By msmash from Slashdot's privacy-woes department
An anonymous reader shares a report: Sarahah, a new app that lets people sign up to receive anonymized, candid messages, has been surging in popularity; somewhere north of 18 million people are estimated to have downloaded it from Apple and Google's online stores, making it the No. 3 most downloaded free software title for iPhones and iPads. Sarahah bills itself as a way to "receive honest feedback" from friends and employees. But the app is collecting more than just feedback messages. When launched for the first time, it immediately harvests and uploads all phone numbers and email addresses in your address book. Although Sarahah does in some cases ask for permission to access contacts, it does not disclose that it uploads such data, nor does it seem to make any functional use of the information. Zachary Julian, a senior security analyst at Bishop Fox, discovered Sarahah is uploading of private information when he installed the app on his Android phone, a Galaxy S5 running Android 5.1.1. The phone was outfitted with monitoring software, known as Burp Suite, which intercepts internet traffic entering and leaving the device, allowing the owner to see what data is sent to remote servers. When Julian launched Sarahah on the device, Burp Suite caught the app in the act of uploading his private data.Read Replies (0)
By msmash from Slashdot's technical-problems department
Thousands of ATMs and electronic card payment machines in Indonesia went offline over the weekend, and it might take two more weeks before full service is restored, after an outage from a satellite belonging to state-controlled telecom giant PT Telekomunikasi Indonesia (Telkom). From a report: Around 15,000 ground sites across Indonesia were affected by the problem on the 'Telkom-1' satellite, whose service is used by government agencies, banks, broadcasters and other corporations, Telkom's president director Alex Sinaga told reporters on Monday. A shift in the direction of the satelliteâ(TM)s antenna, which was first detected last Friday, had disrupted connectivity. Bank Central Asia (BCA), Indonesia's largest bank by market value, had around 5,700 of its ATMs affected by the outage, or 30 percent of the total operated by the bank, BCA chief executive Jahja Setiaatmadja told reporters. The Internet connection in some remote BCA branches were also affected, he said.Read Replies (0)
By msmash from Slashdot's next-up department
Kara Swisher, reporting for Recode: The board of Uber has voted and wants Expedia Dara Khosrowshahi to be its next CEO. But here is a shocking twist for those who have had to endure this awful, messy and convoluted process: He has not been officially offered the job as of 15 minutes ago, said sources. Still, most expect him to take it and he appears to be the one person dueling factions of the board can agree on. Unknown until now, Khosrowshahi was the third candidate -- after Hewlett Packard Enterprise CEO Meg Whitman and former General Electric CEO Jeff Immelt. Khosrowshahi is considered the "truce" choice for the board, which has been riven by ugly infighting between ousted CEO Travis Kalanick and one of its major investors, Benchmark. Benchmark had backed Whitman, while Kalanick had backed Immelt. Sources said that going into this morning, after Immelt withdrew his name from contention when it was clear he would not win the job, Whitman had the upper hand in the race for the job. But she also wanted a number of things -- including less involvement by ousted Uber CEO Travis Kalanick and more board control -- that became too problematic for the directors, said sources.Read Replies (0)
By EditorDavid from Slashdot's fraudulent-funding department
An anonymous reader quote BuzzFeed:
The vast majority of money raised to pay for the legal defense of beloved British cybersecurity researcher Marcus Hutchins was donated with stolen or fake credit card numbers, and all donations, including legitimate ones, will be returned, the manager of the defense fund says. Lawyer Tor Ekeland, who managed the fund, said at least $150,000 of the money collected came from fraudulent sources, and that the prevalence of fraudulent donations effectively voided the entire fundraiser. He said he'd been able to identify only about $4,900 in legitimate donations, but that he couldn't be certain even of those. "I don't want to take the risk, so I just refunded everything," he said.
Two days later, Hutchins posted the following on Twitter. "When sellouts are talking shit about the 'infosec community' remember that someone I'd never met flew to Vegas to pay $30K cash for my bail."
Hutchins is facing up to 40 years in prison, and at first was only allowed to leave his residence for four hours each week. Thursday a judge lifted some restrictions so that Hutchins is now allowed to travel to Milwaukee, where his employer is located. According to Bloomberg, government prosecutors complain Hutchins now "has too much freedom while awaiting trial and may skip the country."
Clickthrough for a list of the evidence government prosecutors submitted to the court this week.Read Replies (0)
By EditorDavid from Slashdot's now-this-is-pod-racing department
An anonymous reader quotes GeekWire:
The speediest team from SpaceX founder Elon Musk's first Hyperloop pod competition has done it again: WARR Hyperloop from Germany's Technical University of Munich won today's second contest by sending its magnetic-levitation pod through a nearly mile-long test tunnel at a peak speed of 201 mph. Musk announced WARR's victory to a crowd in the stands at SpaceX's headquarters in Hawthorne, California, and in a tweet... This weekend's competition brought about two dozen teams to Hawthorne, including a student group from the University of Washington. Each of the teams developed a pod that was designed to test engineering approaches for Musk's Hyperloop rapid-transit concept, which calls for sending people and cargo through low-pressure tubes at near-supersonic speeds.
Musk also tweeted that it "might be possible to go supersonic" in the 0.8-mile test Hyperloop tube, though he conceded it would require an extremely high acceleration (and deceleration) because of the short distance.
"For passenger transport, this can be spread over 20+ miles, so no spilt drinks."Read Replies (0)
By EditorDavid from Slashdot's beyond-the-bylaws department
An anonymous reader quotes InfoWorld:
To shore up Java's security, a private group that operates outside the normal open source community process is under consideration. The proposed OpenJDK Vulnerability Group would provide a secure, private forum in which trusted members of the community receive reports on vulnerabilities in code bases and then review and fix them... The vulnerability group and Oracle's internal security teams would work together, and it may occasionally need to work with external security organizations.
Due to the sensitive nature of its work, membership in the group would be more selective, there would be a strict communication policy, and members or their employers would need to sign both a nondisclosure and a license agreement, said Mark Reinhold, chief architect of the Java platform group at Oracle. "These requirements do, strictly speaking, violate the OpenJDK bylaws," Reinhold said. "The governing board has discussed this, however, and I expect that the board will approve the creation of this group with these exceptional requirements." If the Java security group is approved, Andrew Gross, leader of Oracle's internal Java vulnerability team, would lead it.Read Replies (0)
By EditorDavid from Slashdot's freedom-from-choice department
An anonymous reader quote TechHive:
The cord-cutting naysayers are trotting out a new argument in favor of cable, and it's even more absurd than the old ones: Having too many high-quality, standalone streaming services, they say, is actually bad for consumers, who are apparently helpless at using technology or making sound purchase decisions... The New York Post's Johnny Oleksinski concluded that all those sneering hipsters who've had the nerve to ditch cable are about to get their comeuppance -- in the form of additional services to choose from... By now, anyone who's actually cut the cable cord should be screaming out in unison: No one's making you subscribe to all these services! You can pick the ones you care about most, rotate between services, or occupy your screen time with a growing number of other digital distractions...
I will concede that if you want to use multiple streaming services, trying to sift through them all can be confusing. But even this concern is blown entirely out of proportion by naysaying pundits, who seem to ignore solutions that already exist. Roku, Amazon Fire TV, and Apple TV all offer universal search across services like Netflix and Hulu, while features like Roku Feed and the Apple TV TV app demonstrate how system-wide browsing is getting easier. Besides, using a handful of apps to get what you want isn't that burdensome -- especially for the growing audience of people who've been raised on smartphones... consumers are smarter than they're getting credit for. That's why cable subscriptions continue to plunge, even as these bogus stories keep popping up like clockwork.Read Replies (0)
By EditorDavid from Slashdot's sued-over-security-cameras department
An anonymous reader quotes BleepingComputer:
A U.S. man has filed a lawsuit against Logitech, a Swiss-based manufacturer of electronic devices, on accusations that Logitech had intentionally delayed and tried to discourage warranty claims for defective products, falsely advertised products, and even hid an End-Of-Life (EOL) announcement from customers. The product at the heart of this lawsuit is a high-definition digital video home security systems named Logitech Alert Systems... The lawsuit alleges that Logitech's cameras had "a high-rate of failure" and the software running on the IP cameras "was rife with bugs and glitches that made the systems unreliable and inoperable"...
The cherry on top came when users complained to the company. "Logitech refused to honor its warranties to remedy the defects while customers' warranty periods lapsed, thereby escaping its legal obligations to provide non-defective replacements or refunds," the lawsuit reads. The lawsuit alleges that Logitech knew its product had a high rate of failure, but instead of issuing a callback, it "responded by designing and implementing a strategy to avoid its express warranty obligations... As a result, Logitech strategically left customers without operable security systems during the warranty period while it ran out the clock."
The proposed class-action lawsuit covers the IP cameras sold between 2010 and 2014, though it alleges Logitech decided to discontinue the products by 2012, and "claims the company wanted to sell current stocks of Alert Systems before making the announcement and allowed customers to buy a product it did not intend to support anymore."Read Replies (0)
By EditorDavid from Slashdot's brain-games department
A startup recently demoed their prototype for a VR headset using sensors that read brain waves. An anonymous reader quotes the New York Times:
There is no joystick or game pad. You must use your thoughts. You turn toward a ball on the floor, and your brain sends a command to pick it up. With another thought, you send the ball crashing into a mirror, breaking the glass and revealing a few numbers scribbled on a wall. You mentally type those numbers into a large keypad by the door. And you are out. Designed by Neurable, a small start-up founded by Ramses Alcaide, an electrical engineer and neuroscientist, the game offers what you might call a computer mouse for the mind, a way of selecting items in a virtual world with your thoughts...
The prototype is among the earliest fruits of a widespread effort to embrace technology that was once science fiction -- and in some ways still is. Driven by recent investments from the United States government and by the herd mentality that so often characterizes the tech world, a number of a start-ups and bigger companies like Facebook are working on ways to mentally control machines... Although sensors can read electrical brain activity from outside the skull, it is very difficult to separate the signal from the noise. Using computer algorithms based on research that Mr. Alcaide originally published as a doctoral student at the University of Michigan, Neurable works to read activity with a speed and accuracy that is not typically possible.Read Replies (0)
By EditorDavid from Slashdot's continuous-agile-test-driven-development department
An anonymous reader quotes The Next Web:
According to one study, high-performing IT units with faster software releases are twice as likely to achieve their goals in customer satisfaction, profitability, market share and productivity. Acknowledgement of this has fueled a headlong rush toward what software developers call "continuous delivery"... It's a process most technology departments aspire to but only a fraction have achieved. According to a recent survey by Evans Data, 65 percent of organizations are using continuous delivery on at least some projects, but only 28 percent are using it for all their software. Among non-SaaS companies, that proportion is just 18 percent...
So what comes next? The future of application development depends on using artificial intelligence within the continuous delivery model... We're at the precipice of a new world of AI-aided development that will kick software deployment speeds -- and therefore a company's ability to compete -- into high gear. "AI can improve the way we build current software," writes Diego Lo Giudice of Forrester Research in a recent report. "It will change the way we think about applications -- not programming step by step, but letting the system learn to do what it needs to do -- a new paradigm shift." The possibilities are limited only by our creativity and the investment organizations are willing to make.
The article was written by the head of R&D at Rainforest QA, which is already using AI to manage their crowdsourced quality assurance testing. But he ultimately predicts bigger roles for AI in continuous delivery development -- even choosing which modifications to use in A/B testing, and more systematic stress-testing.Read Replies (0)
By EditorDavid from Slashdot's reading-the-reviews department
schwit1 shared an article from the New York Post:
No reviews, no revenue. That's the key takeaway from a new study published in Psychological Science, which finds that if two similar products have the same rating, online shoppers will buy the one with more reviews... "[When] faced with a choice between two low-scoring products, one with many reviews and one with few, the statistics say we should actually go for the product with few reviews, since there's more of a chance it's not really so bad," wrote researcher Derek Powell of Stanford University, lead author of the report. In other words, when there's only a handful of reviews, a few bad ones break the curve and bring down the overall rating. "But participants in our studies did just the opposite: They went for the more popular product, despite the fact that they should've been even more certain it was of low quality," he wrote.
Matt Moog, CEO of PowerReviews, previously conducted a study with Northwestern University [PDF] that drew from an even larger data pool of 400 million consumers, which also found that the more reviews there are of a product, the more likely it is that a customer will purchase that product... He has also found that customers who read reviews often click the bad ones first. "They want to read what's the worst thing people have to say about this," he said... Most online shoppers (97 percent to be exact) say reviews influence their buying decisions, according to Fan & Fuel Digital Marketing Group, which also found that 92 percent of consumers will hesitate to buy something if it has no customer reviews at all.Read Replies (0)
By EditorDavid from Slashdot's diamonds-keep-falling-on-my-head department
The Washington Post reports:
On Uranus and Neptune, scientists forecast rain storms of solid diamonds. The gems form in the hydrocarbon-rich oceans of slush that swath the gas giants' sold cores. Scientists have long speculated that the extreme pressures in this region might split those molecules into atoms of hydrogen and carbon, the latter of which then crystallize to form diamonds. These diamonds were thought to sink like rain through the ocean until they hit the solid core. But no one could prove that this would really work -- until now.
The Matter in Extreme Conditions instrument at SLAC gives scientists the tools to investigate the extremely hot, dense matter at the centers of stars and giant planets... A team led by Dominik Kraus from the Helmholtz Zentrum Dresden-Rossendorf research centre in Germany subjected plastic to shockwaves by exposing it to the intense energy produced by SLAC's X-ray free-electron laser, known as the Linac Coherent Light Source. The experiment caused almost all the carbon atoms in the plastic to combine into diamond-like structures a few nanometers wide... Astronomers think that the forces at work deep in the frozen mantles of Uranus and Neptune are likely so powerful that each of the diamonds formed could weigh millions of carats. It is also possible that the solid cores of both planets are coated with a thick diamond outer layer.
The experiment also suggests an easier (and cleaner) way to produce diamonds in a lab, which can then be used for semiconductors, drill bits and solar panels.Read Replies (0)
By EditorDavid from Slashdot's sudo-create department
An anonymous reader shares a new crowdfunding site built on open source principles to "remove the money element from project creation" so creators "don't have to take extreme actions such as quitting their jobs or compromising on their ideas because of investor demands. Because of the nature of crowdsourcer.io projects, project creators can remain as ambitious as funded projects and get all the contributors they need to make their idea a reality."
From the site:
Crowdsourcer.io is an alternative crowd sourcing platform that allows developers and designers alike to create or join in on software related projects, build up their contribution and earn an income from the final product. Think of Crowdsourcer.io as something between open source software creation and Kickstarter start ups, a new crowd sourcing alternative, in its purest form"
The site's creator recently answered questions on Reddit, saying they'd spent years fine-tuning the idea, and writing that "It's really focussed on people who don't want to quit their job to form their own software company, and don't want to become embroiled in debt or other financing." A note at the bottom of the site adds that "Crowdsourcer.io is young. We want your ideas!"Read Replies (0)
By EditorDavid from Slashdot's creating-a-buzz department
"While plenty of countries have dabbled in drone delivery, no program has matched the scale and impact of what's unfolding in Rwanda and now, Tanzania." An anonymous reader quotes CNN:
The drones will fly themselves, far from the view of humans -- a move that's not yet legal in the U.S... In early 2018, Tanzania's government will begin using drones to deliver medical supplies such as blood and vaccines to remote areas. The government expects to save lives thanks to faster delivery of medical supplies. Rwanda has already completed 1,400 similar deliveries. "Everyone has this paradigm that robotics and artificial intelligence starts in the U.S., made by rich people for rich people. It couldn't be farther from the truth," said Keller Rinaudo, CEO of Zipline, which is supplying the drones. "There's a major shift [occurring] where it's not about the country with the most resources; it's more about the countries with modern regulatory reform and a willingness to try new things."
Tanzania will open four drone distribution centers with Silicon Valley startup Zipline, providing more than 100 drones and 2,000 flights a day. It's also discussing a partnership with another drone company... Previously, the government delivered medical supplies only four times a year due to costs. Bwanakunu envisions several deliveries per week including for emergencies... This isn't the first time East Africa has been a step in front of the "developed world." "We were ahead with mobile money too," said Bwanakunu, referring to M-PESA, which allows for money to be sent through cell phones. "If today trying this technology will save a human life, why not?"
Each drone is equipped with "a parachute that deploys if that anything goes wrong."Read Replies (0)
By EditorDavid from Slashdot's open-the-pod-bay-doors-HAL department
An anonymous reader quote BleepingComputer: Three researchers from New York University (NYU) have published a paper this week describing a method that an attacker could use to poison deep learning-based artificial intelligence (AI) algorithms. Researchers based their attack on a common practice in the AI community where research teams and companies alike outsource AI training operations using on-demand Machine-Learning-as-a-Service (MLaaS) platforms. For example, Google allows researchers access to the Google Cloud Machine Learning Engine, which research teams can use to train AI systems using a simple API, using their own data sets, or one provided by Google (images, videos, scanned text, etc.). Microsoft provides similar services through Azure Batch AI Training, and Amazon, through its EC2 service. The NYU research team says that deep learning algorithms are vast and complex enough to hide small equations that trigger a backdoor-like behavior. For example, attackers can embed certain triggers in a basic image recognition AI that interprets actions or signs in an unwanted way. In a proof-of-concept demo of their work, researchers trained an image recognition AI to misinterpret a Stop road sign as a speed limit indicator if objects like a Post-it, a bomb sticker, or flower sticker were placed on the Stop sign's surface. In practice, such attacks could be used to make facial recognition systems ignore burglars wearing a certain mask, or make AI-driven cars stop in the middle of highways and cause fatal crashes.Read Replies (0)