Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Mail-in ballots remain the largest potential fr (Score 1) 682

Add to this the more modern capabilities we have now to print each ballot with a unique number on it -- allowing for tracking ballots to ensure that they are not going missing, or being counted more than once, and ensuring that someone can't just print one off with a random number and have it work.

Throw in the federal offense and penalties for tampering with mail, the ability to fully audit and recount (full real-world paper trail) and any cheating or fraud will be extremely hard to scale up or pass undetected.

The goal of audibility is a good goal. however, it is in direct opposition to the requirement for secret ballots. If you have a unique id number printed on the ballot, they will have to scan that number and cross reference it against a list of ballots issued to registered voters, to ensure a registered voter did not vote twice. That means that at least one database has both numbers, so could match votes with the voter. It's the same problem with internet voting. There's no way to ensure anonymity of votes while also authenticating the validity of voter registration.

That being said, there is a workaround that most precincts use. The typical mail-in ballot has three pages. The first only contains the unique ballot number, which is cross referenced against the voter registration database (This could be an envelope instead). That page is then torn off (or the envelope is opened), and discarded once the ballot is validated. The second page is just a privacy screen, and the third page contains the actual votes (and no unique identifiers). It's not a perfect system, because there's still the problem of delivery to and from the correct registered voter (which is a big problem , e.g. people move; mail gets mis-delivered all the time), and of course once it's delivered to the voter's residence, there's no way to ensure privacy while they are marking it. So, anyone wanting to influence or view that person's vote can do it in private, instead of in the public polling place.
Microsoft

Microsoft Confirms Windows 10X is Coming To Laptops Amid Big Jump in Windows Usage (theverge.com) 94

Posted by msmash from the moving-forward dept.
Microsoft is confirming today that it's planning to refocus Windows 10X on single-screen devices. "The world is a very different place than it was last October when we shared our vision for a new category of dual-screen Windows devices," explains Panos Panay, Microsoft's Windows and devices chief. From a report: "With Windows 10X, we designed for flexibility, and that flexibility has enabled us to pivot our focus toward single-screen Windows 10X devices that leverage the power of the cloud to help our customers work, learn and play in new ways." Microsoft isn't saying exactly when single-screen devices like laptops will support Windows 10X, nor when dual-screen devices will launch with the OS. However, Windows 10X will launch on single-screen devices first. "We will continue to look for the right moment, in conjunction with our OEM partners, to bring dual-screen devices to market," says Panay. Microsoft is reprioritizing Windows 10X for laptops and single-screen devices because of the coronavirus pandemic. The software maker has seen a 75 percent year-over-year increase in the time spent in Windows 10. More people are turning to using their laptops or PCs instead of a smartphone or tablet during the lockdowns we've seen worldwide to work or study.
Google

Google Backs Apple's SMS OTP Standard Proposal 40

Posted by msmash from the avengers,-assemble dept.
Google is now backing a standard proposed by Apple engineers in January to create a default format for one-time passcodes (OTP) sent via SMS to users during the two-factor authentication (2FA) process. From a report: The standard, proposed by Apple engineers working on the Safari WebKit project, has now reached the status of official Web Platform Incubator Community Group (WICG) specification draft. "We've moved 'Origin-bound one-time codes delivered via SMS' to @wicg_, where we're working on a shared spec with our collaborators at Google. Please take a look! Updated explainer, and specification," wrote Apple's Ricky Mondello. The proposal aims to fix some issues with the current state of SMS 2FA/OTP codes, all of which have different formats, unique per the websites sending the codes.
Transportation

Boeing 787s Must Be Turned Off and On Every 51 Days To Prevent 'Misleading Data' Being Shown To Pilots (theregister.co.uk) 140

Posted by BeauHD from the what-could-possibly-go-wrong dept.
The U.S. Federal Aviation Administration has ordered Boeing 787 operators to switch their aircraft off and on every 51 days to prevent what it called "several potentially catastrophic failure scenarios" -- including the crashing of onboard network switches. The Register reports: The airworthiness directive, due to be enforced from later this month, orders airlines to power-cycle their B787s before the aircraft reaches the specified days of continuous power-on operation. The power cycling is needed to prevent stale data from populating the aircraft's systems, a problem that has occurred on different 787 systems in the past. According to the directive itself, if the aircraft is powered on for more than 51 days this can lead to "display of misleading data" to the pilots, with that data including airspeed, attitude, altitude and engine operating indications. On top of all that, the stall warning horn and overspeed horn also stop working.

This alarming-sounding situation comes about because, for reasons the directive did not go into, the 787's common core system (CCS) -- a Wind River VxWorks realtime OS product, at heart -- stops filtering out stale data from key flight control displays. That stale data-monitoring function going down in turn "could lead to undetected or unannunciated loss of common data network (CDN) message age validation, combined with a CDN switch failure." Solving the problem is simple: power the aircraft down completely before reaching 51 days. It is usual for commercial airliners to spend weeks or more continuously powered on as crews change at airports, or ground power is plugged in overnight while cleaners and maintainers do their thing.
Facebook

Facebook Has a Prescription: More Pharmaceutical Ads (washingtonpost.com) 49

Posted by msmash from the how-about-that dept.
An anonymous reader shares a report: After years of avoiding social media, drug companies are growing bolder about advertising on Facebook and other social networks, according to interviews with advertising executives, marketers, health-care privacy researchers and patient advocates. That is exposing loopholes around the way data can be used to show consumers relevant ads about their personal health, even as both social networks and pharmaceutical manufacturers disavow targeting ads to people based on their medical conditions. Ads promoting prescription drugs are popping up on Facebook for depression, HIV and cancer. Spending on Facebook mobile ads alone by pharmaceutical and health-care brands reached nearly a billion dollars in 2019, nearly tripling over two years, according to Pathmatics, an advertising analytics company. Facebook offers tools to help drug companies stay compliant with rules about disclosing safety information or reporting side effects.

But seeing an ad for a drug designed to treat a person's particular health condition in the relatively intimate setting of a social media feed -- amid pictures of friends and links to news articles -- can feel more intrusive than elsewhere online. The same opaque Facebook systems that help place an ad for a political campaign or a new shoe in a user's feed also can be used by pharmaceutical companies, allowing them to target consumers who match certain characteristics or had visited a particular website in the past. The ability of drug companies to reach people likely to have specific health conditions -- a far cry from a magazine or TV ad -- underscores how the nation's health privacy law, the Health Insurance Portability and Accountability Act (HIPAA), has not kept up with the times. HIPAA, which safeguards personal health records, typically does not cover drug companies or social media networks.
Social Networks

Reddit's Profane, Greedy Traders Are Shaking Up the Stock Market (bloomberg.com) 99

Posted by BeauHD from the do-it-yourself dept.
Bloomberg's Luka Kawa reports on the tips and tricks members of the r/wallstreetbets subreddit are using to push prices on the stock market, at least for the short term. Here's an excerpt from the report: The do-it-yourself traders of r/WSB are waging a kind of guerrilla warfare in the markets, trying to exploit what they see as weaknesses in the system to move prices where they want them. For anyone who wondered about where the small day traders who made the 1990s so wild went, meet the 2020 version. After years of indifference, individual investors seem to be finding their way back to stocks, for better or worse. They're flexing muscles in ways that can easily call to mind excesses from the dot-com era.

Members of r/WSB believe they've discovered a kind of perpetual motion machine in the interplay of stocks withÂoptions contracts, which offer a cheap way to bet on whether shares will rise or fall without buying the stock itself. It goes like this: Members make bets that rely on market makers, the professional middlemen who sell you a call (a bet on shares rising) or a put (a wager on a decline). Market makers, like good bookies, don't want to go out on a limb. When taking a bet, they lay off the risk. If someone buys a call, for instance, speculating on a rally, the dealer buys stock in the underlying company. If the stock rises, the dealer may have to pay out on the option -- but that's offset by the gain on the shares. When shares keep rising, managing the hedge entails buying more stock. That's where the Reddit set perceives a weakness. A favorite tactic on r/WSB is to swamp the market with call purchases early in the morning in an attempt to force dealers to keep buying stock. Up and up everything goes -- supposedly. As the stock price rises, so does the value of the calls, often by far more...
Cloud

Petnet's Smart Pet Feeder Goes Offline For a Week, Can't Answer Customers At All (arstechnica.com) 102

Posted by BeauHD from the app-based-services dept.
The app-driven, cloud-connected "smart" pet feeder from Petnet recently suffered an outage that knocked units offline for a week, leaving pets hungry and customers angry. An anonymous reader shares an excerpt from Ars Technica: Petnet began posting messages on Twitter on February 14 advising customers that some of its SmartFeeders "will appear offline," although they still would nominally work to dispense food. Of course, when something doesn't work, most people will try to turn it off and back on again, as that's the first-line repair for basically everything with a power switch. That, alas, was not the solution here, and Petnet explicitly advised against turning feeders off or on, adding, "We will continue to provide updates on this matter." The next update to the company's Twitter feed came four days later, on February 18, when it said it was working with a third-party service provider and would "release more information as we learn more." Finally on February 21, a full week after users began to notice something was amiss, Petnet said it had resolved the problem and would be pushing a reset and an update to affected customers.

Users were distinctly unhappy, not only with the outage but also with the company's lack of response and a clear lack of avenues for contacting them. "Does that same third party pick up your phones, answer your emails, pay your lease (property address is available for rent) and support your customers?" one customer tweeted on February 18. Another, on February 21, said, "Why were your emails not delivering? Why isnt anyone answering the phone or returning calls? Your website still claims support Mon-Sat by phone email and twitter. You've been silent for a week." Customers aren't the only ones unable to reach the company. Ars' request for comment sent to the press contact Petnet lists on its company website bounced back with an error indicating the email address does not exist.

Comment Re:Is this 2019? (Score 1) 148

I don't think they've decided what sound to use yet and have announced the ruling, to give the big consultancies plenty of time to work out how to charge a vast fortune for licencing whatever new sound they come up with.

The wired.co.uk article did, but ...

Oops, we couldn’t find that track.

SoundCloud.com
Books

Pearson Ditches Print Textbooks For College Students in Digital-First Strategy (cbsnews.com) 154

Posted by msmash from the how-about-that dept.
Texbook publishing giant Pearson will soon be publishing a lot fewer textbooks. It said this week it's ending regular revisions of all print textbooks in its higher-education category. As Pearson faces mounting pressure from the resale market, the move signals a growing shift in the publishing industry to a "digital-first" model. From a report: Instead of revising all 1,500 of its active titles every three years according to the print schedule, the British education publisher said it will focus on updating its digital products more frequently, offering artificial intelligence capabilities, data analytics and research. Pearson is billing the decision as a way to help drive down college costs for students. But the company and the education publishing industry as a whole have been criticized for years for the rising prices of textbooks. That has pushed a majority of students into secondhand textbook markets like Chegg or spurred them to forego buying class materials altogether. The average cost of college textbooks rose about four times faster than the rate of inflation over the last decade. "Our digital first model lowers prices for students and, over time, increases our revenues," Fallon said in a statement. "By providing better value to students, they have less reason to turn to the secondary market. Pearson's e-books can cost about $40 on average and go up to $79 for additional learning tools like homework assistance. That compares to prices that can go as high as $200 or $300 for a print textbook, according to Pearson CEO John Fallon, though students can still rent one for $60 on average.

Comment Re:victims' not victims (Score 1) 72

Ok, I get it. The article says, "Breach victims part ...". I thought the word "victims" was a noun, and "part" was a verb, as in the victims were parting from something.

The word [victims] here should be [victims'] (with an apostrophe after the word, meaning possessive). So [Breach victims] describes the noun "part". So the article means "the part of the lawsuit that belongs to the breach victims".

It should be "... victims [who are] part of ...".
Bug

'Severe' Systemd Bug Allowed Remote Code Execution For Two Years (itwire.com) 551

Posted by EditorDavid from the big-bugs dept.
ITWire reports: A flaw in systemd, the init system used on many Linux systems, can be exploited using a malicious DNS query to either crash a system or to run code remotely. The vulnerability resides in the daemon systemd-resolved and can be triggered using a TCP payload, according to Ubuntu developer Chris Coulson. This component can be tricked into allocating less memory than needed for a look-up. When the reply is bigger it overflows the buffer allowing an attacker to overwrite memory. This would result in the process either crashing or it could allow for code execution remotely. "A malicious DNS server can exploit this by responding with a specially crafted TCP payload to trick systemd-resolved in to allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it," is how Coulson put it.
Affected Linux vendors have pushed out patches -- but the bug has apparently been present in systemd code since June of 2015. And long-time Slashdot reader walterbyrd also reports a recently-discovered bug where systemd unit files that contain illegal usernames get defaulted to root.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close