By EditorDavid from Slashdot's pranks-on-programmers department
An anonymous reader writes:
Can you get into trouble under anti-hacking laws for tricking machine learning...? A new paper by security researchers and legal experts asks whether fooling a driverless car into seeing a stop sign as a speed sign, for instance, is the same as hacking into it.
The original submission asks another question -- "Do you have inadequate security if your product is too easy to trick?" But the paper explores the possibility of bad actors who deliberately build a secret blind spot into a learning system, or reconstruct all the private data that was used for training. One of the paper's authors even coded DNA that corrupts gene-sequencing software and takes control of its underlying computer, and the researchers ultimately warn about the dangers of "missing or skewed security incentives" in the status quo.
"Our aim is to introduce the law and policy community within and beyond academia to the ways adversarial machine learning alter the nature of [cracking] and with it the cybersecurity landscape."Read Replies (0)
By EditorDavid from Slashdot's striking-a-chord department
A new lawsuit claims post-tensioning triggered the collapse of the pedestrian bridge at Florida International University, killing five motorists and one worker. Engineering News Record reports
According to the lawsuit, the March 15, 2018 collapse occurred while a crew was post-tensioning bars in a diagonal member at the north end of the concrete truss that was the bridge's main element. The post-tensioning compressed the diagonal so that it overstressed a joint in the top chord, the lawsuit claims, triggering hinge failure at a connection in the lower chord and resulting in the catastrophic failure of the rest of the 174-ft-long structure. Post-tensioning that modifies the stresses in a structure is inherently risky and should be performed "in the absence of traffic," the lawsuit claims. [The lawsuit] draws heavily on video of the collapse, a voice message about cracks in the structure that were deemed superficial at that time by the engineer of record and design drawings in the design-build joint venture's proposal.
Slashdot reader McGruber writes:
Interestingly, just two days after the collapse, an Anonymous Coward posted that post-tensioning likely led to the collapse of the bridge... A March 21, 2018 NTSB News Release said "The investigative team has confirmed that workers were adjusting tension on the two tensioning rods located in the diagonal member at the north end of the span when the bridge collapsed. They had done this same work earlier at the south end, moved to the north side, and had adjusted one rod. They were working on the second rod when the span failed and collapsed. The roadway was not closed while this work was being performed."
< article continued at Slashdot's striking-a-chord department
>Read Replies (0)
By EditorDavid from Slashdot's burnishing-Chromebooks department
The founder of Rendition Security believes his daughter "is more safe on a Chromebook than a Windows laptop," and he's not the only one. CNET's staff reporter argues that Google's push for simplicity, speed, and security "ended up playing off each other." mspohr shared this article:
Heading to my first security conference last year, I expected to see a tricked-out laptop running on a virtual machine with a private network and security USB keys sticking out -- perhaps something out of a scene from "Mr. Robot." That's not what I got. Everywhere I went I'd see small groups of people carrying Chromebooks, and they'd tell me that when heading into unknown territory it was their travel device... "If you want prehardened security, then Chromebooks are it," said Kenneth White, director of the Open Crypto Audit Project. "Not because they're Google, but because Chrome OS was developed for years and it explicitly had web security as a core design principle...." Drewry and Liu focused on four key features for the Chromebook that have been available ever since the first iteration in 2010: sandboxing, verified boots, power washing and quick updates. These provided security features that made it much harder for malware to pass through, while providing a quick fix-it button if it ever did.
That's not to say Chrome OS is impervious to malware. Cybercriminals have figured out loopholes through Chrome's extensions, like when 37,000 devices were hit by the fake version of AdBlock Plus. Malicious Android apps have also been able to sneak through the Play Store. But Chrome OS users mostly avoided massive cyberattack campaigns like getting locked up with ransomware or hijacked to become part of a botnet. Major security flaws for Chrome OS, like ones that would give an attacker complete control, are so rare that Google offers rewards up to $200,000 to anyone who can hack the system.
< article continued at Slashdot's burnishing-Chromebooks department
>Read Replies (0)
By EditorDavid from Slashdot's come-along-and-share-the-software department
Each year the Fee Software award goes to someone making "a great contribution to the progress and development of free software, through activities that accord with the spirit of free software." This year's winner is a former executive of the GNOME Foundation, Karen Sandler. Jeremy Allison - Sam, Slashdot reader #8,157, brought this announcement.
Richard Stallman, President of the FSF, presented Sandler with the award during a ceremony. Stallman highlighted Sandler's dedication to software freedom. Stallman told the crowd that Sandler's "vivid warning about backdoored nonfree software in implanted medical devices has brought the issue home to people who never wrote a line of code. Her efforts, usually not in the public eye, to provide pro bono legal advice to free software organizations and [with Software Freedom Conservancy] to organize infrastructure for free software projects and copyleft defense, have been equally helpful."
In her acceptance speech, Sandler spoke about her dedication to free software as a patient, advocate and professional. "Coming to terms with a dangerous heart condition should never have cost me fundamental control over the technology that my life relies on", said Sandler... "This issue is personal not just for me but for anyone who relies on software, and today that means every single person."Read Replies (0)
By EditorDavid from Slashdot's minimizing-Windows department
An anonymous reader quotes CNN:
Microsoft is giving Windows a demotion, and leaning into the cloud. CEO Satya Nadella told employees on Thursday that Terry Myerson, leader of the Windows and Devices Group, is leaving the company. "Microsoft has been my work, my team, and my purpose for 21 years," Myerson wrote in a LinkedIn blog post. "It is an emotional day"... The shakeup includes the formation of two new engineering teams that will prioritize Microsoft's cloud and artificial intelligence products -- a move that should make investors happy, said Brad Reback, a software analyst at Stifel. Morgan Stanley said recently that Microsoft could hit $1 trillion in market value within a year, thanks in large part to the strengths of Azure, Microsoft's cloud computing service, and the cloud-based Office 365 software suite... Amy Hood, Microsoft's chief financial officer, said in January that the company's commercial cloud revenue grew 56% year-over-year. In that quarter, Windows commercial products and cloud services sales fell 4%.Read Replies (0)
By BeauHD from Slashdot's imperfect-systems department
An anonymous reader quotes a report from The Verge: Tesla says Autopilot was engaged at the time of a deadly Model X crash that occurred March 23rd in Mountain View, California. The company posted a statement online late Friday, after local news reported that the victim had made several complaints to Tesla about the vehicle's Autopilot technology prior to the crash in which he died. After recovering the logs from the crash site, Tesla acknowledged that Autopilot was on, with the adaptive cruise control follow distance set to a minimum. The company also said that the driver, identified as Apple engineer Wei "Walter" Huang, had his hands off the steering wheel and was not responding to warnings to re-take control. Tesla said in a statement: "The driver had received several visual and one audible hands-on warning earlier in the drive and the driver's hands were not detected on the wheel for six seconds prior to the collision. The driver had about five seconds and 150 meters of unobstructed view of the concrete divider with the crushed crash attenuator, but the vehicle logs show that no action was taken." According to Mercury News, the driver of the car was headed southbound on California's Route 101 when his Model X crashed headfirst into the safety barrier section of a divider that separates the carpool lane from the off-ramp to the left. "The front end of his SUV was ripped apart, the vehicle caught fire, and two other cars crashed into the rear end. [The driver] was removed from the vehicle by rescuers and brought to Stanford Hospital, where he died from injuries sustained in the crash."Read Replies (0)
By BeauHD from Slashdot's cause-and-effect department
According to The New York Times, "Facebook employees were in an uproar on Friday over a leaked 2016 memo from a top executive defending the social network's growth at any cost -- even if it caused deaths from a terrorist attack that was organized on the platform." From the report: In the memo, Andrew Bosworth, a Facebook vice president, wrote, "Maybe someone dies in a terrorist attack coordinated on our tools. And still we connect people. The ugly truth is that we believe in connecting people so deeply that anything that allows us to connect more people more often is *de facto* good." Mr. Bosworth and Facebook's chief executive, Mark Zuckerberg, have since disavowed the memo, which was published on Thursday by BuzzFeed News.
But the fallout at the Silicon Valley company has been wide. According to two Facebook employees, workers have been calling on internal message boards for a hunt to find those who leak to the media (Warning: source may be paywalled; alternative source). Some have questioned whether Facebook has been transparent enough with its users and with journalists, said the employees, who asked not to be identified for fear of retaliation. Many are also concerned over what might leak next and are deleting old comments or messages that might come across as controversial or newsworthy, they said. In the aftermath, some Facebook executives have taken to Twitter for a public charm offensive, sending pithy phrases and emoticons to reporters who cover the company. Adam Mosseri, Facebook's head of news, in recent days wrote unprompted to a BuzzFeed editor and to its chief executive reminiscing and telling a story about his mother. He also wrote to a reporter from the Verge tech site about the songs played at his wedding reception.Read Replies (0)
By msmash from Slashdot's how-about-that department
Uber barreled into autonomous driving out of fear that it could end up as the MySpace or Yahoo of ride-hailing, a company with early gargantuan success that stumbled as times changed. Waymo, the self-driving offshoot of Google parent Alphabet, has pursued its ambitions more cautiously, accumulating long years of research and testing before pursuing a plan to bring its technology to the public. From a report: Now, as Waymo scales up its self-driving taxi service, Uber's fear could be coming to pass. This week, as Uber continued to reel from a fatal self-driving accident in Arizona, Waymo confidently pushed forward -- landing a deal to build 20,000 self-driving luxury SUVs with Jaguar Land Rover on top of its plan for thousands of Chysler hybrid minivans. Within two years, it aims to have thousands of fully autonomous taxis -- with no backup drivers behind the wheel -- on the roads, starting in Phoenix where it is already giving test rides. The company predicts it will give 1 million robot-taxi rides a day by 2020. Waymo, the industry pioneer, logged millions of autonomous miles as it perfected self-driving technology. But over the years, engineers defected out of frustration that it was not commercializing the technology. Now with former auto executive John Krafcik at the helm, Waymo appears poised to launch a self-driving taxi service that could conceivably dominate that field, at least early on, the way Uber does now with human-driven cars.Read Replies (0)
By BeauHD from Slashdot's if-you-can't-stand-the-heat-get-out-of-the-kitchen department
An anonymous reader quotes a report from Ars Technica: Democratic senators yesterday asked Ajit Pai to abandon a proposal that the senators say would take subsidized broadband plans away from "millions of Americans." The Federal Communications Commission chairman's plan for the Lifeline subsidy program would force most users of the program to find new providers. But such users could have trouble finding replacement plans or similar prices because Pai's proposal would prevent all telecom resellers from offering Lifeline-subsidized service. "Your proposal impacts over 70 percent of current Lifeline-recipient households by eliminating their wireless providers from the program, leaving less affordable and fewer Lifeline options, while making it more difficult for the companies trying to serve Lifeline customers," Senate Democrats wrote in the letter to Pai yesterday. "Instead of cutting the program, we should ensure Lifeline reaches more Americans in need of access to communication services." The letter was written by Sens. Kamala Harris (D-Calif.), Jeff Merkley (D-Ore.), Bernie Sanders (I-Vt.), Kirsten Gillibrand (D-NY), Edward Markey (D-Mass.), Ron Wyden (D-Ore.), Richard Blumenthal (D-Conn.), Elizabeth Warren (D-Mass.), Dick Durbin (D-Ill.), and Cory Booker (D-NJ).Read Replies (0)
By msmash from Slashdot's moving-forward department
An anonymous reader shares a research paper: Researchers have developed a 'deep learning' computer program that produces blueprints for the sequences of reactions needed to create small organic molecules, such as drug compounds. The pathways that the tool suggests look just as good on paper as those devised by human chemists. The tool is not the first software to wield AI instead of human skill and intuition. Yet chemists hail the development as a milestone, saying that it could speed up the process of drug discovery and make organic chemistry more efficient. "What we have seen here is that this kind of artificial intelligence can capture this expert knowledge," says Pablo Carbonell, who designs synthesis-predicting tools at the University of Manchester, UK, and was not involved in the work. He describes the effort as "a landmark paper." [...] Chemists have conventionally scoured lists of reactions recorded by others, and drawn on their own intuition to work out a step-by-step pathway to make a particular compound. They usually work backwards, starting with the molecule they want to create and then analysing which readily available reagents and sequences of reactions could be used to synthesize it -- a process known as retrosynthesis, which can take hours or even days of planning. The new AI tool, developed by Marwin Segler, an organic chemist and artificial-intelligence researcher at the University of Munster in Germany, and his colleagues, uses deep-learning neural networks to imbibe essentially all known single-step organic-chemistry reactions -- about 12.4 million of them. This enables it to predict the chemical reactions that can be used in any single step. The tool repeatedly applies these neural networks in planning a multi-step synthesis, deconstructing the desired molecule until it ends up with the available starting reagents.Read Replies (0)
By msmash from Slashdot's how-about-that department
An anonymous reader shares a report: In the town of Wilberforce, Ontario, a quick detour from the main street will take you to a seven-foot-tall wooden fork that sits at the point where the road splits into two -- a literal fork in the road. Unfamiliar passers-by may think it's a joke. But to locals, this landmark goes by the name "Fork and Beans." It has a logbook hidden inside its frame and it's one of the more than 500 geocaches scattered around Wilberforce -- the "Geocaching Capital of Canada," as the town calls itself, and home of one of the most popular geocaching tours in the world. The rise of Pokemon Go in 2016 brought with it a surge of location-based outdoor games on mobile. Geocaching, which is akin to an outdoor scavenger hunt, uses GPS to locate hidden caches with logbooks inside and predates the latest crop of augmented reality games; it was a fixture of internet culture at the turn of the millenium. Geocachers use either an app or a GPS-enabled device to search for hidden containers (usually filled with something like a notebook) that are nearby or that they've sought out online. According to Geocaching HQ, a company that created one of the largest websites for the geocaching community in 2000, there are currently more than three million of these caches hidden in more than 190 countries around the world. For Wilberforce, geocaching is more than a game from back when a low-res dancing baby was the height of online entertainment. It's a growing industry, with new caches being hidden and special events organized every year, that is helping keep the town afloat amidst economic struggles.Read Replies (0)