Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×
Businesses

Former Engineer Says Uber Is a Nightmare of Sexism; CEO Orders Urgent Investigation (susanjfowler.com) 73

An anonymous reader shares a report on The Verge: A former Uber engineer has published an explosive account of sexism and power struggles in the workplace, with allegations beginning from her very first official day with the company. The engineer, Susan Fowler (who left Uber in December and now works for Stripe), posted the account to her blog on Sunday, calling it a "strange, fascinating, and slightly horrifying story." It is indeed horrifying. Sexism is a well-documented problem in Silicon Valley, but the particulars of Fowler's account are astounding. She says problems began on day one, when her manager accosted her with details of his sex life: "In my first official day rotating on the team, my new manager sent me a string of messages over company chat. He was in an open relationship, he said, and his girlfriend was having an easy time finding new partners but he wasn't. He was trying to stay out of trouble at work, he said, but he couldn't help getting in trouble, because he was looking for women to have sex with. It was clear that he was trying to get me to have sex with him, and it was so clearly out of line that I immediately took screenshots of these chat messages and reported him to HR. When I reported the situation, I was told by both HR and upper management that even though this was clearly sexual harassment and he was propositioning me, it was this man's first offense, and that they wouldn't feel comfortable giving him anything other than a warning and a stern talking-to. Upper management told me that he "was a high performer" (i.e. had stellar performance reviews from his superiors) and they wouldn't feel comfortable punishing him for what was probably just an innocent mistake on his part. The things only get worse for Fowler. Read the full account of her story here. In the meanwhile, Uber CEO Travis Kalanick said the company would "conduct an urgent investigation" into the allegations, and promised to fire anyone who "behaves this way or thinks this is OK."

Journalist Paul Carr summing up the situation, says, "Uber's ability to be on the wrong side of every moral and ethical issue is bordering on magical."
NASA

NASA Scientist Revive 10,000-Year-Old Microorganisms (bbc.com) 45

"Scientists have extracted long-dormant microbes from inside the famous giant crystals of the Naica mountain caves in Mexico -- and revived them," reports the BBC. An anonymous reader writes: "The organisms were likely to have been encased in the striking shafts of gypsum at least 10,000 years ago, and possibly up to 50,000 years ago," according to the BBC, which calls the strange lifeforms "another demonstration of the ability of life to adapt and cope in the most hostile of environments." With no light, extremophile species must "chemosynthesise," deriving all their energy by extracting minerals from rocks. These ancient microbes "are not very closely related to anything in the known genetic databases," according to the new director of NASA's Astrobiology Institute, who helped conduct the research, and believes that the microbes could help suggest what life might look like on other planets. The BBC adds that many other scientists "suspect that if life does exist elsewhere in the Solar System, it is most likely to be underground, chemosynthesising like the microbes of Naica."
First Person Shooters (Games)

'Counter-Strike' Gets Invaded By An Unblockable Chat-Bot (kotaku.com) 56

An anonymous reader writes: "At least one intruder is taking advantage of a Counter-Strike: Global Offensive exploit to flood lobbies (even private ones) with text from chat bots that can't be kicked," writes Engadget. The attack "allegedly comes from one person," according to Kotaku, which reports that "It's a similar exploit to one found a few weeks ago, where typing messages into a lobby allowed users to rank up and down as they chose." The chat bot's text includes various complaints about Counter-Strike which it claims motivated the attack, including cheaters, hackers and "bugs that break the game," and it urges a one-day boycott "to proof [sic] them that we care about the game and want them to fix it."
Piracy

Kim Dotcom Can Be Extradited, Rules A New Zealand Court (reuters.com) 115

Kim Dotcom -- and Megaupload's programmers Mathias Ortmann and Bram van der Kolk, as well as its advertising manager Finn Batato -- could soon be in a U.S. courtroom. A New Zealand judge just ruled they can all be extradited to the U.S. An anonymous reader quotes Reuters: The Auckland High Court upheld the decision by a lower court in 2015 on 13 counts, including allegations of conspiracy to commit racketeering, copyright infringement, money laundering and wire fraud, although it described that decision as "flawed" in several areas. Dotcom's lawyer Ron Mansfield said in a statement the decision was "extremely disappointing" and that Dotcom would appeal to New Zealand's Court of Appeal.

U.S. authorities say Dotcom and three co-accused Megaupload executives cost film studios and record companies more than $500 million and generated more than $175 million by encouraging paying users to store and share copyrighted material. High Court judge Murray Gilbert said that there was no crime for copyright in New Zealand law that would justify extradition but that the Megaupload-founder could be sent to the United States to face allegations of fraud.

"I'm no longer getting extradited for copyright," Dotcom commented on Twitter. "We won on that. I'm now getting extradited for a law that doesn't even apply.
Android

ZDNet: Linux 'Takes The World' While Windows Dominates The Desktop (zdnet.com) 128

ZDNet editor-in-chief Steve Ranger writes that desktop dominance is less important with today's cloud-based apps running independent of operating system, arguing that the desktop is now "just one computing platform among many." An anonymous reader quotes his report: Linux on the desktop has about a 2% market share today and is viewed by many as complicated and obscure. Meanwhile, Windows sails on serenely, currently running on 90% of PCs in use... That's probably OK because Linux won the smartphone war and is doing pretty well on the cloud and Internet of Things battlefields too.

There's a four-in-five chance that there's a Linux-powered smartphone in your pocket (Android is based on the Linux kernel) and plenty of IoT devices are Linux-powered too, even if you don't necessarily notice it. Devices like the Raspberry Pi, running a vast array of different flavours of Linux, are creating an enthusiastic community of makers and giving startups a low-cost way to power new types of devices. Much of the public cloud is running on Linux in one form or another, too; even Microsoft has warmed up to open-source software.

Linux

Linux Kernel 4.10 Officially Released With Virtual GPU Support (softpedia.com) 63

"Linus Torvalds announced today the general availability of the Linux 4.10 kernel series, which add a great number of improvements, new security features, and support for the newest hardware components," writes Softpedia. prisoninmate quotes their report: Linux kernel 4.10 has been in development for the past seven weeks, during which it received a total of seven Release Candidate snapshots that implemented all the changes that you'll soon be able to enjoy on your favorite Linux-based operating system... Prominent new features include virtual GPU (Graphics Processing Unit) support, new "perf c2c" tool that can be used for analysis of cacheline contention on NUMA systems, support for the L2/L3 caches of Intel processors (Intel Cache Allocation Technology), eBPF hooks for cgroups, hybrid block polling, and better writeback management. A new "perf sched timehist" feature has been added in Linux kernel 4.10 to provide detailed history of task scheduling, and there's experimental writeback cache and FAILFAST support for MD RAID5... Ubuntu 17.04 (Zesty Zapus) could be the first stable OS to ship with Linux 4.10.
It required 13,000 commits, plus over 1,200 merges, Linus wrote in the announcement, adding "On the whole, 4.10 didn't end up as small as it initially looked."
Space

Serious Computer Glitches Can Be Caused By Cosmic Rays (computerworld.com) 194

The Los Alamos National Lab wrote in 2012 that "For over 20 years the military, the commercial aerospace industry, and the computer industry have known that high-energy neutrons streaming through our atmosphere can cause computer errors." Now an anonymous reader quotes Computerworld: When your computer crashes or phone freezes, don't be so quick to blame the manufacturer. Cosmic rays -- or rather the electrically charged particles they generate -- may be your real foe. While harmless to living organisms, a small number of these particles have enough energy to interfere with the operation of the microelectronic circuitry in our personal devices... particles alter an individual bit of data stored in a chip's memory. Consequences can be as trivial as altering a single pixel in a photograph or as serious as bringing down a passenger jet.

A "single-event upset" was also blamed for an electronic voting error in Schaerbeekm, Belgium, back in 2003. A bit flip in the electronic voting machine added 4,096 extra votes to one candidate. The issue was noticed only because the machine gave the candidate more votes than were possible. "This is a really big problem, but it is mostly invisible to the public," said Bharat Bhuva. Bhuva is a member of Vanderbilt University's Radiation Effects Research Group, established in 1987 to study the effects of radiation on electronic systems.

Cisco has been researching cosmic radiation since 2001, and in September briefly cited cosmic rays as a possible explanation for partial data losses that customer's were experiencing with their ASR 9000 routers.
Bug

Google Discloses An Unpatched Windows Bug (Again) (bleepingcomputer.com) 99

An anonymous reader writes: "For the second time in three months, Google engineers have disclosed a bug in the Windows OS without Microsoft having released a fix before Google's announcement," reports BleepingComputer. "The bug in question affects the Windows GDI (Graphics Device Interface) (gdi32.dll)..." According to Google, the issue allows an attacker to read the content of the user's memory using malicious EMF files. The bad news is that the EMF file can be hidden in other documents, such as DOCX, and can be exploited via Office, IE, or Office Online, among many.

"According to a bug report filed by Google's Project Zero team, the bug was initially part of a larger collection of issues discovered in March 2016, and fixed in June 2016, via Microsoft's security bulletin MS16-074. Mateusz Jurczyk, the Google engineer who found the first bugs, says the MS16-074 patches were insufficient, and some of the issues he reported continued to remain vulnerable." He later resubmitted the bugs in November 2016. The 90-days deadline for fixing the bugs expired last week, and the Google researcher disclosed the bug to the public after Microsoft delayed February's security updates to next month's Patch Tuesday, for March 15.

Microsoft has described Google's announcements of unpatched Windows bugs as "disappointing".
Displays

Some Recyclers Give Up On Recycling Old Monitors And TVs (vice.com) 229

An anonymous reader writes: "In many cases, your old TV isn't recycled at all and is instead abandoned in a warehouse somewhere, left for society to deal with sometime in the future," reports Motherboard, describing the problem of old cathode-ray televisions and computer monitors with "a net negative recycling value" (since their component parts don't cover the cost of dismantling them). An estimated 705 million CRT TVs were sold in the U.S. since 1980, and many now sit in television graveyards, "an environmental and economic disaster with no clear solution." As much as 100,000 tons of potentially hazardous waste are stockpiled in two Ohio warehouses of the now-insolvent recycler Closed Loop, plus "at least 25,000 tons of glass and unprocessed CRTs in Arizona...much of it is sitting in a mountainous pile outside one of the warehouses."
One EPA report found 23,000 tons of lead-containing CRT glass abandoned in four different states just in 2013.
Transportation

Self-Driving Car Speed Race Ends With A Crash (electrek.co) 68

An anonymous reader writes:On a professional track in Buenos Aires, fans watched the first Formula E auto race with self-driving electric cars. "Roborace's two test vehicles battled it out on the circuit at a reasonably quick 115MPH," reports Engadget, "but one of the cars crashed after it took a turn too aggressively. The racing league was quick to tout the safety advantages of crashing autonomous cars ('no drivers were harmed'), but it's clear that the tech is still rough around the edges." Electrek is reporting that the cars "still have a cabin for a driver but neither car's cabin was occupied during the event." The ultimate goal is to have several teams racing the exact same self-driving car, while letting each team customize its car's driving software.
An Argentinian journalist shared footage of the race cars on Twitter, and apparently at one point a dog wandered out in front of an oncoming race car. But the real question is how the fans are going to feel about watching a speed race between cars with no drivers?
Privacy

Krebs: 'Men Who Sent SWAT Team, Heroin to My Home Sentenced' (krebsonsecurity.com) 158

An anonymous reader quotes KrebsOnSecurity: On Thursday, a Ukrainian man who hatched a plan in 2013 to send heroin to my home and then call the cops when the drugs arrived was sentenced to 41 months in prison for unrelated cybercrime charges. Separately, a 19-year-old American who admitted to being part of a hacker group that sent a heavily-armed police force to my home in 2013 was sentenced to three years probation.

Sergey Vovnenko, a.k.a. "Fly," "Flycracker" and "MUXACC1," pleaded guilty last year to aggravated identity theft and conspiracy to commit wire fraud. Prosecutors said Vovnenko operated a network of more than 13,000 hacked computers, using them to harvest credit card numbers and other sensitive information... A judge in New Jersey sentenced Vovnenko to 41 months in prison, three years of supervised released and ordered him to pay restitution of $83,368.

Separately, a judge in Washington, D.C. handed down a sentence of three year's probation to Eric Taylor, a hacker probably better known by his handle "Cosmo the God." Taylor was among several men involved in making a false report to my local police department at the time about a supposed hostage situation at our Virginia home. In response, a heavily-armed police force surrounded my home and put me in handcuffs at gunpoint before the police realized it was all a dangerous hoax known as "swatting"... Taylor and his co-conspirators were able to dox so many celebrities and public officials because they hacked a Russian identity theft service called ssndob[dot]ru. That service in turn relied upon compromised user accounts at data broker giant LexisNexis to pull personal and financial data on millions of Americans.

Open Source

New Free O'Reilly Ebook: 'Open Source In Brazil' (oreilly.com) 43

An anonymous reader writes: Andy Oram, who's been an editor at O'Reilly since 1992, has written a new free report about how open source software is everywhere in Brazil. The country's IT industry is booming in Brazil -- still Latin America's most vibrant economy -- with open source software popular in both startups and in cloud infrastructure. Oram attributes this partly to the government's support of open source software, which over the last 15 years has built public awareness about its power and potential. And says the Brazil now has a thriving open source community, and several free software movements. Even small towns have hacker spaces for collaboration and training, and the country has several free software movements.
Privacy

Used Cars Can Still Be Controlled By Their Previous Owners' Apps (wtkr.com) 93

An IBM security researcher recently discovered something interesting about smart cars. An anonymous reader quotes CNN: Charles Henderson sold his car several years ago, but he still knows exactly where it is, and can control it from his phone... "The car is really smart, but it's not smart enough to know who its owner is, so it's not smart enough to know it's been resold," Henderson told CNNTech. "There's nothing on the dashboard that tells you 'the following people have access to the car.'" This isn't an isolated problem. Henderson tested four major auto manufacturers, and found they all have apps that allow previous owners to access them from a mobile device. At the RSA security conference in San Francisco on Friday, Henderson explained how people can still retain control of connected cars even after they resell them.

Manufacturers create apps to control smart cars -- you can use your phone to unlock the car, honk the horn and find out the exact location of your vehicle. Henderson removed his personal information from services in the car before selling it back to the dealership, but he was still able to control the car through a mobile app for years. That's because only the dealership that originally sold the car can see who has access and manually remove someone from the app.

It's also something to consider when buying used IoT devices -- or a smart home equipped with internet-enabled devices.
The Almighty Buck

A Source Code Typo Allowed An Attacker To Steal $592,000 In Cryptocurrency (bleepingcomputer.com) 71

An anonymous reader writes: "A typo in the Zerocoin source code allowed an attacker to steal 370,000 Zerocoin, which is about $592,000 at today's price," reports BleepingComputer. According to the Zcoin team, one extra character left inside Zerocoin's source code was the cause of the bug. The hacker exploited the bugs for weeks, by initiating a transaction and receiving the money many times over.

"According to the Zcoin team, the attacker (or attackers) was very sophisticated and took great care to hide his tracks," reports the site. "They say the attacker created numerous accounts at Zerocoin exchanges and spread transactions across several weeks so that traders wouldn't notice the uneven transactions volume... The Zcoin team says they worked with various exchanges to attempt and identify the attacker but to no avail. Out of the 370,000 Zerocoin he stole, the attacker has already sold 350,000. The Zcoin team estimates the attacker made a net profit of 410 Bitcoin ($437,000)."

Communications

Alaska Gets 'Artificial Aurora' As HAARP Antenna Array Listens Again (hackaday.com) 62

Freshly Exhumed quotes Hackaday: The famous HAARP antenna array is to be brought back into service for experiments by the University of Alaska. Built in the 1990s for the US Air Force's High Frequency Active Auroral Research Program, the array is a 40-acre site containing a phased array of 180 high-frequency antennas and their associated high-power transmitters. Its purpose is to conduct research on charged particles in the upper atmosphere, but that hasn't stopped an array of bizarre conspiracy theories.
A university space physics researcher will actually create an artificial aurora starting Sunday (and continuing through Wednesday) to study how yjr atmosphere affects satellite-to-ground communications, and "observers throughout Alaska will have an opportunity to photograph the phenomenon," according to the University. "Under the right conditions, people can also listen to HAARP radio transmissions from virtually anywhere in the world using an inexpensive shortwave radio."

Slashdot Top Deals