By msmash from Slashdot's breaking-news department
A Dallas man was sentenced to eight years in prison on Wednesday after the authorities caught him with a partially 3-D-printed rifle and what federal prosecutors described as a hit list of lawmakers in his backpack. From a report: The man, Eric Gerard McGinnis, had been under a court order that prohibited him from possessing a firearm when he was discovered to have had the partially printed AR-15-style rifle in July 2017, according to a statement from the United States Attorney's Office for the Northern District of Texas. Mr. McGinnis, 43, was charged with possession of an unregistered firearm and possession of ammunition by a prohibited person, prosecutors said. A jury later convicted him on both counts.
Prosecutors said in their statement that police officers had arrested Mr. McGinnis after hearing three shots he had apparently fired in a wooded area just outside of Dallas. They also discovered a list in his backpack labeled "9/11/2001 list of American Terrorists." The list included the office and home addresses of "several federal lawmakers, both Democrat and Republican," the statement said. Prosecutors did not reveal the names on Mr. McGinnis's list, but at the sentencing hearing on Wednesday they disclosed that a forensic analysis of his electronic devices suggested that Mr. McGinnis "had a strong interest" in James T. Hodgkinson, the man who the authorities say shot and wounded Representative Steve Scalise and several others at a congressional baseball practice in June 2017.Read Replies (0)
By BeauHD from Slashdot's animal-friendly department
"China's top search engine company Baidu made a smart cat shelter in Beijing that uses AI to verify when a cat is approaching and open its door," writes Slashdot reader AmiMoJo. "The cat shelter is heated and also offers cats food and water." Mashable reports: It can accurately identify 174 different cat breeds, as to let them enter and exit as they please. A door will slide open if the camera spots a cat, but it won't work on dogs. Multiple cats can fit inside the space. Another neat camera feature is that it can be also used to detect if the cat is sick -- it can identify four common cat diseases, such as inflammation, skin problems, and physical trauma. Once a cat is identified as needing care, associated volunteers can be informed to come and collect it. "Homeless cats often struggle to survive the winter in Beijing, and even though volunteers feed them their water bowls freeze over in the cold," adds AmiMoJo. "Due to many people living in apartments that don't allow pets, they can't simply bring the cats home." Baidu has a blog post detailing the shelter and its use of artificial intelligence.Read Replies (0)
By BeauHD from Slashdot's end-of-an-era department
"It's the end of the line for the biggest passenger jet ever built: the A380 is going to cease production," writes Slashdot reader Required Snark, citing a report from CNN. From the report: The European plane maker said Thursday that it will stop delivering A380s in 2021 after its key customer, Dubai-based airline Emirates, slashed its orders for the huge jetliner. "We have no substantial A380 backlog and hence no basis to sustain production, despite all our sales efforts with other airlines in recent years," Airbus CEO Tom Enders said in a company statement. The company has delivered 234 of the superjumbos to date, less than a quarter of the 1,200 it predicted it would sell when it first introduced the double-decker aircraft. Its plans were undermined by airlines shifting their interest to lighter, more fuel efficient passenger jets that have reduced the need to ferry passengers between the big hubs. "Passengers all over the world love to fly on this great aircraft. Hence today's announcement is painful for us and the A380 communities worldwide," Enders said. "But keep in mind that A380s will still roam the skies for many years to come and Airbus will of course continue to fully support the A380 operators."Read Replies (0)
By BeauHD from Slashdot's another-day-another-leak department
Photo-sharing service 500px has announced that it was the victim of a hack back in July 2018 and that personal data was exposed for all the roughly 14.8 million accounts that existed at the time. PetaPixel reports: In an email sent out to users and an announcement posted to its website, 500px states that it was only on February 8th, 2019, that its team learned of an unauthorized intrusion to its system that occurred on or around July 5th, 2018. The personal data that may have been stolen by the intruder includes first and last names, usernames, email addresses, password hashes (i.e. not plaintext passwords), location (i.e. city, state, country), birth date, and gender. The company has reset all 500px account passwords, so to get back into your account you'll need to pick a new one using the recovery email system. "At this time, there is no indication of unauthorized access to your account, and no evidence that other data associated with your user profile was affected, such as credit card information (which is not stored on our servers), if used to make any purchases, or any other sensitive personal information," 500px says. "We recommend you change your password on any other website or app on which you use a password that is the same as or similar to your password for your 500px account," 500px says.Read Replies (0)
By BeauHD from Slashdot's properly-screwed department
Zorro shares a report from The Register: Older satnavs and such devices won't be able to use America's Global Positioning System properly after April 6 unless they've been suitably updated or designed to handle a looming epoch rollover. GPS signals from satellites include a timestamp, needed in part to calculate one's location, that stores the week number using ten binary bits. That means the week number can have 210 or 1,024 integer values, counting from zero to 1,023 in this case. Every 1,024 weeks, or roughly every 20 years, the counter rolls over from 1,023 to zero. The first Saturday in April will mark the end of the 1,024th week, after which the counter will spill over from 1,023 to zero. The last time the week number overflowed like this was in 1999, nearly two decades on from the first epoch in January 1980. You can see where this is going. If devices in use today are not designed or patched to handle this latest rollover, they will revert to an earlier year after that 1,024th week in April, causing attempts to calculate position to potentially fail. System and navigation data could even be corrupted, we're warned. U.S. Homeland Security explained the issue in a write-up this week. GPS.gov also notes that the new CNAV and MNAV message formats will use a 13-bit week number, so this issue shouldn't happen again anytime soon. The site recommend users consult the manufacturer of their equipment to make sure they have the proper updates in place.Read Replies (0)
By BeauHD from Slashdot's data-harvesting-operations department
According to a technology policy researcher, Netflix records all the choices you make in Black Mirror's Bandersnatch episode. "Michael Veale, a technology policy researcher at University College London, wanted to know what data Netflix was collecting from Bandersnatch," reports Motherboard. "People had been speculating a lot on Twitter about Netflix's motivations," Veale told Motherboard in an email. "I thought it would be a fun test to show people how you can use data protection law to ask real questions you have." From the report: The law Veale used is Europe's General Data Protection Regulation (GDPR). The GDPR granted EU citizens a right to access -- anyone can request a wealth of information from a company collecting data. Users can formally request a company such as Netflix tell them the reason its collecting data, the categories they're sorting data into, third parties it's sharing the data with, and other information. Veale used this right of access to ask Netflix questions about Bandersnatch and revealed the answers in a Twitter thread. He found that Netflix is tracking the decisions its users make (which makes sense considering how the film works), and that it is keeping those decisions long after a user has finished the film. It is also stores aggregated forms of the users choice to "help [Netflix] determine how to improve this model of storytelling in the context of a show or movie," the company said in its email response to him. The .csv and PDF files displayed Veale's journey through Bandersnatch, every choice displayed in a long line for him to see.
< article continued at Slashdot's data-harvesting-operations department
>Read Replies (0)
By BeauHD from Slashdot's high-roller department
In a blog post today, Google CEO Sundar Pichai said the company is building new data centers and offices and expanding several key locations across the U.S., spending $13 billion this year. CNBC reports: Pichai outlined the plans, which include opening new data centers in Nevada, Ohio, Texas and Nebraska, the first time the company will have infrastructure locations in those states. The company is also doubling its workforce in Virginia, providing greater access to Washington, D.C., with a new office and more data center space, and expanding its New York campus at Hudson Square.
Google is showing its willingness to further open its wallet, after a year in which capital spending more than doubled to $25.46 billion. The company didn't say home much each location will cost or provide information on tax incentives from local communities. Pichai said the plans will likely create tens of thousands of construction jobs across Nebraska, Nevada, Ohio, Texas and Virginia, as well as Oklahoma and South Carolina, where the company is expanding existing data centers. Google didn't say how many new jobs the data centers and business offices would create. Pichai also said that the company is adding new office buildings in Texas and Massachusetts, building out more space in Illinois, Wisconsin, Washington state and Georgia, and redeveloping California locations near Los Angeles and in the Bay Area, including the Westside Pavillion and Spruce Goose Hangar.Read Replies (0)
By BeauHD from Slashdot's fraternizing-with-the-enemy department
An anonymous reader quotes a report from ZDNet: The U.S. Department of Justice unsealed today espionage-related charges against a former U.S. Air Force service member who defected to Iran and helped the country's hackers target her former Air Force colleagues. Besides charges and an arrest warrant issued in the name of the former USAF service member, the DOJ also indicted four Iranian hackers who supposedly carried out the cyber-attacks acting on information provided by Witt. The most notable of the four Iranian hackers is Behzad Mesri, who U.S. authorities also charged in November 2017 with hacking HBO, stealing scripts for unaired episodes of season 6 of the hit series Game Of Thrones TV show, and later attempting to extort HBO execs for $6 million.
But at the heart of today's indictment stands Monica Elfriede Witt, 39, a former US Air Force counter-intelligence special agent specialized in Middle East operations, who served for the Air Force between 1997 and 2008, and later worked as a DOD contractor until 2010 --including for Booz Allen Hamilton, the same defense company where Edward Snowden worked. [...] The DOJ claims Witt has been working ever since with IRGC hacking units to craft and fine-tune cyber-operations against her former Air Force colleagues, some of whom she knew personally. [...] All the five suspects named in the indictment are still at large, believed to be located in Iran. The DOJ says Witt now goes by the names of Fatemah Zahra or Narges Witt.Read Replies (0)
By BeauHD from Slashdot's cause-and-effect department
"The BBC reports on the detrimental effects of all of India being in one time zone since British Colonial rule," writes Slashdot reader dryriver. From the report: India stretches 3,000km (1,864 miles) from east to west, spanning roughly 30 degrees longitude. This corresponds with a two-hour difference in mean solar times -- the passage of time based on the position of the sun in the sky. The U.S. equivalent would be New York and Utah sharing one time zone. Except that in this case, it also affects more than a billion people -- hundreds of millions of whom live in poverty. The school day starts at more or less the same time everywhere in India but children go to bed later and have reduced sleep in areas where the sun sets later. An hour's delay in sunset time reduces children's sleep by 30 minutes. Using data from the India Time Survey and the national Demographic and Health Survey, [Cornell University Economist] Maulik Jagnani found that school-going children exposed to later sunsets get fewer years of education, and are less likely to complete primary and middle school. He found evidence that suggested that sunset-induced sleep deprivation is more pronounced among the poor, especially in periods when households face severe financial constraints. "This might be because sleep environments among poor households are associated with noise, heat, mosquitoes, overcrowding, and overall uncomfortable physical conditions. The poor may lack the financial resources to invest in sleep-inducing goods like window shades, separate rooms, indoor beds and adjust their sleep schedules," he told me.Read Replies (0)
By BeauHD from Slashdot's behind-the-scenes department
A new variant of the multi-stage Shlayer malware known to target macOS users has been observed in the wild, now being capable to escalate privileges using a two-year-old technique and to disable the Gatekeeper protection mechanism to run unsigned second stage payloads. Bleeping Computer reports: This new Shlayer variant unearthed by Carbon Black's Threat Analysis Unit (TAU) targets all macOS releases up to the latest 10.14.3 Mojave, and will arrive on the targets' machines as a DMG, PKG, ISO, or ZIP files, some of them also signed with a valid Apple developer ID to make them look legitimate. Shlayer samples found by TAU also use malicious shell scripts to download additional payloads just like older installments did, and, in the case of samples distributed as DMG images, will surreptitiously launch a .command script in the background after the user launches the fake Flash installer. The malicious script included in the DMG is encoded using base64 and will decrypt a second AES encrypted script which will be executed automatically after being decrypted.
One it successfully downloads the second stage malware payload, Shlayer will "to escalate privileges with sudo using a technique invoking /usr/libexec/security_authtrampoline," presented by Patrick Wardle in his Death by 1000 Installers talk at DEFCON 2017. The next step is to download extra payloads which all contain adware according to TAU and it makes sure they'll be able to run on the compromised Mac by disabling the Gatekeeper protection mechanism. After this is accomplished, all extra payloads downloaded and launched by Shlayer will be seen as whitelisted software because the OS will no longer check if they are signed with an Apple developer ID. Also, just in case the malware is not able to disable Gatekeeper on the infected Mac, some of the second stage payloads are also signed with valid developer IDs.Read Replies (0)
By BeauHD from Slashdot's to-be-continued department
An anonymous reader quotes a report from CNBC: On September 7, 2017, the world heard an alarming announcement from credit ratings giant Equifax: In a brazen cyber-attack, somebody had stolen sensitive personal information from more than 140 million people, nearly half the population of the U.S. It was the consumer data security scandal of the decade. The information included social security numbers, driver's license numbers, information from credit disputes and other personal details. CEO Richard Smith stepped down under fire. Lawmakers changed credit freeze laws and instilled new regulatory oversight of credit ratings agencies. Then, something unusual happened. The data disappeared. Completely.
CNBC talked to eight experts, including data "hunters" who scour the dark web for stolen information, senior cybersecurity managers, top executives at financial institutions, senior intelligence officials who played a part in the investigation and consultants who helped support it. All of them agreed that a breach happened, and personal information from 143 million people was stolen. But none of them knows where the data is now. It's never appeared on any hundreds of underground websites selling stolen information. Security experts haven't seen the data used for in any of the ways they'd expect in a theft like this -- not for impersonating victims, not for accessing other websites, nothing. Most experts familiar with the case now believe that the thieves were working for a foreign government, and are using the information not for financial gain, but to try and identify and recruit spies.Read Replies (0)
By msmash from Slashdot's for-what-it-is-worth department
In a year-in-review announcement today, Google said Play Store app rejections went up 55% last year after the OS maker tightened up its app review process. From a report: Similarly, stats for app suspensions also went up, by more than 66%, according to Google, which the company credited to its continued investment in "automated protections and human review processes that play critical roles in identifying and enforcing on bad apps." One of the most significant roles in the automated systems cited by Google in identifying malware is the Google Play Protect service, which is currently included by default with the official Play Store app. Google said this service now scans over 50 billion apps per day, and even goes as far as downloading and scanning every Android app it finds on the internet.
[...] Play Store's automated systems are now getting better and better at detecting threats, so much so that Google is now seeing clear patterns. "We find that over 80% of severe policy violations are conducted by repeat offenders and abusive developer networks," Ahn said. "When malicious developers are banned, they often create new accounts or buy developer accounts on the black market in order to come back to Google Play."Read Replies (0)
By msmash from Slashdot's closer-look department
Reader schwit1 shares a report: When you're browsing online, who sets the prices? An algorithm, most likely. A study from 2015 showed that a third of all items on Amazon [PDF] had prices set by an algorithm, and chances are that percentage has only risen. A new study shows how easy it would be for price-setting algorithms to learn to collude with each other and keep prices at a disadvantage for customers.
This sort of collusion would stem from a certain type of algorithm, the researchers say. Reinforcement algorithms learn through trial and error. In the simplest terms, a walking robot would take a step, fall, and try again. These algorithms have often been used to teach algorithms to win games like Go. "From the antitrust standpoint," say professors Emilio Calvano, Giacomo Calzolari, and others from the University of Bologna in Italy, "the concern is that these autonomous pricing algorithms may independently discover that if they are to make the highest possible profit, they should avoid price wars. That is, they may learn to collude even if they have not been specifically instructed to do so, and even if they do not communicate with one another."Read Replies (0)
By msmash from Slashdot's RIP department
For more than 14 years, the Opportunity rover crawled up and down craters, snapped pictures of a strange landscape and revealed surprising glimpses into the distant past of Mars. On Wednesday, NASA announced that Opportunity, the longest-lived robot ever sent from Earth to the surface of another planet, is dead. The New York Times: "It is therefore that I am standing here with a deep sense of appreciation and gratitude that I declare the Opportunity mission is complete," said Thomas Zurbuchen, NASA's associate administrator for science. That ends a mission of unexpected endurance: it was designed to last only three months. Opportunity provided scientists a close-up view of Mars that they had never seen: finely layered rocks that preserved ripples of flowing water several billion years ago, a prerequisite for life.
The steady stream of photographs and data from Opportunity -- as well as its twin, Spirit, which survived until 2010 -- also brought Mars closer to people on Earth. Because the rovers continued so much longer than expected, NASA has now had a continuous robotic presence on Mars for more than 15 years. That streak seems likely to continue for many more years. A larger, more capable rover, Curiosity, arrived in 2012, and NASA is planning to launch another in 2020. Live telecast here.Read Replies (0)
By msmash from Slashdot's how-about-that department
The SEC Wednesday charged a former Apple executive with insider trading. From a report: Gene Levoff, senior director of corporate law and corporate secretary until September, "traded on material nonpublic information about Apple's earnings three times during 2015 and 2016," according to the lawsuit filed Wednesday in the U.S. District Court of New Jersey. "Levoff also had a previous history of insider trading, having traded on Apple's material nonpublic information at least three additional times in 2011 and 2012. For the trading in 2015 and 2016, Levoff profited and avoided losses of approximately $382,000," the complaint says. Levoff's position at Apple granted him insider access to not-yet-public earnings results and briefings on iPhone sales, the complaint says. On more than one occasion, he disobeyed the company's "blackout" period for stock transactions, selling or buying stock worth tens of millions of dollars, according to the SEC.Read Replies (0)