By EditorDavid from Slashdot's time-standard-time department
AmiMoJo quotes the Register: The Internet Engineering Task Force has taken another small step in protecting everybody's privacy... As the draft proposal explains, the RFCs that define NTP have what amounts to a convenience feature: packets going from client to server have the same set of fields as packets sent from servers to clients... "Populating these fields with accurate information is harmful to privacy of clients because it allows a passive observer to fingerprint clients and track them as they move across networks". The header fields in question are Stratum, Root Delay, Root Dispersion, Reference ID, Reference Timestamp, Origin Timestamp, and Receive Timestamp. The Origin Timestamp and Receive Timestamp offer a handy example or a "particularly severe information leak". Under NTP's spec (RFC 5905), clients copy the server's most recent timestamp into their next request to a server – and that's a boon to a snoop-level watcher.
The proposal "proposes backward-compatible updates to the Network Time
Protocol to strip unnecessary identifying information from client
requests and to improve resilience against blind spoofing of
unauthenticated server responses." Specifically, client developers should set those fields to zero.Read Replies (0)
By EditorDavid from Slashdot's anti-social-media department
An anonymous reader quotes CNN:
Twitter is not good enough at removing hate speech from its platform. That's the judgment of Europe's top regulator, which released data on Thursday showing that Twitter has failed to meet its standard of taking down 50% of hate speech posts after being warned that they include objectionable content. Facebook, Twitter, Microsoft, and Google have all agreed to do more, promising last May to review a majority of hate speech flagged by users within 24 hours and to remove any illegal content.
A year into the agreement, the European Commission said that Facebook and YouTube, which is owned by Google, have both managed to remove 66% of reported hate speech. Twitter's rate, meanwhile, was 38%. That's below the commission's standard but a major improvement from December, when the service was removing only 19% of hate speech... Twitter was also slightly slower than rivals Facebook and YouTube when it came to reviewing content. The regulator said that Facebook reviewed flagged content within 24 hours in 58% of cases. YouTube did the same 43% of the time, while Twitter met the 24-hour benchmark in 39% of cases.
European lawmakers are considering laws mandating the blocking of online hate speech, so they're carefully watching what happens when social media companies self-regulate.
"Tackling illegal hate speech online is a contribution to the fight against terrorism," argued the EU Commission's top justice official.Read Replies (0)
By EditorDavid from Slashdot's see-you-in-September department
An anonymous reader quotes InfoWorld:
Java 9 won't be released on July 27 after all. Oracle has proposed that Java 9 Standard Edition be delayed until September 21 so the open source community that is finalizing Java 9 can address the ongoing controversy over a planned but later rejected approach to modularity, said Georges Saab, vice president of software development in the Java platform group at Oracle and chairman of the OpenJDK governing board...
The [Java Platform Module System] measure was sent back to the proposal's expert group for further discussion. Since then, the group has reached consensus on addressing the modularity concerns, Saab said. But they cannot rework Java 9 in time for the original July 27 release date... If the revised JSR 376 approved, as expected, work can proceed on implementing it in the official version of Java 9 SE. This setback for Java 9s upcoming upgrade, however, should just be temporary, with Oracle expecting a more rapid cadence of Java SE releases going forward, Saab said.Read Replies (0)
By EditorDavid from Slashdot's del.icio.us-is-dead department
Long-time Slashdot reader brentlaminack writes:
One of the first and best social bookmarking platforms, Del.icio.us has changed hands about four times, one was to Yahoo for >$15M. Its most recent relaunch was over a year back, which was their last blog entry. Now images are broken, little "advertisement" blocks show up with no advertisements, things seem moribund. What's the deal?
The Next Web reports:
It's the end of the road for social bookmarking website del.icio.us. After almost fifteen years, the site has been acquired by rival Pinboard, and will be shuttered on June 15, when it goes into read-only mode. While the site will continue to be viewable, users won't be able to save any new bookmarks. Del.icio.us pioneered the social bookmarking paradigm. Its influence can be seen everywhere, from Reddit to Twitter...
After del.icio.us was acquired by AVOS Systems in 2011, users fled to Pinboard in droves over complaints AVOS was fundamentally changing the makeup of the site. By purchasing del.icio.us, Pinboard is able to coax the few remaining del.icio.us users to jump ship. Depending on how much Pinboard paid for the site, how many users remain, and how many users Pinboard is able to convert, this could be a financially lucrative move. A Pinboard subscription costs $11 per annum.
A late update to the article includes a quote from Pinboard founder Maciej Ceglowski. "In a statement, he said 'I am the greatest.' Ceglowski also confirmed the purchase price for del.icio.us, which was $35,000."Read Replies (0)
By BeauHD from Slashdot's dirty-files department
An anonymous reader quotes a report from Bleeping Computer: "After taking last week off, WikiLeaks came back today and released documentation on another CIA cyber weapon. Codenamed Pandemic, this is a tool that targets computers with shared folders, from where users download files via SMB. The way Pandemic works is quite ingenious and original, and something not seen before in any other malware strain. According to a leaked CIA manual, Pandemic is installed on target machines as a "file system filter driver." This driver's function is to listen to SMB traffic and detect attempts from other users to download shared files from the infected computer. Pandemic will intercept this SMB request and answer on behalf of the infected computer. Instead of the legitimate file, Pandemic will deliver a malware-infected file instead. According to the CIA manual, Pandemic can replace up to 20 legitimate files at a time, with a maximum size of 800MB per file, and only takes 15 seconds to install. Support is included for replacing both 32-bit and 64-bit files. The tool was specifically developed to replace executable files, especially those hosted on enterprise networks via shared folders. The role of this cyber weapon is to infect corporate file sharing servers and deliver a malicious executable to other persons on the network, hence the tool's name of Pandemic.Read Replies (0)
By BeauHD from Slashdot's world-record department
Frosty Piss quotes a report from The Seattle Times: The huge Stratolaunch finally rolled out of its hangar in Mojave, Calif., Wednesday for the first time. Built by Paul Allen's Scaled Composites, the twin hulled monster will go through months of ground tests before a first flight. Jean Floyd, chief executive at Stratolaunch Systems, said in a statement that the empty airplane, powered by six used 747 engines, weighs approximately 500,000 pounds. The jet will have a three-person crew: pilot, co-pilot and flight engineer in the flight deck of the starboard fuselage, while the port fuselage cockpit is empty and unpressurized. Stratolaunch is intended to carry a rocket slung beneath the central part of the wing, between the two fuselages, and release it at 35,000 feet. The concept is that the rocket will then launch into space and deliver satellites into orbit.Read Replies (0)
By BeauHD from Slashdot's job-loss-fears department
Norman Yee, an American elected official in San Francisco, has recently proposed legislation that would prohibit autonomous delivery robots -- which includes those with a remote human operator -- on public streets in the city. In a statement provided to Recode, Yee said, "our streets and our sidewalks are made for people, not robots." He also worries that many delivery jobs would disappear. The proposed legislation is causing a headache for one high-tech startup in particular. The tech company is called Marble, which uses bots fitted with camera and ultrasonic sensors to deliver small packages and food within a one or two mile radius. The delivery robots themselves travel at a walking pace and use cameras and sensors to avoid pedestrians and navigate pavements. The Guardian reports: San Francisco police commander Robert O'Sullivan is in favor of the legislation, fearing the robots could harm children, the elderly, and those with limited mobility. "If hit by a car, they also have the potential of becoming a deadly projectile," he told a local TV station. Marble CEO Matt Delaney says these fears are unfounded. "We care that our robots are good citizens of the sidewalk," he says. "We've taken a lot of care from the ground up to consider their need to sense and intuit how people are going to react."Read Replies (0)
By BeauHD from Slashdot's future-of-automobiles department
An anonymous reader quotes a report from Science Daily: A technology developed by Purdue researchers could provide an "instantly rechargeable" method that is safe, affordable and environmentally friendly for recharging electric and hybrid vehicle batteries through a quick and easy process similar to refueling a car at a gas station. John Cushman, Purdue University distinguished professor of earth, atmospheric and planetary science and a professor of mathematics, presented the research findings "Redox reactions in immiscible-fluids in porous media -- membraneless battery applications" at the recent International Society for Porous Media 9th International Conference in Rotterdam, Netherlands. Cushman co-founded Ifbattery LLC (IF-battery) to further develop and commercialize the technology. "Designing and building enough of these recharging stations requires massive infrastructure development, which means the energy distribution and storage system is being rebuilt at tremendous cost to accommodate the need for continual local battery recharge," said Eric Nauman, co-founder of Ifbattery and a Purdue professor of mechanical engineering, basic medical sciences and biomedical engineering. "Ifbattery is developing an energy storage system that would enable drivers to fill up their electric or hybrid vehicles with fluid electrolytes to re-energize spent battery fluids much like refueling their gas tanks." Mike Mueterthies, Purdue doctoral teaching and research assistant in physics and the third co-founder of Ifbattery, said the flow battery system makes the Ifbattery system unique. "Other flow batteries exist, but we are the first to remove membranes which reduces costs and extends battery life," Mueterthies said. Ifbattery's membrane-free battery demonstrates other benefits as well. "Membrane fouling can limit the number of recharge cycles and is a known contributor to many battery fires," Cushman said. "Ifbattery's components are safe enough to be stored in a family home, are stable enough to meet major production and distribution requirements and are cost effective." For the visual learners, Purdue Research Park has uploaded a video about Ifbattery's "instantly rechargeable" method.Read Replies (0)
By BeauHD from Slashdot's cinnamon-whisky department
Check Point researchers have discovered a massive malware campaign, dubbed Fireball, that has already infected more than 250 million computers across the world, including Windows and Mac OS. The Fireball malware "is an adware package that takes complete control of victim's web browsers and turns them into zombies, potentially allowing attackers to spy on victim's web traffic and potentially steal their data," reports The Hacker News. From the report: Check Point researchers, who discovered this massive malware campaign, linked the operation to Rafotech, a Chinese company which claims to offer digital marketing and game apps to 300 million customers. While the company is currently using Fireball for generating revenue by injecting advertisements onto the browsers, the malware can be quickly turned into a massive destroyer to cause a significant cyber security incident worldwide. Fireball comes bundled with other free software programs that you download off of the Internet. Once installed, the malware installs browser plugins to manipulate the victim's web browser configurations to replace their default search engines and home pages with fake search engines (trotux.com). "It's important to remember that when a user installs freeware, additional malware isn't necessarily dropped at the same time," researchers said. "Furthermore, it is likely that Rafotech is using additional distribution methods, such as spreading freeware under fake names, spam, or even buying installs from threat actors."Read Replies (0)