By EditorDavid from
Slashdot's red-lights-in-the-steering-wheel department:
Using LIDAR sensors, Cadillac mapped 160,000 miles of U.S. highways "within five centimeters of accuracy" to give its hands-free-on-the-highway cars the ability to better anticipate the roads ahead -- and to know when a human driver should take over. An anonymous reader writes:
"The car can see farther than the sensors on the car with the map..." says the chief engineer for Cadillac's new "Super Cruise" hands-free driving option for highways, "so if we have a sharp curve, we can anticipate that." The system also gives Cadillac's vehicles a safety check not available to Tesla, which can't stop drivers from using Tesla's semi-autonomous Autopilot even when they're not on a highway. "We know where the car is because of the LIDAR map and the other data in the car," says a product communications manager at Cadillac. "Therefore we have the ability to geofence it." In addition,
The Verge reports that if drivers look away for more than 30 seconds, "the car will know thanks to an infrared camera attached to the top of the steering column. Eyes closed? The car will know and start a sequence of alerts to get the driver's focus back on the road. It can even see through UV-blocking sunglasses." While the camera doesn't record or store data, it will flash a strip of red LED lights embedded in the top of the steering wheel "if the driver is caught not paying attention."
Cadillac plans to create and transmit an updated map every year, and will also regularly update its map by "constantly" checking the database from the Transportation Department, and deploying own trucks to draw new maps of construction areas.
Read Replies (0)
By EditorDavid from
Slashdot's town-hall-tempests department:
Wisconsin congressman F. James Sensenbrenner Jr. defended his decision to help repeal broadband privacy rules by telling a constituent, "Nobody's got to use the Internet." An anonymous reader quotes the 73-year-old congressman:
"And the thing is that if you start regulating the Internet like a utility, if we did that right at the beginning, we would have no Internet... Internet companies have invested an awful lot of money in having almost universal service now. The fact is is that, you know, I don't think it's my job to tell you that you cannot get advertising for your information being sold. My job, I think, is to tell you that you have the opportunity to do it, and then you take it upon yourself to make that choice... That's what the law has been, and I think we ought to have more choices rather than fewer choices with the government controlling our everyday lives."
"The congressman then moved on to the next question," reports The Washington Post, but criticism of his remarks appeared on social media. One activist complained that the congressman's position was don't use the internet if you don't want your information sold to advertisers -- drawing a clarification from the congressman's office. "Actually he said that nobody has to use the Internet. They have a choice. Big difference."
Read Replies (0)
By EditorDavid from
Slashdot's vulnerabilities-from-Vimeo department:
An anonymous reader quotes ThreatPost:
A popular version of the open source Magento ecommerce platform is vulnerable to a zero-day remote code execution vulnerability, putting as many as 200,000 online retailers at risk... According Bosko Stankovic, information security engineer at DefenseCode, despite repeated efforts to notify Magento, which began in November 2016, the vulnerability remains unpatched despite four version updates since the disclosure. Affected versions of the Magento Community Edition software include v. 2.1.6 and below. DefenseCode did not examine Magento Enterprise, the commercial version of the platform, but warns both share the same underlying vulnerable code... The remote code execution (RCE) vulnerability is tied to the default feature in Magento Community Edition that allows administrators to add Vimeo video content to product descriptions.
DefenseCode says the exploit can be mitigated by enforcing Magento's "Add Secret Keys To URLS" feature, warning in a paper that the hole otherwise "could lead to remote code execution and thus the complete system compromise including the database containing sensitive customer information such as stored credit card numbers and other payment information." Magento has confirmed the exploit, says they're investigating it, and promises they'll address it in their next patch release.
Read Replies (0)
By EditorDavid from
Slashdot's authors-vs-languages department:
Andy Hunt is one of the 17 software developers who wrote the Agile Manifesto, and he co-authored The Pragmatic Programmer. Now Slashdot reader cerberusss writes:
In an interview with Best Programming Books, Andy Hunt mentions he "hates languages that introduce accidental complexity, such as JavaScript -- what a nightmare of pitfalls for newbies and even seasoned developers... My go-to languages are still Ruby for most things, or straight C for systems programming, Pi or Arduino projects." Furthermore, he mentions that "I tend to do more experimenting and engineering than pure code writing, so there's occasionally some soldering involved ;). Code is just one tool of many."
Andy writes that he also likes Elixir, talks about Agile, reveals how he survived his most challenging project, and says the biggest advancement in programming has been the open source movement. ("Imagine trying to study chemistry, but the first half of the elements were patent-protected by a major pharma company and you couldn't use them...") And he also answered an interesting follow-up question on Twitter: "Do you feel validated in an age of Node and GitHub? Some of your best chapters (scripting and source control) are SOP now!"
Andy's reply? "We've made some great progress, for sure. But there's much to be done still. E.g., You can't ship process."
Read Replies (0)
By EditorDavid from
Slashdot's box,-mouse,-and-network department:
"Any way you look at it, from kick-starting the Internet to launching the personal computer revolution, Bob Taylor was a key architect of our modern world," says a historian at Stanford's Silicon Valley Archives. An anonymous reader quotes the New York Times:
The Internet, like many inventions, was the work of many inventors. But perhaps no one deserves more credit for that world-changing technological leap than Mr. Taylor. The seminal moment of his work came in 1966. He had just taken a new position at the Pentagon -- director of the Information Processing Techniques Office, part of the Advanced Research Projects Agency, known as Arpa -- and on his first day on the job it became immediately obvious to him what the office lacked and what it needed. At the time, Arpa was funding three separate computer research projects and using three separate computer terminals to communicate with them. Mr. Taylor said, No, we need a single computer research network, to connect each project with the others, to enable each to communicate with the others... His idea led to the Arpanet, the forerunner of the Internet.
A half-decade later, at Xerox's storied Palo Alto Research Center, Mr. Taylor was instrumental in another technological breakthrough: funding the design of the Alto computer, which is widely viewed as the forerunner of the modern personal computer. Mr. Taylor even had a vital role in the invention of the computer mouse. In 1961, at the dawn of the Space Age, he was about a year into his job as a project manager at NASA in Washington when he learned about the work of a young computer scientist at Stanford Research Institute, later called SRI International... Mr. Taylor decided to pump more money into the work, and the financial infusion led directly to Engelbart's invention of the mouse, a computer control technology that would be instrumental in the design of both Macintosh and Microsoft Windows-based computers.
<
article continued at Slashdot's box,-mouse,-and-network department >
Read Replies (0)
By EditorDavid from
Slashdot's see-you-in-court department:
"The Electronic Frontier Foundation has sued an Australian company that it previously dubbed as a 'classic patent troll' in a June 2016 blog post entitled: Stupid Patent of the Month: Storage Cabinets on a Computer." An anonymous reader quotes Ars Technica:
Last year, that company, Global Equity Management (SA) Pty. Ltd. (GEMSA), managed to get an Australian court to order EFF to remove its post -- but EFF did not comply. In January 2017, Pasha Mehr, an attorney representing GEMSA, further demanded that the article be removed and that EFF pay $750,000. EFF still did not comply. The new lawsuit, filed in federal court in San Francisco on Wednesday, asks that the American court declare the Australian ruling unenforceable in the U.S.
GEMSA's attorneys reportedly threatened to have the EFF's post de-indexed from search engine listings -- on the basis of the Australian court order -- so now the EFF "seeks a court order declaring the Australian injunction 'repugnant' to the U.S. Constitution and unenforceable in the United States."
The Register reports that GEMSA has already sued 37 companies, "including big-name tech companies Airbnb, Uber, Netflix, Spotify, and eBay. In each case, GEMSA accused the company's website design of somehow trampling on the GUI patent without permission." But things were different after the EFF's article, according to Courthouse News. "GEMSA said the article made it harder to enforce its patents in the United States, citing its legal opponents' 'reduced interest in pursuing pre-trial settlement negotiations.'"
Read Replies (0)
By EditorDavid from
Slashdot's artificial-data department:
Luthair writes:
According to the BBC there is growing concern in the machine learning community that as their algorithms are deployed in the real world they can be easily confused by knowledgeable attackers. These algorithms don't process information in the same way humans do, a small sticker placed strategically on a sign could render it invisible to a self driving car.
The article points out that a sticker on a stop sign "is enough for the car to 'see' the stop sign as something completely different from a stop sign," while researchers have created an online collection of images which currently fool AI systems. "In one project, published in October, researchers at Carnegie Mellon University built a pair of glasses that can subtly mislead a facial recognition system -- making the computer confuse actress Reese Witherspoon for Russell Crowe."
One computer academic says that unlike a spam-blocker, "if you're relying on the vision system in a self-driving car to know where to go and not crash into anything, then the stakes are much higher," adding ominously that "The only way to completely avoid this is to have a perfect model that is right all the time." Although on the plus side, "If you're some political dissident inside a repressive regime and you want to be able to conduct activities without being targeted, being able to avoid automated surveillance techniques based on machine learning would be a positive use."
Read Replies (0)
By EditorDavid from
Slashdot's robot-roll-call department:
Launched in 1988, Mystery Science Theater 3000 ran for ten seasons on Comedy Central and The Sci-Fi Channel, with its last episode airing in August of 1999. But now Slashdot reader #5844 ewhac writes:
17 years later, Season 11 of MST3K debuted Friday on Netflix. A full season has been produced, including a stretch-goal Christmas special, funded by the highest-earning Kickstarter Film & Video campaign to date ($5.76 million) -- thousands of contributors are listed in the show's end credits, spread across all fourteen episodes. The show remains true to its low-budget roots, relying almost exclusively on models and practical effects, including a very inventive new door sequence. The backstory for the new season is very swiftly established in the opening to Experiment 1101, as Jonah Heston (played by co-producer Jonah Ray) is abducted by the evil mad scientist Kinga Forrester (Felicia Day) and her sidekick Max a/k/a TV's son of TV's Frank (Patton Oswalt). Together with Gypsy (Rebecca Hanson), Tom Servo (Baron Vaughn), and Crow (Hampton Yount), Jonah quips his way through a barrage of bad movies, including Reptilicus, Starcrash, The Loves of Hercules, and The Christmas That Almost Wasn't.
In 2008 MST3K's original creator Joel Hodgson answered questions from Slashdot's readers, and said he was fascinated by the popularity of Creative Commons licenses. "For most of the public domain titles that we've used, it's a matter of the garbage not being taken out. Basically, they forgot to apply for a copyright so it in fact lapsed into the public domain."
Read Replies (0)
By EditorDavid from
Slashdot's rooting-routers department:
"Back in the days, Cisco fixed the vulnerability, but we are not sure about all other router vendors and models because there are too many of them," writes the DefenseCode team. Orome1 quotes a new report from Help Net Security:
Back in January 2013, researchers from application security services firm DefenseCode unearthed a remote root access vulnerability in the default installation of some Cisco Linksys (now Belkin) routers. The flaw was actually found in Broadcom's UPnP implementation used in popular routers, and ultimately the researchers extended the list of vulnerable routers to encompass devices manufactured by the likes of ASUS, D-Link, Zyxel, US Robotics, TP-Link, Netgear, and others. Since there were millions of vulnerable devices out there, the researchers refrained from publishing the exploit they created for the flaw, but now, four years later, they've released their full research again, and this time they've also revealed the exploit.
The researchers pointed out that most users don't update their router's firmware -- meaning many routers may still be vulnerable.
Read Replies (0)
By BeauHD from
Slashdot's easy-as-1-2-3 department:
The Qualcomm Foundation, along with the XPRIZE Foundation, "announced the winning team of its nearly four-year-long global competition to develop a functional, easily usable tricorder," reports Vocativ. The Pennsylvania-based Final Frontier Medical Devices team was the first place winner, receiving the top prize of $2.6 million, while Boston-based Dynamical Biomarkers nabbed $1 million. From the report: Led by Dr. Basil Harris, a Philadelphia emergency room physician, the team was mostly made out of family and friends Harris coaxed into volunteering their free time on the weekend. By contrast, Dynamical Biomarkers had 50 scientists and programmers, mostly paid, and was sponsored by the Taiwanese government and Taiwan-based cellphone company HTC. The device kit developed by Final Frontier, called DxtER, uses non-invasive sensors that collect data from the user and combines that with an AI frontloaded with information in the field of clinical emergency medicine to come with a diagnosis. The device currently operates on an iPad tablet, but future versions should work equally fine on a smartphone as well. The device, ideally, would allow patients to then send their readings to their doctors so they could collaborate on their health care. According to an interview Harris held with the Washington Post, DxtER can diagnose up to 34 medical conditions in its present design. The device developed by Dynamical Biomarkers could reach up to 50, team leader and Harvard Medical School professor Chung-Kang Peng, told the Post, given it surpasses the five-pound weight limit imposed by the competition guidelines.
Read Replies (0)
By BeauHD from
Slashdot's open-book department:
DeathByLlama writes: The single board computer market, broken wide-open just a few years ago by the Raspberry Pi Foundation, continues to flourish today as FriendELEC releases their $40 NanoPi K2 board. This SBC packs a 1.5 GHz 64-bit quad core Amlogic S905 processor, and paired with 2GB of DDR3 RAM and the Mali-450MP GPU, it is able to stream 4K at 60 FPS. Add in gigabit ethernet, onboard Wi-Fi, Bluetooth, IR (and a remote!), eMMC compatibility, a familiar GPIO header, and a $40 price tag, and you end up with some stiff competition for other market leaders like Hardkernel's ODROID-C2 and Raspberry Pi's flagship Pi 3. The release is clearly in early phases with Ubuntu images and house-sold eMMC modules still on their way. It's amazing to see such strong competition in this market -- and with so many sub-$100, incredibly capable SBC options, which will choose?
Read Replies (0)
By BeauHD from
Slashdot's open-book department:
DeathByLlama writes: The single board computer market, broken wide-open just a few years ago by the Raspberry Pi Foundation, continues to flourish today as FriendELEC releases their $40 NanoPi K2 board. This SBC packs a 1.5 GHz 64-bit quad core Amlogic S905 processor, and paired with 2GB of DDR3 RAM and the Mali-450MP GPU, it is able to stream 4K at 60 FPS. Add in gigabit ethernet, onboard Wi-Fi, Bluetooth, IR (and a remote!), eMMC compatibility, a familiar GPIO header, and a $40 price tag, and you end up with some stiff competition for other market leaders like Hardkernel's ODROID-C2 and Raspberry Pi's flagship Pi 3. The release is clearly in early phases with Ubuntu images and house-sold eMMC modules still on their way. It's amazing to see such strong competition in this market -- and with so many sub-$100, incredibly capable SBC options, which will choose?
Read Replies (0)
By BeauHD from
Slashdot's old-switcheroo department:
ewhac writes: Earlier this week, Burger King released a broadcast television ad that opened with an actor saying, "Ok, Google, what is the Whopper?" thereby triggering any Google Home device in hearing range to respond to the injected request with the first line from the Whopper's Wikipedia page. Google very properly responded to the injection attack by fingerprinting the sound sample and blocking it from triggering responses. However, it seems Burger King and/or its ad agency are either unwilling or congenitally incapable of getting the hint, and has released an altered version of the ad to evade Google's block. According to spokesperson Dara Schopp, BK regards the ad as a success, as it has increased the brand's "social conversation" on Twitter by some 300%. It seems that Burger King thinks that malware-laden advertising infesting webpages is a perfectly wonderful idea (in principle, at least), and has taken it to the next level by reaching through your TV speakers and directly messing with your digital devices. You may wish to consider alternate vendors for your burger needs.
Read Replies (0)
By BeauHD from
Slashdot's take-a-deep-breath department:
chicksdaddy quotes a report from The Security Ledger: The U.S. Food and Drug Administration issued a letter of warning to medical device maker Abbott on Wednesday, slamming the company for what it said was a pattern of overlooking security and reliability problems in its implantable medical devices at its St. Jude Medical division and describing a range of the company's devices as "adulterated," in violation of the U.S. Federal Food, Drug and Cosmetic Act, the Security Ledger reports. In a damning warning letter, the FDA said that St. Jude Medical knew about serious security flaws in its implantable medical devices as early as 2014, but failed to address them with software updates or by replacing those devices. The government found that St. Jude, time and again, failed to adhere to internal security and product quality guidelines, a lapse that resulted in at least one patient death. St. Jude Medical, which is now wholly owned by the firm Abbott, learned of serious and exploitable security holes in the company's "high voltage and peripheral devices" in an April, 2014 "third party assessment" commissioned by the company. But St. Jude "failed to accurately incorporate the findings of that assessment" in subsequent risk assessments for the affected products, including Merlin@home, a home-based wireless transmitter that is used to provide remote care for patients with implanted cardiac devices, the FDA revealed. Among the security flaws: a "hardcoded universal unlock code" for the company's implantable, high voltage devices. The report casts doubt on a defamation lawsuit St. Jude filed against the firm MedSec Holdings Ltd over its August, 2016 report that warned of widespread security flaws in St. Jude products, including Merlin@home. The MedSec report on St. Judes technology was released in conjunction with a report by the investment firm Muddy Waters Research, which specializes in taking "short" positions on firms. At the time, MedSec said that the security of the company's medical devices and support software was "grossly inadequate compared with other leading manufacturers," and represents "unnecessary health risks and should receive serious notice among hospitals, regulators, physicians and cardiac patients." St. Judes has called the MedSec allegations false, but it now appears that the company had heard similar warnings raised by its own third-party security auditor more than a year prior.
Read Replies (0)