By BeauHD from Slashdot's stories-with-happy-endings department
Patrick Klepek tells the story of a PlayStation Network user who had their 13-year-old account stolen via what appears to be a social engineering scheme against Sony. Klepek managed to track it down and start negotiating for its release. An anonymous Slashdot reader shares an excerpt from the report: 1,200. That's how much someone is asking for a PlayStation Network account I've been investigating for the past few weeks. "Secure," the person calls it, claiming the account will "never be touched" by the original owner again. "He won't be getting it back," they claim. More than a thousand dollars? That's a little rich for my blood, and so I counteroffer: $700. "Btc?" they respond, accepting my bid. (BTC refers to bitcoin. The majority of transactions like this take place using cryptocurrency; it's generally harder, but not impossible, to trace.) I didn't purchase the account, of course. But I could -- anyone could, if they only knew where to look. This account wasn't on a shady market because someone was clumsy with their digital security. They had a strong password and two-factor authentication. When they were notified about problems with their account, they called Sony and asked for help. Despite all this, despite proving their identity over and over, they lost access to their PSN account, including any trophies earned or any games purchased. It was gone...well, sort of. The original owner no longer had access, but this person -- the individual asking for $1,200 but who quickly and without hesitation dropped to $700 -- did.[...]More than likely, Sony itself is a victim of a clever social engineering scheme, in which a user, or series of users, repeatedly spammed their representatives, until it found someone willing to accept the limited information they did have, and calculated the system would eventually lock the account in their favor. Even a "failed" social engineering attempt can be a success, if the person calling comes away with new information about the account. Every company in the world can fall victim to social engineering, as there are no true fail safes. But Sony's setup seems especially ripe for it. Why didn't the system get flagged as "sensitive" sooner? Why can a user flip off two-factor authentication over the phone? How can an account get abandoned, when it's still active? There are ways Sony could have prevented this from happening. In the end, the original account owner was magically handed the account. "Sony promised that they were going to set it up so no reps could make any changes," the account owner said, "but they are still investigating how this happened."Read Replies (0)
By BeauHD from Slashdot's never-say-never department
The Intergovernmental Panel on Climate Change released a report on Monday saying that the world's electrical utilities need to reduce coal consumption by at least 60 percent over the next two decades through 2030 to avoid the worst effects of climate change that could occur with more than 1.5 degrees Celsius of warming. While that reduction seems out of reach, Bloomberg crunched some numbers and found that "it's possible to meet consumption-cut targets on the current path." From the report: The conventional wisdom is that this isn't possible, as rising demand from emerging economies, led by China and India, overwhelms the switch from fossil fuels in richer countries. That may underestimate the changing economics of energy generation, though. For one thing, it assumes that Asian countries will continue to build new coal-fired plants at a rapid rate, even though renewables are already the cheaper option in India and heading that way in China and Southeast Asia. For another, the falling cost and rising penetration of wind and solar is so recent that we're only just starting to see how they damage the business models of conventional generators. Thanks to the deflation of recent years, renewables already produce energy at a lower cost than thermal power plants. That causes the overall price of wholesale electricity to fall, reducing a conventional plant's revenue per megawatt-hour. When this drops below the generator's operating costs, the only away to avoid losing money is to switch off altogether. As a result, capacity factors -- the share of time when the plant is on and producing electricity -- decline as well, further undermining returns.
< article continued at Slashdot's never-say-never department
>Read Replies (0)
By BeauHD from Slashdot's what-will-they-think-of-next department
Walmart recently applied to patent biometric shopping handles that would track a shopper's heart rate, palm temperature, grip force, and walking speed. "The patent, titled 'System And Method For A Biometric Feedback Cart Handle' and published August 23, outlines a system where sensors in the cart send data to a server," reports Motherboard. "That server then notifies a store employee to check on individual customers." From the report: Over time, the server can build a database of data compared against store location and stress response, the patent says -- potentially valuable information for store planning. Other uses outlined in the patent include a pulse oximeter, for detecting when a customer's about to pass out, and a weight-triggered assisted push feature for propelling the cart itself. CBInsights suggests that these alerts could warn associates when several shoppers need help at the same time, or anticipate when arguments are about to break out.Read Replies (0)
By BeauHD from Slashdot's like-it-or-not department
Google intends to launch a censored version of its Search app for China sometime in the next six to nine months, according to a leaked transcript from a private employee meeting held last month. The Intercept's Ryan Gallagher today reported the company's Search engine chief, Ben Gomes, held a meeting to congratulate a room full of employees working on the platform, dubbed Project Dragonfly. From a report: According to The Intercept, Gomes talked about the launch timeline: "While we are saying it's going to be six and nine months [to launch], the world is a very dynamic place." He goes on to point out that the current political climate makes it difficult to pinpoint a definite timeline, but indicates employees should be ready to launch whenever a "window opens." These comments come in stark contrast to public statements given recently by both Gomes and Google's chief privacy officer, Kieth Enright.
Speaking to members of Congress last month, Enright tried to skirt the issue of the Dragonfly project by playing dumb. According to Wired he didn't quite deny involvement, and in fact admitted the company had explored the idea, but simply stated Google wasn't "close to launching" the censored Search engine and that he was "not clear on the contours of what is in scope or out of scope for that project." Gomes took the soft-denial a step further when he told the BBC "Right now all we've done is some exploration, but since we don't have any plans to launch something there's nothing much I can say about it."Read Replies (0)
By BeauHD from Slashdot's easy-as-1-2-3 department
An anonymous reader quotes a report from ZDNet: New computerized weapons systems currently under development by the U.S. Department of Defense (DOD) can be easily hacked, according to a new report published today. The report was put together by the U.S. Government Accountability Office (GAO), an agency that provides auditing, evaluation, and investigative services for Congress. The report detailed some of the most eye-catching hacks GAO testers performed during their analysis: "In one case, it took a two-person test team just one hour to gain initial access to a weapon system and one day to gain full control of the system they were testing. Some programs fared better than others. For example, one assessment found that the weapon system satisfactorily prevented unauthorized access by remote users, but not insiders and near-siders. Once they gained initial access, test teams were often able to move throughout a system, escalating their privileges until they had taken full or partial control of a system. In one case, the test team took control of the operators' terminals. They could see, in real-time, what the operators were seeing on their screens and could manipulate the system. They were able to disrupt the system and observe how the operators responded. Another test team reported that they caused a pop-up message to appear on users' terminals instructing them to insert two quarters to continue operating. Multiple test teams reported that they were able to copy, change, or delete system data including one team that downloaded 100 gigabytes, approximately 142 compact discs, of data."
< article continued at Slashdot's easy-as-1-2-3 department
>Read Replies (0)
By BeauHD from Slashdot's ready-or-not-here-I-come department
Google's human-sounding AI software that makes calls for you is coming to Pixel smartphones next month in select markets, like New York, Atlanta, Phoenix, and the San Francisco Bay Area. Google Duplex, as it is called, will be a feature of Google Assistant and, for now, will only be able to call restaurants without online booking systems, which are already supported by the assistant. Wired reports: A Google spokesperson told WIRED that the company now has a policy to always have the bot disclose its true nature when making calls. Duplex still retains the human-like voice and "ums," "ahs," and "umm-hmms" that struck some as spooky, though. Nick Fox, the executive who leads product and design for Google search and the company's assistant, says those interjections are necessary to make Duplex calls shorter and smoother. "The person on the other end shouldn't be thinking about how do I adjust my behavior, I should be able to do what I normally do and the system adapts to that," he says.
< article continued at Slashdot's ready-or-not-here-I-come department
>Read Replies (0)
By BeauHD from Slashdot's new-and-improved department
At its Pixel 3 launch event, Google announced a smart speaker called the Google Home Hub, featuring a 7-inch display to give you visual information, making it easier to control smart home devices and view photos and the weather. Interestingly, Google decided not to include a camera in this device for privacy reasons, as they want you to feel comfortable placing it in an intimate location, such as a bedroom. PhoneDog reports: Google explains that Home Hub will be able to recognize who is speaking to it using Voice Match to provide info for that specific person, which should help to make the device more useful in homes with multiple people. And when you're not using Home Hub, a feature called Live Albums will let you select certain people and have Google Photos create albums with images of these people. Another feature of Google's Home Hub is the Home View. With it, you can easily see and control your smart home devices. And then there's Ambient EQ, which uses a sensor that'll adjust the color and brightness of the Home Hub screen based on the ambient lighting. That includes dimming the screen at night when it's time for bed. Google Home Hub will be available for $149 in four colors -- Chalk, Charcoal, Aqua, and Sand. It will launch on October 22nd and each purchase will come with six months of YouTube Premium.Read Replies (0)
By BeauHD from Slashdot's come-and-get-it department
An anonymous reader quotes a report from The Verge: Microsoft is re-releasing its Windows 10 October 2018 Update today, following the company pulling it offline due to data deletion issues over the weekend. The software giant says there were only a few reports of data loss, at a rate of one one-hundredth of one percent. "We have fully investigated all reports of data loss, identified and fixed all known issues in the update, and conducted internal validation," says Microsoft's John Cable, director of program management for Windows Servicing and Delivery. Microsoft is now re-releasing the Windows 10 October 2018 Update to Windows Insiders, before rolling it out more broadly to consumers. "We will carefully study the results, feedback, and diagnostic data from our Insiders before taking additional steps towards re-releasing more broadly," explains Cable.
It appears the bug that caused file deletion was related to Windows 10 users who had enabled Known Folder Redirection to redirect folders like desktop, documents, pictures, and screenshots from the default location. Microsoft introduced code in its latest update to delete the empty and duplicate known folders, but it appears they weren't always empty. Microsoft has developed fixes to address a variety of problems related to these folder moves, and these fixes are now being tested with Windows Insiders.Read Replies (0)
By msmash from Slashdot's about-time department
Alongside the new Pixel smartphones, and the Pixel Slate laptop-tablet hybrid, Google on Tuesday also announced a new version of its Chromecast streaming adapter, the third generation of the company's streaming device, which supports playback video at higher frame rates and can also stream multiroom audio. From a report: The new device goes on sale Tuesday in the U.S., Australia, Canada, Denmark, Finland, Great Britain, Japan, Netherlands, New Zealand, Norway, Singapore and Sweden. Stateside, the new Chromecast once again costs $35 -- the same as its predecessor. [...] The bigger changes are on the inside: The new Chromecast is 15% faster than the previous model, which allows it to stream 1080p HD video with a rate of up to 60 frames per second (fps). "Everything becomes much smoother," said Google Home product manager Chris Chan during a recent interview with Variety. He specifically cited the growth of 60fps content on YouTube as one of the reasons Google added the new feature.Read Replies (0)
By msmash from Slashdot's how-about-that department
An anonymous reader shares a report: Last month, an activist from the German art collective Peng! walked into her local government office in Berlin and applied for a new passport. "I probably have broken the law," the woman, a chemist living in the Western Saxony region, told Motherboard, "but our lawyers don't know which one." The woman applied for a passport using a photo of two separate people. Using specialized software created by Peng!, the collective merged the facial vectors from two different faces from two different images into one. Billie Hoffman (a pseudonym used by everyone in the Peng! Collective when talking to journalists), she told me how easy the whole process was: "Officials didn't mention fraud at any point." Hoffman's passport application was approved, and now she has an official German passport using the digitally altered photo. The photo is half her, half Federica Mogherini, an Italian politician who is the High Representative of the European Union for Foreign Affairs and Security Policy. "The software calculated an authentic average of the faces and that's it," Hoffmann recalls. Hoffman's passport is part of an artwork called "Mask ID," a campaign that's encouraging ordinary citizens to "flood government databases with misinformation" and disrupt mass surveillance programs. Ironically, the project is funded by the Bundeskulturstiftung, the German Federal cultural fund, part one was recently on show in Hamburg accompanied by a photo booth where anyone could upload their image and create their own distorted passport picture in an attempt to confuse government surveillance and circumnavigate facial recognition software. "Passports are tools of oppression" another member of the collective who declined to give me their real name told me.Read Replies (0)
By msmash from Slashdot's more-pixels department
In addition to announcing new flagship phones today, Google took the wraps off a new premium tablet called the Pixel Slate. It's a Chrome OS-powered slate with a 12.3-inch display that's supposed to be the sharpest in its class. Google claims this isn't just a laptop pretending to be a tablet or a phone pretending to be a computer. From a report: It has a resolution of 3,000 x 2,000 -- i.e., a pixel density of 293 ppi, which Google says is the highest for a premium 12-inch tablet. For reference, the Surface Pro 6 and iPad Pro (12.9 inch) come in at 267 ppi and 264 ppi, respectively. Google was able to make the screen so sharp because of an energy-efficient LCD technology called Low Temperature PolySilicon (LTPS), which let the company pack in more pixels without sacrificing size or battery. In fact, the Pixel Slate is supposed to last up to 12 hours on a charge, which is impressive for its skinny 7mm profile. [...] What stands out about the Pixel Slate is the version of Chrome OS it runs. When docked to a mouse or a keyboard accessory with a trackpad, it runs the regular desktop interface most people are familiar with by now. Disconnect peripherals, though, and it switches automatically to tablet mode, which is optimized for touch. In this profile, the home screen features icons for installed apps, much like the app drawer on Android phones. You can split the screen between up to two apps or drag and drop browser tabs to place them side by side. The Pixel Slate will be available with an Intel Celeron or Core M3, i5 or i7 processor, and 4GB to 16GB of RAM at a starting price of $599. The keyboard will cost an additional $200, should you wish to buy one, and the pen accessory will similarly cost $99.Read Replies (0)
By msmash from Slashdot's new-pixels department
Google on Tuesday unveiled the Pixel 3 and Pixel 3 XL, its latest flagship Android smartphones. "For life on the go, we designed the world's best camera and put it in the world's most helpful phone," said Google's hardware chief Rick Osterloh. From a report: The Pixel 3 starts at $799 for 64GB, with the 3 XL costing $899. Add $100 to either for the 128GB storage option. Core specs for both include a Snapdragon 845, 4GB RAM (there's no option for more), Bluetooth 5.0, and front-facing stereo speakers. Also inside is a new Titan M security chip, which Google says provides "on-device protection for login credentials, disk encryption, app data, and the integrity of the operating system." Preorders for both phones begin today, and buyers will get six months of free YouTube Music service. The Pixel 3 and 3 XL both feature larger screens than last year's models thanks to slimmed down bezels -- and the controversial notch in the case of the bigger phone. The 3 XL has a 6.3-inch display (up from six inches on the 2 XL), while the regular 3 has a 5.5-inch screen (up from five inches). Overall, though, the actual phones are very similar in size and handling to their direct predecessors. Google has stuck with a single rear 12.2-megapixel camera on both phones, continuing to resist the dual-camera industry trend. But it's a different story up front. Both the Pixel 3 and 3 XL have two front-facing cameras; one of them offers a wider field of view for getting more people or a greater sense of your surroundings into a selfie. [...] A new Top Shot option will select the best image from a burst series of shots. Like Samsung's Galaxy Note 9, it will weed out pictures that are blurry or snaps where someone blinked. Super Res Zoom uses multiple frames and AI to deliver a sharper final photo even without optical zoom. There's another interesting feature on the new Pixel handsets: To help you avoid calls from scammers, Google is adding Call Screen to the Pixel, a new option that appears when you receive a phone call. Whenever someone calls you, you can tap a "Screen call" button, and a robot voice will pick up. "The person you're calling is using a screening service, and will get a copy of this conversation. Go ahead and say your name, and why you're calling," the Google bot will say. As the caller responds, the digital assistant will transcribe the caller's message for you. If you need more information, you can use one of the feature's canned responses, which include, "Tell me more," and "Who is this?" There is an accept and reject call button that's on-screen, so you can hang up or take the call at any time.Read Replies (0)