By EditorDavid from Slashdot's one-platform-to-rule-them-all department
Saturday the Associated Press analyzed Mark Zuckerberg's new vision for Facebook as an encrypted "privacy-focused communications platform."
[C]ritics say the announcement obscures Facebook's deeper motivations: To expand lucrative new commercial services, continue monopolizing the attention of users, develop new data sources to track people and frustrate regulators who might be eyeing a breakup of the social-media behemoth. Facebook "wants to be the operating system of our lives," said Siva Vaidhyanathan, director of media studies at the University of Virginia... Vaidhyanathan said Zuckerberg wants people to abandon competing, person-to-person forms of communication such as email, texting and Apple's iMessage in order to "do everything through a Facebook product."
The end goal could be transform Facebook into a service like the Chinese app WeChat , which has 1.1 billion users and includes the world's most popular person-to-person online payment system... But Zuckerberg said nothing in the Wednesday blog post about reforming privacy practices in its core business, which remains hungry for data. A recent Wall Street Journal report found that Facebook was still collecting personal information from apps such as user heart rates and when women ovulate ... Facebook also has trackers that harvest data on people's online behavior on about 30 percent of the world's websites , said Jeremy Tillman of Ghostery, a popular ad-blocker and anti-tracking software.
"When they say they are building a private messaging platform there is nothing in there that suggests they are going to stop their data collection and ad-targeting business model," he said.Read Replies (0)
By EditorDavid from Slashdot's never-falling-backwards-again department
In the state of Washington, the House has voted 89 to 7 to "ditch the switch, bring the light, and defeat the dark night," says one representative. KOMO reports:
Changing the clocks twice a year impacts the body's natural rhythms and is associated with a spike in heart attacks, strokes, and traffic collisions each year, according to the Washington State Department of Health's impact review. Extended daylight in the evening is also better for kids who play sports or who are active outside, Riccelli said. The bill now heads to the Senate for consideration.... The federal government would have the final say.
And meanwhile, one Pennsylvania newspaper has published a state representative's op-ed calling for Pennsylvania to help lead the resistance in America's Eastern Standard Time zone, complaining that "This weekend, we again will be forced to comply with an archaic tradition, one that offers no benefits."
There is no national crisis that changing clocks helps to alleviate. In fact, there are more negative side effects from changing clocks than benefits. Studies have shown that automobile accidents, workplace injuries, heart attacks, strokes, cluster headaches, miscarriages, depression, and suicides all increase in the weeks following clock changes.
This government-mandated interruption of natural biological rhythms and sleep cycles can wreak havoc on job performance, academic results, and overall physical/mental health. Clock changes require farmers to make needless adjustments, as crops and animals live by the sunlight... During this legislative session, I will be working to advance this commonsense legislation that will not only end the antiquated ritual of changing clocks, but will also help preserve the health, safety, well-being, productivity, and lives of Pennsylvanians.Read Replies (0)
By EditorDavid from Slashdot's we-value-your-business department
Two associate professors of marketing recently shared research in the Harvard Business Review about how customer service is structured at at tech, travel, and finance companies:
[O]ur research suggests that some companies may actually find it profitable to create hassles for complaining customers, even if it were operationally costless not to.... We found that these companies screen complaining callers by using a hierarchical organizational structure. This structure, we argue, keeps a lid on the amount of redress customers are willing to seek. In other words, by forcing customers to jump through hoops, the organization helps curb its redress payouts.
As part of our research, described in a forthcoming article in the journal Marketing Science, we interviewed managers of call centers to understand how their customer service organization is structured, and the way it contains redress payouts. We found that most involve at least two levels of agents. The Level 1 agents take all incoming calls and hear each customer's complaint first. These agents are typically limited in the amount of redress they are authorized to offer to the caller...
So what about the idea that frustrating customers has consequences on customer retention and long term reputation? For example, some experts advise companies with upset customers to reach out to them directly to win them back. But, some companies have little regard for their reputation, especially those who control a large market share... companies with few competitors may find it worthwhile to alienate angry customers in order to save on redress costs.... This may help us understand why some of the most hated companies in America are so profitable and why customer service, unfortunately, remains so frustrating.
At one company "Any caller insisting on a refund was told to call the U.S. headquarters during normal business hours, generating additional tasks for any customer seeking more compensation...
< article continued at Slashdot's we-value-your-business department
>Read Replies (0)
By EditorDavid from Slashdot's making-the-grades department
An anonymous reader quotes TechCrunch: As she sat in the airport with a one-way ticket in her hand, Tiffany Filler wondered how she would pick up the pieces of her life, with tens of thousands of dollars in student debt and nothing to show for it. A day earlier, she was expelled from Tufts University veterinary school. As a Canadian, her visa was no longer valid and she was told by the school to leave the U.S. 'as soon as possible.' That night, her plane departed the U.S. for her native Toronto, leaving any prospect of her becoming a veterinarian behind. Filler, 24, was accused of an elaborate months-long scheme involving stealing and using university logins to break into the student records system, view answers, and alter her own and other students' grades. The case Tufts presented seems compelling, if not entirely believable. There's just one problem: In almost every instance that the school accused Filler of hacking, she was elsewhere with proof of her whereabouts or an eyewitness account and without the laptop she's accused of using. She has alibis: fellow students who testified to her whereabouts; photos with metadata putting her miles away at the time of the alleged hacks; and a sleep tracker that showed she was asleep during others. Tufts is either right or it expelled an innocent student on shoddy evidence four months before she was set to graduate.Read Replies (0)
By EditorDavid from Slashdot's who-needs-a-key-fob department
"Two popular smart alarm systems for cars had major security flaws that allowed potential hackers to track the vehicles, unlock their doors and, in some cases, cut off the engine," reports CNET:
The vulnerabilities could be exploited with two simple steps, security researchers from Pen Test Partners, who discovered the flaw, said Friday. The problems were found in alarm systems made by Viper [known as Clifford in the U.K.] and Pandora Car Alarm System, two of the largest smart car alarm makers in the world. The two brands have as many as 3 million customers between them and make high-end devices that can cost thousands...
Both apps' API didn't properly authenticate for update requests, including requests to change the password or email address. Ken Munro, founder of Pen Test Partners, said that all his team needed to do was send the request to a specific host URL and they were able to change an account's password and email address without notifying the victim that anything happened. Once they had access to the account, the researchers had full control of the smart car alarm. This allowed them to learn where a car was and unlock it. You don't have to be near the car to do this, and the accounts can be taken over remotely, Munro said. Potential attackers could also use the apps' API to target specific types of cars, the security researcher added...
Pandora's alarm system also contained a microphone that would've allowed potential hackers to listen in on live audio, the security company found.
Both companies fixed the issue in less than a week, CNET reports, possibly due to the seriousness of the issue. In a video demonstrating the severity of the bug, security researcher Munro even uses the driver's app to set off a car's alarms remotely. When that driver began pulling over, Munro then used the app to cut off the car's engine. "So simple, so serious," he said.
ZDNet notes that one of the companies had been advertising their "smart" alarms as "unhackable".Read Replies (0)
By EditorDavid from Slashdot's crime-of-the-century department
"Japanese police have brought in, questioned, and charged a 13-year-old female student from the city of Kariya for sharing [links to] browser exploit code online," writes ZDNet. An anonymous reader shares their report:
The popup was hosted in several places online, and police say the teenager helped spread the links... The teenage girl did not create the malicious code, which had been shared on online forums by multiple users for the past few years. NHK reported that police also searched the house of a second suspect, 47-year-old man from Yamaguchi, and are also looking at three other suspects for the same "crime" of sharing the link on internet forums.
Ars Technica found a tweet suggesting that the code was actually written in 2014.Read Replies (0)
By EditorDavid from Slashdot's adjusting-algorithms department
America now has 206 confirmed cases of measles, its highest year-to-date number in over 25 years . Now USA Today reports on how Facebook is responding:
In mid-February, Facebook told USA TODAY it had "taken steps" to reduce fake health news and anti-vaxx posts and said it was considering making anti-vaccination content on its site less visible amid a measles outbreak that has reignited a conversation about preventative shots. At the time, Facebook said, "we know we have more to do...." Revealed Thursday: The social network says it will reduce distribution and provide users with "authoritative information" on the topic.
Facebook is following the lead of Pinterest, which has blocked all searches using terms related to vaccines or vaccinations as part of a plan to stop the spread of misinformation related to anti-vaxx posts.... It will reduce the ranking of Facebook groups and Pages that spread misinformation about vaccinations in News Feed and Search. "These groups and Pages will not be included in recommendations or in predictions when you type into Search," Facebook said. When it discovers ads with misinformation about vaccinations, "we will reject them." Facebook said it has removed related targeting options, like "vaccine controversies," in ads.... Additionally, Facebook said it wouldn't show or recommend content that contains misinformation about vaccinations on the Explore section of Facebook-owned Instagram or on its hashtag pages.Read Replies (0)
By EditorDavid from Slashdot's who-watches-the-watchers? department
A VPN researcher found that many Android VPN apps request access to sensitive permissions that they don't need, according to an article shared by WaitingForSupport. ZDNet reports:
The study, carried out by John Mason from TheBestVPN.com, analyzed 81 Android apps available for download through the Google Play Store. Mason said he downloaded and extracted the permissions requested by each VPN app from their respective APK installer files.... According to Mason, 50 of the 81 Android VPN apps he tested requested access to at least one dangerous permission that accessed user data...
Mason said he discovered VPN apps that requested access to read/write permissions for external device storage, wanted access to precise location data, wanted the ability to read or write system settings, and, in some cases, wanted to access call logs or manage local files. "In theory, VPN apps should only need a few permissions to function. INTERNET and ACCESS_NETWORK_STATE should usually be enough," Mason told us. "The use of a large number of dangerous permissions could be cause for suspicion."Read Replies (0)
By EditorDavid from Slashdot's think-different department
Apple is already running on 100% green energy, according to Fast Company. But Apple is still "keen to show it's a good corporate citizen," reports the Australian Financial Review:
Apple's annual supplier responsibility report released on Thursday revealed 20 manufacturing supplier facilities had been removed from the company's supply chain for breaches of environmental permits or workplace rules. "Smelters and refiners deeper in our supply chain are held to similar standards and if they exhibit a lack of commitment to meet our supplier code of conduct, they risk losing Apple's business," the report said...
In 2018, Apple completed 770 audits of its supplier manufacturing facilities, logistics and repair centres and contact centre facilities. There were also 279 third-party mineral smelter and refiner audits conducted... Apple's 13th annual supplier responsibility progress report said all final assembly points for iPhone, iPad, Mac, Apple Watch, AirPods and HomePod, were now certified zero waste to landfill, while conserving billions of litres of water and reducing greenhouse gas emissions.
Apple's suppliers in 45 countries have diverted 1 million tonnes of garbage in three years, saved 28.7 gigalitres of water and reduced greenhouse gas emissions by more than 466,000 annualised metric tons, which is the equivalent to taking 100,000 cars off the road for one year.Read Replies (0)
By EditorDavid from Slashdot's 60-billion-dollar-companies department
"For over a decade, VMware has been accused of illegally using Linux code in its VMware ESX bare-metal virtual machine hypervisor," reports ZDNet, adding that "A German court has dismissed the case, but the struggle may not be over."
VMware stood accused of illegally using Linux code in its flagship VMware ESX bare-metal virtual machine (VM) hypervisor... In 2011, the Software Freedom Conservancy, a non-profit organization that promotes open-source software, discovered that VMware had failed to properly license any Linux or BusyBox, a popular embedded Linux toolkit, source code... In 2015, having exhausted all other means, [Linux kernel developer Christoph] Hellweg and the Software Freedom Conservancy sued VMware in the district court of Hamburg in Germany. Besides the general violation of the GPLv2, "Conservancy and Hellwig specifically assert that VMware has combined copyrighted Linux code, licensed under GPLv2, with their own proprietary code called 'vmkernel' and distributed the entire combined work without providing nor offering complete, corresponding source code for that combined work under terms of the GPLv2."
The German court disagreed in November 2018. Helwig appealed and continued the fight, saying "The lower court dismissed the case as a result of evidentiary rules and likely an incomplete understanding of the documentation of the code in question...." [Monday] VMware rather mysteriously announced: "VMware is pleased with the Feb. 28, 2019 decision of the German appellate court in Hamburg to dismiss Mr. Hellwig's appeal and let stand the regional court's decision to dismiss Mr. Hellwig's lawsuit. "
< article continued at Slashdot's 60-billion-dollar-companies department
>Read Replies (0)
By EditorDavid from Slashdot's anarchy-in-the-UK department
The Guardian reports on what may happen next to British businesses and individuals who own .EU domains:
There are about 340,000 registered British holders of these web addresses, and the government has urged them to make contingency plans as their web addresses will disappear if the UK does not agree on a deal with Brussels. The domains were introduced in 2006 as a rival to the likes of .com and .org but are available only to individuals or businesses based in the EU or the European Economic Area (EEA)...
Updated government guidance confirms that if the UK leaves without a deal at the end of March then domain owners based in the UK will have two months leeway to move their principal location to somewhere within the EU or EEA. "These .EU domain names will then be withdrawn and will become inoperable," states the guidance issued by the Department for Digital, Culture, Media and Sport, which confirms warnings issued this year by the EU's domain registrar. "This means you may not be able to access your .EU websites or email from 30 May 2019."
After a year, all the British-registered .EU domains will be made available for purchase by individuals and companies who continue to reside in the EU. This raises the possibility that on the anniversary of a no-deal Brexit, one lucky German or Spaniard could be able to mark the occasion by taking over the Leave.EU domain and using it for their own purposes.Read Replies (0)
By msmash from Slashdot's feed-and-speed department
Jason Snell, writing for Six Colors: This week on the Accidental Tech Podcast (ATP), John Siracusa floated the concept of a MacBook Hierarchy of Needs, a priority list of features for the next time Apple redesigns the MacBook line, as is rumored to happen later this year. It's a fun thought experiment, because it requires you to rank your wish list of laptop features. That's important, because if I've learned anything in this wacky world of ours, it's that you can never get everything you ask for, so you've got to prioritize.
The ATP hosts all made a "good keyboard" their top priority, an idea that would've been surprising a few years ago but now is almost a given. Yes, of course, Apple laptops need to be fast and reliable and have great displays and good battery life, but the past few years' worth of MacBooks have made a lot of people realize the truth: a bad/unreliable laptop keyboard isn't something you can really work around if you're a laptop user. This is why a lot of nice-to-have-features, like SD card slots, have to fall way down the hierarchy of needs. Any feature that can be rectified with an add-on adapter falls immediately to the bottom of the list. You're stuck with a laptop keyboard forever, and if you're committed to the Mac and every single Mac laptop that's sold uses the exact same keyboard, there's nowhere to run.Read Replies (0)