IoT Security Flaw Leaves 496 Million Devices Vulnerable At Businesses, Report Says
it - Posted On:2018-07-22 21:14:58 Source: slashdot
Nearly a half-billion Internet of Things devices are vulnerable to cyberattacks at businesses worldwide because of a 10-year-old security flaw, according to a new report from a security software vendor. From a report: The report was published Friday by Armis, a provider of Internet of Things security software for enterprises that focuses on detecting threats in IoT devices at workplaces. The Palo Alto, Calif.-based company has previously made security disclosures, including the BlueBorne malware attack that impacted 5 billion IoT devices. Read more of this story at Slashdot.
China's JD.com Plans Move Into Europe
slashdot - Posted On:2018-07-22 20:14:59 Source: slashdot
Chinese e-commerce company JD.com plans to expand in Europe and aims to have finalized its strategy for entering the market by the end of the year, its chief executive told a German newspaper. Reuters: China's second largest e-commerce business also wants to open an office in Germany by the end of 2018, the Handelsblatt daily cited Richard Liu as saying. "For me it's no longer just about selling products from Germany in China. I would also like to sell products in Europe," Liu told the paper. "We have just got to clarify the details." Further reading: JD.com is expanding its consumer base with drone delivery and local recruits who can exploit villages' tight-knit social networks to drum up business. Read more of this story at Slashdot.
The Hidden Environmental Cost of Amazon Prime's Free, Fast Shipping
news - Posted On:2018-07-22 19:14:59 Source: slashdot
Amazon's Prime Day shopping spree offers free, fast shipping -- but experts say there's a hidden environmental cost that doesn't show up on the checkout page. From a report: Expedited shipping means your packages may not be as consolidated as they could be, leading to more cars and trucks required to deliver them, and an increase in packaging waste, which researchers have found is adding more congestion to our cities, pollutants to our air, and cardboard to our landfills. Free and fast shipping has always been a Prime membership's marquee perk -- one that's drawn in over 100 million subscribers who pay $119 annually. A 2017 study by UPS found that nearly all (96%) US customers had made a purchase on a marketplace like Amazon or Walmart, and over half (55%) said free or discounted shipping was the primary reason. [...] That convenience is encouraging people in the US to buy more, and to make more individual purchases rather than placing a single order for several items. "There are more sales in lower-price products online than there have been in stores," Marshal Cohen, chief industry advisor at the NPD Group, told BuzzFeed News. And all of those transactions are negatively impacting our planet, according to Miguel Jaller, assistant professor of civil and environmental engineering at the University of California, Davis: "People are consuming more. There's more demand created by the availability of these cheap products and cheap delivery options." Read more of this story at Slashdot.
Google Tests Curvy Chrome Tabs With Material Design Overhaul
technology - Posted On:2018-07-22 18:14:59 Source: slashdot
Google is trying out a new Chrome interface that for the first time in a decade presents a very different look for the tabs and address bar at the top of the widely used web browser, CNET reports. It adds: Since its public debut in 2008, Chrome has featured a trapezoidal tab for each website you have open. But tabs now look very different on Chrome Canary -- a very rough-around-the-edges version used to test changes before they reach a broader audience. The active tab has a slope-shouldered look with curved corners. The grayed-out inactive tabs merge with the the browser itself and are separated only by thin vertical lines. In addition, the address bar's text box is a gray oval against a white backdrop, instead of a round-cornered white rectangle with a hairline border. Read more of this story at Slashdot.
Comic Book Publishers, Faced With Flagging Sales, Look To Streaming
news - Posted On:2018-07-22 17:14:59 Source: slashdot
Comic book publishers are facing a growing crisis: Flagging interest from readers and competition from digital entertainment are dragging down sales. Hoping to reverse the trend, publishers are creating their own digital platforms to directly connect with readers and encourage more engagement from fans. From a report: One of the biggest direct-to-consumer efforts is DC Universe, a platform from DC Entertainment and Warner Bros. Digital Studios that will offer streaming content, including original and classic TV series. DC Universe is "a huge opportunity" that offers "ultimate creative control," said Jim Lee, a co-publisher of DC Entertainment. "It allows you to look at wider adaptations of the source material." [...] The Walt Disney Company, which owns Marvel Entertainment, said last year that it would create a streaming platform that would include Marvel movies like "The Avengers" and "Guardians of the Galaxy." Smaller comic book publishers are testing their own direct-to-consumer platforms. Image Comics, the publisher of popular titles like The Walking Dead and Saga, started a direct-to-consumer platform in 2015 to sell comic book subscriptions and apparel. Read more of this story at Slashdot.
Unknown Dev Brings LibreOffice to Windows 10 via the Microsoft Store
Security - Posted On:2018-07-22 16:45:00 Source: bleepingcomputer
The free and open-source Microsoft Office challenger called LibreOffice is now available in the Microsoft Store for Windows 10 PCs and Tablets. What is concerning, though, is that the app's publisher does not appear to be LibreOffice's actual developer, but rather a 3rd party that also prompts you to purchase it for $2.99. [...]
Open Gov't Advocates Fear that Private Messaging Apps Are Being Misused by Public Officials To Conduct Business in Secret
yro - Posted On:2018-07-22 16:15:00 Source: slashdot
The proliferation of digital tools that make text and email messages vanish may be welcome to Americans seeking to guard their privacy. But open government advocates fear they are being misused by public officials to conduct business in secret and evade transparency laws. From a report: Whether communications on those platforms should be part of the public record is a growing but unsettled debate in states across the country. Updates to transparency laws lag behind rapid technological advances, and the public and private personas of state officials overlap on private smartphones and social media accounts. "Those kind of technologies literally undermine, through the technology itself, state open government laws and policies," said Daniel Bevarly, executive director of the National Freedom of Information Coalition. "And they come on top of the misuse of other technologies, like people using their own private email and cellphones to conduct business." Some government officials have argued that public employees should be free to communicate on private, non-governmental cellphones and social media platforms without triggering open records requirements. Read more of this story at Slashdot.
Boston Dynamics Is Gearing Up To Produce Thousands of Robot Dogs
hardware - Posted On:2018-07-22 15:15:00 Source: slashdot
Boston Dynamics, maker of uncannily agile robots, is poised to bring its first commercial product to market -- a small, dog-like robot called the SpotMini. From a report: The launch was announced in May, and founder Marc Raibert recently said that by July of next year, Boston Dynamics will be producing the SpotMini at the rate of around 1,000 units per year. The broader goal, as reported by Inverse, is to create a flexible platform for a variety of applications. According to Raibert, SpotMini is currently being tested for use in construction, delivery, security, and home assistance applications. The SpotMini moves with the same weirdly smooth confidence as previous experimental Boston Dynamics robots with names like Cheetah, BigDog, and Spot. Read more of this story at Slashdot.
Facebook Confirms It's Working on a New Internet Satellite
technology - Posted On:2018-07-22 14:15:00 Source: slashdot
A host of companies believe the better way to connect the estimated half of Earth's population that's still offline is to launch "constellations" of smaller satellites into low Earth orbit, around 100 to 1,250 miles above our planet. According to emails from the Federal Communications Commission, which Wired obtained by filing a Freedom of Information Act request, Facebook is officially one such company. From the report: The emails show that the social network wants to launch Athena, its very own internet satellite, in early 2019. The new device is designed to "efficiently provide broadband access to unserved and underserved areas throughout the world," according to an application the social network appears to have filed with the FCC under the name PointView Tech LLC. With the filing, Facebook joins Elon Musk's SpaceX and Softbank-backed OneWeb, two well-funded organizations working on similar projects. In fact, SpaceX launched the first two of what it hopes will be thousands of its Starlink satellites just this past February. The emails, which date back to July 2016, and subsequent confirmation from Facebook, confirm a story published in May by IEEE Spectrum, which used public records to speculate that Facebook had started a satellite internet project. Read more of this story at Slashdot.
Uber, Lyft driver booted after newspaper reveals he was livestreaming passengers
Policy - Posted On:2018-07-22 13:15:00 Source: arstechnica
A St. Louis Uber and Lyft driver has been kicked off both companies' platforms after the St. Louis Post-Dispatch reported Friday night that he had been livestreaming his passengers for months without their consent.
According to the newspaper, Jason Gargac, a 32-year-old man from Florissant, Missouri, had been giving hundreds of rides since March—and he has streamed nearly all of them live, under the Twitch handle "JustSmurf." (His Twitch account has also been shuttered.)
As the Dispatch wrote:
People Like Getting Thank You Notes, Research Finds
science - Posted On:2018-07-22 13:15:00 Source: slashdot
From a report: O.K., it's not that surprising. But what did surprise two psychologist as they attempted to get to bottom of why so few people actually send thank yous is that many people totally "miscalibrate" the effect of an appreciative email. They underestimate the positive feelings it will bring. "They think it's not going to be that big a deal," said Amit Kumar, a professor at the University of Texas at Austin who studies well-being. They also overestimate how insincere the note may appear and how uncomfortable it will make the recipient feel, their study found. But after receiving thank-you notes and filling out questionnaires about how it felt to get them, many said they were "ecstatic," scoring the happiness rating at 4 of 5. The senders typically guessed they'd evoke a 3. To be clear -- the notes in question were not your typical "thanks for the Amazon gift card." Rather, the 100 or so participants in each of the four experiments were asked to write a short "gratitude letter" to a person who had affected them in some way. Sample letters included missives of appreciation to fellow students and friends who offered guidance through the college admissions process, job searches and tough times. In lab experiments, Dr. Kumar observed that it took most subjects less than five minutes to write the letters. Further reading: Finding Emails With Certain Variation Of Thank You Vastly Improves Response Rate, Study Finds; and Apparently, People Say 'Thank You' To Self-Driving Pizza Delivery Vehicles. Read more of this story at Slashdot.
Rome's Subway Expansion Reveals Artifacts From The Ancient Past
science - Posted On:2018-07-22 12:15:00 Source: slashdot
All roads may lead to Rome, but once you get there, good luck taking the subway. The sprawling metropolis is expanding its mass transit system -- a sluggish process made even slower as workers keep running into buried ancient ruins. From a report: "I found some gold rings. I found glasswork laminated in gold depicting a Roman god, some amphoras," says Gilberto Pagani, a bulldozer operator at the Amba Aradam metro stop, currently under construction not far from the Colosseum. Pagani is part of an archaeological team at the site, a certified archaeological construction worker trained to excavate, preserve and build in cities like Rome, with thousands of years of civilization buried beneath the surface. The presence of ancient artifacts underground is a daunting challenge for urban developers. For archaeologists, it's the opportunity of a lifetime. "I think it's the luckiest thing that's ever happened to me, professionally speaking," says Simona Morretta, the state archaeologist in charge of the Amba Aradam site. "Because you never get the chance in a regular excavation to dig so deep. That's how we've found architectural complexes as important as this." Read more of this story at Slashdot.
US considers tariffs on uranium imports
Policy - Posted On:2018-07-22 11:15:01 Source: arstechnica
This week, the US Department of Commerce opened an investigation into the nature of uranium imports, ostensibly with an eye to imposing tariffs on ore and other uranium products.
Uranium is used in the production of nuclear energy, and currently only five percent of uranium used in the US nuclear energy industry comes from the US. The remaining 95 percent is imported from a variety of countries, with Canada leading, followed by Australia, Russia, and Kazakhstan.
The investigation announcement invokes Section 232 of the Trade Expansion Act, which allows the federal government to assess imports on the basis of national security. Section 232 has been seldom used since it was signed by President John F. Kennedy in 1962, but it was used most recently this March by the Trump administration to levy tariffs on steel and aluminum.
Some Colleges Cautiously Embrace Wikipedia
news - Posted On:2018-07-22 11:15:01 Source: slashdot
Megan Zahneis, writing for The Chronicle of Higher Education: Academics have traditionally distrusted Wikipedia, citing the inaccuracies that arise from its communally edited design and lamenting students' tendency to sometimes plagiarize assignments from it. Now, LiAnna Davis, director of programs for Wikipedia's higher-education-focused nonprofit arm Wiki Education, said, higher education and Wikipedia don't seem like such strange bedfellows. At conferences these days, "everyone's like, 'Oh, Wikipedia, of course you guys are here.'" "I think it's a recognition that Wikipedia is embedded within the fabric of learning now," she said. One initiative Davis oversees at Wiki Education aims to forge stronger bonds between Wikipedia and higher education. The Visiting Scholars program, which began in 2015, pairs academics at colleges with experienced Wikipedia editors. Institutions provide the editors with access to academic journals, research databases, and digital collections, which the editors use to write and expand Wikipedia articles on topics of mutual interest. A dozen institutions, including Rutgers University, Brown University, and the University of Pittsburgh, are participating. Read more of this story at Slashdot.
Two years later, Darkest Dungeon is completely different for the better
Gaming & Culture - Posted On:2018-07-22 10:14:56 Source: arstechnica
Darkest Dungeon’s newest DLC isn’t quite like anything else in the game prior. The expansion, called “The Color of Madness,” is a clear homage to an H.P. Lovecraft story—“The Colour Out of Space”—in a game already full of such homages. But it also incorporates a whole new style of endless mission into Darkest Dungeon’s grueling grind.
Also, there are aliens.
Like the story on which it’s based, “The Color of Madness” starts with a comet crash landing into a farmstead. The impact spreads strange, slimy crystals across the surrounding land and its inhabitants, morphing them into a new enemy faction called Husks. Husks aren’t particularly tough but make up for their weakness with numbers. “The Color of Madness” mostly plays out as an endless, wave-based horde mode, granting better rewards the longer a single team survives the thronging masses. And if your team dies? It’ll just be temporarily lost in time and space, keeping its items and progress without that pesky perma-death.
Slashdot Asks: Do You Need To Properly Eject a USB Drive Before Yanking it Out?
hardware - Posted On:2018-07-22 10:14:56 Source: slashdot
In a story earlier this week, Popular Science magazine explored an age-old topic: Do people need to safely eject a USB stick before they pull it from their computer? The magazine's take on it -- which is, as soon any ongoing transfer of files is complete, it is safe to yank out the flash drive -- has unsurprisingly stirred a debate. Here's what the magazine wrote: But do you really need to eject a thumb drive the right way? Probably not. Just wait for it to finish copying your data, give it a few seconds, then yank. To be on the cautious side, be more conservative with external hard drives, especially the old ones that actually spin. That's not the official procedure, nor the most conservative approach. And in a worst-case scenario, you risk corrupting a file or -- even more unlikely -- the entire storage device. To justify its rationale, the magazine has cited a number of computer science professors. In the same story, however, a director of product marketing at SanDisk made a case for why people should probably safely eject the device. He said, "Failure to safely eject the drive may potentially damage the data due to processes happening in the system background that are unseen to the user." John Gruber of DaringFireball (where we originally spotted the story), makes a case for why users should safely eject the device before pulling it out: This is terrible advice. It's akin to saying you probably don't need to wear a seat belt because it's unlikely anything bad will happen. Imagine a few dozen people saying they drive without a seat belt every day and nothing's ever gone wrong, so it must be OK. (The breakdown in this analogy is that with seat belts, you know instantly when you need to be wearing one. With USB drives, you might not discover for months or years that you've got a corrupt file that was only partially written to disk when you yanked the drive.) I see a bunch of "just pull out the drive and not worry about it" Mac users on Twitter celebrating this article, and I don't get it. On the Mac you have to do something on screen when you eject a drive. Either you properly eject it before unplugging the drive -- one click in the Finder sidebar -- or you need to dismiss the alert you'll get about having removed a drive that wasn't properly ejected. Why not take the course of action that guarantees data integrity? What are your thoughts on this? Read more of this story at Slashdot.
Risky Thailand cave rescue relied on talent, luck—and on sticking to the rules
Features - Posted On:2018-07-22 10:00:00 Source: arstechnica
Last week, the world was riveted by the successful rescue of a youth soccer team as they and their coach were pulled out of a flooded cave in Thailand. The team had been stranded on a narrow rock shelf in the dark for two weeks, the way out blocked by turbid stormwater. The rescue involved far more than a few divers putting on gear and heading into the cave—it required a tremendous amount of technical skill and posed extreme danger.
But why, exactly, was it so dangerous? And what would it feel like to dive in those kinds of conditions?
I’m a professional diver with 16 years of dive experience, including safety diving and cave diving, and I have trained numerous scuba instructors. I also work full-time in a safety diving role, so answering the first question from a technical perspective is easy enough. The short answer is that all cave diving is dangerous (we'll dig into why below).
SpaceX has a successful second launch of its Block 5 rocket
Science - Posted On:2018-07-22 07:59:57 Source: arstechnica
Update: At the top of its launch window, the Falcon 9 rocket took off early Sunday at 1:50am ET (05:50 UTC) and lofted its large satellite payload into geostationary transfer orbit. Meanwhile, the first stage of the rocket made a safe landing on a drone ship in the Atlantic Ocean. One wonders how many times we will see this core fly.
Original post: Having worked through its fleet of used Block 4 rockets, SpaceX will now transition into flying its more advanced Block 5 variant of the Falcon 9 rocket full time. As early as 1:50am ET (05:50 UTC) Sunday, SpaceX will attempt to launch the Telstar 19V satellite from Cape Canaveral Air Force Station in Florida. The mission has a four-hour launch window.
This will be the second launch of the new version of SpaceX's Block 5 rocket. The first one had a flawless debut on May 11, and the first stage made a safe return to a drone ship, as expected. Since then, SpaceX engineers have been assessing how that Block 5 core, optimized for reusability, actually performed during that flight.
Bot Tweeted Names And Photos Of Venmo Users Who Bought Drugs
yro - Posted On:2018-07-22 06:44:57 Source: slashdot
Since Venmo's transactions are "public" by default and broadcast on Venmo's API, a Python programmer decided to publicize a few of them, reports the Mercury News: The creator of the bot named "Who's buying drugs on Venmo" under the Twitter handle @venmodrugs says he wanted users to consider their privacy settings before using Venmo. The bot finds Venmo transactions that include words such as heroin, marijuana, cocaine, meth, speed or emojis that denote drugs and tweets the transaction with the names of the sender and receiver and the sender's photo, if there is one... "I wanted to demonstrate how much data Venmo was making publicly available with their open API and their public by default settings and encourage people to consider their privacy settings," Joel Guerra, the creator of the bot, told Motherboard, a technology news outlet run by Vice. He shut the bot after 24 hours, according to a Medium essay titled "Why I blasted your 'drug' deals on Twitter": I chose drugs, sex and alcohol keywords as the trigger for the bot because because they were funny and shocking. I removed the last names of users because I didn't want to actually contribute to the problem of lack of privacy... I braced myself for backlash but the response was overwhelmingly positive. People understood my point and I had sparked a lot of discussion about online privacy and the need for users to do a better job of understanding the terms of software they were using -- and a lot of discussion about how companies need to do a better job of informing customers how their data was being used... After about 24 hours of tweeting everyone's drug laden Venmo transactions I shut down the bot (Python script!!) and deleted all the tweets. I had successfully made my point and gotten more attention than I had imagined possible. Thousands of people were reading tweets and articles about the bot and discussing data privacy. I saw no further value in tweeting out anyone's personal transactions anymore. However, all I ever did was format the data and automate a Twitter account -- the data is still readily available. His closure of the bot drew some interesting reactions on Twitter. "booooooooo. I was so entertained by this." "I remember I had a dealer take my phone and set venmo to private lol." "we're looking to add a Python developer to our team and I think you'd be a good fit." Read more of this story at Slashdot.
Ask Slashdot: Should I Ditch PHP?
askslashdot - Posted On:2018-07-22 03:44:57 Source: slashdot
Long-time Slashdot reader Qbertino does PHP for a living, but says he's growing "increasingly frustrated with the ignorant and clueless in the vincinity of PHP." Crappy code and baaaaad application setups is one thing, but people refusing to fix them or simply not even understanding the broader implications of bad applications or attempting SEO with gadgets while refusing to fix 3.5 MB-per-pagecall are just minor tidbits in a history of increasingly unnerving run-ins with knuckledragers in the "web agency" camp... Will I leave the larger part of this backwards stuff behind if I move to another server-side programming language such as Java or Kotlin for professional work in the broader web area? Do I have a chance to do quality work on quality projects using PHP, or are those slim compare to other programming languages? In short, should I ditch PHP? "I think .NET is a much cleaner language to work in with Microsoft's excellent Visual Studio IDE and debugger," argues Slashdot reader Agret , adding "there are many large projects in my city hiring .NET developers and being a strongly typed language the code quality is generally better than PHP." But what's been your experience? And would a frustrated developer find more quality projects by ditching PHP? Read more of this story at Slashdot.