By msmash from Slashdot's about-time department
Microsoft said in 2015 that it would build OpenSSH, a set of utilities that allow clients and servers to connect securely, into Windows, while also making contributions to its development. Neowin: Since then, the company has delivered on that promise in recent releases of Windows 10, being introduced as a feature-on-demand in version 1803. However, Windows Server hadn't received the feature until now, at least not in an officially supported way -- Windows Server version 1709 included it as a pre-release feature. But that's finally changed, as Microsoft this week revealed that Windows Server 2019, which was made available (again) in November, includes OpenSSH as a supported feature.Read Replies (0)
By msmash from Slashdot's new-lows department
When the Trump administration laid out a plan this year that would eventually allow cars to emit more pollution, automakers, the obvious winners from the proposal, balked. The changes, they said, went too far even for them. But it turns out that there was a hidden beneficiary of the plan that was pushing for the changes all along: the nation's oil industry. From an investigation by The New York Times: In Congress, on Facebook and in statehouses nationwide, Marathon Petroleum, the country's largest refiner, worked with powerful oil-industry groups and a conservative policy network financed by the billionaire industrialist Charles G. Koch to run a stealth campaign to roll back car emissions standards, a New York Times investigation has found. The campaign's main argument for significantly easing fuel efficiency standards -- that the United States is so awash in oil it no longer needs to worry about energy conservation -- clashed with decades of federal energy and environmental policy.
"With oil scarcity no longer a concern," Americans should be given a "choice in vehicles that best fit their needs," read a draft of a letter that Marathon helped to circulate to members of Congress over the summer. Official correspondence later sent to regulators by more than a dozen lawmakers included phrases or sentences from the industry talking points, and the Trump administration's proposed rules incorporate similar logic. The industry had reason to urge the rollback of higher fuel efficiency standards proposed by former President Barack Obama. A quarter of the world's oil is used to power cars, and less-thirsty vehicles mean lower gasoline sales.Read Replies (0)
By msmash from Slashdot's tussle-continues department
An anonymous reader writes: A new variant of the Shamoon malware was discovered on the network of an Italian and UAE oil and gas companies. While the damage at the UAE firm is currently unknown, the malware has been confirmed to have destroyed files on about ten percent of the Italian company's PC fleet.
Shamoon is one of the most dangerous strains of malware known to date. It was first deployed in two separate incidents that targeted the infrastructure of Saudi Aramco, Saudi Arabia's largest oil producer, in 2012 and 2016. During those incidents, the malware wiped files and replaced them with propaganda images (burning US flag, body of Alan Kurdi). The 2012 attack was devastating in particular, with Shamoon wiping data on over 30,000 computers, crippling the company's activity for weeks. Historically, the malware has been tied to the Iranian regime, but it's unclear if Iranian hackers were behind this latest attacks. This new Shamoon version was revealed to the world when an Italian engineer uploaded the malware on VirusTotal, triggering detections at all major cyber-security firms across the globe.Read Replies (0)
By msmash from Slashdot's circle-of-life department
Buyers return a huge number of packages they buy from Amazon and other e-commerce sites, so much so that retailers are sometimes left with little choice but to get rid of large swaths of inventory at a cost. Last year, customers in the U.S. returned about $351 billion worth of items that they had purchased from brick-and-mortar retailers and online stores, according to estimates by National Retail Federation. CNBC: There's a good chance that the $100 printer, the $300 wide-screen monitor, or the $170 router you recently bought from Amazon weren't supplied to the e-commerce giant by their original manufacturers. In fact, the order may have been fulfilled by someone like Casey Parris, who resells items that customers previously returned to retailers. Based in Florida, Parris spends about five hours each day visiting thrift stores and scanning auction and liquidation websites for interesting items, he told CNBC. Sometimes he finds auto parts, other times it's a pair of sneakers, and occasionally he purchases printer cartridges -- all with the goal of reselling them.
Walter Blake, who lives in Michigan, does the same. For years, he's been selling electronic items on Amazon that he acquires from a network of places. Blake and Parris are part of a growing cottage industry where dealers acquire discarded items at very low prices, only to resell some of them back on Amazon and eBay at a premium.Read Replies (0)
By msmash from Slashdot's elephant-in-the-room department
The blockchain system has daunting technical problems to fix. But first, its disciples need to figure out how to govern themselves. From a report: The handful of idealistic researchers, developers, and administrators in charge of maintaining its software are under increasing pressure to overcome technical limitations that stymie the network's growth. At the same time, well-funded competitors have emerged, claiming that their blockchains perform better. Crackdowns by regulators, and a growing understanding of how far most blockchain applications are from ready for prime time, have scared many cryptocurrency investors away: Ethereum's market value in dollars has fallen more than 90% since its peak last January.
The reason Devcon (the annual "family reunion" organized by the Ethereum Foundation; this year's edition was held in October) feels so upbeat despite these storm clouds is that the people building Ethereum have something bigger in mind -- something world-changing, in fact. Yet to achieve its goal, this ragtag community needs to crack a problem as complicated as any of the toe-curling technical challenges it faces: how to govern itself. It must find a way to organize a scattered global network of contributors and stakeholders without sacrificing "decentralization" -- the principle, which any cryptocurrency community strives for, that no one entity or group should be in control.Read Replies (0)
By msmash from Slashdot's security-woes department
Forbes magazine tested four of the most popular handsets running Google's operating systems and Apple's iPhone to see how easy it'd be to break into them with a 3D-printed head. All of the Android handsets opened with the fake. Apple's phone, however, was impenetrable. From the report: For our tests, we used my own real-life head to register for facial recognition across five phones. An iPhone X and four Android devices: an LG G7 Linq, a Samsung S9, a Samsung Note 8 and a OnePlus 6. I then held up my fake head to the devices to see if the device would unlock. For all four Android phones, the spoof face was able to open the phone, though with differing degrees of ease. The iPhone X was the only one to never be fooled.
There were some disparities between the Android devices' security against the hack. For instance, when first turning on a brand new G7 Linq, LG actually warns the user against turning facial recognition on at all. No surprise then that, on initial testing, the 3D-printed head opened it straightaway. [...] The OnePlus 6 came with neither the warnings of the other Android phones nor the choice of slower but more secure recognition.Read Replies (0)
By msmash from Slashdot's good-samaritan department
Apple said Thursday it plans to invest $1 billion building a new corporate campus in Austin, Texas, that could eventually create 15,000 jobs. From a report: The iPhone maker will also set up new offices in Seattle, San Diego and Culver City, Los Angeles County, as well as expanding operations in Pittsburgh, New York and Boulder, Colorado, according to the press release.
The Austin campus will be located less than a mile away from Apple's existing facilities in the Texas city, which already employ 6,200 people (its largest group of employees outside Cupertino). The new area will initially hold 5,000 employees, with capacity to grow to 15,000 over time.Read Replies (0)
By BeauHD from Slashdot's bitter-legal-battles department
An anonymous reader quotes a report from CNBC: Tesla is seeking more than $167 million in a lawsuit against former employee Martin Tripp, recent legal filings revealed. In the lawsuit, which was filed by the electric car maker in June, Tesla alleges that Tripp, a former process engineer, had illegally exported data and made false claims to reporters, among other things. Tripp had earlier claimed in a number of press interviews that Tesla engaged in poor manufacturing practices at its massive battery plant outside of Reno, Nevada, and that it may have used damaged battery modules in its Model 3 vehicles, posing a risk to drivers.
An interim case management report published on Nov. 27 reveals that Tripp's attorneys aim to depose Tesla CEO Elon Musk and more than 10 people involved with the company. Tesla has refused to make Musk available and sought to limit the number of people deposed by Tripp's defense team at the law firm Tiffany & Bosco. Tripp's lawyers wrote in that report: "Tesla has objected to Mr. Tripp's desire to take more than ten depositions... In this case, where Mr. Tripp is being sued for more than $167,000,000 and has asserted counterclaims against Tesla, more than ten depositions is certainly reasonable and appropriate." Tripp attorney Robert D. Mitchell said in an email to CNBC: "The purported damage amount claimed by Tesla relates to supposed dips in Tesla's stock price by virtue of the information Mr. Tripp provided to the press last summer." He characterized the damage claims as "absurd."Read Replies (0)
By msmash from Slashdot's how-about-that department
With the price of bitcoin down 80% from its peak a year ago, and the larger cryptocurrency market in systemic collapse, has "peak crypto" come and gone? From a column: Perhaps, but don't expect to see true believers lining up to have their cryptocurrency tattoos removed just yet. At a recent conference I attended, the overwhelming sentiment was that market capitalisation of cryptocurrencies could explode over the next five years, rising to $5-10tn. For those who watched the price of bitcoin go from $13 in December 2012 to roughly $4,000 today, this year's drop from $20,000 was no reason to panic.
It is tempting to say, "Of course the price is collapsing." Regulators are gradually waking up to the fact that they cannot countenance large expensive-to-trace transaction technologies that facilitate tax evasion and criminal activity. At the same time, central banks from Sweden to China are realising that they, too, can issue digital currencies. As I emphasised in my 2016 book on the past, present, and future of currency, when it comes to new forms of money, the private sector may innovate, but in due time the government regulates and appropriates.
But as I also pointed out back then, just because the long-term value of bitcoin is more likely to be $100 than $100,000 does not necessarily mean that it definitely should be worth zero. The right way to think about cryptocurrency coins is as lottery tickets that pay off in a dystopian future where they are used in rogue and failed states, or perhaps in countries where citizens have already lost all semblance of privacy. It is no coincidence that dysfunctional Venezuela is the first issuer of a state-backed cryptocurrency (the "petro").Read Replies (0)
By BeauHD from Slashdot's happens-more-often-than-you-think department
An anonymous reader writes: IT systems on boats aren't as air-gapped as people think and are falling victims to all sorts of cyber-security incidents, such as ransomware, worms, viruses, and other malware -- usually carried on board via USB sticks. These cyber-security incidents have been kept secret until now, and have only been recently revealed as past examples of what could go wrong, in a new "cyber-security guideline" released by 21 international shipping associations and industry groups. One of the many incidents: "A new-build dry bulk ship was delayed from sailing for several days because its ECDIS was infected by a virus. The ship was designed for paperless navigation and was not carrying paper charts. The failure of the ECDIS appeared to be a technical disruption and was not recognized as a cyber issue by the ship's master and officers. A producer technician was required to visit the ship and, after spending a significant time in troubleshooting, discovered that both ECDIS networks were infected with a virus. The virus was quarantined and the ECDIS computers were restored. The source and means of infection in this case are unknown. The delay in sailing and costs in repairs totaled in the hundreds of thousands of dollars (U.S.)." The document also highlights an incident involving ransomware. "For example, a shipowner reported not one, but two ransomware infections, both occurring due to partners, and not necessarily because of the ship's crew," reports ZDNet. Another ransomware incident occurred because the ship failed to set up proper (RDP) passwords: A ransomware infection on the main application server of the ship caused complete disruption of the IT infrastructure. The ransomware encrypted every critical file on the server and as a result, sensitive data were lost, and applications needed for ship's administrative operations were unusable. The incident was reoccurring even after complete restoration of the application server. The root cause of the infection was poor password policy that allowed attackers to brute force remote management services successfully. The company's IT department deactivated the undocumented user and enforced a strong password policy on the ship's systems to remediate the incident.Read Replies (0)
By BeauHD from Slashdot's website-tax department
The FCC's Broadband Deployment Advisory Committee (BDAC), which includes members like AT&T, Comcast, Google Fiber, Sprint, and other ISPs and industry representatives, is proposing a tax on websites to pay for rural broadband. Ars Technica reports: If adopted by states, the recommended tax would apply to subscription-based retail services that require Internet access, such as Netflix, and to advertising-supported services that use the Internet, such as Google and Facebook. The tax would also apply to any small- or medium-sized business that charges subscription fees for online services or uses online advertising. The tax would also apply to any provider of broadband access, such as cable or wireless operators. The collected money would go into state rural broadband deployment funds that would help bring faster Internet access to sparsely populated areas. Similar universal service fees are already assessed on landline phone service and mobile phone service nationwide. Those phone fees contribute to federal programs such as the FCC's Connect America Fund, which pays AT&T and other carriers to deploy broadband in rural areas.
< article continued at Slashdot's website-tax department
>Read Replies (0)
By BeauHD from Slashdot's shadow-workforce department
"An internal Google training document exposed by The Guardian reveals how the company instructs employees on how to treat temps, vendors, and contractors (TVCs)," writes Slashdot reader Garabito. "This includes: 'not to reward certain workers with perks like T-shirts, invite them to all-hands meetings, or allow them to engage in professional development training.'" From the report: "Working with TVCs and Googlers is different," the training documentation, titled the The ABCs of TVCs, explains. "Our policies exist because TVC working arrangements can carry significant risks." The risks Google appears to be most concerned about include standard insider threats, like leaks of proprietary information, but also -- and especially -- the risk of being found to be a joint employer, a legal designation which could be exceedingly costly for Google in terms of benefits.
Google's treatment of TVCs has come under increased scrutiny by the company's full-time employees (FTEs) amid a nascent labor movement at the company, which has seen workers speak out about both their own working conditions and the morality of the work they perform. American companies have long turned to temps and subcontractors to plug holes and perform specialized tasks, but Google achieved a dubious distinction this year when Bloomberg reported that in early 2018, the company did not directly employ a majority of its own workforce. According to a current employee with access to the figures, of approximately 170,000 people around the world who now work at Google, 50.05% are FTEs. The rest, 49.95%, are TVCs. The report notes that "the two-tier system has complicated labor activism at Google." On November 1st, after 20,000 workers joined a global walkout, "the company quickly gave in to one of the protesters' demands by ending forced arbitration in cases of sexual harassment -- but only for FTEs."Read Replies (0)