By msmash from Slashdot's tussle-continues department
Come this June, Twitter says it will disable "streaming services", a feature third-party Twitter clients such as Talon, Tweetbot, Twitterrific use to stream the timeline and send push notifications. A replacement for streaming service, the Account Activity API, isn't being made available to third-party developers. In a letter, developers wrote: The new Account Activity API is currently in beta testing, but third-party developers have not been given access and time is running out. With access we might be able to implement some push notifications, but they would be limited at the standard level to 35 Twitter accounts -- our products must deliver notifications to hundreds of thousands of customers. No pricing has been given for Enterprise level service with unlimited accounts -- we have no idea if this will be an affordable option for us and our users. We are incredibly eager to update our apps. However, despite many requests for clarification and guidance, Twitter has not provided a way for us to recreate the lost functionality. We've been waiting for more than a year. This change affects people who use third-party Twitter apps. All software platforms are affected, but it's worse on iOS and Android where users rely on push notifications to know when something happens on Twitter.Read Replies (0)
By msmash from Slashdot's closer-look department
An anonymous reader writes: For years, embedded device manufacturers have been illegally using Linux. Typically, they use Linux without publishing their device's source code, which Linux's GNU General Public License version 2 (GPLv2) requires them to do. Well, guess what? Another vendor, this time Symantec, appears to be the guilty party. This was revealed when Google engineer and Linux security expert Matthew Garrett was diving into his new Norton Core Router. This is a high-end Wi-Fi router. Symantec claims it's regularly updated with the latest security mechanisms. Garrett popped his box open to take a deeper look into Symantec's magic security sauce. What he found appears to be a Linux distribution based on the QCA Software Development Kit (QSDK) project. This is a GPLv2-licensed, open-source platform built around the Linux-based OpenWrt Wi-Fi router operating system. For Symantec's purposes, QSDK and OpenWrt are an excellent choice. Instead of a read-only firmware, OpenWrt has a fully writable filesystem with package management. This enables Symantec to easily customize its router with updated security features. But -- and it's a big but -- if it's indeed based on QSDK and OpenWrt, Symantec needs to share the Norton Core Router's code with the world.Read Replies (0)
By msmash from Slashdot's weekend-project department
An anonymous reader writes: Ubuntu Linux 18.04 "Bionic Beaver" is almost here -- it is due on April 26. In the interim, today, the second -- and final -- beta becomes available. Bionic Beaver is very significant, as it is an LTS version, meaning "Long Term Support." This is important to those that prefer stability to bleeding edge and don't want to deal with the hassle of upgrades. In other words, you can install 18.04 and be confident that it will be supported for 5 years. In comparison, non-LTS Ubuntu versions get a mere 9 months. There is plenty to be excited about with Ubuntu Linux 18.04 LTS 'Bionic Beaver' Beta 2, including the GNOME 3.28 desktop environment -- Beta 1 did not include GNOME at all. Of course, all the other DE flavors are available too, such as KDE and Xfce. The kernel is at 4.15, which while not the most current version, is still quite modern. Also included is LibreOffice 6.0 -- an essential tool that rivals Microsoft Office. Wayland is available as a technical preview, although X remains the default display server -- for now.Read Replies (0)
By msmash from Slashdot's RIP department
Isao Takahata, co-founder of the prestigious Japanese animator Studio Ghibli, which stuck to a hand-drawn "manga" look in the face of digital filmmaking, has died. He was 82. From a report: Takahata started Ghibli with Oscar-winning animator Hayao Miyazaki in 1985, hoping to create Japan's Disney. He directed "Grave of the Fireflies," a tragic tale about wartime childhood, and produced some of the studio's films, including Miyazaki's 1984 "Nausicaa of the Valley of the Wind," which tells the horror of environmental disaster through a story about a princess. Takahata died Thursday of lung cancer at a Tokyo hospital, the studio said in a statement Friday. He was fully aware of how the floating sumie-brush sketches of faint pastel in his works stood as a stylistic challenge to Hollywood's computer-graphics cartoons. In a 2015 interview with The Associated Press, Takahata talked about how Edo-era woodblock-print artists like Hokusai had the understanding of Western-style perspective and the use of light, but they purposely chose to depict reality with lines, and in a flat way, with minimal shading. "Pom Poko", a movie released in 1994, is often considered the best work of Takahata. The New York Times described it as, "a comic allegory about battling packs of tanuki (Japanese raccoon dogs) joining forces to fight human real estate developers. It's earthy and rollicking in a way that his co-founder's films aren't." In an interview with Wired in 2015, when Takahata was asked what he felt about people regarding him as the heart of Studio Ghibli. "Now you've both finished your final films, what are your feelings on Ghibli's legacy and reputation?, the interviewer asked. Takahata said, "I'm not sure I can respond in any meaningful way. What Hayao Miyazaki has built up is the greatest contribution. The existence of that thick trunk has allowed leaves to unfurl and flowers to bloom to become the fruitful tree that is Studio Ghibli." Further reading: Isao Takahata's stark world of reality (The Japan Times).Read Replies (0)
By msmash from Slashdot's growing-pattern department
An anonymous reader writes: Seoul-born Wendy Hui Kyong Chun, a professor at Brown University known for her work on fake news, is moving to Canada. So is Alan Aspuru-Guzik, a Harvard chemistry professor working on quantum computing and artificial intelligence. They are among 24 top academic minds around the world wooed to Canada by an aggressive recruitment effort offering ultra-attractive sinecures, seven-year funding arrangements -- and, Chun and Aspuru-Guzik said in separate interviews with Axios, a different political environment from the U.S. The "Canada 150 Research Chairs Program" is spending $117 million on seven-year grants of either $350,000 a year or $1 million a year. It's part of a campaign by numerous countries to attract scholars unhappy with Brexit, the election of Donald Trump, and other political trends, sweetened with unusually generous research conditions.Read Replies (0)
By BeauHD from Slashdot's shrouded-in-secrecy department
The Electronic Frontier Foundation's Peter Eckersley writes: Yesterday, The New York Times reported that there is widespread unrest amongst Google's employees about the company's work on a U.S. military project called "Project Maven." Google has claimed that its work on Maven is for "non-offensive uses only," but it seems that the company is building computer vision systems to flag objects and people seen by military drones for human review. This may in some cases lead to subsequent targeting by missile strikes. EFF has been mulling the ethical implications of such contracts, and we have some advice for Google and other tech companies that are considering building military AI systems. The EFF lists several "starting points" any company, or any worker, considering whether to work with the military on a project with potentially dangerous or risk AI applications should be asking: 1. Is it possible to create strong and binding international institutions or agreements that define acceptable military uses and limitations in the use of AI? While this is not an easy task, the current lack of such structures is troubling. There are serious and potentially destabilizing impacts from deploying AI in any military setting not clearly governed by settled rules of war. The use of AI in potential target identification processes is one clear category of uses that must be governed by law.
2.Is there a robust process for studying and mitigating the safety and geopolitical stability problems that could result from the deployment of military AI? Does this process apply before work commences, along the development pathway and after deployment? Could it incorporate the sufficient expertise to address subtle and complex technical problems? And would those leading the process have sufficient independence and authority to ensure that it can check companies' and military agencies' decisions?
< article continued at Slashdot's shrouded-in-secrecy department
>Read Replies (0)
By BeauHD from Slashdot's fork-and-bork department
An anonymous reader quotes a report from The Register: A remote-code execution vulnerability in Windows Defender -- a flaw that can be exploited by malicious .rar files to run malware on PCs -- has been traced back to an open-source archiving tool Microsoft adopted for its own use. The bug, CVE-2018-0986, was patched on Tuesday in the latest version of the Microsoft Malware Protection Engine (1.1.14700.5) in Windows Defender, Security Essentials, Exchange Server, Forefront Endpoint Protection, and Intune Endpoint Protection. This update should be installed, or may have been automatically installed already on your device. The vulnerability can be leveraged by an attacker to achieve remote code execution on a victim's machine simply by getting the mark to download -- via a webpage or email or similar -- a specially crafted .rar file while the anti-malware engine's scanning feature is on. In many cases, this analysis set to happen automatically.
When the malware engine scans the malicious archive, it triggers a memory corruption bug that leads to the execution of evil code smuggled within the file with powerful LocalSystem rights, granting total control over the computer. The screwup was discovered and reported to Microsoft by legendary security researcher Halvar Flake, now working for Google. Flake was able to trace the vulnerability back to an older version of unrar, an open-source archiving utility used to unpack .rar archives. Apparently, Microsoft forked that version of unrar and incorporated the component into its operating system's antivirus engine. That forked code was then modified so that all signed integer variables were converted to unsigned variables, causing knock-on problems with mathematical comparisons. This in turn left the software vulnerable to memory corruption errors, which can crash the antivirus package or allow malicious code to potentially execute.Read Replies (0)
By BeauHD from Slashdot's early-days department
Coinbase announced today that it is launching a new incubator fund for early-stage startups. "We're going to invest off our balance sheet into crypto companies," Coinbase President and COO Asiff Hirji told CNBC's "Fast Money" Thursday. "We will invest in companies that are in the space and are aligned with our values." From the report: Profits from the fund will be "de minimis" in the scope of the entire company but the fund is already off to a $15 million start and set to grow, Hirji said. The fund's seed-stage investments, which will begin this week, will help companies and founders in the crypto and blockchain space get off the ground. It's also meant to focus on building relationships within that ecosystem, he said. In order to do that, Coinbase could be investing in its competitors.
"You may also see us invest in companies that ostensibly look competitive with Coinbase," the San Francisco-based company said in a blog post. "We're taking a long term view of the space, and we believe that multiple approaches are healthy and good." Hirji emphasized that Coinbase Ventures is searching for founders, not the next money-making cryptocurrency. "By giving them access to capital we hope that they will grow great businesses," he said. "It's not about investing in the token, it's not about trying to line up tokens that we would put on our exchange."Read Replies (0)
By BeauHD from Slashdot's cause-and-effect department
Both the United Kingdom and Australia said Thursday that they have opened formal investigations into Facebook amid allegations that their citizens' data was improperly shared with Cambridge Analytica. ABC News reports: The Information Commissioner's Office in the U.K. is "looking at how data was collected from a third party app on Facebook and shared with Cambridge Analytica. We are also conducting a broader investigation into how social media platforms were used in political campaigning," according to Commissioner Elizabeth Denham. The office will investigate Facebook, along with 29 other organizations that have not been named. Earlier Thursday, Australia said it had opened a formal investigation into the tech giant amid allegations that Australian users' data was improperly shared with Cambridge Analytica. "Today I have opened a formal investigation into Facebook, following confirmation from Facebook that the information of over 300,000 Australian users may have been acquired and used without authorization," Angelene Falk, Australia's acting information commissioner and acting privacy commissioner, said. According to Falk, Australia will work with international regulatory agencies to investigate whether Facebook violated the country's privacy act. Under Australian law, the commissioner has the power to issue fines of up to $1.6 million to organizations that fail to comply with the act, according to the Australian Broadcasting Corporation. Australia and the U.K. joined the United States and Israel in investigating Facebook's breach of privacy.Read Replies (0)