Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Submission + - China's Unprecedented Cyber Law Signals Its Intent To Protect Data (technologyreview.com)

An anonymous reader writes: An aggressive new cybersecurity and data protection law in China that goes into effect today will have global ripple effects, and could serve as a model for other governments. But the Chinese government has also left many parts of the law vague—likely an intentional move meant to allow the country to stake out its own sense of “cyber sovereignty” while waiting to see how the U.S., Europe, and others decide to regulate the flow of data across international borders. The new law is a resounding announcement from China that it intends to be a global player in controlling perhaps the most precious commodity of the digital economy: data. It’s hard to know how the law will actually change things because the most controversial aspects of it are so vague. Among them is a requirement that certain companies submit their products to the government for cybersecurity checks, which may even involve reviewing source code. How often it would be required, and how the government will determine which products must be reviewed is unknown. This could come into play as part of China’s broader regulatory push to expand law enforcement’s power to access data during criminal investigations. Another vague directive calls for companies to store certain data within the country’s borders, in the interest of safeguarding sensitive information from espionage or other foreign meddling. The government has delayed the implementation of this change until the end of 2018, however.

Submission + - Qualcomm Announces Quick Charge 4+ Standard That's 15% Faster Than Quick Charge4 (theverge.com)

An anonymous reader writes: Just a mere six months after announcing Quick Charge 4, which boosted charging times and safety considerably over its predecessors, Qualcomm is introducing the new Quick Charge 4+ standard. Unlike previous standards, which required a new chipset, 4+ is something device and accessory manufacturers can implement by adding three enhancements to Quick Charge 4-compliant devices:

"Dual Charge," which is already an option in earlier version of Quick Charge, but is "now more powerful"
"Intelligent Thermal Balancing," which steers current through whichever of the dual charging pathways is coolest to keep temperatures down
"Advanced Safety Features" to monitor both the phone temperature and the connector temperature to protect against overheating and short-circuit damage

Qualcomm claims devices that implement this standard can get charging times up to 15 percent faster than Quick Charge 4, and will charge up to 30 percent more efficiently — an especially nice perk if you're charging from a battery pack. Charging will also be up to 3 degrees Celsius (about 5 degrees Fahrenheit) cooler.

Submission + - Google Quadruples Top Reward For Hacking Android To $200,000

Krystalo writes: Google has paid security researchers millions of dollars since launching its bug bounty program in 2010. The company today expanded its Android Security Rewards program because “no researcher has claimed the top reward for an exploit chain in two years.” Right. Well, the program has only been around for two years — a Google spokesperson confirmed that nobody has ever claimed the top reward. The Android team is making two bug bounty increases today. The reward for a remote exploit chain or exploit leading to TrustZone or Verified Boot compromise has quadrupled from $50,000 to $200,000. The reward for a remote kernel exploit has quintupled from $30,000 to $150,000. Want to make six figures? Just figure out how to hack Android.

Submission + - OneLogin Says Breach Exposed Ability to Unecrypt Customer Data (krebsonsecurity.com)

tsu doh nimh writes: OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data, KrebsOnSecurity reports. "A breach that allowed intruders to decrypt customer data could be extremely damaging for affected customers. After OneLogin customers sign into their account, the service takes care of remembering and supplying the customer's usernames and passwords for all of their other applications."

Comment Re:Borders. (Score 1) 128

The airport is located in Covington, KY (which gives the airport its code, CVG) and begrudgingly associates itself with Ohio and Cincinnati, which is about 10 miles away and across the river. Amazon already has a number of facilities in Covington and Erlanger down by the airport (completely in Kentucky) and there's a lot of capacity as Delta winds down operations, so this isn't too surprising.

Little bit of history about the airport: http://www.wcpo.com/news/our-community/from-the-vault/from-the-vault-why-cincinnatis-airport-is-in-kentucky-70-years-after-first-flights/

I moved here a few years ago. It's a very weird area.

Submission + - Google quietly makes "optional" web DRM mandatory in Chrome 2

JustAnotherOldGuy writes: The World Wide Web Consortium's Encrypted Media Extensions (EME) is a DRM system for web video, being pushed by Netflix, movie studios, and a few broadcasters. It's been hugely controversial within the W3C and outside of it, but one argument that DRM defenders have made throughout the debate is that the DRM is optional, and if you don't like it, you don't have to use it. That's not true any more. Some time in the past few days, Google quietly updated Chrome (and derivative browsers like Chromium) so that Widevine (Google's version of EME) can no longer be disabled; it comes switched on and installed in every Chrome instance. Because of laws like section 1201 of the US Digital Millennium Copyright Act (and Canada's Bill C11, and EU implementations of Article 6 of the EUCD), browsers that have DRM in them are risky for security researchers to audit. These laws provide both criminal and civil penalties for those who tamper with DRM, even for legal, legitimate purposes, and courts and companies have interpreted this to mean that companies can punish security researchers who reveal defects in their products.

Submission + - 'Father of Pac-Man,' Masaya Nakamura, dies at age 91 (japantimes.co.jp)

AmiMoJo writes: Masaya Nakamura, the founder of game developer Namco and known as “the father of Pac-Man,” has died at age 91. He founded Nakamura Seisakusho in 1955, which was renamed Namco in 1977. The company developed numerous hit video games, including “Galaxian,” “Pac-Man” and “Ridge Racer.” Pac-Man,” designed by Namco’s inhouse video game maker Toru Iwatani, is one of the most recognizable and popular video games in history. In 2005 it was listed by Guinness World Records as the “most successful coin-operated arcade machine.

Submission + - Deep Learning Algorithm Diagnoses Skin Cancer As Well As Seasoned Dermatologists (extremetech.com)

An anonymous reader writes: Remember how that Google neural net learned to tell the difference between dogs and cats? It’s helping catch skin cancer now, thanks to some scientists at Stanford who trained it up and then loosed it on a huge set of high-quality diagnostic images. During recent tests, the algorithm performed just as well as almost two dozen veteran dermatologists in deciding whether a lesion needed further medical attention. The algorithm is called a deep convolutional neural net. It started out in development as Google Brain, using their prodigious computing capacity to power the algorithm’s decision-making capabilities. When the Stanford collaboration began, the neural net was already able to identify 1.28 million images of things from about a thousand different categories. But the researchers needed it to know a malignant carcinoma from a benign seborrheic keratosis. Dermatologists often use an instrument called a dermoscope to closely examine a patient’s skin. This provides a roughly consistent level of magnification and a pretty uniform perspective in images taken by medical professionals. Many of the images the researchers gathered from the Internet weren’t taken in such a controlled setting, so they varied in terms of angle, zoom, and lighting. But in the end, the researchers amassed about 130,000 images of skin lesions representing over 2,000 different diseases. They used that dataset to create a library of images, which they fed to the algorithm as raw pixels, each pixel labeled with additional data about the disease depicted. Then they asked the algorithm to suss out the patterns: to find the rules that define the appearance of the disease as it spreads through tissue. The researchers tested the algorithm’s performance against the diagnoses of 21 dermatologists from the Stanford medical school, on three critical diagnostic tasks: keratinocyte carcinoma classification, melanoma classification, and melanoma classification when viewed using dermoscopy. In their final tests, the team used only high-quality, biopsy-confirmed images of malignant melanomas and malignant carcinomas. When presented with the same image of a lesion and asked whether they would “proceed with biopsy or treatment, or reassure the patient,” the algorithm scored 91% as well as the doctors, in terms of sensitivity (catching all the cancerous lesions) and sensitivity (not getting false positives).

Submission + - T-Mobile Eliminates Cheaper Postpaid Plans, Sells 'Unlimited Data' Only (arstechnica.com)

An anonymous reader writes: T-Mobile USA will stop selling its older and cheaper limited-data plans to postpaid customers, shifting entirely to its new "unlimited" data plans that impose bandwidth limits on video and tethering unless customers pay extra. To ease the transition, T-Mobile will offer bill credits of $10 a month to customers when they use less than 2GB per month. T-Mobile began its shift to unlimited data plans in August with the introduction of T-Mobile One, which starts at $70 a month. While there are no data caps, customers have to pay a total of $95 a month to get high-definition video and mobile hotspot speeds of greater than 512kbps. The carrier said in August that the unlimited plan would be "replacing all our rate plans," including its cheaper plans that cost $50 or $65 a month. Nonetheless, T-Mobile kept selling limited postpaid data plans to new customers for a few months, but yesterday CEO John Legere said that as of January 22, T-Mobile One will be the "only postpaid consumer plan we sell." Existing postpaid customers can keep their current plans. For new customers, T-Mobile will presumably keep selling its prepaid plans that cost $40 to $60 a month and come with 3GB to 10GB of data. T-Mobile also said yesterday that it will start including taxes and fees in its advertised rate when customers sign up for new T-Mobile One plans and enroll in automatic payments, essentially giving subscribers a discount. "The average monthly bill for a family of four will drop from $180.48 to $160, according to a company spokesman," The Wall Street Journal reported.

Submission + - Possibly fatal blow against a patent trolls. (computerworld.com)

whoever57 writes: Patent trolls rely on the fact that they have no assets and, if they lose a case, they can fold the company that owned the patent and sued, thus avoiding paying any the defendant's legal bills. However, in a recent case, the judge has told the winning defendant that it can claim its legal bills from the law firm. The decision is based on the plaintiff's law firm using a contract under which it would take a portion of any judgment, making it more than just counsel, but instead a partner with the plaintiff. This will likely result in law firms wanting to be paid up front, instead of offering a contingency-based fee.

Submission + - Over 1,800 MongoDB Databases Held for Ransom by Mysterious Attacker (bleepingcomputer.com) 1

An anonymous reader writes: An attacker going by the name of Harak1r1 is hijacking unprotected MongoDB databases, stealing and replacing their content, and asking for a 0.2 Bitcoin ($200) ransom to return the data. According to John Matherly, Shodan founder, over 1,800 MongoDB databases have had their content replaced with a table called WARNING that contains the ransom note.

Spotted by security researcher Victor Gevers, these databases are MongoDB instances that feature no administrator password and are exposed to external connections from the Internet. Databases owners in China have been hit, while Bleeping Computer and MacKeeper have confirmed other infections, one which hit a prominent US healthcare organization and blocked access to over 200,000 user records.

These attacks are somewhat similar to attacks on Redis servers in 2016, when an unknown attacker had hijacked and installed the Fairware ransomware on hundreds of Linux servers running Redis DB. The two series of attacks don't appear to be related.

Slashdot Top Deals

Their idea of an offer you can't refuse is an offer... and you'd better not refuse.

Working...