By msmash from Slashdot's tough-luck department
An anonymous reader shares a report: Continuing its battle against the "tweetdeckers," Twitter suspended on Friday several popular accounts known for stealing tweets or mass-retweeting tweets into manufactured virality. @Dory, @GirlPosts, @SoDamnTrue, Girl Code/@reiatabie, Common White Girl/@commonwhitegiri, @teenagernotes, @finah, @holyfag, and @memeprovider were among the accounts that got swept up in the purge. Many of these accounts were hugely popular, with hundreds of thousands or even millions of followers. In addition to stealing people's tweets without credit, some of these accounts are known as "tweetdeckers" due to their practice of teaming up in exclusive Tweetdeck groups and mass-retweeting one another's -- and paying customers' -- tweets into forced virality. A Twitter spokesperson declined to comment on individual accounts, but BuzzFeed News understands the accounts were suspended for violating Twitter's spam policy.Read Replies (0)
By msmash from Slashdot's weekend-project department
From a report: This week, Ubuntu Linux 18.04 'Bionic Beaver' Beta 1 became available for download. Ubuntu 18.04 is significant, as it will be an LTS (Long Term Support) version. As was the case when Unity was the primary DE, GNOME is not available in this beta stage. Instead, there are other flavors from which to choose, such as Kubuntu with KDE Plasma and Xubuntu, which uses Xfce. "Pre-releases of the Bionic Beaver are not encouraged for anyone needing a stable system or anyone who is not comfortable running into occasional, even frequent breakage. They are, however, recommended for Ubuntu flavor developers and those who want to help in testing, reporting, and fixing bugs as we work towards getting this release ready. Beta 1 includes some software updates that are ready for broader testing. However, it is quite an early set of images, so you should expect some bugs," says Dustin Krysak, Ubuntu Budgie team member.Read Replies (0)
By EditorDavid from Slashdot's falling-backwards department
The New York Times notes an important caveat to Florida's recently-approved law observing daylight savings time year-round: it specifies that their change will only go into effect if "the United States Congress amends 15 U.S.C. s. 260a to authorize states to observe daylight saving time year-round."
"In other words: Even if the governor signs the bill, nothing will happen now... States can choose to exempt themselves from daylight saving time -- Arizona and Hawaii do -- but nothing in federal law allows them to exempt themselves from standard time." Meanwhile one California legislator exploring the idea of year-round standard time discovered that "youth sports leagues and families worried that a year-round early sunset would shut down their kids' after-school games." But the Times also acknowledges problems in the current system. "In parts of Maine, for example, between Thanksgiving and Christmas, the sun sets before 4 p.m. -- more than an hour earlier than it does in Detroit, at the other end of the Eastern time zone." So is there a better alternative?
An anonymous reader quotes Business Insider:
Standardtime.com has a unique suggestion. Their proposal has only two time zones in the continental U.S. that are two hours apart, which The Atlantic calls "a simple plan to fix [DST]"... Johns Hopkins University professors Richard Henry and Steven Hanke have come up with yet another possible fix: worldwide adoption of a single time zone. They argue that the internet has eliminated the need for discrete time zones across the globe, so we might as well just do away with them...
No plan will satisfy everyone. But that doesn't mean daylight-saving time is good. The absence of major energy-saving benefits from DST -- along with its death toll, health impacts, and economic ramifications -- are reason enough to get rid of the ritual altogether.
< article continued at Slashdot's falling-backwards department
>Read Replies (0)
By EditorDavid from Slashdot's power-to-the-people department
An anonymous reader writes:
Last month Eric S. Raymond complained about his choices for a UPS (Uninterruptible Power Supply), adding that "This whole category begs to be disrupted by an open-hardware [and open-source] design that could be assembled cheaply in a makerspace from off-the-shelf components, an Arduino-class microcontroller, and a PROM...because it's possible, and otherwise the incentives on the vendors won't change." It could be designed to work with longer-lasting and more environmentally friendly batteries, using "EV-style intelligent battery-current sensors to enable accurate projection of battery performance" (along with a text-based alert system and a USB monitoring port).
Calling the response "astonishing," Raymond noted the emergence within a week of "the outlines of a coherent design," and in an update on GitLab reported that "The response on my blog and G+ was intense, almost overwhelming. It seems many UPS users are unhappy with what the vendors are pushing" -- and thus, the UPSide project was launched. "We welcome contributors: people with interest in UPSes who have expertise in battery technology, power-switching electronics, writing device-control firmware, relevant standards such as USB and the DMTF battery-management profile. We also welcome participation from established UPS and electronics vendors. We know that consumer electronics is a cutthroat low-margin business in which it's tough to support a real R&D team or make possibly-risky product bets. Help us, and then let us help you!"
< article continued at Slashdot's power-to-the-people department
>Read Replies (0)
By EditorDavid from Slashdot's I'll-be-seeing-you department
An anonymous reader quotes Reuters:
At a highway check point on the outskirts of Beijing, local police are this week testing out a new security tool: smart glasses that can pick up facial features and car registration plates, and match them in real-time with a database of suspects. The AI-powered glasses, made by LLVision, scan the faces of vehicle occupants and the plates, flagging with a red box and warning sign to the wearer when any match up with a centralized "blacklist".
The test -- which coincides with the annual meeting of China's parliament in central Beijing -- underscores a major push by China's leaders to leverage technology to boost security in the country... Wu Fei, chief executive of LLVision, said people should not be worried about privacy concerns because China's authorities were using the equipment for "noble causes", catching suspects and fugitives from the law. "We trust the government," he told Reuters at the company's headquarters in Beijing.
This weekend while China's President Xi Jinping is expected to push through a reform allowing him to stay in power indefinitely, Reuters reports that the Chinese goverment is pushing the use of cutting-edge technology "to track and control behavior that goes against the interests of the ruling Communist Party online and in the wider world... A key concern is that blacklists could include a wide range of people stretching from lawyers and artists to political dissidents, charity workers, journalists and rights activists...
"The new technologies range from police robots for crowd control, to drones to monitor border areas, and artificially intelligent systems to track and censor behavior online," Reuters reports, citing one Hong Kong researcher who argues that China now sees internet and communication technologies "as absolutely indispensable tools of social and political control."Read Replies (0)
By EditorDavid from Slashdot's not-making-your-case department
Former Linux developer Patrick McHardy dropped his Gnu General Public License version 2 (GPLv2) violation case against Geniatech in a German court this week. ZDNet explains why some consider this a big "win":
People who find violations typically turn to organizations such as the Free Software Foundation, Software Freedom Conservancy (SFC), and the Software Freedom Law Center to approach violators. These organizations then try to convince violating companies to mend their ways and honor their GPLv2 legal requirements. Only as a last resort do they take companies to court to force them into compliance with the GPLv2. Patrick McHardy, however, after talking with SFC, dropped out from this diplomatic approach and has gone on his own way. Specifically, McHardy has been accused of seeking his own financial gain by approaching numerous companies in German courts. Geniatech claimed McHardy has sued companies for Linux GPLv2 violations in over 38 cases. In one, he'd requested a contractual penalty of €1.8 million. The company also claimed McHardy had already received over €2 million from his actions...
In July 2016, the Netfilter developers suspended him from the core team. They received numerous allegations that he had been shaking down companies. McHardy refused to discuss these issues with them, and he refused to sign off on the Principles of Community-Oriented GPL Enforcement. In October 2017, Greg Kroah-Hartman, Linux kernel maintainer for the stable branch, summed up the Linux kernel developers' position. Kroah-Hartman wrote: "McHardy has sought to enforce his copyright claims in secret and for large sums of money by threatening or engaging in litigation...."
< article continued at Slashdot's not-making-your-case department
>Read Replies (0)
By EditorDavid from Slashdot's not-staying-neutral department
Here's the latest developments in the ongoing fight over net neutrality rules:
CNET reports that Democrats in the Senate "have been pushing to use the Congressional Review Act to roll back the FCC's repeal of net neutrality rules. They've gotten the support of 50 senators for the measure, including one Republican, Susan Collins of Maine. Sen. John Kennedy from Louisiana , who's been undecided in his support of the CRA bill, was being courted by Democrats as the tie-breaking vote to pass the measure in the Senate...
"On Wednesday, Kennedy introduced a piece of legislation that would ban companies like AT&T and Comcast from slowing down or blocking access to websites or internet services. But the bill wouldn't prevent these broadband and wireless companies from offering paid prioritization, which many critics fear could lead to so-called internet 'fast lanes.'"
Axios reports that lawsuits looking to strike down the Federal Communications Commission's repeal of its own net neutrality rules "will be heard in the U.S. Court of Appeals for the Ninth Circuit, the court said Thursday... The lottery to decide the location of the court arguments was the result of lawsuits filed against the FCC in different jurisdictions, including by Attorneys General from more than 20 states, led by New York attorney general Eric Schneiderman."
The Associated Press reports that on Monday, Washington became the first state to set up its own net-neutrality requirements. But they add that governors in five states -- Hawaii, New Jersey, New York, Montana and Vermont -- "have signed executive orders related to net-neutrality issues, according to the National Conference of State Legislatures. Montana's order, for instance, bars telecommunications companies from receiving state contracts if they interfere with internet traffic or favor higher-paying sites or apps."Read Replies (0)
By EditorDavid from Slashdot's distributing-denial-of-service-attacks department
PC Magazine reports:
A new way to amplify DDoS attacks has been spotted harassing Google, Amazon, Pornhub and even the National Rifle Association's main website after striking Github last week. The attacks, which exploit vulnerable "memcached servers," have been trying to hose down scores of new targets with a flood of internet traffic, according to Chinese security firm Qihoo 360... Github was the first high-profile victim and suffered a 1.35 Tbps assault -- or what was then the biggest DDoS attack on record. But days later, an unnamed U.S. service provider fended off a separate assault, which measured at 1.7 Tbps.Unfortunately, the amplified DDoS attacks haven't stopped. They've gone on to strike over 7,000 unique IP addresses in the last seven days, Qihoo 360 said in a blog post... Gaming sites including Rockstargames.com, Minecraft.net, and Playstation.net have been among those hit...
The security community is also steadily addressing the linchpin to all the assaults: the vulnerable memcached servers. About 100,000 of these online storage systems were publicly exposed over a week ago. But the server owners have since patched or firewalled about 60,000 of them, Radware security researcher Daniel Smith said. That leaves 40,000 servers open to exploitation. Smith points to how the coding behind the attack technique has started to circulate online through free tools and scripts.
Meanwhile, Slashdot reader darthcamaro shares an article about "the so-call 'kill switch'" that some vendors have been debating:
"The 'kill switch' was immediately obvious to everyone who worked on mitigating this DDoS attack," John Graham-Cumming, CTO of CloudFlare said. "We chose not to use or test this method because it would be unethical and likely illegal since it alters the state of a remote machine without authorization."Read Replies (0)
By EditorDavid from Slashdot's raising-the-Spectre department
An anonymous reader quotes BleepingComputer: A new variation of the Spectre attack has been revealed this week by six scientists from the Ohio State University. Named SgxSpectre, researchers say this attack can extract information from Intel SGX enclaves. Intel Software Guard eXtensions (SGX) is a feature of modern Intel processors that allow an application to create so-called enclaves. This enclave is a hardware-isolated section of the CPU's processing memory where applications can run operations that deal with extremely sensitive details, such as encryption keys, passwords, user data, and more... Neither Meltdown and Spectre were able to extract data from SGX enclaves. This is where SgxSpectre comes in.
According to researchers, SgxSpectre works because of specific code patterns in software libraries that allow developers to implement SGX support into their apps. Vulnerable SGX development kits include the Intel SGX SDK, Rust-SGX, and Graphene-SGX. Academics say an attacker can leverage the repetitive code execution patterns that these SDKs introduce in SGX enclaves and watch for small variations of cache size. This allows for side-channel attacks that allow a threat actor to infer and slowly recover data from secure enclaves. Intel's recent Spectre patches don't necessarily help, as an attacker can work around these fixes. Intel says an update for the Intel SGX SDK that adds SgxSpectre mitigations will be released on March 16. Apps that implement Google's Retpoline anti-Spectre coding techniques are safe, researchers say.Read Replies (0)
By EditorDavid from Slashdot's ebooks-in-Europe department
Slashdot reader David Rothman writes: The oldest public domain publisher in the world, Project Gutenberg, has blocked German users after an outrageous legal ruling saying this American nonprofit must obey German copyright law... Imagine the technical issues for fragile, cash-strapped public domain organizations -- worrying not only about updated databases covering all the world's countries, but also applying the results to distribution.
TeleRead carries two views on the German case involving a Holtzbrinck subsidiary...
Significantly, older books provide just a tiny fraction of the revenue of megaconglomerates like Holtzbrinck but are essential to students of literature and indeed to students in general.
What's more, as illustrated by the Sonny Bono Copyright Term Extension Act in the U.S., copyright law in most countries tends to reflect the wishes and power of lobbyists more than it does the commonweal.
Ideally the travails of Project Gutenberg will encourage tech companies, students, teachers, librarians and others to step up their efforts against oppressive copyright laws. While writers and publishers deserve fair compensation, let's focus more on the needs of living creators and less on the estates of authors dead for many decades. The three authors involved in the German case are Heinrich Mann (died in 1950), Thomas Mann (1955) and Alfred Döblin (1957).
One solution in the U.S. and elsewhere for modern creators would be national library endowments... Meanwhile, it would be very fitting for Google and other deep-pocketed corporations with an interest in a global Internet and more balanced copyright to help Gutenberg finance its battle. Law schools, other academics, educators and librarians should also offer assistance.Read Replies (0)
By EditorDavid from Slashdot's boring-stories department
"Remember Elon Musk's plan to dig a massive web of traffic-beating tunnels underneath Los Angeles...?" asks CNN. "Now, that plan appears to be getting a huge makeover." An anonymous reader quotes TechCrunch:
While it will still focus on digging tunnels to provide a network of underground tubes suitable for use by high-speed Hyperloop pods, the plan now is to use that Hyperloop to transport pedestrians and cyclists first, and then only later to work on moving cars around underground to bypass traffic. Musk shared the update via Twitter, noting that the idea would be to load customers onto cars roughly the size that a single parking space takes up currently, [thousands of which] would be dotted around an urban environment close to any destinations where someone might travel. The single-car station model would be designed to replace the current subway-style model, Musk said, where only a few small stations are very spread out... This is a big departure from the original vision, and it seems like one that might have evolved after Musk and his collaborators on the project spoke to urban planners and transit authorities.
"If someone can't afford a car, they should go first," Musk posted on Twitter, sharing a new conceptual video where an elevator lowers one of these pedestrian- and cyclist-focussed shuttle pods underground.
TechCrunch says this new vision "would be appealing both to urban officials looking to decrease congestion on downtown roads and discourage personal vehicle use, and to anyone hoping to increase access to affordable transit options."Read Replies (0)
By BeauHD from Slashdot's indirect-propaganda department
An anonymous reader quotes a report from VICE News: Reddit says it has identified and removed hundreds of Russian propaganda accounts, a few days after reports revealed that Russian trolls were active on the platform during the 2016 U.S. presidential election. In a post Monday, Reddit co-founder Steve Huffman said his site operators had been investigating for awhile and had found a few hundred accounts suspected to be of Russian origin or linked to known sources of Russian propaganda. "Of course, every account we find expands our search a little more," he said, also claiming the "vast majority" of the suspicious accounts were banned back in 2015-2016. An even bigger challenge was the problem of "indirect propaganda," where content produced by accounts now known to be Russian trolls was enthusiastically shared by Trump supporters on subreddits such as r/The_Donald. Reddit's investigation followed a report from The Daily Beast, based on leaked internal data from Kremlin-backed troll farm the Internet Research Agency, that confirmed Russian trolls were active on the site, as well as Tumblr, in their mission to spread disinformation, divide Americans and disrupt U.S. politics. The Washington Post reports that congressional investigators looking into the Russian issue intend to question Reddit and Tumblr over their involvement.Read Replies (0)
By BeauHD from Slashdot's heads-up department
In 2016, the Chinese space agency lost control of its Tiangong-1, or Heavenly Palace, spacecraft, five years after it blasted into orbit. Scientists have determined that it will come crashing down to Earth in the coming weeks, be they do not know exactly where on Earth it will hit. The Guardian reports: The defunct module is now at an altitude of 150 miles and being tracked by space agencies around the world, with the European Space Agency's center in Darmstadt predicting a fiery descent for it between March 27 and April 8. Hurtling around the Earth at about 18,000mph, the module ranks as one of the larger objects to re-enter the atmosphere without being steered towards the ocean, as is standard for big and broken spacecraft, and cargo vessels that are jettisoned from the International Space Station (ISS), to reduce the risk to life below. The spacecraft's orbit ranges from 43 degrees north to 43 degrees south, which rules out a descent over the UK but includes vast stretches of North and South America, China, the Middle East, Africa, Australia, parts of Europe -- and great swaths of the Pacific and Atlantic oceans. Western analysts cannot be sure how much of the spacecraft will survive re-entry, because China has not released details of the design and materials used to make Tiangong-1. But the spacecraft may have well-protected titanium fuel tanks containing toxic hydrazine that could pose a danger if they land in populated areas.Read Replies (0)