By EditorDavid from Slashdot's I'll-be-seeing-you department
An anonymous reader quotes Reuters:
At a highway check point on the outskirts of Beijing, local police are this week testing out a new security tool: smart glasses that can pick up facial features and car registration plates, and match them in real-time with a database of suspects. The AI-powered glasses, made by LLVision, scan the faces of vehicle occupants and the plates, flagging with a red box and warning sign to the wearer when any match up with a centralized "blacklist".
The test -- which coincides with the annual meeting of China's parliament in central Beijing -- underscores a major push by China's leaders to leverage technology to boost security in the country... Wu Fei, chief executive of LLVision, said people should not be worried about privacy concerns because China's authorities were using the equipment for "noble causes", catching suspects and fugitives from the law. "We trust the government," he told Reuters at the company's headquarters in Beijing.
This weekend while China's President Xi Jinping is expected to push through a reform allowing him to stay in power indefinitely, Reuters reports that the Chinese goverment is pushing the use of cutting-edge technology "to track and control behavior that goes against the interests of the ruling Communist Party online and in the wider world... A key concern is that blacklists could include a wide range of people stretching from lawyers and artists to political dissidents, charity workers, journalists and rights activists...
"The new technologies range from police robots for crowd control, to drones to monitor border areas, and artificially intelligent systems to track and censor behavior online," Reuters reports, citing one Hong Kong researcher who argues that China now sees internet and communication technologies "as absolutely indispensable tools of social and political control."Read Replies (0)
By EditorDavid from Slashdot's not-making-your-case department
Former Linux developer Patrick McHardy dropped his Gnu General Public License version 2 (GPLv2) violation case against Geniatech in a German court this week. ZDNet explains why some consider this a big "win":
People who find violations typically turn to organizations such as the Free Software Foundation, Software Freedom Conservancy (SFC), and the Software Freedom Law Center to approach violators. These organizations then try to convince violating companies to mend their ways and honor their GPLv2 legal requirements. Only as a last resort do they take companies to court to force them into compliance with the GPLv2. Patrick McHardy, however, after talking with SFC, dropped out from this diplomatic approach and has gone on his own way. Specifically, McHardy has been accused of seeking his own financial gain by approaching numerous companies in German courts. Geniatech claimed McHardy has sued companies for Linux GPLv2 violations in over 38 cases. In one, he'd requested a contractual penalty of €1.8 million. The company also claimed McHardy had already received over €2 million from his actions...
In July 2016, the Netfilter developers suspended him from the core team. They received numerous allegations that he had been shaking down companies. McHardy refused to discuss these issues with them, and he refused to sign off on the Principles of Community-Oriented GPL Enforcement. In October 2017, Greg Kroah-Hartman, Linux kernel maintainer for the stable branch, summed up the Linux kernel developers' position. Kroah-Hartman wrote: "McHardy has sought to enforce his copyright claims in secret and for large sums of money by threatening or engaging in litigation...."
< article continued at Slashdot's not-making-your-case department
>Read Replies (0)
By EditorDavid from Slashdot's not-staying-neutral department
Here's the latest developments in the ongoing fight over net neutrality rules:
CNET reports that Democrats in the Senate "have been pushing to use the Congressional Review Act to roll back the FCC's repeal of net neutrality rules. They've gotten the support of 50 senators for the measure, including one Republican, Susan Collins of Maine. Sen. John Kennedy from Louisiana , who's been undecided in his support of the CRA bill, was being courted by Democrats as the tie-breaking vote to pass the measure in the Senate...
"On Wednesday, Kennedy introduced a piece of legislation that would ban companies like AT&T and Comcast from slowing down or blocking access to websites or internet services. But the bill wouldn't prevent these broadband and wireless companies from offering paid prioritization, which many critics fear could lead to so-called internet 'fast lanes.'"
Axios reports that lawsuits looking to strike down the Federal Communications Commission's repeal of its own net neutrality rules "will be heard in the U.S. Court of Appeals for the Ninth Circuit, the court said Thursday... The lottery to decide the location of the court arguments was the result of lawsuits filed against the FCC in different jurisdictions, including by Attorneys General from more than 20 states, led by New York attorney general Eric Schneiderman."
The Associated Press reports that on Monday, Washington became the first state to set up its own net-neutrality requirements. But they add that governors in five states -- Hawaii, New Jersey, New York, Montana and Vermont -- "have signed executive orders related to net-neutrality issues, according to the National Conference of State Legislatures. Montana's order, for instance, bars telecommunications companies from receiving state contracts if they interfere with internet traffic or favor higher-paying sites or apps."Read Replies (0)
By EditorDavid from Slashdot's distributing-denial-of-service-attacks department
PC Magazine reports:
A new way to amplify DDoS attacks has been spotted harassing Google, Amazon, Pornhub and even the National Rifle Association's main website after striking Github last week. The attacks, which exploit vulnerable "memcached servers," have been trying to hose down scores of new targets with a flood of internet traffic, according to Chinese security firm Qihoo 360... Github was the first high-profile victim and suffered a 1.35 Tbps assault -- or what was then the biggest DDoS attack on record. But days later, an unnamed U.S. service provider fended off a separate assault, which measured at 1.7 Tbps.Unfortunately, the amplified DDoS attacks haven't stopped. They've gone on to strike over 7,000 unique IP addresses in the last seven days, Qihoo 360 said in a blog post... Gaming sites including Rockstargames.com, Minecraft.net, and Playstation.net have been among those hit...
The security community is also steadily addressing the linchpin to all the assaults: the vulnerable memcached servers. About 100,000 of these online storage systems were publicly exposed over a week ago. But the server owners have since patched or firewalled about 60,000 of them, Radware security researcher Daniel Smith said. That leaves 40,000 servers open to exploitation. Smith points to how the coding behind the attack technique has started to circulate online through free tools and scripts.
Meanwhile, Slashdot reader darthcamaro shares an article about "the so-call 'kill switch'" that some vendors have been debating:
"The 'kill switch' was immediately obvious to everyone who worked on mitigating this DDoS attack," John Graham-Cumming, CTO of CloudFlare said. "We chose not to use or test this method because it would be unethical and likely illegal since it alters the state of a remote machine without authorization."Read Replies (0)
By EditorDavid from Slashdot's raising-the-Spectre department
An anonymous reader quotes BleepingComputer: A new variation of the Spectre attack has been revealed this week by six scientists from the Ohio State University. Named SgxSpectre, researchers say this attack can extract information from Intel SGX enclaves. Intel Software Guard eXtensions (SGX) is a feature of modern Intel processors that allow an application to create so-called enclaves. This enclave is a hardware-isolated section of the CPU's processing memory where applications can run operations that deal with extremely sensitive details, such as encryption keys, passwords, user data, and more... Neither Meltdown and Spectre were able to extract data from SGX enclaves. This is where SgxSpectre comes in.
According to researchers, SgxSpectre works because of specific code patterns in software libraries that allow developers to implement SGX support into their apps. Vulnerable SGX development kits include the Intel SGX SDK, Rust-SGX, and Graphene-SGX. Academics say an attacker can leverage the repetitive code execution patterns that these SDKs introduce in SGX enclaves and watch for small variations of cache size. This allows for side-channel attacks that allow a threat actor to infer and slowly recover data from secure enclaves. Intel's recent Spectre patches don't necessarily help, as an attacker can work around these fixes. Intel says an update for the Intel SGX SDK that adds SgxSpectre mitigations will be released on March 16. Apps that implement Google's Retpoline anti-Spectre coding techniques are safe, researchers say.Read Replies (0)
By EditorDavid from Slashdot's ebooks-in-Europe department
Slashdot reader David Rothman writes: The oldest public domain publisher in the world, Project Gutenberg, has blocked German users after an outrageous legal ruling saying this American nonprofit must obey German copyright law... Imagine the technical issues for fragile, cash-strapped public domain organizations -- worrying not only about updated databases covering all the world's countries, but also applying the results to distribution.
TeleRead carries two views on the German case involving a Holtzbrinck subsidiary...
Significantly, older books provide just a tiny fraction of the revenue of megaconglomerates like Holtzbrinck but are essential to students of literature and indeed to students in general.
What's more, as illustrated by the Sonny Bono Copyright Term Extension Act in the U.S., copyright law in most countries tends to reflect the wishes and power of lobbyists more than it does the commonweal.
Ideally the travails of Project Gutenberg will encourage tech companies, students, teachers, librarians and others to step up their efforts against oppressive copyright laws. While writers and publishers deserve fair compensation, let's focus more on the needs of living creators and less on the estates of authors dead for many decades. The three authors involved in the German case are Heinrich Mann (died in 1950), Thomas Mann (1955) and Alfred Döblin (1957).
One solution in the U.S. and elsewhere for modern creators would be national library endowments... Meanwhile, it would be very fitting for Google and other deep-pocketed corporations with an interest in a global Internet and more balanced copyright to help Gutenberg finance its battle. Law schools, other academics, educators and librarians should also offer assistance.Read Replies (0)
By EditorDavid from Slashdot's boring-stories department
"Remember Elon Musk's plan to dig a massive web of traffic-beating tunnels underneath Los Angeles...?" asks CNN. "Now, that plan appears to be getting a huge makeover." An anonymous reader quotes TechCrunch:
While it will still focus on digging tunnels to provide a network of underground tubes suitable for use by high-speed Hyperloop pods, the plan now is to use that Hyperloop to transport pedestrians and cyclists first, and then only later to work on moving cars around underground to bypass traffic. Musk shared the update via Twitter, noting that the idea would be to load customers onto cars roughly the size that a single parking space takes up currently, [thousands of which] would be dotted around an urban environment close to any destinations where someone might travel. The single-car station model would be designed to replace the current subway-style model, Musk said, where only a few small stations are very spread out... This is a big departure from the original vision, and it seems like one that might have evolved after Musk and his collaborators on the project spoke to urban planners and transit authorities.
"If someone can't afford a car, they should go first," Musk posted on Twitter, sharing a new conceptual video where an elevator lowers one of these pedestrian- and cyclist-focussed shuttle pods underground.
TechCrunch says this new vision "would be appealing both to urban officials looking to decrease congestion on downtown roads and discourage personal vehicle use, and to anyone hoping to increase access to affordable transit options."Read Replies (0)
By BeauHD from Slashdot's indirect-propaganda department
An anonymous reader quotes a report from VICE News: Reddit says it has identified and removed hundreds of Russian propaganda accounts, a few days after reports revealed that Russian trolls were active on the platform during the 2016 U.S. presidential election. In a post Monday, Reddit co-founder Steve Huffman said his site operators had been investigating for awhile and had found a few hundred accounts suspected to be of Russian origin or linked to known sources of Russian propaganda. "Of course, every account we find expands our search a little more," he said, also claiming the "vast majority" of the suspicious accounts were banned back in 2015-2016. An even bigger challenge was the problem of "indirect propaganda," where content produced by accounts now known to be Russian trolls was enthusiastically shared by Trump supporters on subreddits such as r/The_Donald. Reddit's investigation followed a report from The Daily Beast, based on leaked internal data from Kremlin-backed troll farm the Internet Research Agency, that confirmed Russian trolls were active on the site, as well as Tumblr, in their mission to spread disinformation, divide Americans and disrupt U.S. politics. The Washington Post reports that congressional investigators looking into the Russian issue intend to question Reddit and Tumblr over their involvement.Read Replies (0)
By BeauHD from Slashdot's heads-up department
In 2016, the Chinese space agency lost control of its Tiangong-1, or Heavenly Palace, spacecraft, five years after it blasted into orbit. Scientists have determined that it will come crashing down to Earth in the coming weeks, be they do not know exactly where on Earth it will hit. The Guardian reports: The defunct module is now at an altitude of 150 miles and being tracked by space agencies around the world, with the European Space Agency's center in Darmstadt predicting a fiery descent for it between March 27 and April 8. Hurtling around the Earth at about 18,000mph, the module ranks as one of the larger objects to re-enter the atmosphere without being steered towards the ocean, as is standard for big and broken spacecraft, and cargo vessels that are jettisoned from the International Space Station (ISS), to reduce the risk to life below. The spacecraft's orbit ranges from 43 degrees north to 43 degrees south, which rules out a descent over the UK but includes vast stretches of North and South America, China, the Middle East, Africa, Australia, parts of Europe -- and great swaths of the Pacific and Atlantic oceans. Western analysts cannot be sure how much of the spacecraft will survive re-entry, because China has not released details of the design and materials used to make Tiangong-1. But the spacecraft may have well-protected titanium fuel tanks containing toxic hydrazine that could pose a danger if they land in populated areas.Read Replies (0)
By BeauHD from Slashdot's deadly-riddle department
An anonymous reader quotes a report from Ars Technica: For the first time, researchers have discovered strains of a deadly, multidrug-resistant bacterium that uses a cryptic method to also evade colistin, an antibiotic used as a last-resort treatment. That's according to a study of U.S. patients published this week by Emory University researchers in the open-access microbiology journal mBio. The wily and dangerous bacteria involved are carbapenem-resistant Klebsiella pneumoniae or CRKP, which are already known to resist almost all antibiotics available, including other last-line antibiotics called carbapenems. The germs tend to lurk in clinical settings and can invade the urinary tract, bloodstream, and soft tissues. They're members of a notorious family of multidrug-resistant pathogens, called carbapenem-resistant Enterobacteriaceae (CRE), which collectively have mortality rates as high as 50 percent and have spread rapidly around the globe in recent years. A 2013 report by the Centers for Disease Control and Prevention estimated that there were more than 9,300 CRE infections in the U.S. each year, leading to 600 deaths. Both the CDC and the World Health Organization have listed CRE as one of the critical drug-resistant threats to public health, in need of "urgent and aggressive action."
< article continued at Slashdot's deadly-riddle department
>Read Replies (0)
By BeauHD from Slashdot's all-good-things-must-come-to-an-end department
On Friday, Lenovo confirmed layoffs for the Motorola group in Chicago, where the company designs its modular Moto Z smartphones. "In a statement to 9to5Google, Lenovo denied that it was axing 50% of the workforce, as the site had suggested, but didn't provide any further specifics," reports Fast Company. Android Police now reports that 190 people were laid off. A separate report of theirs claims that the company has "completely abandoned plans to launch the successor to last year's Moto X4, the as-yet unannounced Moto X5." Furthermore, "Motorola will be narrowing its focus back to E, G, and Z phones for the time being," reports Android Police. "It's possible the Moto X name could return at some point, but that's looking unlikely in light of this news." The source also says Motorola will be largely discontinuing its efforts to develop all-new, eccentric MotoMods for its Z phone. The likelihood that MotoMods will continue to be sold after 2019 is looking very slim.Read Replies (0)
By BeauHD from Slashdot's higher-and-higher department
The California High-Speed Rail Authority announced today that the cost of connecting Los Angeles to San Francisco would total $77.3 billion, an increase of $13 billion from estimates two years ago, and could potentially rise as high as $98.1 billion. They also said the earliest trains could operate on a partial system between San Jose and the farming town of Wasco would be 2029, five years later than the previous projection. Los Angeles Times reports: The disclosures are contained in a 114-page business plan that was issued in draft form by the rail authority and will be finalized this summer in a submission to the Legislature. The rail authority has wrestled with a more than $40-billion funding gap, which would increase sharply under the new cost estimates. The biggest immediate driver of the cost increase has been in the Central Valley, where the rail authority is building 119 miles of track between Wasco and Merced. The authority disclosed in early February that the cost of that work would jump to $10.6 billion from an original estimate of about $6 billion. Roy Hill, one of the senior consultants advising the state, told the rail authority board, "The worst-case scenario has happened." In its 2014 business plan, the rail authority optimistically projected that it could begin carrying passengers in just seven years. But the warning signs of uncontrolled cost growth had already started mounting then, even though until this year the rail authority has vehemently denied that it was facing a problem. The project began having trouble buying property for the route almost immediately after it issued its first construction contract in 2013.Read Replies (0)
By BeauHD from Slashdot's held-in-the-sand department
The cable industry is slowly realizing that more advertisements and higher prices aren't the solution to cord cutting. Karl Bode writes via DSLReports: AT&T and Dish have explored offering cheaper, more flexible streaming alternatives (DirecTV Now and Sling TV, respectively), both understanding that getting out ahead of the cord cutting trend is the right play, even if the net result is making less money from traditional television. And on the broadcasting front, several companies this month made it clear they'll be reducing the ad loads on their programming, since charging users a subscription fee and socking them with endless ads is becoming a dated concept in the cord cutting era. Fox, for example, told the Wall Street Journal this week that the company would be reducing TV ad time in its content to two minutes an hour by 2020. Comcast NBC Universal says it's also following suit, having cut advertising time in its own shows by 10%, and reduced the overall number of advertising during commercial breaks by 20%. Given there's 83 million households still subscribing to traditional cable TV, many cable executives are under the false impression they can keep doubling down on bad ideas without the check coming due. But the data indicates this head in the sand approach simply isn't sustainable. Pay TV providers saw a reduction of more than 500,000 traditional pay TV customers during the fourth quarter, a decline of 3.4% total pay TV customers from the year before. That 3.4% decline was up from the 2% rate during in the fourth quarter of 2016 and a 1% rate of decline one year before that.Read Replies (0)
By msmash from Slashdot's see-you-soon department
He was supposed to revolutionize a California fast food kitchen, churning out 150 burgers per hour without requiring a paycheck or benefits. But after a single day of working as a cook at a Caliburger location in Pasadena this week, Flippy the burger-flipping robot has stopped flipping. From a report: In some ways, Flippy was a victim of his own success. Inundated with customers eager to see the machine in action this week, Cali Group, which runs the fast food chain, quickly realized the robot couldn't keep up with the demand. They decided instead to retrain the restaurant staff to work more efficiently alongside Flippy, according to USA Today. Temporarily decommissioned, patrons encountered a sign Thursday noting that Flippy would be "cooking soon," the paper reported. "Mostly it's the timing," Anthony Lomelino, the Chief Technology Officer for Cali Group told the paper. "When you're in the back, working with people, you talk to each other. With Flippy, you kind of need to work around his schedule. Choreographing the movements of what you do, when and how you do it."Read Replies (0)