By EditorDavid from Slashdot's old-school-analog department
An anonymous reader quotes Reuters:
Atlanta's top officials holed up in their offices on Saturday as they worked to restore critical systems knocked out by a nine-day-old cyber attack that plunged the Southeastern U.S. metropolis into technological chaos and forced some city workers to revert to paper... Police and other public servants have spent the past week trying to piece together their digital work lives, recreating audit spreadsheets and conducting business on mobile phones in response to one of the most devastating "ransomware" virus attacks to hit an American city. Three city council staffers have been sharing a single clunky personal laptop brought in after cyber extortionists attacked Atlanta's computer network with a virus that scrambled data and still prevents access to critical systems. "It's extraordinarily frustrating," said Councilman Howard Shook, whose office lost 16 years of digital records...
City officials have declined to discuss the extent of damage beyond disclosed outages that have shut down some services at municipal offices, including courts and the water department. Nearly 6 million people live in the Atlanta metropolitan area... Atlanta police returned to taking written case notes and have lost access to some investigative databases, department spokesman Carlos Campos told Reuters... Meanwhile, some city employees complained they have been left in the dark, unsure when it is safe to turn on their computers. "We don't know anything," said one frustrated employee as she left for a lunch break on Friday.
"Our data management teams are working diligently to restore normal operations and functionalities to these systems," said a spokesperson for the police department, adding that they "hope to be back online in the very near future."Read Replies (0)
By EditorDavid from Slashdot's adjourning department
An anonymous reader quotes CNN:
The U.S. Department of Justice is asking the Supreme Court to abandon its case against Microsoft over international data privacy. A new law signed by President Donald Trump last week answers the legal question at the heart of Microsoft's case, the DOJ says. So the case "is now moot," the department said in a court filing posted Saturday.
Microsoft's legal battle began in 2013, when it refused to hand over emails stored on a server in Ireland to US officials who were investigating drug trafficking. Microsoft argued at the time that sharing data stored abroad could violate international treaties and policies, and there was no law on the books to provide any clarity. That changed with the The Cloud Act, which was tucked into the spending bill that Trump signed March 23. The act establishes a legal pathway for the United States to form agreements with other nations that make it easier for law enforcement to collect data stored on foreign soil... Microsoft cheered the new law, saying the Cloud Act provides the legal clarity the company sought.
The ACLU's legislative counsel argues that the new act hurts privacy and human rights, "at a time when human rights activists, dissidents and journalists around the world face unprecedented attacks."
"Would even a well-intentioned technology company, particularly a small one, have the expertise and resources to competently assess the risk that a foreign order may pose to a particular human rights activist?"Read Replies (0)
By EditorDavid from Slashdot's you-vs-UI department
"It seems that nearly every job posting for a software developer these days requires someone who can do it all," complains Slashdot reader datavirtue, noting a main focus on finding someone to do "front end work and back end work and database work and message queue work...."
I have been in a relatively small shop that for years that has always had a few guys focused on the UI. The rest of us might have to do something on the front-end but are mostly engaged in more complex "back-end" development or MQ and database architecture. I have been keeping my eye on the market, and the laser focus on full stack developers is a real turn-off.
When was the last time you had an outage because the UI didn't work right? I can't count the number of outages resulting from inexperienced developers introducing a bug in the business logic or middle tier. Am I correct in assuming that the shops that are always looking for full stack developers just aren't grown up yet?
sjames (Slashdot reader #1,099) responded that "They are a thing, but in order to have comprehensive experience in everything involved, the developer will almost certainly be older than HR departments in 'the valley' like to hire."
And Dave Ostrander argues that "In the last 10 years front end software development has gotten really complex. Gulp, Grunt, Sass, 35+ different mobile device screen sizes and 15 major browsers to code for, has made the front end skillset very valuable." The original submitter argues that front-end development "is a much simpler domain," leading to its own discussion.
Share your own thoughts in the comments. Are "full-stack" developers a thing?Read Replies (0)
By EditorDavid from Slashdot's data-and-Goliath department
Security guru Bruce Schneier warns that "thousands of companies" are spying on us and manipulating us for profit. An anonymous reader quotes his article on CNN:
Harvard Business School professor Shoshana Zuboff calls it "surveillance capitalism." And as creepy as Facebook is turning out to be, the entire industry is far creepier. It has existed in secret far too long, and it's up to lawmakers to force these companies into the public spotlight, where we can all decide if this is how we want society to operate and -- if not -- what to do about it...
Surveillance capitalism drives much of the internet. It's behind most of the "free" services, and many of the paid ones as well. Its goal is psychological manipulation, in the form of personalized advertising to persuade you to buy something or do something, like vote for a candidate. And while the individualized profile-driven manipulation exposed by Cambridge Analytica feels abhorrent, it's really no different from what every company wants in the end... Surveillance capitalism is deeply embedded in our increasingly computerized society, and if the extent of it came to light there would be broad demands for limits and regulation. But because this industry can largely operate in secret, only occasionally exposed after a data breach or investigative report, we remain mostly ignorant of its reach...
Regulation is the only answer.The first step to any regulation is transparency. Who has our data? Is it accurate? What are they doing with it? Who are they selling it to? How are they securing it? Can we delete it...? The market can put pressure on these companies to reduce their spying on us, but it can only do that if we force the industry out of its secret shadows.
The article also insists that "None of this is new," pointing out that companies like Facebook and Google offer their free services in exchange for your data.
< article continued at Slashdot's data-and-Goliath department
>Read Replies (0)
By EditorDavid from Slashdot's fallen-kingdoms department
An anonymous reader writes:
The last male northern white rhinoceros died just last week, and a total of just 29,000 rhinoceroses now remain on earth. But National Geographic reports that "the genetic material of several northern white rhinos has been stored away," and scientists hope to give birth to another using in vitro fertilization -- or to breed a hybrid using a genetically similar southern white rhino.
Meanwhile, a postdoctoral fellow in ecology and evolutionary biology reports that scientists are seriously considering the possibility of "de-extincting" the Carolina parakeet, America's only native parrot, which became extinct 100 years ago.
Thanks to the data I compiled as well as cutting-edge machine learning approaches to analyze those data, my colleagues and I were able to reconstruct the Carolina parakeets' likely range and climate niche, [which] turned out to be much smaller than previously believed... While this may seem rather minor, some scientists consider the Carolina parakeet one of the top candidates for 'de-extinction', a process in which DNA is harvested from specimens and used to "resurrect" extinct species... If someone were to spend millions of dollars doing all of the genetic and breeding work to bring back this species, or any other, how will they figure out where to release these birds...? Whether or not de-extinction is a worthwhile use of conservation effort and money is another question, best answered by someone other than me. But this is just an example of one potential use of this type of research. "
It seems like all kinds of havoc could ensue if we released a resurrected species back into the modern ecosystem. And yet Harvard researchers are already working to breed a new creature that's half-elephant, half Wooly Mammoth. What do Slashdot's readers think? Should we revive extinct species?Read Replies (0)
By EditorDavid from Slashdot's monkey-see-monkey-don't department
"MailChimp to Cryptocurrency Promoters: Your Fake Money's No Good Here," jokes the headline at Gizmodo. The mass emailing service -- which sends over a billion emails a day -- just updated its Acceptable Use Policy to warn users that MailChimp "does not allow businesses involved in any aspect of the sale, transaction, exchange, storage, marketing, or production of cryptocurrencies, virtual currencies, and any digital assets related to an Initial Coin Offering, to use MailChimp to facilitate or support any of those activities."
An anonymous reader quotes Gizmodo:
The ban on cryptocurrency promotion isn't out of the blue so much as a clarification of existing use policies... In a statement to Gizmodo, MailChimp further clarified: "We recognize that blockchain technology is in its infancy and has tremendous potential. Nonetheless, the promotion and exchange of cryptocurrencies is too frequently associated with scams, fraud, phishing, and potentially misleading business practices at this time..." MailChimp previously held policies prohibiting multi-level marketing, "make money online" businesses, and "industries hav[ing] higher-than-average abuse complaints," and earmarked "online trading, day trading tips, or stock market related content" for "additional scrutiny..." This follows similar, though less restrictive bans by Facebook (and Instagram by extension), Google, Linkedin, Twitter, and Snapchat on ICO ads, and country-wide bans in China and South Korea.
Futurism reports that the first victims are "responding in kind by attempting to read the riot act to a Twitter account whose avatar is a monkey with a hat," strongly informing that monkey that "Centralized capricious power is exactly why we need blockchains."Read Replies (0)
By EditorDavid from Slashdot's lower-education department
An anonymous reader writes:
This week Nature tweeted that the rates of depression and anxiety reported by postgraduate students were six times higher than in the general population -- and received more than 1,200 retweets and received 170 replies. "This is not a one dimensional problem. Financial burden, hostile academia, red tape, tough job market, no proper career guidance. Take your pick," read one response. "Maybe being told day in, day out that the work you spend 10+ hrs a day, 6-7 days a week on isn't good enough," said another.
The science magazine takes this as more proof that "there is a problem among young scientists. Too many have mental-health difficulties, and too many say that the demands of the role are partly to blame. Neither issue gets the attention it deserves." They're now gathering stories from postgraduates about mental-health issues, and vowing to give the issue more coverage. "There is a problem with the culture in science, and it is one that loads an increasing burden on the shoulders of younger generations. The evidence suggests that they are feeling the effects. (Among the tweets, one proposed solution to improving the PhD is to 'treat it like professional training instead of indentured servitude with no hope of a career at the end?'.)"Read Replies (0)
By EditorDavid from Slashdot's pranks-on-programmers department
An anonymous reader writes:
Can you get into trouble under anti-hacking laws for tricking machine learning...? A new paper by security researchers and legal experts asks whether fooling a driverless car into seeing a stop sign as a speed sign, for instance, is the same as hacking into it.
The original submission asks another question -- "Do you have inadequate security if your product is too easy to trick?" But the paper explores the possibility of bad actors who deliberately build a secret blind spot into a learning system, or reconstruct all the private data that was used for training. One of the paper's authors even coded DNA that corrupts gene-sequencing software and takes control of its underlying computer, and the researchers ultimately warn about the dangers of "missing or skewed security incentives" in the status quo.
"Our aim is to introduce the law and policy community within and beyond academia to the ways adversarial machine learning alter the nature of [cracking] and with it the cybersecurity landscape."Read Replies (0)
By EditorDavid from Slashdot's striking-a-chord department
A new lawsuit claims post-tensioning triggered the collapse of the pedestrian bridge at Florida International University, killing five motorists and one worker. Engineering News Record reports
According to the lawsuit, the March 15, 2018 collapse occurred while a crew was post-tensioning bars in a diagonal member at the north end of the concrete truss that was the bridge's main element. The post-tensioning compressed the diagonal so that it overstressed a joint in the top chord, the lawsuit claims, triggering hinge failure at a connection in the lower chord and resulting in the catastrophic failure of the rest of the 174-ft-long structure. Post-tensioning that modifies the stresses in a structure is inherently risky and should be performed "in the absence of traffic," the lawsuit claims. [The lawsuit] draws heavily on video of the collapse, a voice message about cracks in the structure that were deemed superficial at that time by the engineer of record and design drawings in the design-build joint venture's proposal.
Slashdot reader McGruber writes:
Interestingly, just two days after the collapse, an Anonymous Coward posted that post-tensioning likely led to the collapse of the bridge... A March 21, 2018 NTSB News Release said "The investigative team has confirmed that workers were adjusting tension on the two tensioning rods located in the diagonal member at the north end of the span when the bridge collapsed. They had done this same work earlier at the south end, moved to the north side, and had adjusted one rod. They were working on the second rod when the span failed and collapsed. The roadway was not closed while this work was being performed."
< article continued at Slashdot's striking-a-chord department
>Read Replies (0)
By EditorDavid from Slashdot's burnishing-Chromebooks department
The founder of Rendition Security believes his daughter "is more safe on a Chromebook than a Windows laptop," and he's not the only one. CNET's staff reporter argues that Google's push for simplicity, speed, and security "ended up playing off each other." mspohr shared this article:
Heading to my first security conference last year, I expected to see a tricked-out laptop running on a virtual machine with a private network and security USB keys sticking out -- perhaps something out of a scene from "Mr. Robot." That's not what I got. Everywhere I went I'd see small groups of people carrying Chromebooks, and they'd tell me that when heading into unknown territory it was their travel device... "If you want prehardened security, then Chromebooks are it," said Kenneth White, director of the Open Crypto Audit Project. "Not because they're Google, but because Chrome OS was developed for years and it explicitly had web security as a core design principle...." Drewry and Liu focused on four key features for the Chromebook that have been available ever since the first iteration in 2010: sandboxing, verified boots, power washing and quick updates. These provided security features that made it much harder for malware to pass through, while providing a quick fix-it button if it ever did.
That's not to say Chrome OS is impervious to malware. Cybercriminals have figured out loopholes through Chrome's extensions, like when 37,000 devices were hit by the fake version of AdBlock Plus. Malicious Android apps have also been able to sneak through the Play Store. But Chrome OS users mostly avoided massive cyberattack campaigns like getting locked up with ransomware or hijacked to become part of a botnet. Major security flaws for Chrome OS, like ones that would give an attacker complete control, are so rare that Google offers rewards up to $200,000 to anyone who can hack the system.
< article continued at Slashdot's burnishing-Chromebooks department
>Read Replies (0)
By EditorDavid from Slashdot's come-along-and-share-the-software department
Each year the Fee Software award goes to someone making "a great contribution to the progress and development of free software, through activities that accord with the spirit of free software." This year's winner is a former executive of the GNOME Foundation, Karen Sandler. Jeremy Allison - Sam, Slashdot reader #8,157, brought this announcement.
Richard Stallman, President of the FSF, presented Sandler with the award during a ceremony. Stallman highlighted Sandler's dedication to software freedom. Stallman told the crowd that Sandler's "vivid warning about backdoored nonfree software in implanted medical devices has brought the issue home to people who never wrote a line of code. Her efforts, usually not in the public eye, to provide pro bono legal advice to free software organizations and [with Software Freedom Conservancy] to organize infrastructure for free software projects and copyleft defense, have been equally helpful."
In her acceptance speech, Sandler spoke about her dedication to free software as a patient, advocate and professional. "Coming to terms with a dangerous heart condition should never have cost me fundamental control over the technology that my life relies on", said Sandler... "This issue is personal not just for me but for anyone who relies on software, and today that means every single person."Read Replies (0)
By EditorDavid from Slashdot's minimizing-Windows department
An anonymous reader quotes CNN:
Microsoft is giving Windows a demotion, and leaning into the cloud. CEO Satya Nadella told employees on Thursday that Terry Myerson, leader of the Windows and Devices Group, is leaving the company. "Microsoft has been my work, my team, and my purpose for 21 years," Myerson wrote in a LinkedIn blog post. "It is an emotional day"... The shakeup includes the formation of two new engineering teams that will prioritize Microsoft's cloud and artificial intelligence products -- a move that should make investors happy, said Brad Reback, a software analyst at Stifel. Morgan Stanley said recently that Microsoft could hit $1 trillion in market value within a year, thanks in large part to the strengths of Azure, Microsoft's cloud computing service, and the cloud-based Office 365 software suite... Amy Hood, Microsoft's chief financial officer, said in January that the company's commercial cloud revenue grew 56% year-over-year. In that quarter, Windows commercial products and cloud services sales fell 4%.Read Replies (0)
By BeauHD from Slashdot's imperfect-systems department
An anonymous reader quotes a report from The Verge: Tesla says Autopilot was engaged at the time of a deadly Model X crash that occurred March 23rd in Mountain View, California. The company posted a statement online late Friday, after local news reported that the victim had made several complaints to Tesla about the vehicle's Autopilot technology prior to the crash in which he died. After recovering the logs from the crash site, Tesla acknowledged that Autopilot was on, with the adaptive cruise control follow distance set to a minimum. The company also said that the driver, identified as Apple engineer Wei "Walter" Huang, had his hands off the steering wheel and was not responding to warnings to re-take control. Tesla said in a statement: "The driver had received several visual and one audible hands-on warning earlier in the drive and the driver's hands were not detected on the wheel for six seconds prior to the collision. The driver had about five seconds and 150 meters of unobstructed view of the concrete divider with the crushed crash attenuator, but the vehicle logs show that no action was taken." According to Mercury News, the driver of the car was headed southbound on California's Route 101 when his Model X crashed headfirst into the safety barrier section of a divider that separates the carpool lane from the off-ramp to the left. "The front end of his SUV was ripped apart, the vehicle caught fire, and two other cars crashed into the rear end. [The driver] was removed from the vehicle by rescuers and brought to Stanford Hospital, where he died from injuries sustained in the crash."Read Replies (0)
By BeauHD from Slashdot's cause-and-effect department
According to The New York Times, "Facebook employees were in an uproar on Friday over a leaked 2016 memo from a top executive defending the social network's growth at any cost -- even if it caused deaths from a terrorist attack that was organized on the platform." From the report: In the memo, Andrew Bosworth, a Facebook vice president, wrote, "Maybe someone dies in a terrorist attack coordinated on our tools. And still we connect people. The ugly truth is that we believe in connecting people so deeply that anything that allows us to connect more people more often is *de facto* good." Mr. Bosworth and Facebook's chief executive, Mark Zuckerberg, have since disavowed the memo, which was published on Thursday by BuzzFeed News.
But the fallout at the Silicon Valley company has been wide. According to two Facebook employees, workers have been calling on internal message boards for a hunt to find those who leak to the media (Warning: source may be paywalled; alternative source). Some have questioned whether Facebook has been transparent enough with its users and with journalists, said the employees, who asked not to be identified for fear of retaliation. Many are also concerned over what might leak next and are deleting old comments or messages that might come across as controversial or newsworthy, they said. In the aftermath, some Facebook executives have taken to Twitter for a public charm offensive, sending pithy phrases and emoticons to reporters who cover the company. Adam Mosseri, Facebook's head of news, in recent days wrote unprompted to a BuzzFeed editor and to its chief executive reminiscing and telling a story about his mother. He also wrote to a reporter from the Verge tech site about the songs played at his wedding reception.Read Replies (0)