By BeauHD from
Slashdot's visually-impaired department:
BarbaraHudson writes: Non-Visual Desktop Access (NVDA) is a free screen reader that is only available for Windows and comes with lots of features for people with visual handicaps. NVDA recommends to delay moving to Windows 10 because of problems with the Edge browser, PDF reading, Cortana, and applications designed for the Windows Store. There's only a few weeks to "upgrade" to Windows 10. My question is, does Windows 10 have compelling reasons for the visually handicapped to switch to it that are worth putting up with these (hopefully temporary) problems? Please note that NVDA doesn't require an internet connection to work; any Windows 10 assistive technologies that require one are a minus because they can leave the user high and dry with no notice. By the way, I've tried the KNOPPIX Adriane Audio Desktop and unfortunately it's really not there yet in comparison. Microsoft did highlight several accessibility features in the Windows 10 Anniversary update. Some of the features include faster text to speech, improved keyboard navigation, verbosity, AutoSuggest results, and support for more languages. In many of the core Windows 10 apps, Microsoft has made changes to Microsoft Edge, Mail, Cortana, and Groove to provide various features like modern web accessibility standards, improved account setup experience when using a screen reader, more reliable search and navigation functionality when using a keyboard, and better support for high DPI scaling and high contrast. There are also new accessibility resources available to developers, including an updated Visual Studio App Analysis tool to make it easier to find and fix accessibility errors, and support for Mnemonics in the Universal Windows Platform to help developers more easily provide Access Key customizations.
Read Replies (0)
By BeauHD from
Slashdot's lurking-in-the-shadows department:
An anonymous reader writes from a report via Schneier on Security: Two researchers have discovered over 100 Tor nodes that are spying on hidden services. Cory Doctorow from Boing Boing reports: "These nodes -- ordinary nodes, not exit nodes -- sorted through all the traffic that passed through them, looking for anything bound for a hidden service, which allowed them to discover hidden services that had not been advertised. These nodes then attacked the hidden services by making connections to them and trying common exploits against the server-software running on them, seeking to compromise and take them over. The researchers used 'honeypot' .onion servers to find the spying computers: these honeypots were .onion sites that the researchers set up in their own lab and then connected to repeatedly over the Tor network, thus seeding many Tor nodes with the information of the honions' existence. They didn't advertise the honions' existence in any other way and there was nothing of interest at these sites, and so when the sites logged new connections, the researchers could infer that they were being contacted by a system that had spied on one of their Tor network circuits. No one knows who is running the spying nodes: they could be run by criminals, governments, private suppliers of 'infowar' weapons to governments, independent researchers, or other scholars (though scholarly research would not normally include attempts to hack the servers once they were discovered)." The Tor project is aware of the attack and is working to redesign its system to try and block it. Security firm Bitdefender has issued an alert about a malicious app called EasyDoc that hands over control of Macs to criminals via Tor.
Read Replies (0)
By BeauHD from
Slashdot's come-together department:
An anonymous reader writes: Bloomberg reported in May that YouTube is working on a paid subscription service called Unplugged that would offer customers a selection of TV channels streamed via the internet. Now, The Information (Warning: source may be paywalled) is reporting that deals are starting to come together, and ESPN, ABC, and CBS are "firmly expected" to be available through the service. Other major broadcasters are expected to try and get involved with the service, but the report notes that YouTube may purposely choose to pass on smaller networks, like HGTV, to try and market YouTube videos instead. The question remains to be answered as to how YouTube plans to make anyone interested in its service. ESPN, ABC, and CBS are already offered through other online TV services, like Sling TV. CBS has its own standalone subscription service, and ESPN will soon have its own as well. Also, The Information notes that YouTube Red -- YouTube's existing subscription service -- isn't doing so well. Although, it's worth noting that service is completely different than what Unplugged is rumored to feature.
Read Replies (0)
By manishs from
Slashdot's security-woes department:
Steve Ragan, reporting for CSOOnline: Since February, a number of Apple users have reported locked devices displaying ransom demands written in Russian. Earlier this week, a security professional posted a message to a private email group requesting information related a possible compromise of at least 40 million iCloud accounts. Salted Hash started digging around on this story after the email came to our attention. In it, a list member questioned the others about a rumor concerning "rumblings of a massive (40 million) data breach at Apple." The message goes on to state that the alleged breach was conducted by a Russian actor, and vector "seems to be via iCloud to the 'locate device' feature, and is then locking the device and asking for money."In a separate report, the publication reports that three websites owned by Penton Technology -- MacForums.com, HotScripts.com, and WebHostingTalk.com -- have been compromised and their databases are now being sold on the Darknet. While nothing is confirmed, there is a possibility that some of the rumored 40M compromised Apple ID credentials may have come from these forums, or from LinkedIn's recent hack.
Read Replies (0)
By manishs from
Slashdot's if-you-love-it,-maybe-you-can-pay-for-it department:
An anonymous reader shares a Bloomberg report: There are several hundred thousand podcasts available through Apple's podcast app, and all of them cost the same amount: nothing. Starting today, you can have access to a far smaller slate of podcasts for a few bucks a month over at Audible, the audio books service owned by Amazon. Audible is betting that avid podcast fans will pay $4.95 per month for Channels, an exclusive selection of ad-free original podcasts, comedy performances, and audio renditions of written articles. The subscription is free for current Audible members. While Apple has always loomed large over podcasting, other big companies like Amazon, Google, and Spotify are beginning to inch into the space. Channels is Amazon's first major foray into the business and puts it in a position to be both a platform for and creator of new shows. "They are doing to audio what they did with Prime Video -- it's vertical integration, and it puts them in a position where they can firmly participate in the larger development of culture," said Nick Quah, who writes the podcasting newsletter Hot Pod.Is the right move? Will people for it? AdAge writes:A lot of people don't think there will be a Netflix of podcasting. Andy Bowers, chief content officer of Slate's Panoply Network, said the best chance for a subscription model to work would be to offer one that offers ad-free versions of many of the most popular podcasts that exist today. "Short of that -- and I don't see anyone doing that at the moment -- I think the ad-supported version is here to stay for a while," he said. Still, a handful of other podcasting businesses have begun experimenting with paid premium services. Acast, a podcast app, created an option for its podcasters to begin charging for content earlier this year. Midroll Media charges $4.99 a month for a service called Howl that offers access to original shows and archives of popular podcasts like "WTF with Marc Maron."
Read Replies (0)
By manishs from
Slashdot's unprecedented-shift department:
A police standoff with a suspect in the killing of five police officers in Dallas came to an abrupt end on Friday morning in an unusual way. The police said that negotiations broke down, an exchange of gunfire happened, but then they had no option but to use "bomb robot and place a device on its extension for it to detonate where the suspect was." Motherboard explains the unprecedented shift in policing. From an article: Peter W. Singer, an expert in military technology and robot warfare at the New America Foundation, tweeted that this is the first known incident of a domestic police force using a robot to kill a suspect. Singer tweeted that in the wars in Iraq and Afghanistan, soldiers have strapped claymore mines to the $8,000 MARCbot using duct tape to turn them into jury-rigged killing devices. Singer says all indications are that the Dallas Police Department did something similar in this case -- it improvised to turn a surveillance robot into a killing machine. Improvised device or not, the concerns here mirror a debate that's been going on for a few years now: Should law enforcement have access to armed drones, or, for that matter, weaponized robots? In 2013 Kentucky Senator Rand Paul staged a 13-hour filibuster that was focused entirely on concerns about the use of armed drones on US soil. Last year, North Dakota became the first state to legalize nonlethal, weaponized drones for its police officers. [...] The ability for police to remotely kill suspects raises due process concerns. If a shooter is holed up and alone, can they be qualified as an imminent threat to life? Are there clear protocols about when a robot can be used to engage a suspect versus when a human needs to engage him or her? When can the use of lethal force be administered remotely?
Read Replies (0)
By manishs from
Slashdot's who-wants-a-free-update? department:
Microsoft watcher Paul Thurrott writes: After I asked about whether the free upgrade for Windows 10 Mobile would end on July 29 as it is for Windows 10 for PCs, Microsoft's Dona Sarkar clarified the firm's evolving strategy: The Windows 10 Mobile upgrade will now continue to be free past the end of the month. "So, the free upgrade to Windows 10 ends for Windows phones on July 29, too. Right?" I tweeted yesterday morning, seeking clarification for a reader who had asked me this question. After all, Microsoft had said nothing about the expiration of the free Mobile upgrade since last year. "Clarification from this morning," Ms. Sakar tweeted later in the day. "The free upgrade offer for PC ends on July 29 but as always there are no implications or cost on phone." Hm. Not sure about the "as always" bit, as Microsoft's plans for the free Windows 10 Mobile upgrade have changed repeatedly since the firm announced this upgrade in January 2015. And over time, many of these changes enraged users who had believed earlier promises. You may recall that the original plan was to upgrade all Windows Phone 8.1 handsets to Windows 10 Mobile ... for the first year only. But over time, that changed. It was going to be all handsets with at least 1 GB of RAM. And then it was going to be some subset of handsets sold over the previous two years, but not the Lumia Icon for some reason.
Read Replies (0)
By manishs from
Slashdot's affinity-for-privacy department:
Reader wiredmikey writes: Facebook announced Friday it would roll out optional "end to end encryption" for its Messenger application, following a trend aimed at stronger security and protection against snooping. The new feature will be known as "secret conversations" which can be read only by the sender and recipient. Facebook shared technical details about its implementation of the security in a technical white paper (PDF). Facebook earlier this year began implementing this end-to-end encryption on its WhatsApp messaging service.ZDNet's Zack Whittaker, however, warns about a catch in Facebook's effort. He writes: But already the company has faced some criticism for not encrypting messages by default, instead making the service opt-in, like Apple's iMessage, or even Facebook's other chat app, WhatsApp, which recently switched on default end-to-end encryption earlier this year. Cryptographer and Johns Hopkins professor Matthew Green, who reviewed an early version of the system, said in a tweet that though you "have to turn on encryption per thread," he added that providing encryption to almost a billion people makes it hard to "put that genie back in the bottle."
Read Replies (0)
By manishs from
Slashdot's security-woes department:
Emily Chung, writing for CBC: Is your antivirus protecting your computer or making it more hackable? Internet security experts are warning that anti-malware technology is becoming less and less effective at protecting your data and devices, and there's evidence that security software can sometimes even make your computer more vulnerable to security breaches. This week, the U.S. Department of Homeland Security's Computer Emergency Readiness Team (CERT) issued a warning about popular antivirus software made by Symantec, some of it under the Norton brand, after security researchers with Google's Project Zero found critical vulnerabilities. "These vulnerabilities are as bad as it gets. They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible," wrote Google researcher Tavis Ormandy in a blog post. Symantec said it had verified and addressed the issues in updates that users are advised to install. It's not the only instance of security software potentially making your computer less safe. Concordia University professor Mohammad Mannan and his PhD student Xavier de Carne de Carnavalet recently presented research on antivirus and parental control software packages, including popular brands like AVG, Kaspersky and BitDefender, that bypass some security features built into internet browsers to verify whether sites are safe or not in order to be able to scan encrypted connections for potential threats. In theory, they should make up for it with their own content verification systems. But Mannan's research, presented at the Network and Distributed System Security Symposium in California earlier this year, found they didn't do a very good job. "We were surprised at how bad they were," he said in an interview. "Some of them, they did not even make it secure in any sense."
Read Replies (0)
By BeauHD from
Slashdot's goals-and-aspirations department:
An anonymous reader writes: The President of the Russian Federation, Vladimir Putin, has ordered the Federal Security Service (FSB) to produce "encryption keys" to decrypt all data on the internet, and the FSB has two weeks to do it, Meduza reports. The head of the FSB, Alexander Bortnikov, is responsible for accomplishing such a task. "The new 'anti-terrorist' laws require all 'organizers of information distribution' that add 'additional coding' to transmitted electronic messages to provide the FSB with any information necessary to decrypt those messages," reports Meduza. "It's still unclear what information exactly online resources are expected to turn over, given that all data on the internet is encoded, one way or another, and in many instances encryption keys for encrypted information simply don't exist." Some of the details of the executive order include requiring telecom providers and "organizers of information distribution" to store copies of the content of all information they transmit for six months and store the metadata for three years so the Kremlin can access it whenever they want. In order for that to happen, ISPs would need to build new data centers capable of holding all that information and buy imported equipment, all without state subsidies, where they risk going bankrupt. To actually operate the data centers, the Russian government would need to upgrade Russia's outdated electrical grid and cables, which could cost between $30 and $77 billion. What about the "encryption keys?" In addition to storing all the transmitted information, "organizers of information distribution" have to turn over "any information necessary to decrypt those messages." Therefore, "additional coding" will need to be added to all electronic messages to act as instructions for the FSB to "decode" them. Many services and websites don't have "keys" or are fundamentally unsharable, like banks and financial institutions. Nearly all electronic information needs to be "encoded" in some way. Bortnikov has two weeks and the clock starts now. Good luck!
Read Replies (0)
By BeauHD from
Slashdot's close-up-shop department:
An anonymous reader quotes a report from Engadget: The Wall Street Journal reports U.S. regulators have devised to ban the owners and operators of Theranos from running a lab for two years. That includes CEO and founder Elizabeth Holmes, as confirmed by a press release issued tonight. The Centers for Medicare and Medicaid Services (CMS) revoked the lab's Clinical Laboratory Improvement Amendments (CLIA) certificate and imposed a civil money penalty for an unspecified amount. The ban does not take effect for 60 days, however Theranos says it will not do any testing at the Newark, CA lab CMS investigated, and instead will serve customers from its lab in Arizona. Elizabeth Holmes wrote: "We accept full responsibility for the issues at our laboratory in Newark, California, and have already worked to undertake comprehensive remedial actions. Those actions include shutting down and subsequently rebuilding the Newark lab from the ground up, rebuilding quality systems, adding highly experienced leadership, personnel and experts, and implementing enhanced quality and training procedures. While we are disappointed by CMS' decision, we take these matters very seriously and are committed to fully resolving all outstanding issues with CMS and to demonstrating our dedication to the highest standards of quality and compliance."
Read Replies (0)
By BeauHD from
Slashdot's tax-evasion department:
An anonymous reader quotes a report from Fortune: The Internal Revenue Service (IRS) has sued Facebook on Wednesday to force it to comply with summonses related to a 2010 asset transfer. Fortune reports: "According to documents the IRS filed in San Francisco federal court, the agency suspects Facebook and its accounting firm, Ernst and Young, understated the value of intangible assets transferred to Ireland by billions of dollars. The IRS says it is seeking an order to enforce six summonses that asked Facebook to appear at the agency's offices in San Jose, Calif., and to produce papers and others records. According to IRS agent Nina Stone, Facebook failed to show up at the appointed date of June 17, and nor did it provide the documents. The dispute arose as a result of an ongoing audit of Facebook by IRS that stretches back to 2010. In that year, the company chose to designate Facebook Ireland as the rights-holder for its worldwide business outside of the U.S. and Canada, and also to transfer intellectual property assets such as its platform and 'marketing intangibles.' The crux of the disagreement between Facebook and the IRS turns on the arcane question of whether the assets in question could be transferred in their entirety or if, as the agency argues, they are 'interdependent.' [The agent's declaration can be found here.] Such arrangements are common among U.S. tech companies, and seek to reduce tax payments by scoring revenue in low tax jurisdictions like Ireland, while having higher tax countries (especially the U.S.) reduce profits by paying to license intellectual property from overseas subsidiaries."
Read Replies (0)