Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Submission + - Trillion-Dollar World Trade Deal Aims To Make IT Products Cheaper->

itwbennett writes: A new (tentative) global trade agreement, struck on Friday at a World Trade Organization meeting in Geneva, eliminates tariffs on more than 200 kinds of IT products, ranging from smartphones, routers, and ink cartridges to video game consoles and telecommunications satellites. A full list of products covered was published by the Office of the U.S. Trade Representative, which called the ITA expansion 'great news for the American workers and businesses that design, manufacture, and export state-of-the-art technology and information products, ranging from MRI machines to semiconductors to video game consoles.' The deal covers $1.3 trillion worth of global trade, about 7 percent of total trade today.
Link to Original Source

Submission + - Musk, Woz, Hawking, and Robotics/AI Experts Urge Ban on Autonomous Weapons->

An anonymous reader writes: An open letter published by the Future of Life Institute urges governments to ban offensive autonomous weaponry. The letter is signed by high profile leaders in the science community and tech industry, such as Elon Musk, Stephen Hawking, and Steve Wozniak. It's also signed — more importantly — but literally hundreds of expert researchers in robotics and AI. They say, "The key question for humanity today is whether to start a global AI arms race or to prevent it from starting. If any major military power pushes ahead with AI weapon development, a global arms race is virtually inevitable, and the endpoint of this technological trajectory is obvious: autonomous weapons will become the Kalashnikovs of tomorrow. Unlike nuclear weapons, they require no costly or hard-to-obtain raw materials, so they will become ubiquitous and cheap for all significant military powers to mass-produce."
Link to Original Source

Submission + - 'Stagefright' Flaw: Compromise Android With Just a Text->

An anonymous reader writes: Up to 950 million Android phones may be vulnerable to a new exploit called "Stagefright," which lets attackers compromise a device through a simple multimedia text — even before the recipient sees it. Researchers from Zimperium zLabs reported the related bugs to Google in April. Google quickly accepted a patch and distributed it to manufacturers, but the researchers say they don't think the manufacturers have yet passed it on to most consumers. "The weaknesses reside in Stagefright, a media playback tool in Android. They are all “remote code execution” bugs, allowing malicious hackers to infiltrate devices and exfiltrate private data. All attackers would need to send out exploits would be mobile phone numbers, Drake noted. From there, they could send an exploit packaged in a Stagefright multimedia message (MMS), which would let them write code to the device and steal data from sections of the phone that can be reached with Stagefright’s permissions. That would allow for recording of audio and video, and snooping on photos stored in SD cards. Bluetooth would also be hackable via Stagefright."
Link to Original Source

Submission + - Computer science enrollments match NASDAQ's rises and fall ->

dcblogs writes: In March 2000, the NASDAQ composite index reached a historic high of 5,048, at just about the same time undergrad computer science enrollments hit a peak of nearly 24,000 students at Ph.D.-granting institutions in the U.S. and Canada, according to data collected by the Computing Research Association in its most recent annual Taulbee Survey. By 2005, computer science enrollments had halved, declining to just over 12,000. On July 17, the NASDAQ hit its highest point since 2000, reaching a composite index of 5,210. In 2014, computer science undergrad enrollments reached nearly, 24,000, almost equal to the 2000 high. Remarkably, it has taken nearly 15 years to reach the earlier enrollment peak.
Link to Original Source

Submission + - Steam Bug Allowed Password Resets Without Confirmation->

An anonymous reader writes: Valve has fixed a bug in their account authentication system that allowed attackers to easily reset the password to a Steam account. When a Steam user forgets a password, he goes to an account recovery page and asks for a reset. The page then sends an email containing a short code to the address registered with the account. The problem was that Steam wasn't actually checking the codes sent via email. Attackers could simply request a reset and then submit a blank field when prompted for the code. Valve says the bug was active from July 21-25. A number of accounts were compromised, including some prominent streamers and Dota 2 pros. Valve issued password resets to those accounts with "suspicious" changes over the past several days.
Link to Original Source

Submission + - Hologram Causes Police to Shut Down Anti-violence Fundraiser in Indiana

An anonymous reader writes: A Chicago rapper by the name of Chief Keef has been making headlines recently after the city launched a campaign to deny his performance at an anti-violence event. The event was organized to raise funds for victims of recent Chicago murders in which another rapper was slain. Keef is currently wanted on warrants in the region but is living on the East Coast. He was expected to perform via a live stream projection. While Chicago officials worked to deny his performance from occurring in the city, promoters vowed that he would still perform.

A recent concert called Craze Fest was just held at the Wolf Lake Pavilion in Hammond Indiana. The Pavilion is part of a public park. The city of Hammond refused to let promoters hold the event unless they agreed that Chief Keef would not be allowed to perform.

Promoters agreed that Keef would not be at the event performing. Instead the promoters setup a live stream projection of the rapper and showed it at the end of the concert. Once the Hologram of Keef began performing, police rushed in and began shutting down the event.

This raises some interesting questions about free speech and the role of technology in it.

Here is some cellphone video of the event. Unfortunately I wasn't able to find the raw video without subtitles — https://www.youtube.com/watch?...

Here is a link to a local news article:

http://cltv.com/2015/07/26/chi...

Submission + - Where Did DirectX 12 Multiadapter Come From?

Phopojijo writes: While it looks like utilizing multiple GPUs in DirectX 12 will take off, much of this setup was exposed to game developers for years. Previously, it was held back by the low number of machines with (available) mismatched graphics, the lack of compute shader support in consoles, and the difficulty in using OpenCL for a video game product. While the editorial elaborates on each of these points, it doesn't mention Explicit Linked Multiadapter in DirectX 12, which allows game developers to make similar assumptions that AMD and NVIDIA do for CrossFire and SLI, respectively, making their job even easier.

Submission + - Tomb, a successor to TrueCrypt for Linux geeks (well, dm-crypt, basically...)->

jaromil writes: Last day we released Tomb version 2.1 with improvements to stability, documentation and translations. Tomb is just a ZSh script wrapping around cryptsetup, gpg and other tools to facilitate the creation and management of LUKS encrypted volumes with features like key separation, steganography, off-line search, QRcode paper backups etc. In designing Tomb we struggle for minimalism and readability, convinced that the increasing complexity of personal technology is the root of many vulnerabilities the world is witnessing today — and this approach turns out to be very successful, judging from the wide adoption, appreciation and contributions our project has received especially after the demise of TrueCrypt.
As maintainer of the software I wonder what Slashdot readers think about what we are doing, how we are doing it and more in general about the need for simplicity in secure systems, a debate I perceive as transversal to many other GNU/Linux/BSD projects and their evolution. Given the increasing responsibility in maintaining such a software, considering the human-interface side of things is an easy to reach surface of attack, I can certainly use some advice and criticism.

Link to Original Source

Submission + - Building an "Open Source" community for a "Proprietary" Software Product

An anonymous reader writes: I run a company that develops scientific computing software. Our core product is a traditional proprietary application — we develop the software and deliver the "binaries" to our customers. We're considering changing our deployment to include all of the source code and giving our customers some additional rights to explore and extend it. The codebase is HTML/JavaScript/Python/SQL, so a lot of the code is available in some form already, albeit minified or byte compiled.

Because we are in a scientific domain, most of our customers use Open Source software alongside our product. We also maintain Open Source projects and directly support others. We're strong supporters of Open Source and understand the value of having access to the source code.

We also support a free (as in beer) version of the software with a smaller feature set (production and enterprise elements that individual users don't need are removed). We'd like that version to use the same model as well to give users that don't need the full commercial version the ability to extend the software and submit patches back to us for inclusion in future releases.

Overall, we'd really like to find a model that allows our core product to work more like an Open Source product while maintaining control over the distribution rights. We'd like to foster a community around the product but still generate revenue to fund it.

In our space, the "give the product away but pay for support" model has never really worked. The market is too small and, importantly, most customers understand our value proposition and have no problem with our annual license model.

We've looked at traditional dual licensing approaches, but don't think they're really right fit, either. A single license that gives users access to the code but limits the ability to redistribute the code and distribute patches to the "core" is what we'd prefer.

My questions for the Slashdot community: Does anyone have direct experience with models like this? Are there existing licenses that we should look at? What companies have succeeded doing this? Who has failed?

Submission + - FCC Approves AT&T-DirecTV Purchase->

An anonymous reader writes: The U.S. Federal Communications Commission has granted approval to AT&T to purchase DirecTV for $48.5 billion. AT&T will become the largest provider of cable or satellite TV in the U.S., with 26.4 million subscribers. "Adding TV customers gives AT&T more power to negotiate with big media companies over prices for those channels. The deal also combines a nationwide satellite TV service, the country’s largest, with the No. 2 nationwide wireless network as time spent on mobile devices increases." The FCC did put conditions on the deal: AT&T must make fiber internet service available to 12.5 million people, offer cheaper internet plans to low-income customers, and not mess with the internet traffic of online video competitors.
Link to Original Source

Submission + - Firefox Will Soon Show You Which Tabs Are Making Noise, And Let You Mute Them

An anonymous reader writes: Mozilla is working on identifying Firefox tabs that are currently playing audio. The feature will show an icon if a tab is making sounds and let the user mute the playback. It’s worth noting that while Chrome has had audio indicators for more than a year now, it still doesn’t let you easily mute tabs. The option is available in Google’s browser, but it’s not enabled by default (you have to turn on the #enable-tab-audio-muting flag in chrome://flags/).

Submission + - The Rise of Computer-Aided Explanation->

An anonymous reader writes: Imagine it’s the 1950s and you’re in charge of one of the world’s first electronic computers. A company approaches you and says: “We have 10 million words of French text that we’d like to translate into English. We could hire translators, but is there some way your computer could do the translation automatically?”

At this time, computers are still a novelty, and no one has ever done automated translation. But you decide to attempt it. You write a program that examines each sentence and tries to understand the grammatical structure. It looks for verbs, the nouns that go with the verbs, the adjectives modifying nouns, and so on. With the grammatical structure understood, your program converts the sentence structure into English and uses a French-English dictionary to translate individual words.

For several decades, most computer translation systems used ideas along these lines — long lists of rules expressing linguistic structure. But in the late 1980s, a team from IBM’s Thomas J. Watson Research Center in Yorktown Heights, N.Y., tried a radically different approach. They threw out almost everything we know about language — all the rules about verb tenses and noun placement — and instead created a statistical model.

Link to Original Source

Submission + - Don't bring your drone to New Zealand->

NewtonsLaw writes: Drones such as the Lilly Camera, DJI Phamtom and (to a lesser extent, because of its size) DJI Inspire are changing the way we experience our vacations. Instead of toting along a camcorder or a 35mm DSLR, more and more people are just packing a GoPro and, increasingly, a drone on which to mount it.

This is fine if you're going to a drone-friendly country but be warned that (when/if they finally ship), your Lilly Camera will get you into big trouble in Thailand (where all use of drones by the public is banned outright) and now New Zealand, where strict new laws regarding the operation of drones and even tiny toys like the 20g Cheerson CX10, come into effect on August 1.

Under these new rules, nobody can operate a drone or model aircraft without getting the prior consent of the owner over which property it is intended to fly — and (this is the kicker) also the permission of the occupiers of that property. So you can effectively forget about flying down at the local park, at scenic locations or just about any public place. Even if you could manage to get the prior permission of the land-owner, because we're talking "public place", you'd also have to get the permission of anyone and everyone who was also in the area where you intended to fly.

Other countries have produced far more sane regulations — such as limiting drone and RC model operators to flying no closer than 30m from people or buildings — but New Zealand's CAA have gone right over the top and imposed what amounts to a virtual death-sentence on a hobby that has provided endless, safe fun for boys (and girls) of all ages for more than 50 decades.

Of course if you are prepared to pay a $600 fee to become "Certified" by CAA then the restrictions on where you can fly are lifted and you don't need those permissions. It seems that the government here is taking away our rights and simply selling them back to us as "privileges" that can be purchased by paying a fist-full of cash to the appropriate government agency.

When reading the linked news story, remember that as far as CAA in New Zealand is concerned, *everything* that flies and is remotely controlled is now deemed to be a "drone" — so that includes everything from a tiny 20g toy quadcopter to a huge octocopter.

Link to Original Source

Submission + - Fiat Chrysler Recalls 1.4 Million Autos to fix remote hack->

swinferno writes: Fiat Chrysler announced on Friday that it’s recalling 1.4 million automobiles just days after hackers demonstrated a terrifying hack of a Jeep that was driving down the highway at 70 miles per hour.

They are offering a software patch for some of its internet-connected vehicles after a report showing hackers seizing control of a moving 2014 Jeep Cherokee. Cybersecurity experts Chris Valasek and Charlie Miller have publicly exposed a serious vulnerability that would allow hackers to take remote control of Fiat Chrysler Automobile (FCA) cars that run its Uconnect internet-accessing software for connected car features.

As major automakers continue to roll out cars with Wi-Fi features connecting the vehicles with smartphones and other devices, their innovations are likely to catch the eye of hackers as well as tech-hungry customers, opening up a new asphalt playing field in the arena of cybersecurity.

Link to Original Source

"We don't care. We don't have to. We're the Phone Company."

Working...