posted 10 days ago on slashdot
joshtops writes: Hi fellow readers. I wanted to ask you how many books do you read in a month on average? Also wanted to understand if that number has changed over the last five years. Also, what are you reading this month?

Read More...
posted 10 days ago on slashdot
An anonymous reader shares a report: Chatbots. They're usually a waste of your time, so why not have them waste someone else's instead? Better yet: why not have them waste an email scammer's time. That's the premise behind Re:scam , an email chatbot operated by New Zealand cybersecurity firm Netsafe. Next time you get a dodgy email in your inbox, says Netsafe, forward it on to [email protected], and a proxy email address will start replying to the scammer for you, doing its very utmost to waste their time.

Read More...
posted 10 days ago on slashdot
It looks like Logitech didn't anticipate the barrage of criticism it received after announcing this week that it would be intentionally bricking its Harmony Link hub next March. The company is now reversing course. Its Harmony Link will still die next summer, but if you own one, the company is happy to give you a free upgrade to the more recent Harmony Hub model. From a report: Originally, Logitech planned to only offer Harmony Link owners with active warranties free upgrades to its new Harmony Hub devices. But for people out of warranty -- possibly the majority of Harmony Link users, as the devices were last sold in 2015 -- they would just get a one-time, 35 percent discount on a new $100 Harmony Hub. However, after customer outrage, Logitech revised it plans and announced that the company will give every Harmony Link owner a new Hub for free. Additionally, users who had already used the coupon to purchase a new Hub will also be able to contact Logitech in order to obtain a refund for the difference in price. However, Logitech is still not planning to extend support for the Harmony Link. The company says, "We made the business decision to end the support and services of the Harmony Link when the encryption certificate expires in the spring of 2018 -- we would be acting irresponsibly by continuing the service knowing its potential/future vulnerability."

Read More...
posted 10 days ago on slashdot
Antivirus suites expose a user's system to attacks that otherwise wouldn't be possible, a security researcher reported on Friday. From a report: On Friday, a researcher documented a vulnerability he had found in about a dozen name-brand AV programs that allows attackers who already have a toehold on a targeted computer to gain complete system control. AVGater, as the researcher is calling the vulnerability, works by relocating malware already put into an AV quarantine folder to a location of the attacker's choosing. Attackers can exploit it by first getting a vulnerable AV program to quarantine a piece of malicious code and then moving it into a sensitive directory such as C:\Windows or C:\Program Files, which normally would be off limits to the attacker. Six of the affected AV programs have patched the vulnerablity after it was privately reported. The remaining brands have yet to fix it, said Florian Bogner, a Vienna, Austria-based security researcher who gets paid to hack businesses so he can help them identify weaknesses in their networks. Bogner said he developed a series of AVGater exploits during several assignments that called for him to penetrate deep inside customer networks. Using malicious phishing e-mails, he was able to infect employee PCs, but he still faced a significant challenge. Because company administrators set up the PCs to run with limited system privileges, Bogner's malware was unable to access the password database -- known as the Security Account Manager -- that stored credentials he needed to pivot onto the corporate network.

Read More...
posted 10 days ago on slashdot
Google announced that its Project Loon internet balloons have delivered internet service to over 100,000 Puerto Ricans who were knocked offline by Hurricane Maria. Engadget reports: It's not a total success, which isn't to be expected after Puerto Ricans' communications infrastructure suffered so much damage. But the team was able to work with AT&T and T-Mobile to get "communication and internet activities like sending text messages and accessing information online for some people with LTE enabled phones," head of Project Loon Alastair Westgarth wrote in a blog post. The team launched their balloons from Nevada and used machine learning algorithms to direct them over Puerto Rico, where they've been relaying internet from working ground networks over to users in unconnected areas. In the post, Westgarth noted that Project Loon has never fired up internet from scratch this rapidly, and will improve their ability to keep balloons in place (and deliver sustained connectivity) as they become familiar with the air currents.

Read More...
posted 11 days ago on slashdot
CBS announced that Star Trek: Discovery will return for the second half of the split season on Sunday, November 12th. There will be roughly a two month gap between the last episode of the first half of the split season, which aires on Sunday, November 12th, and the first episode of the second half of the split season. The Verge reports: When the network announced the series's September release date, it revealed that the first season would be split into two "chapters." The second chapter begins with the show's 10th episode, "Despite Yourself." Chapter 2 will contain the season's remaining six episodes, and will run through February 11th. According to CBS, the show will apparently find the crew of the USS Discovery in "unfamiliar territory," and they'll have to get creative about ways to return home. In this week's episode, the crew came face-to-face with the Klingon Empire over the planet Pahvo, after the planet's native species summoned them, hoping to resolve their conflict. After that, it'll be a longer wait for the show to return: CBS recently announced that it renewed Star Trek: Discovery for a second season, but that announcement didn't come with further details about a second season release date, or the number of episodes or chapters planned for season 2.

Read More...
posted 11 days ago on slashdot
At the annual meeting of the Society for Neuroscience starting November 11 in Washington D.C., two teams of scientists plan to present previously unpublished research on the unexpected interaction between human mini-brains and their rat and mouse hosts. "In the new papers, according to STAT, scientists will report that the organoids survived for extended periods of time -- two months in one case -- and even connected to lab animals' circulatory and nervous systems, transferring blood and nerve signals between the host animal and the implanted human cells," reports Inverse. "This is an unprecedented advancement for mini-brain research." From the report: That mini-brains can even be grown in the lab is a huge advancement in the first place, as they have many of the same characteristics as living human brains that are in the early stages of development. Though they're not "alive" in the same sense that you and I are, they grow and are organized into different layers like our brains are. They even react in similar ways to stimuli like psychedelic drugs. Organoids are poised to revolutionize research on the human brain since scientists can perform tests on them that would be unethical to attempt on living humans. STAT also reports that a third lab, in addition to the two presenting at the Society for Neuroscience meeting, has successfully connected human brain organoids to blood vessels. This attempt veered into such challenging ethical territory, though, that the lab reportedly paused its efforts.

Read More...
posted 11 days ago on slashdot
An anonymous reader quotes a report from Ars Technica: Just two days after the FBI said it could not get into the Sutherland Springs shooter's seized iPhone, Politico Pro published a lengthy interview with a top Department of Justice official who has become the "government's unexpected encryption warrior." According to the interview, which was summarized and published in transcript form on Thursday for subscribers of the website, Deputy Attorney General Rod Rosenstein indicated that the showdown between the DOJ and Silicon Valley is quietly intensifying. "We have an ongoing dialogue with a lot of tech companies in a variety of different areas," he told Politico Pro. "There's some areas where they are cooperative with us. But on this particular issue of encryption, the tech companies are moving in the opposite direction. They're moving in favor of more and more warrant-proof encryption." "I want our prosecutors to know that, if there's a case where they believe they have an appropriate need for information and there is a legal avenue to get it, they should not be reluctant to pursue it," Rosenstein said. "I wouldn't say we're searching for a case. I''d say we're receptive, if a case arises, that we would litigate." In the interview, Rosenstein also said he "favors strong encryption." "I favor strong encryption, because the stronger the encryption, the more secure data is against criminals who are trying to commit fraud," he explained. "And I'm in favor of that, because that means less business for us prosecuting cases of people who have stolen data and hacked into computer networks and done all sorts of damage. So I'm in favor of strong encryption." "This is, obviously, a related issue, but it's distinct, which is, what about cases where people are using electronic media to commit crimes? Having access to those devices is going to be critical to have evidence that we can present in court to prove the crime. I understand why some people merge the issues. I understand that they're related. But I think logically, we have to look at these differently. People want to secure their houses, but they still need to get in and out. Same issue here." He later added that the claim that the "absolutist position" that strong encryption should be by definition, unbreakable, is "unreasonable." "And I think it's necessary to weigh law enforcement equities in appropriate cases against the interest in security," he said.

Read More...
posted 11 days ago on slashdot
"Earlier this week, a report in The New York Times and a blog post on Medium drew a lot of attention to a world of strange and sometimes disturbing YouTube videos aimed at young children," reports The Verge. "The genre [...] makes use of popular characters from family-friendly entertainment, but it's often created with little care, and can quickly stray from innocent themes to scenes of violence or sexuality." YouTube is cracking down and will now age restrict videos that violate its policy. From the report: The first line of defense for YouTube Kids are algorithmic filters. After that, there is a team of humans that review videos which have been flagged. If a video with recognizable children's characters gets flagged in YouTube's main app, which is much larger than the Kids app, it will be sent to the policy review team. YouTube says it has thousands of people working around the clock in different time zones to review flagged content. If the review finds the video is in violation of the new policy, it will be age restricted, automatically blocking it from traveling to the Kids app. YouTube says it typically takes at least a few days for content to make its way from YouTube proper to YouTube Kids, and the hope is that within that window, users will flag anything potentially disturbing to children. YouTube also has a team of volunteer moderators, which it calls Contributors, looking for inappropriate content. YouTube says it will start training its review team on the new policy and it should be live within a few weeks. Along with filtering content out of the Kids app, the new policy will also tweak who can see these videos on YouTube's main service. Flagged content will be age restricted, and users won't be able to see those videos if they're not logged in on accounts registered to users 18 years or older. All age-gated content is also automatically exempt from advertising. That means this new policy could put a squeeze on the booming business of crafting strange kid's content.

Read More...
posted 11 days ago on slashdot
New submitter Brentyl writes: Hello Slashdotters, longtime Mac user here faced with a challenge: Our 14-year-old wants a Windows laptop. He will use it for school and life, but the primary reason he wants Windows instead of a MacBook is gaming. I don't need a recommendation on which laptop to buy, but I do need a Windows survival kit. What does a fairly savvy fellow, who is a complete Windows neophyte, need to know? Is the antivirus/firewall in Windows 10 Home sufficient? Are there must-have utilities or programs I need to get? When connecting to my home network, I need to make sure I ____? And so on... Thanks in advance for your insights.

Read More...
posted 11 days ago on slashdot
An anonymous reader quotes a report from Tom's Hardware: Intel's Management Engine (ME) technology is built into almost all modern Intel CPUs. At the Embedded Linux Conference, a Google engineer named Ronald Minnich revealed that the ME is actually running its own entire MINIX OS and that Google is working on removing it. Due to MINIX's presence on every Intel system, the barebones Unix-like OS is the most widely deployed operating system in the world. Intel's ME technology is a hardware-level system within Intel CPUs that consists of closed-source firmware running on a dedicated microprocessor. There isn't much public knowledge of the workings of the ME, especially in its current state. It's not even clear where the hardware is physically located anymore. What's concerning Google is the complexity of the ME. Public interest in the subject piqued earlier this year when a vulnerability was discovered in Intel's Active Management Technology (AMT), but that's just a software that runs on ME--ME is actually an entire OS. Minnich's presentation touched on his team's discovery that the OS in question is a closed version of the open-source MINIX OS. The real focus, though, is what's in it and the consequences. According the Minnich, that list includes web server capabilities, a file system, drivers for disk and USB access, and, possibly, some hardware DRM-related capabilities. It's not known if all this code is explicitly included for current or future ME capabilities, or if it's because Intel simply saw more potential value in keeping rather than removing it.

Read More...
posted 11 days ago on slashdot
schwit1 shares a report from The Hill: The amendment, Section 801 of the National Defense Authorization Act (NDAA), would help Amazon establish a tight grip on the lucrative, $53 billion government acquisitions market, experts say. The provision, dubbed the "Amazon amendment" by experts, according to an article in The Intercept, would allow for the creation of an online portal that government employees could use to purchase everyday items such as office supplies or furniture. This government-only version of Amazon, which could potentially include a few other websites, would give participating companies direct access to the $53 billion market for government acquisitions of commercial products. "It hands an enormous amount of power over to Amazon," said Stacy Mitchell of the Institute for Local Self-Reliance, a research group that advocates for local businesses. Mitchell said that the provision could allow Amazon to gain a monopoly or duopoly on the profitable world of commercial government purchases, leaving smaller businesses behind and further consolidating the behemoth tech firm's power. schwit1 adds: "Well, this is a two-edged sword, isn't it? Government spends too much and takes too long to buy its simple office needs, but streamlining that process and cutting costs puts more money in the pocket of Jeff Bezos."

Read More...
posted 11 days ago on slashdot
New submitter Northern Pike writes: Las Vegas roll out of new driver-less shuttle spoiled by human error. It sounds like the shuttle did what it was designed to do but the human semi driver wasn't as careful. "The shuttle did what it was supposed to do, in that it's (sic) sensors registered the truck and the shuttle stopped to avoid the accident," the city said in a statement. "Unfortunately the delivery truck did not stop and grazed the front fender of the shuttle. Had the truck had the same sensing equipment that the shuttle has the accident would have been avoided." The self-driving shuttle can transport up to 12 people and has a attendant and computer monitor, but no steering wheel and no brake pedals. It relies heavily on GPS, electronic curb sensors and other technology to make its way.

Read More...
posted 11 days ago on slashdot
An anonymous reader quotes a report from Motherboard: WikiLeaks published new alleged material from the CIA on Thursday, releasing source code from a tool called Hive, which allows its operators to control malware it installed on different devices. WikiLeaks previously released documentation pertaining to the tool, but this is the first time WikiLeaks has released extensive source code for any CIA spying tool. This release is the first in what WikiLeaks founder Julian Assange says is a new series, Vault 8, that will release the code from the CIA hacking tools revealed as part of Vault 7. "This publication will enable investigative journalists, forensic experts and the general public to better identify and understand covert CIA infrastructure components," WikiLeaks said in its press release for Vault 8. "Hive solves a critical problem for the malware operators at the CIA. Even the most sophisticated malware implant on a target computer is useless if there is no way for it to communicate with its operators in a secure manner that does not draw attention." In its release, WikiLeaks said that materials published as part of Vault 8 will "not contain zero-days or similar security vulnerabilities which could be repurposed by others."

Read More...
posted 11 days ago on slashdot
Google is digging into the dark corners of the web to better secure people's accounts. From a report: For one year, Google researchers investigated the different ways hackers steal personal information and take over Google accounts. Google published its research, conducted between March 2016 and March 2017, on Thursday. Focusing exclusively on Google accounts and in partnership with the University of California, Berkeley, researchers created an automated system to scan public websites and criminal forums for stolen credentials. The group also investigated over 25,000 criminal hacking tools, which it received from undisclosed sources. Google said it is the first study taking a long term and comprehensive look at how criminals steal your data, and what tools are most popular. [...] Google researchers identified 788,000 potential victims of keylogging and 12.4 million potential victims of phishing. These types of attacks happen all the time. For example on average, the phishing tools Google studied collect 234,887 potentially valid login credentials, and the keylogging tools collected 14,879 credentials, each week.

Read More...
posted 11 days ago on slashdot
Qualcomm is now challenging rival Intel in the rapidly changing data center market. From a report: The company is now selling its long-awaited Centriq 2400 Arm-based server processor that is aimed at the fast-growing cloud market and that Qualcomm officials say beats Intel in such crucial areas as power efficiency and cost. Officials from Arm and its manufacturing partners have for several years talked about pushing the Arm architecture into the data center as an alternative to Intel, and some manufacturers like Cavium and Applied Micro in recent years have rolled out systems-on-a-chip (SoCs) based on the 64-bit Armv8-A design. However, Qualcomm represents the most significant Arm chip maker in terms of scale and resources to challenge Intel, which holds more than 90 percent of the global server chip market. Qualcomm's Centriq chips offer up to 48 single-threaded cores running up to 2.6GHz and are manufactured on Samsung's 10-nanometer FinFET process. The processors sport a bidirectional segmented ring bus with as much as 250G bps of aggregate bandwidth to avoid performance bottlenecks, 512KB of shared L2 cache for every two cores and 60MB of unified L3 cache. There also are six channels of DDR4 memory and support for up to 768GB of total DRAM with 32 PCIe Gen 3 lanes and six PCIe controllers. They also support Arm's TrustZone security technology and hypervisors for virtualization.

Read More...
posted 11 days ago on slashdot
Engineers at marketing research firm IHS Markit cracked open the base version iPhone X, which Apple is selling at $999, this week. After preliminary physical dissection, the firm estimated that the iPhone X carries a bill of materials of $370. From their findings: With a starting price of $999, the iPhone X is $50 more than the previous most expensive iPhone, the 8 Plus 256 GB. As another point of comparison, Samsung's Galaxy S8 with 64 GB of NAND memory has a BOM of $302 and retails at around $720. "Typically, Apple utilizes a staggered pricing strategy between various models to give consumers a tradeoff between larger and smaller displays and standard and high-density storage," said Wayne Lam, principal analyst for mobile devices and networks at IHS Markit. "With the iPhone X, however, Apple appears to have set an aspirational starting price that suggests its flagship is intended for an even more premium class of smartphones." The teardown of the iPhone X revealed that its IR camera is supplied by Sony/Foxconn while the silicon is provided by ST Microelectronics. The flood illuminator is an IR emitter from Texas Instruments that's assembled on top of an application-specific integrated circuit (ASIC) and single-photon avalanche diode (SPAD) detector from ST Microelectronics. Finisar and Philips manufacture the dot projector. IHS Markit puts the rollup BOM cost for the TrueDepth sensor cluster at $16.70.

Read More...
posted 11 days ago on slashdot
IBM released its new bespoke typeface IBM Plex in beta this week. The company is hoping that the new typeface would become just as iconic as Helvetica in the years to come. From a Fast Co Design story: "When I came to IBM, it was a big discussion: Why does IBM not have a bespoke typeface? Why are we still clinging on to Helvetica?" Mike Abbink, the typeface's designer and IBM's executive creative director of brand experience and design said. To uncover what the typeface should express, Abbink and his team took a deep dive into IBM's archives. They were especially interested in the company's history in the postwar years, when its design-led business strategy first took shape and the legendary practitioner Paul Rand, who defined design as a system of relationships, created its famous eight-bar logo. In Rand's logo, Abbink and his team saw a contrast between hard edges -- the engineered, rational, and mechanical -- and curves -- the softer more humanistic elements. It's a reflection of the man-and-machine relationship that runs through the company's history -- a dynamic that is reflected in the final form of IBM Plex. The Plex family includes a sans serif, serif, and monospace versions. The designers also created a rigorous style guide that's akin to a digital standards manual and includes a type scale, which plays into responsive displays; eight different weights (a nod to how the IBM logo is composed of eight horizontally stacked bars); and usage guidelines, which dive into everything from information hierarchies to color and ragging. All together, it's easy to see Plex as a gentler, friendlier, more casual Helvetica for a broad range of uses both digital and print-based.

Read More...
posted 11 days ago on slashdot
A reader shares a report: An alliance of major cities including New York, Toronto, and London challenged nation states attending the United Nations climate talks in Bonn, Germany this week "to kick dirty carbon to the curb" and immediately "commit and work straightaway towards carbon neutrality, 100 percent renewable energy, zero-waste and zero-carbon." The Carbon Neutral Cities Alliance is a new collaboration of 20 international cities (other members include Washington DC, San Francisco, Oslo, and Sydney). All are striving for carbon neutrality and cutting greenhouse gas emissions by at least 80 percent by 2050. "Dirty fuels and climate disruption are killing and displacing millions of citizens around the world," the Alliance stated in a strongly-worded letter sent to every country's delegation at climate talks, known as COP 23. "Cities are on the frontline of climate impacts. We see the urgency of climate action and need nation-states to be as committed as we are," Johanna Partin, the director of the Alliance and former advisor to the mayor of San Francisco, told Motherboard by phone.

Read More...
posted 11 days ago on slashdot
New Delhi, the Indian capital declared a pollution emergency on Thursday as toxic smog hung over the city for a third day and air quality worsened by the hour. From a report: Illegal crop burning in the farm states surrounding New Delhi, vehicle exhaust emissions in a city with limited public transport and swirling construction dust have caused the crisis, which arises every year. The problem has been compounded this year by still conditions, the weather office said. A U.S. embassy measure of tiny particulate matter PM 2.5 showed a reading of 608 at 10 a.m. when the safe limit is 25. An hour before it was 591.

Read More...
posted 11 days ago on slashdot
Sean Parker, the founding president of Facebook, spoke to news outlet Axios about the ways social networks have made hundreds of millions of users addicted to their platforms. He said, from the interview: When Facebook was getting going, I had these people who would come up to me and they would say, 'I'm not on social media.' And I would say, 'OK. You know, you will be.' And then they would say, 'No, no, no. I value my real-life interactions. I value the moment. I value presence. I value intimacy.' And I would say, ... 'We'll get you eventually. I don't know if I really understood the consequences of what I was saying, because [of] the unintended consequences of a network when it grows to a billion or 2 billion people and ... it literally changes your relationship with society, with each other ... It probably interferes with productivity in weird ways. God only knows what it's doing to our children's brains. The thought process that went into building these applications, Facebook being the first of them, ... was all about: 'How do we consume as much of your time and conscious attention as possible?' And that means that we need to sort of give you a little dopamine hit every once in a while, because someone liked or commented on a photo or a post or whatever. And that's going to get you to contribute more content, and that's going to get you ... more likes and comments. It's a social-validation feedback loop. He says people like him, and Mark Zuckerberg knew the potential consequences, but they did what they did anyway.

Read More...
posted 11 days ago on slashdot
The outsourcing industry in the Philippines, which has dethroned India as the country with the most call centers in the world, is worried that the rise of artificial intelligence (AI) will eat into the $23 billion sector. From a report: AI-powered translators could dilute the biggest advantage the Philippines has, the wide use of English, an industry meeting was told this week. Other AI applications could take over process-driven jobs. The Philippines' business process outsourcing (BPO) industry is an economic lifeline for the Southeast Asian nation of 100 million people. It employs about 1.15 million people and, along with remittances from overseas workers, remains one of the top two earners of foreign exchange. "I don't think our excellent command of spoken English is going to really be a protection five, 10 years from now. It really will not matter," said Rajneesh Tiwary, chief delivery officer at Sutherland Global Services.

Read More...
posted 11 days ago on slashdot
Microsoft is partnering with other security vendors to integrate their macOS, Linux, iOS, and Android security wares with its Windows Defender Advanced Threat Protection (ATP) service From a report: Microsoft has announced the first three such partners: Bitdefender, Lookoutm and Ziften. These companies will feed any threats detected into the single Windows Defender ATP console. With Defender ATP, every device has its own timeline with event history dating back up to six months. According to Microsoft, no additional infrastructure is needed to onboard events from macOS, Linux, iOS and/or Android devices. Integration with Bitdefender's GravityZone Cloud -- which allows users to get macOS and Linux threat intelligence on malware and suspicious files -- is in public preview as of today. A trial version is available now. Integration with Lookout's Mobile Endpoint Security for iOS and Android and Ziften's Zenith systems and security operations platform for macOS and Linux will be in public preview "soon," Microsoft's blog post says.

Read More...
posted 11 days ago on slashdot
News outlets reported on Wednesday that Uber had signed a contract with NASA to develop software for the ride-hailing company's autonomous "flying taxis." A day later, the space agency has clarified its involvement in the project and the specifics of the contract. From the report: Uber's chief product officer Jeff Holden spoke at the Web Summit in Lisbon yesterday where he was promoting the fledgling autonomous taxi project, revealed last year, Uber Elevate. And of course he never claimed that NASA was working on software for his firm, merely explaining that it had inked an agreement to work with the public body on the latter's air traffic control project. Uber told us that while NASA was not "committing funding or anything like that", it said "having their decades of aeronautic experience actively collaborating with our engineers is a huge help for tackling the aviation traffic management hurdles." A NASA spokesperson, meanwhile, told us Uber had indeed signed what it described as a "generic Space Act Agreement" for participation in the programme back in January, joining a "multitude" of others. The project and its members are "researching prototype technologies for a UAS Traffic Management (UTM) system that could develop airspace integration requirements for enabling safe, efficient low-altitude operations," according to NASA's website. So no new news on the software front.

Read More...
posted 11 days ago on slashdot
A reader shares an Economist article: More people will trade in Bitcoin and that means more demand, and thus the price should go up. But what is the appeal of Bitcoin? There are really three strands; the limited nature of supply; fears about the long-term value of fiat currencies in an era of quantitative easing; and the appeal of anonymity. The last factor makes Bitcoin appealing to criminals creating this ingenious valuation method for the currency of around $570. These three factors explain why there is some demand for Bitcoin but not the recent surge. The supply details have if anything deteriorated (rival cryptocurrencies are emerging); the criminal community hasn't suddenly risen in size; and there is no sign of general inflation. A possible explanation is the belief that blockchain, the technology that underlines Bitcoin, will be used across the finance industry. But you can create blockchains without having anything to do with Bitcoin; the success of the two aren't inextricably linked. A much more plausible reason for the demand for Bitcoin is that the price is going up rapidly. People are not buying Bitcoin because they intend to use it in their daily lives. People are buying Bitcoin because they expect other people to buy it from them at a higher price; the definition of the greater fool theory.

Read More...