By BeauHD from Slashdot's dirty-hacks department
An anonymous reader quotes a report from ZDNet: Cloudflare's new speed and privacy enhancing domain name system (DNS) servers, launched on Sunday, are also part of an experiment being conducted in partnership with the Asia Pacific Network Information Center (APNIC). The experiment aims to understand how DNS can be improved in terms of performance, security, and privacy. "We are now critically reliant on the integrity of the DNS, yet the details of the way it operates still remains largely opaque," wrote APNIC's chief scientist Geoff Huston in a blog post. "We are aware that the DNS has been used to generate malicious denial of service attacks, and we are keen to understand if there are simple and widely deployable measures that can be taken to mitigate such attacks. The DNS relies on caching to operate efficiently and quickly, but we are still unsure as to how well caching actually performs. We are also unclear how much of the DNS is related to end user or application requirements for name resolution, and how much is related to the DNS chattering to itself."
The Cloudflare-APNIC experiment uses two IPv4 address ranges, 1.1.1/24 and 1.0.0/24, which have been reserved for research use. Cloudflare's new DNS uses two addresses within those ranges, 220.127.116.11 and 18.104.22.168. These address ranges were originally configured as "dark traffic addresses", and some years ago APNIC partnered with Google to analyze the unsolicited traffic directed at them. There was a lot of it. "Our initial work with it certainly showed it to be an unusually strong attractor for bad traffic. At the time we stopped doing it with Google, it was over 50 gigabits per second. Quite frankly, few folk can handle that much noise," Huston told ZDNet on Wednesday. By putting Cloudflare's DNS on these research addresses, APNIC gets to see the noise as well as the DNS traffic -- or at least "a certain factored amount" of it -- for research purposes.Read Replies (0)
By BeauHD from Slashdot's show-and-tell department
An anonymous reader shares a report from Quartz, written by Estonian e-Resident April Rinne: In 2014, Estonia, a country previously known as much for its national singing revolution as anything else, became the first country in the world to launch an e-Residency program. Once admitted, e-Residents can conduct business worldwide as if they were from Estonia, which is a member of the EU. They are given government-issued digital IDs, can open Estonian bank and securities accounts, form and register Estonian companies, and have a front-row seat as nascent concepts of digital and virtual citizenship evolve. There is no requirement to have a physical presence in Estonia. [...] Three years in, what I find most incredible about e-Residency is that it actually works.
< article continued at Slashdot's show-and-tell department
>Read Replies (0)
By BeauHD from Slashdot's big-step-forward department
In a blog post today, Microsoft said that it has created what it believes is the "first technological breakthrough" toward making conversations with chatbots more like speaking to another person. Windows Central reports: Microsoft says that it has figured out how to make chatbots talk and listen at the same time, allowing them to operate in "full duplex," to use telecommunications jargon. The company says this allows chatbots or assistants to have a flowing conversation with humans, much more akin to how people talk to one another. That stands in contrast to how digital assistants and bots currently work, where only one side can talk at any given time. The technology is already up and running in Xiaolce, Microsoft's AI chatbot currently operating in China. Using "full duplex voice sense," as Microsoft calls it, Xiaolce can more quickly predict what the person it is speaking to will say. "That helps her make decisions about both how and when to respond to someone who is chatting with her, a skill set that is very natural to people but not yet common in chatbots," Microsoft says. Another bonus of the breakthrough is that people interacting with chatbots don't have to use a "wake word" every time they speak during a conversation.Read Replies (0)
By BeauHD from Slashdot's privacy-matters department
shanen writes: Due to the recent kerfuffles, I decided to try again to see what Google had on me. This time I succeeded and failed, in contrast to the previous pure failures. Yes, I did find Google's takeout website and downloaded all of "my data," but no, it means nothing to me. Here are a few sub-questions I couldn't answer: 1. Much more data than I ever created, so where did the rest come from? 2. How does the data relate to the characteristic vector that Google uses to characterize me? 3. What tools do Googlers use to make sense of the data? Lots more questions, but those are the ones that are most bugging me right now. Question 2. is probably heaviest among them, since I've read that the vector has 700 dimensions... So do you have any answers? Or better questions? Or your own takeout experiences to share?
Oh yeah, one more thing. Based on my own troubled experience with the download process, it is clear that Google doesn't really want us to download the so-called "our own" data. My Question 4. is now: "What is Google hiding about me from me?"Read Replies (0)
By BeauHD from Slashdot's stuck-in-purgatory department
Since the recent Cambridge Analytica data privacy scandal, Facebook has been rolling out more security and data privacy updates. "Today, however, the company announced sweeping changes to many of its most prominent APIs, restricting develop access in a number of crucial ways," reports The Verge. "Soon after, Tinder users started noting on Twitter that they had been kicked off the dating app and couldn't log back on, as those who used Facebook Login were caught in an infinite loop that appears to be related to an unknown bug." From the report: The app has been bringing up an error message to booted users, titled Facebook Permissions, stating that users need to provide more Facebook permissions in order to create or use a Tinder account. If users tap "Ask me," which is the only given option, the app requests they log into Facebook once more and the loop starts again. Roderick Hsiao, a senior software engineer at Tinder, tweeted that users could still access the service through its web browser while engineers worked on fixing the mobile client.Read Replies (0)
By BeauHD from Slashdot's not-expected department
An anonymous reader quotes a report from Ars Technica: CenturyLink is trying to force customers into arbitration in order to avoid a class-action lawsuit from subscribers who say they've been charged for services they didn't order. To do so, CenturyLink has come up with a surprising argument -- the company says it doesn't have any customers. While the customers sued CenturyLink itself, the company says the customers weren't actually customers of CenturyLink. Instead, CenturyLink says they were customers of 10 subsidiaries spread through the country. CenturyLink basically doesn't exist as a service provider -- according to a brief CenturyLink filed Monday.
"That sole defendant, CenturyLink, Inc., is a parent holding company that has no customers, provides no services, and engaged in none of the acts or transactions about which Plaintiffs complain," CenturyLink wrote. "There is no valid basis for Defendant to be a party in this Proceeding: Plaintiffs contracted with the Operating Companies to purchase, use, and pay for the services at issue, not with CenturyLink, Inc." CenturyLink says those operating companies should be able to intervene in the case and "enforce class-action waivers," which would force the customers to pursue their claims via arbitration instead of in a class-action lawsuit. By suing CenturyLink instead of the subsidiaries, "it may be that Plaintiffs are hoping to avoid the arbitration and class-action waiver provisions," CenturyLink wrote.Read Replies (0)
By msmash from Slashdot's don't-be-evil department
Thousands of Google employees, including dozens of senior engineers, have signed a letter protesting the company's involvement in a Pentagon program that uses artificial intelligence to interpret video imagery and could be used to improve the targeting of drone strikes (Editor's note: the link may be paywalled; alternative source). From a report: The letter, which is circulating inside Google and has garnered more than 3,100 signatures, reflects a culture clash between Silicon Valley and the federal government that is likely to intensify as cutting-edge artificial intelligence is increasingly employed for military purposes. "We believe that Google should not be in the business of war," says the letter, addressed to Sundar Pichai, the company's chief executive. It asks that Google pull out of Project Maven, a Pentagon pilot program, and announce a policy that it will not "ever build warfare technology." That kind of idealistic stance, while certainly not shared by all Google employees, comes naturally to a company whose motto is "Don't be evil," a phrase invoked in the protest letter. But it is distinctly foreign to Washington's massive defense industry and certainly to the Pentagon, where the defense secretary, Jim Mattis, has often said a central goal is to increase the "lethality" of the United States military.Read Replies (0)
By msmash from Slashdot's how-about-that department
An anonymous reader writes: Intel released an update to the Meltdown and Spectre mitigation guide, revealing that it stopped working on mitigations for some processor series. The Meltdown and Spectre mitigation guide is a PDF document that Intel published in February. The file contains information on the status of microcode updates for each of Intel's CPU models released in the past years. Intel has constantly updated the document in the past weeks with new information about processor series and the microcode firmware version number that includes patches for the Meltdown and Spectre flaws. An update published on Monday includes for the first time a "Stopped" production status. Intel says that processors with a "Stopped" status will not receive microcode updates. The reasons basically vary from "redesigning the CPU micro-architecture is impossible or not worth the effort" to "it's an old CPU" and "customers said they don't need it." The following Intel processor products received a "Stopped" status marker: Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0, Harpertown Xeon E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale C0, Wolfdale M0, Wolfdale E0, Wolfdale R0, Wolfdale Xeon C0, Wolfdale Xeon E0, Yorkfield, and Yorkfield Xeon.Read Replies (0)