posted less than an hour ago on slashdot
mrspoonsi writes with the findings of an investigation into working conditions at a factory that makes Apple products. Poor treatment of workers in Chinese factories which make Apple products has been discovered by an undercover BBC Panorama investigation. Filming on an iPhone 6 production line showed Apple's promises to protect workers were routinely broken. It found standards on workers' hours, ID cards, dormitories, work meetings and juvenile workers were being breached at the Pegatron factories. Apple said it strongly disagreed with the programme's conclusions. Exhausted workers were filmed falling asleep on their 12-hour shifts at the Pegatron factories on the outskirts of Shanghai. One undercover reporter, working in a factory making parts for Apple computers, had to work 18 days in a row despite repeated requests for a day off. Another reporter, whose longest shift was 16 hours, said: "Every time I got back to the dormitories, I wouldn't want to move. Even if I was hungry I wouldn't want to get up to eat. I just wanted to lie down and rest. I was unable to sleep at night because of the stress."

Read More...
posted about 1 hour ago on slashdot
An anonymous reader writes Github has announced a security vulnerability and has encourage users to update their Git clients as soon as possible. The blog post reads in part: "A critical Git security vulnerability has been announced today, affecting all versions of the official Git client and all related software that interacts with Git repositories, including GitHub for Windows and GitHub for Mac. Because this is a client-side only vulnerability, github.com and GitHub Enterprise are not directly affected. The vulnerability concerns Git and Git-compatible clients that access Git repositories in a case-insensitive or case-normalizing filesystem. An attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine. Git clients running on OS X (HFS+) or any version of Microsoft Windows (NTFS, FAT) are exploitable through this vulnerability. Linux clients are not affected if they run in a case-sensitive filesystem....Updated versions of GitHub for Windows and GitHub for Mac are available for immediate download, and both contain the security fix on the Desktop application itself and on the bundled version of the Git command-line client."

Read More...
posted about 2 hours ago on slashdot
schnell writes The New York Times Magazine has an in-depth profile of Marissa Mayer's time at the helm of Yahoo!, detailing her bold plans to reinvent the company and spark a Jobs-ian turnaround through building great new products. But some investors are saying that her product focus (to the point of micromanaging) hasn't generated results, and that the company should give up on trying to create the next iPod, merge with AOL to cut costs and focus on the unglamorous core business that it has. Is it time for Yahoo! to "grow up" and set its sights lower?

Read More...
posted about 3 hours ago on slashdot
Esra Erimez writes Peter Bright doesn't speak a word of Spanish but with Skype Translator he was able to have a spoken conversation with a Spanish speaker as if he was in an episode of Star Trek. He spoke English. A moment later, an English language transcription would appear, along with a Spanish translation. Then a Spanish voice would read that translation.

Read More...
posted about 3 hours ago on slashdot
An anonymous reader writes The Microsoft Band, introduced last month, hosts a slew of amazing sensors, but like so many wearable computing devices, users are unable to access their own data. A Brown University professor decompiles the app, finds that the data is transmitted to the Microsoft "cloud", and explains how to intercept the traffic to retrieve the raw minute-by-minute data captured by the Band.

Read More...
posted about 5 hours ago on slashdot
itwbennett writes In a blog post Tuesday, security service provider Alert Logic warned of a Linux vulnerability, named grinch after the well-known Dr. Seuss character, that could provide attackers with unfettered root access. The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user full administrative access. Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September.

Read More...
posted about 5 hours ago on slashdot
kwelch007 writes I commonly work in a clean-room (CR.) As such, I commonly need access to my smart-phone for various reasons while inside the CR...but, I commonly keep it in my front pocket INSIDE my clean-suit. Therefore, to get my phone out of my pocket, I have to leave the room, get my phone out of my pocket, and because I have a one track mind, commonly leave it sitting on a table or something in the CR, so I then have to either have someone bring it to me, or suit back up and go get it myself...a real pain. I have been looking in to getting a 'Smart Watch' (I'm preferential to Android, but I know Apple has similar smart-watches.) I would use a smart-watch as a convenient, easy to transport and access method to access basic communications (email alerts, text, weather maps, etc.) The problem I'm finding while researching these devices is, I'm not finding many apps. Sure, they can look like a nice digital watch, but I can spend $10 for that...not the several hundred or whatever to buy a smart-watch. What are some apps I can get? (don't care about platform, don't care if they're free) I just want to know what's the best out there, and what it can do? I couldn't care less about it being a watch...we have these things called clocks all over the place. I need various sorts of data access. I don't care if it has to pair with my smart-phone using Bluetooth or whatever, and it won't have to be a 100% solution...it would be more of a convenience that is worth the several hundred dollars to me. My phone will never be more than 5 feet away, it's just inconvenient to physically access it. Further, I am also a developer...what is the best platform to develop for these wearable devices on, and why? Maybe I could make my own apps? Is it worth waiting for the next generation of smart-watches?

Read More...
posted about 7 hours ago on slashdot
vasanth (908280) writes India on Thursday moved forward in rocket technology with the successful flight testing of its heaviest next generation rocket and the crew module . The 630-tonne three-stage rocket, Geo-Synchronous Satellite Launch Vehicle Mark III, carried active solid boosters, liquid core stage and a passive cryo stage and a crew module to test its re-entry characteristics. This rocket is capable of doubling the capacity of payloads India can carry into space and it can deposit up to four tonne class of communication satellites into space. India also plans to use this rocket for ferrying Indian astronauts into space. For India, ISRO (the Indian space agency) perfecting the cryogenic engine technology is crucial as India can save precious foreign exchange by launching heavy duty communication satellites by itself.

Read More...
posted about 8 hours ago on slashdot
First time accepted submitter groggy.android writes This year's biggest news about Bitcoin may well turn out not to be the repeat of its surge in value last year against the dollar and other state currencies but its impending eclipse by another independent but corporate-backed digital currency. Popularly known as Ripple, XRP shot up in value last year along with other cryptocurrencies that took advantage of the hype around Bitcoin. However, among the top cryptocurrencies listed in Coinmarketcap.com, a site that monitors trading across different cryptocurrency exchanges, Ripple is the only one that not only regained its value after the collapse in the price of Bitcoin but has more than doubled from its peak last year. In September it displaced Litecoin to become the second most valuable cryptocurrency. Even more surpising, a Ripple fork, Stellar, is one of the two other cryptocurrencies in the Coinmarketcap top ten that have risen sharply in value during the last few weeks. What makes Ripple different from Bitcoin? Strictly speaking, Ripple isn't the name of the digital currency but of the decentralized payment network and protocol created and maintained by the eponymous Ripple Labs. Users of the Ripple system are able to transact in both cryptocurrency and regular fiat currency like the dollar without passing through a central exchange. XRP is the name of the native unit of exchange used in the Ripple network to facilitate conversion between different currency types.

Read More...
posted about 10 hours ago on slashdot
Trailrunner7 writes with this news from ThreatPost: Unknown hackers were able to compromise vital systems belonging to ICANN, the organization that manages the global top-level domain system, and had access to the system that manages the files with data on resolving specific domain names. The attack apparently took place in November and ICANN officials discovered it earlier this month. The intrusion started with a spear phishing campaign that targeted ICANN staffers and the email credentials of several staff members were compromised. The attackers then were able to gain access to the Centralized Zone Data System, the system that allows people to manage zone files. The zone files contain quite bit of valuable information, including domain names, the name server names associated with those domains and the IP addresses for the name servers. CANN officials said they are notifying any users whose zone data might have been compromised." (Here's ICANN's public note on the compromise.)

Read More...
posted about 10 hours ago on slashdot
rossgneumann writes North Korea may really be behind the Sony hack, but we're still acting like idiots. Peter W. Singer, one of the nations foremost experts on cybersecurity, says Sony's reaction has been abysmal. "Here, we need to distinguish between threat and capability—the ability to steal gossipy emails from a not-so-great protected computer network is not the same thing as being able to carry out physical, 9/11-style attacks in 18,000 locations simultaneously. I can't believe I'm saying this. I can't believe I have to say this."

Read More...
posted about 12 hours ago on slashdot
SternisheFan passes on this excerpt from an Ars Technica article: On Wednesday Councilman Dan Garodnick introduced a bill to the New York City council seeking to ban all use of drones except those operated by police officers who obtain warrants. A second, parallel bill introduced by councilman Paul Vallone would place more stringent restrictions on drone use but stop short of banning drones for hobbyists and companies altogether. Both bills have been passed to the city's committee on public safety. An all-out ban on drones within the metropolis would be a quite wide-reaching step, especially as the Federal Aviation Authority (FAA) seems poised to adopt more permissive rules, with respect to commercial interests in particular. Earlier this year, the FAA formally granted six Hollywood companies exemptions to drone ban rules. A couple of months later, the FAA granted similar exemptions for construction site monitoring and oil rig flare stack inspections. The article explains that Vallone's bill is less restrictive, and rather than propose an outright ban "lists 10 instances where operating a UAV would be illegal, including at night, out of the operator's eyesight, or above 400 ft high. Outside of those conditions, hobbyists and commercial interests would be free to fly drones."

Read More...
posted about 12 hours ago on slashdot
schwit1 writes Speaking off the record, senior intelligence officials have told the New York Times, CNN, and other news agencies that North Korea was "centrally involved" in the hack of Sony Pictures Entertainment. It is not known how the US government has determined that North Korea is the culprit, though it is known that the NSA has in the past penetrated North Korean computer systems. Previous analysis of the malware that brought down Sony Pictures' network showed that there were marked similarities to the tools used in last year's cyber-attack on South Korean media companies and the 2012 "Shamoon" attack on Saudi Aramco. While there was speculation that the "DarkSeoul" attack in South Korea was somehow connected to the North Korean regime, a firm link was never published.

Read More...
posted about 20 hours ago on slashdot
Rambo Tribble writes It was long thought that gamma ray bursts were the exclusive province of deep space sources. More recently it was found that storms could produce such emissions, but such occurrences were thought rare. Now, data from NASA's Fermi satellite suggest such events happen over a thousand times a day. Per Prof. Joseph Dwyer, from the University of New Hampshire, "These are big, monster bursts of gamma rays, and one would think these must be monster storms producing them. But that's not the case. Even boring-looking, garden-variety, little storms can produce these."

Read More...
posted 1 day ago on slashdot
mrspoonsi writes The proposal was made by the Google developers working on the search firm's Chrome browser. The proposal to mark HTTP connections as non-secure was made in a message posted to the Chrome development website by Google engineers working on the firm's browser. If implemented, the developers wrote, the change would mean that a warning would pop-up when people visited a site that used only HTTP to notify them that such a connection "provides no data security". Currently only about 33% of websites use HTTPS, according to statistics gathered by the Trustworthy Internet Movement which monitors the way sites use more secure browsing technologies. In addition, since September Google has prioritised HTTPS sites in its search rankings.

Read More...
posted 1 day ago on slashdot
An anonymous reader writes The Navy is testing a new underwater drone called GhostSwimmer, which is designed to a href="https://www.yahoo.com/tech/navy-develops-ghostswimmer-drone-that-looks-like-105375377914.html">look like a shark and conduct surveillance work. It is being adapted by the chief of naval operations' Rapid Innovation Cell (CRIC) project, Silent NEMO, in Norfolk, Va.. GhostSwimmer is 5 feet long and weighs almost 100 pounds. It can operate in water depths from 10 inches to 300 feet, and is designed to operate autonomously for long periods of time, according to the Navy.

Read More...
posted 1 day ago on slashdot
mpicpp writes Google Inc. and Verizon Communications Inc. struck a long-term patent cross-license agreement to reduce the risk of future patent lawsuits, the latest in a string of deals that signal a slowdown after years of aggressive patent wars. The deal effectively bars the companies from suing each other over any of the thousands of patents the companies currently own or acquire in the next five years. It also protects the companies if either sells a patent to another company, and that company attempts a lawsuit. "This cross license allows both companies to focus on delivering great products and services to consumers around the world," said Kirk Dailey, Google's head of patent transactions.

Read More...
posted 1 day ago on slashdot
Nerval's Lobster writes Back in the day, Microsoft viewed open source and Linux as a threat and did its best to retaliate with FUD and patent threats. And then a funny thing happened: Whether in the name of pragmatism or simply marketing, Microsoft began a very public transition from a company of open-source haters (at least in top management) to one that's embraced some aspects of open-source computing. Last month, the company blogged that .NET Core will become open-source, adding to its previously open-sourced ASP.NET MVC, Web API, and Web Pages (Razor). There's no doubt that, at least in some respects, Microsoft wants to make a big show of being more open and supportive of interoperability. The company's even gotten involved with the .NET Foundation, an independent organization designed to assist developers with the growing collection of open-source technologies for .NET. But there's only so far Microsoft will go into the realm of open source—whereas once upon a time, the company tried to wreck the movement, now it faces the very real danger of its whole revenue model being undermined by free software. But what's Microsoft's end-goal with open source? What can the company possibly hope to accomplish, given a widespread perception that such a move on its part is the product of either fear, cynicism, or both?

Read More...
posted 1 day ago on slashdot
theodp writes "Investors have poured over $2 billion into businesses built on Hadoop," writes the WSJ's Elizabeth Dwoskin, "including Hortonworks Inc., which went public last week, its rivals Cloudera Inc. and MapR Technologies, and a growing list of tiny startups. Yet companies that have tried to use Hadoop have met with frustration." Dwoskin adds that Hadoop vendors are responding with improvements and additions, but for now, "It can take a lot of work to combine data stored in legacy repositories with the data that's stored in Hadoop. And while Hadoop can be much faster than traditional databases for some purposes, it often isn't fast enough to respond to queries immediately or to work on incoming information in real time. Satisfying requirements for data security and governance also poses a challenge."

Read More...
posted 1 day ago on slashdot
HughPickens.com writes: Peter Baker reports at the NYT that in a deal negotiated during 18 months of secret talks hosted largely by Canada and encouraged by Pope Francis, the United States will restore full diplomatic relations with Cuba and open an embassy in Havana for the first time in more than a half-century. In addition, the United States will ease restrictions on remittances, travel and banking relations, and Cuba will release 53 Cuban prisoners identified as political prisoners by the United States government. Although the decades-old American embargo on Cuba will remain in place for now, the administration signaled that it would welcome a move by Congress to ease or lift it should lawmakers choose to. "We cannot keep doing the same thing and expect a different result. It does not serve America's interests, or the Cuban people, to try to push Cuba toward collapse. We know from hard-learned experience that it is better to encourage and support reform than to impose policies that will render a country a failed state," said the White House in a written statement. "The United States is taking historic steps to chart a new course in our relations with Cuba and to further engage and empower the Cuban people."

Read More...
posted 1 day ago on slashdot
FarnsworthG writes: A multi-billion-dollar Army project will soon be able to track nearly everything within 340 miles when an 80-yard-long blimp is hoisted into the air over Maryland. Way to be subtle, guys. From the article: "Technically considered aerostats, since they are tethered to mooring stations, these lighter-than-air vehicles will hover at a height of 10,000 feet just off Interstate 95, about 45 miles northeast of Washington, D.C., and about 20 miles from Baltimore. That means they can watch what’s happening from North Carolina to Boston, or an area the size of Texas."

Read More...
posted 1 day ago on slashdot
Esra Erimez writes: Backblaze is transitioning from using 4 TB hard drives to 6 TB hard drives in the Storage Pods they will be deploying over the coming months. With over 10,000 hard drives, the choice of which 6TB hard drive to use is critical. They deployed 45 and tested Western Digital (WD60EFRX) and Seagate (STBD6000100) hard drives into two pods that were identical in design and configuration except for the hard drives used.

Read More...
posted 1 day ago on slashdot
An anonymous reader writes: The BBC reports on the construction of Prelude, a new ship that will be the world's longest vessel. It is 488 meters long and 74 meters wide, built with 260,000 tons of steel and displacing five times as much water as an aircraft carrier. Its purpose is to carry an entire natural gas processing plant as it sits over a series of wells 100 miles off the coast of Australia. Until now, it hasn't been practical to move gas that comes out of the wells with ships. The gas occupies too much volume, so it is generally piped to a facility on shore where it is processed and then shipped off to energy-hungry markets. But the Prelude can purify and chill the gas, turning it into a liquid and reducing its volume by a factor of 600. It will offload this liquid to smaller (but still enormous) carrier ships for transport.

Read More...
posted 1 day ago on slashdot
schwit1 sends this report from The Verge: Most anti-piracy tools take one of two paths: they either target the server that's sharing the files (pulling videos off YouTube or taking down sites like The Pirate Bay) or they make it harder to find (delisting offshore sites that share infringing content). But leaked documents reveal a frightening line of attack that's currently being considered by the MPAA: What if you simply erased any record that the site was there in the first place? To do that, the MPAA's lawyers would target the Domain Name System that directs traffic across the internet. The tactic was first proposed as part of the Stop Online Piracy Act (SOPA) in 2011, but three years after the law failed in Congress, the MPAA has been looking for legal justification for the practice in existing law and working with ISPs like Comcast to examine how a system might work technically. If a takedown notice could blacklist a site from every available DNS provider, the URL would be effectively erased from the internet. No one's ever tried to issue a takedown notice like that, but this latest memo suggests the MPAA is looking into it as a potentially powerful new tool in the fight against piracy.

Read More...
posted 1 day ago on slashdot
TaleSlinger sends word of a newly-discovered "mathematical relationship — between material thickness, temperature, and electrical resistance — that appears to hold in all superconductors." The work (abstract), led by Yachin Irvy, comes out of MIT's Research Laboratory of Electronics. Researchers found that a particular superconductor (niobium nitride) didn't fit earlier models estimating the temperature at which it changes from normal conductivity to superconductivity. So the researchers conducted a series of experiments in which they held constant either thickness or “sheet resistance,” the material’s resistance per unit area, while varying the other parameter; they then measured the ensuing changes in critical temperature. A clear pattern emerged: Thickness times critical temperature equaled a constant — call it A — divided by sheet resistance raised to a particular power — call it B. ... The other niobium nitride papers Ivry consulted bore out his predictions, so he began to expand to other superconductors. Each new material he investigated required him to adjust the formula’s constants — A and B. But the general form of the equation held across results reported for roughly three dozen different superconductors.

Read More...