By EditorDavid from Slashdot's tax-for-taxis department
Massachusetts will tax ride-sharing services -- 20 cents for each ride -- with 25% of the money raised going into a special fund for the taxi industry (according to an article shared by schwit1 ). Reuters reports:
Ride services are not enthusiastic about the fee. "I don't think we should be in the business of subsidizing potential competitors," said Kirill Evdakov, the chief executive of Fasten, a ride service that launched in Boston last year and also operates in Austin, Texas. Some taxi owners wanted the law to go further, perhaps banning the start-up competitors unless they meet the requirements taxis do, such as regular vehicle inspection by the police...
The fee may raise millions of dollars a year because Lyft and Uber alone have a combined 2.5 million rides per month in Massachusetts... The 5-cent fee will be collected through the end of 2021. Then the taxi subsidy will disappear and the 20 cents will be split by localities and the state for five years. The whole fee will go away at the end of 2026.
Republican Governor Charlie Baker signed the law, which specifically bans ride-sharing services from passing those costs on to their drivers or riders. And the article notes that Taiwan has also hit Uber with a $6.4 million tax bill, while Seattle has passed a new law allowing ride-sharing drivers to unionize.Read Replies (0)
By EditorDavid from Slashdot's educational-programming department
Long-time Slashdot reader theodp notes a pilot program for improving computer science education which includes financial aid for students at four code bootcamps:
In this week's Hack Education Weekly News, Audrey Watters writes, "The US Department of Education has selected eight higher ed institutions and eight 'non-traditional providers' that will work as partners to pilot the DoE's new EQUIP experiment, meaning that students will be able to receive federal financial aid for coding bootcamps, MOOCs, and the like...
"Good thing there haven't been any problems with for-profit higher ed and exploitation of financial aid, otherwise this would all seem like a terrible idea."
The original submission has more details on the participants (including the four code bootcamps). Ultimately the program involves pairing "non-traditional" providers with higher education institutions -- and then monitoring their results with a third-party "quality assurance entity" -- to improve the ways we measure a school's performance, but also testing new ways to fund training for computer careers. (I'm curious how Slashdot's readers feel about government loans for attendees at code bootcamps...)Read Replies (0)
By EditorDavid from Slashdot's stop-button department
Microsoft's announced they'll discontinue "individual patches" for Windows 7 and 8.1 (as well as Windows Server 2008 R2, 2012, and 2012 R2). Instead they'll have monthly "cumulative" rollups of each month's patches, and while there will be a separate "security-only" bundle each month, "individual patches will no longer be available." This has one anonymous Slashdot reader asking what's the alternative:
We've read about the changes coming to Windows Update in October 2016... But what happens when it's time to wipe and reload the OS? Or what about installing Windows on different hardware? Admittedly, there are useful non-security updates worth having, but plenty to avoid (e.g. telemetry).
How does one handle this challenge? Set up a personal WSUS box before October to sync all desired updates through October 2016? System images can work if you don't change primary hardware, but what if you do? Or should one just bend the knee to Microsoft...?
Should they use AutoPatcher? Switch to Linux? Or just disconnect their Windows boxes from the internet... Leave your answers in the comments. How do you plan to handle Microsoft's new 'cumulative' Windows Updates?Read Replies (0)
By EditorDavid from Slashdot's stupid-passwords department
The five most common ways of hacking an organization all involve stolen credentials, "based on data from 75 organizations, 100 penetration tests, and 450 real-world attacks," writes an anonymous Slashdot reader. In fact, 66% of the researchers' successful attacks involved cracking a weak domain user password. From an article on Dark Reading:
Playing whack-a-mole with software vulnerabilities should not be top of security pros' priority list because exploiting software doesn't even rank among the top five plays in the attacker's playbook, according to a new report from Praetorian. Organizations would be far better served by improving credential management and network segmentation...
"If we assume that 1 percent [of users] will click on the [malicious] link, what will we do next?" says Joshua Abraham, practice manager at Praetorian. The report suggests specific mitigation tactics organizations should take in response to each one of these attacks -- tactics that may not stop attackers from stealing credentials, but "building in the defenses so it's really not a big deal if they do"... [O]ne stolen password should not give an attacker (or pen tester) the leverage to access an organization's entire computing environment, exfiltrating all documents along the way.
Similar results were reported in Verizon's 2016 Data Breach Investigations Report.Read Replies (0)
By EditorDavid from Slashdot's money-of-the-future department
It's "an epic sci-fi adventure about the human race's journey into a theoretical technological Singularity." Or is it an "entertainment industry boondoggle...part DRM snake oil marketing, part pseudo-Bitcoin scam and part sincere Singularitarian weirdness?"
Long-term Slashdot reader David Gerard writes:
SingularDTV is an exciting new blockchain-based entertainment industry startup. Their plan is to adapt the DRM that made $121.54 for Imogen Heap, make their own completely pre-mined altcoin and use that to somehow sell two million views of a sci-fi TV show about the Singularity. Using CODE, which is explicitly modeled on The DAO ... which spectacularly imploded days after its launch. There's a white paper [PDF], but here's an analysis of why these schemes are a terrible idea for musicians.
'Singular' will be a one-hour adventure/drama "that explores the impact technology will have on the future of our planet and how it will shape the evolution of our human race," set in the years 2021 to 2045, "as an unprecedented technological revolution sweeps over the world..."Read Replies (0)
By EditorDavid from Slashdot's tweet-terminators department
Twitter just began rolling out "new ways to control your experience," promising the two new features "will give you more control over what you see and who you interact with on Twitter." An anonymous Slashdot reader quotes a report from Wired UK:
First up, notification settings will allow those using Twitter on the web or on desktop to limit the notifications they receive for @ mentions, RTs, and other interactions to just be from people they follow. The feature can be turned on through the notifications tab. Twitter is also expanding its quality filter -- also accessible through notifications. "When turned on, the filter can improve the quality of Tweets you see by using a variety of signals, such as account origin and behavior," the company's product manager Emil Leong said in a blog post.
In December 2015, the company changed its rules to explicitly ban "hateful conduct" for the first time, while back in February last year, Twitter's then-CEO Dick Costolo admitted the network needed to improve how it handled trolls and abuse. In a leaked memo he said: "I'm frankly ashamed of how poorly we've dealt with this issue during my tenure as CEO. It's absurd. There's no excuse for it. I take full responsibility for not being more aggressive on this front. It's nobody else's fault but mine, and it's embarrassing."
Meanwhile, the Twitter account of Wikipedia co-founder Jimmy Wales was hacked on Saturday.Read Replies (0)
By EditorDavid from Slashdot's speaking-of-KDE department
An anonymous Slashdot reader quotes a report from fossBytes:
Linux Mint 18 'Sarah' KDE Edition Beta is now available for download and testing. This release is based on the long-term supported Linux 4.4 kernel and KDE Plasma 5.6 desktop environment. The final release of this widely popular distro is expected to arrive in September... Just like MATE, Cinnamon, and Xfce releases, the KDE release is a long term release that will remain supported until 2021.
Linux Mint 18 'Sarah' KDE Edition ships with Mozilla Firefox as default web browser and LibreOffice as the default office suite. The Linux distro also features a wide range of popular KDE apps like Kontact, Dolphin, Gwenview, KMail, digiKam, KTorrent, Skanlite, Konversation, K3b, Konsole, Amarok, Ark, Kate, Okular, and Dragon Player.
"Unlike other Linux Mint editions, the KDE edition will ship with the SDDM display manager," reports the Linux Mint blog. Distrowatch notes that it's based on Ubuntu 16.04, and suggests "Mint's 'KDE' flavour might turn out to be the most interesting of the bunch, especially if the project's usually excellent quality assurance is applied to this edition in the same manner as in its 'MATE' and 'Cinnamon' variants."Read Replies (0)
By EditorDavid from Slashdot's angry-in-India department
"It is official now. The punishment for rape is actually less..." writes an anonymous Slashdot reader, who adds that "Some users think that this is all the fault of Bollywood/Hollywood movie studios. They are abusing power, court and money..." India Today reports:
The Indian government, with the help of internet service providers, and presumably under directives of court, has banned thousands of websites and URLs in the last five odd years. But until now if you somehow visited these "blocked URLs" all was fine. However, now if you try to visit such URLs and view the information, you may get a three-year jail sentence as well as invite a fine...
This is just for viewing a torrent file, or downloading a file from a host that may have been banned in India, or even for viewing an image on a file host like Imagebam. You don't have to download a torrent file, and then the actual videos or other files, which might have copyright. Just accessing information under a blocked URL will land you in jail and leave your bank account poorer.
While it's not clear how this will be enforced, visiting a blocked URL in India now leads to a warning that "Viewing, downloading, exhibiting or duplicating an illicit copy of the contents under this URL is punishable as an offence under the laws of India, including but not limited to under Sections 63, 63-A, 65 and 65-A of the Copyright Act, 1957 which prescribe imprisonment for 3 years and also fine of up to Rs. 3,00,000..."Read Replies (0)
By EditorDavid from Slashdot's plug-and-play-robot-brains department
Intel demoed their new robotics compute module this week. Scheduled for release in 2017, it's equipped with various sensors, including a depth-sensing camera, and it runs Ubuntu on a quad-core Atom. Slashdot reader DeviceGuru writes:
Designed for researchers, makers, and robotics developers, the device is a self contained, candy-bar sized compute module ready to pop into a robot. It's augmented with a WiFi hotspot, Bluetooth, GPS, and IR, as well as proximity, motion, barometric pressure sensors. There's also a snap-on battery. The device is preinstalled with Ubuntu 14.04 with Robot Operating System (ROS) Indigo, and can act as a supervisory processor to, say, an Arduino subsystem that controls a robot's low-level functions. Intel demoed a Euclid driven robot running an obstacle avoidance and follow-me tasks, including during CEO Brian Krzanich's keynote (YouTube video). Intel says they'll also release instructions on how to create an accompanying robot with a 3D printer. This plug-and-play robotics module is a proof-of-concept device -- the article includes some nice pictures -- but it already supports programming in Node.js (and other high-level languages), and has a web UI that lets you monitor performance in real-time and watch the raw camera feeds.Read Replies (0)
By EditorDavid from Slashdot's crimes-from-the-future department
The U.S. will phase out private prisons, a move made possible by fewer and shorter sentences for drug offenses, reports the BBC. But when it comes to reducing arrests for violent crimes, police officers in Chicago found themselves resorting ineffectively to a $2 million algorithm which ultimately had them visiting people before any crime had been committed. schwit1 quotes Ars Technica: Struggling to reduce its high murder rate, the city of Chicago has become an
incubator for experimental policing techniques. Community policing, stop and frisk, "interruption" tactics --- the city has tried many strategies. Perhaps most controversial and promising has been the city's futuristic "heat list" -- an algorithm-generated list identifying people most likely to be involved in a shooting.
The hope was that the list would allow police to provide social services to people in danger, while also preventing likely shooters from picking up a gun. But a new report from the RAND Corporation shows nothing of the sort has happened. Instead, it indicates that the list is, at best, not even as effective as a most wanted list. At worst, it unnecessarily targets people for police attention, creating a new form of profiling.
The police argue they've updated the algorithm and improved their techniques for using it. But the article notes that the researchers began following the "heat list" when it launched in 2013, and "found that the program has saved no lives at all."Read Replies (0)
By EditorDavid from Slashdot's talking-Turkey department
Slashdot reader mirandakatz writes:
In releasing an unredacted database of emails from the Turkish party AKP, WikiLeaks exposed the public to a collection of malware -- and even after a Bulgarian security expert pointed this out publicly, the organization only removed the select pieces of malware that he identified, leaving well over a thousand malicious files on the site.
That AKP leak also included the addresses and other personal details of millions of Turkish women, not unlike the recent DNC leak, which included the personal data of many private individuals. WikiLeaks says this is all in the name of its "accuracy policy," but the organization seems to be increasingly putting the public at risk.
The article opens with the question, "What the hell happened to WikiLeaks?" then argues that "Once an inspiring effort at transparency, WikiLeaks now seems more driven by personal grudges and reckless releases of information..."Read Replies (0)
By EditorDavid from Slashdot's revenge-of-the-fake-ransomware department
An anonymous reader writes: A trojan that targeted Drupal sites on Linux servers last May that was incredibly simplistic and laughable in its attempt to install (and fail) web ransomware on compromised websites, has now received a major update and has become a top threat on the malware scene. That trojan, named Rex, has evolved in only three months into an all-around threat that can: (1) compromise servers and devices running platforms like Drupal, WordPress, Magento, Jetspeed, Exarid, AirOS; (2) install cryptocurrency mining in the background; (3) send spam; (4) use a complex P2P structure to manage its botnet; and (5) install a DDoS agent which crooks use to launch DDoS attacks. Worse is that they use their DDoS capabilities to extort companies. The crooks send emails to server owners announcing them of 15-minute DDoS tests, as a forewarning of future attacks unless they pay a ransom. To scare victims, they pose as a known hacking group named Armada Collective. Other groups have used the same tactic, posing as Armada Collective, and extorting companies, according to CloudFlare.Read Replies (0)