years.
An apprenticeship offers the chance for Americans to get the formal education they need, whether through a traditional university, a community college or a trade school, while getting something else: On-the-job experience and an income... Right now, there are more than 6 million jobs in the U.S. that are going unfilled because employers can't find candidates with the right skills, according to the Labor Department.
IBM says their apprentices "are on their way to becoming software developers in our Cloud business and mainframe administrators for technologies like Blockchain, and we will add new apprenticeships in data analytics and cybersecurity as we replicate the program across the U.S."
"Ninety-one percent of apprentices in the U.S. find employment after completing their program, and their average starting wage is above $60,000."Read Replies (0)
By EditorDavid from Slashdot's seeking-a-reaction department
Researchers working with a team at the Los Alamos National Lab tested a new way to build material for nuclear fusion reactors, "and found that it could eliminate one of the obstacles preventing humanity from harnessing the power of fusion energy." schwit1 quotes Science Alert:
A collaboration of engineers and researchers has found a way to prevent helium, a byproduct of the fusion reaction, from weakening nuclear fusion reactors. The secret is in building the reactors using nanocomposite solids that create channels through which the helium can escape... Not only does the fusion process expose reactors to extreme pressure and temperatures, helium -- the byproduct of fusion between hydrogen atoms -- adds to the strain placed on reactors by bubbling out into the materials and eventually weakening them...
In a study published in the journal Science Advances, the researchers overview how they tested the behavior of helium in nanocomposite solids, materials made from thick metal layer stacks. They found that the helium didn't form bubbles in these nanocomposite solids like it did in traditionally used materials. Instead, it formed long, vein-like tunnels. "We were blown away by what we saw," said Demkowicz. "As you put more and more helium inside these nanocomposites, rather than destroying the material, the veins actually start to interconnect, resulting in kind of a vascular system."
The article points out that nuclear fusion generates four times the energy of nuclear fission.Read Replies (0)
By EditorDavid from Slashdot's new-networking-notions department
Facebook will open source its modular network routing software Open/R, currently used in its backbone and data center networks, which "provides a platform to disseminate state across the network and allows new applications to be built on top of it." An anonymous reader quotes TechCrunch:
Facebook obviously has unique scale needs when it comes to running a network. It has billions of users doing real-time messaging and streaming content at a constant clip. As with so many things, Facebook found that running the network traffic using traditional protocols had its limits and it needed a new way to route traffic that didn't rely on the protocols of the past, Omar Baldonado, Engineering Director at Facebook explained... While it was originally developed for Facebook's Terragraph wireless backhaul network, the company soon recognized it could work on other networks too including the Facebook network backbone, and even in the middle of Facebook network, he said. Given the company's extreme traffic requirements where the conditions were changing so rapidly and was at such scale, they needed a new way to route traffic on the network. "We wanted to find per application, the best path, taking into account dynamic traffic conditions throughout the network," Baldonado said.
But Facebook also recognized that it could only take this so far internally, and if they could work with partners and other network operators and hardware manufacturers, they could extend the capabilities of this tool. They are in fact working with other companies in this endeavor including Juniper and Arista networks, but by open sourcing the software, it allows developers to do things with it that Facebook might not have considered, and their engineering team finds that prospect both exciting and valuable.
< article continued at Slashdot's new-networking-notions department
>Read Replies (0)
By EditorDavid from Slashdot's can't-win-'em-all department
An Australian court can't make a California advocacy group take down a web page, a U.S. federal judge just ruled on Friday. Even if that web page calls a company's patents "stupid." Courthouse News reports:
San Francisco-based Electronic Frontier Foundation sued Global Equity Management, or GEMSA, in April, claiming the Australian firm exploited its home country's weaker free speech protections to secure an unconstitutional injunction against EFF. Kurt Opsahl, EFF's deputy executive director and general counsel, hailed the ruling as a victory for free speech. "We knew all along the speech was protected by the First Amendment," Opsahl said in a phone interview Friday. "We were pleased to see the court agree." Opsahl said the ruling sends a strong message EFF and other speakers can weigh in on important topics, like patent reform, without fear of being muzzled by foreign court orders.
The dispute stems from an article EFF published in June 2016, featuring GEMSA in its "Stupid Patent of the Month" series. The GEMSA patent is for a "virtual cabinet" to store data. In the article, EFF staff attorney Daniel Nazer called GEMSA a "classic patent troll" that uses its patent on graphic representations of data storage to sue "just about anyone who runs a website." The article also says GEMSA "appears to have no business other than patent litigation."
The judge granted EFF a default judgment, saying the Australian court's injunction was not only unenforceable in the United States but also "repugnant" to the U. S. Constitution.Read Replies (0)
By EditorDavid from Slashdot's live-free-or-sue department
Earlier this month Bruce Perens notified us that "the Software Freedom Law Center, a Linux-Foundation supported organization, has asked USPTO to cancel the trademark of the name of the Software Freedom Conservancy, an organization that assists and represents Free Software/Open Source developers." Now Slashdot reader curcuru -- director of the Apache Software Foundation -- writes:
No matter how you look at it, this kind of lawsuit is a loss for software freedom and open source in general, since this kind of USPTO trademark petition (like a lawsuit) will tie up both organizations, leaving less time and funds to help FOSS projects. There's clearly more to the issue than the trademark issue; the many community members' blog posts make that clear.
GNOME executive director Neil McGovern
Apache Software Foundation director Shane Curcuru
Google security developer Matthew Garrett
Linux industry journalist Bryan Lunduke
The key point in this USPTO lawsuit is that the legal aspects aren't actually important. What's most important is the community reaction: since SFLC and Conservancy are both non-profits who help serve free software communities, it's the community perception of what organizations to look to for help that matters. SFLC's attempt to take away the Conservancy's very name doesn't look good for them.
Bryan Lunduke's video covers the whole case, including his investigation into the two organizations and their funding.Read Replies (0)
By EditorDavid from Slashdot's battle-of-the-browsers department
An anonymous reader quotes TechNewsWorld:
Firefox is not only fast on startup -- it remains zippy even when taxed by multitudes of tabs. "We have a better balance of memory to performance than all the other browsers," said Firefox Vice President for Product Nick Nguyen. "We use 30 percent less memory, and the reason for that is we can allocate the number of processes Firefox uses on your computer based on the hardware that you have," he told TechNewsWorld. The performance improvements in Quantum could be a drink from the fountain of youth for many Firefox users' systems. "A significant number of our users are on machines that are two cores or less, and less than 4 gigabytes of RAM," Nguyen explained.
Mashable ran JetStream 1.1 tests on the ability to run advanced web applications, and concluded that "Firefox comes out on top, but not by much. This means it's, according to JetStream, slightly better suited for 'advanced workloads and programming techniques.'" Firefox also performed better on "real-world speed tests" on Amazon.com and the New York Times' site, while Chrome performed better on National Geographic, CNN, and Mashable.
< article continued at Slashdot's battle-of-the-browsers department
>Read Replies (0)
By EditorDavid from Slashdot's hear-different department
A limited but increasing number of iPhone X owners claim to be experiencing so-called "crackling" or "buzzing" sounds emanating from the device's front-facing earpiece speaker at high or max volumes. Over two dozen users have said they are affected in a MacRumors discussion topic about the matter, while similar reports have surfaced on Twitter and Reddit since the iPhone X launched just over a week ago. On affected devices, the crackling sounds occur with any kind of audio playback, including phone calls, music, videos with sound, alarms, and ringtones. The issue doesn't appear to be limited to any specific iPhone X configuration or iOS version.
"The speakerphone for an $1100 phone should be at least as good as it was on the iPhone 6 and 7," complained one user, "but instead, it's crackly, edgy and buzzy."
"I believe we all knew the iPhone X would be highly scrutinized," writes Slashdot reader sqorbit, "but the reported problems appear to be stacking up."Read Replies (0)
By BeauHD from Slashdot's bleak-findings department
An anonymous reader quotes a report from Motherboard: Depression and suicide rates in teenagers have jumped in the last decade -- doubling between 2007 and 2015 for girls -- and the trend suspiciously coincides with when smartphones became their constant companions. A recent study places their screen time around nine hours per day. Another study, published on Tuesday, suggests that suicide and depression could be connected to the rise of smartphones, and increased screen time. Around 58 percent more girls reported depression symptoms in 2015 than in 2009, and suicide rates rose 65 percent. Smack in the middle of that window of time, smartphones gained market saturation.
In Twenge's new study, published in the journal Clinical Psychological Science, the researchers looked at two samples: a nationally representative survey by ongoing study "Monitoring the Future" out of the University of Michigan, which is administered annually to 8th, 10th, and 12th graders, and the Centers for Disease Control's Youth Risk Behavior Surveillance System, a sample of high school students administered by the CDC every other year. (Both surveys began in 1991.) Altogether, over 500,000 young people were included. The study authors examined trends in how teens used social media, the internet, electronic devices (including gaming systems and tablets), and smartphones, as well as how much time they spent doing non-screen activities like homework, playing sports, or socializing. Comparing these to publicly available data on mental health and suicide for these ages between 2010 and 2017 showed "a clear pattern linking screen activities with higher levels of depressive symptoms/suicide-related outcomes and non-screen activities with lower levels," the researchers wrote in the study. All activities involving screens were associated with higher levels of depression or suicide and suicidal thinking, and activities done away from a screen were not.Read Replies (0)
By BeauHD from Slashdot's winners-and-losers department
Camel Pilot writes: The new GOP tax plan -- which just passed the House -- will tax tuition waivers as income. Graduate students working as research assistants on meager stipends would have to declare tuition waivers as income on the order of $80,000 income. This will force many graduate students of modest means to quit their career paths and walk away from their research. These are the next generation of scientists, engineers, inventors, educators, medical miracle workers and market makers. As Prof Claus Wilke points out: "This would be a disaster for U.S. STEM Ph.D. education." Slashdot reader Camel Pilot references a report via The New York Times, where Erin Rousseau explains how the House of Representatives' recently passed tax bill affects graduate research in the United States. Rousseau is a graduate student at M.I.T. who studies the neurological basis of mental health disorders. "My peers and I work between 40 and 80 hours a week as classroom teachers and laboratory researchers, and in return, our universities provide us with a tuition waiver for school. For M.I.T. students, this waiver keeps us from having to pay a tuition bill of about $50,000 every year -- a staggering amount, but one that is similar to the fees at many other colleges and universities," he writes. "No money from the tuition waivers actually ends up in our pockets, so under Section 117(d)(5), it isn't counted as taxable income." Rousseau continues by saying his tuition waivers will be taxed under the House's tax bill. "This means that M.I.T. graduate students would be responsible for paying taxes on an $80,000 annual salary, when we actually earn $33,000 a year. That's an increase of our tax burden by at least $10,000 annually."Read Replies (0)