"Red Hat Inc.'s finance chief Eric Shander has been dismissed from the company, forfeiting a $4 million retention award that was agreed to ahead of Red Hat's acquisition by IBM," reports the Wall Street Journal: The Raleigh, N.C.-based software company confirmed late Thursday that Mr. Shander was no longer working at Red Hat. "Eric was dismissed without pay in connection with Red Hat's workplace standards," a company spokeswoman said in a statement. The company, which said that its accounting and control functions remain healthy, on Friday declined to provide specifics about what led to Mr. Shander's dismissal. Mr. Shander didn't immediately respond to a request for comment.

Mr. Shander was named Red Hat's permanent chief financial officer in April 2017 after a stint as acting CFO, according to the spokeswoman. He had served in various finance roles at IBM and Lenovo Group Ltd. before joining Red Hat in 2015...

His departure puts Red Hat in a difficult spot, said Ivan Feinseth, director of research at Tigress Financial Partners LLC, an investment banking firm. "The fallout for companies in these situations is not only the dismissal of an executive but also the litigation risk," Mr. Feinseth said. "Companies could be held responsible for not creating and maintaining a proper workplace environment."

IBM said it supports Red Hat's decision to dismiss Mr. Shander. "Our values are fully aligned in this area," a spokesman said.

This year's "International Day Against DRM" is highlighting user-disrespecting restrictions on educational materials.

An anonymous reader quotes the Free Software Foundation's Defective By Design site: The "Netflix of textbooks" model practiced by Pearson and similar publishers is a Trojan horse for education: requiring a constant Internet connection for "authentication" purposes, severely limiting the number of pages a student can read at one time, and secretly collecting telemetric data on their reading habits.

Every year, we organize the International Day Against DRM (IDAD) to mobilize protests collaboration, grassroots activism, and in-person actions against the grave threat of DRM. For IDAD 2019, we are calling on Pearson and similar companies to stop putting a lock on our learning, and demonstrate their alleged commitment to education by dropping DRM from their electronic textbooks and course materials. At the same time, it is our plan to show that a better world is possible by encouraging people to contribute to collaborative and DRM-free textbooks, and resist the stranglehold these publishers are putting on something as fundamental as one's education. To help us, join the Defective by Design (DbD) coalition as we organize local and remote hackathons on free culture educational materials, and an in-person protest of Pearson Education on Saturday, October 12th.
The group is joined in this year's event by the Electronic Frontier Foundation, Creative Commons, and The Document Foundation (as well as 10 other participating organizations). Here's some of the site's suggestions for ways to participate:

• In Boston, we'll be leading the way with our own demonstration on October 12th, 2019, at Pearson Education's corporate offices, followed by an evening hackathon on collaborative, freely licensed educational materials... We'll be providing activists around the world with support on how they can stage their own local in-person event, as well as how to join us online while we help improve the free and ethical alternatives to educational materials restricted by DRM.

• The easiest way to participate is to join us in going a Day Without DRM, and resolve to spend an entire day (or longer!) without Netflix, Hulu, and other restricted services to show your support of the movement. Document your experiences on social media using the tags "#idad" or "#dbd", and let us know at info@defectivebydesign.org if you have a special story you'd like us to share.

• Print and share our dust jacket design, which you can slip over your "dead tree" books (while you still have them) to warn others of the dangers of ebook DRM. Pass them out at coffee shops, libraries, and wherever readers congregate!

From their ersatz offices in coffee shops, coworking spaces, and living rooms, a growing number of remote workers are quietly remaking the way we work and live. From a report: Take Eden Rehmet, who was able to parlay her wages working in trade services at a New York City commodities broker into buying a home and opening a small business upstate. Rob Osoria, a web developer, works remotely from Brooklyn half of the week to skip a commute to his Manhattan office. And interior designer Meg Lavalette gets the best of both worlds by living and doing the majority of her work in rural upstate New York, while traveling to New York City every other week to meet with clients. All of them told Recode that apart from a few downsides, they have improved the quality of their lives by working remotely and releasing their tether to specific places near their employers. While remote work has blurred some of the boundaries between their work lives and their personal lives, they say they're happier and often more productive than they'd been at traditional offices.

Depending on how you measure it, remote employees like these make up anywhere from 5.3 percent (those who typically work from home) to nearly two-thirds (who work remotely ever) of the US workforce, a number that has been rising since the advent of a reliable and robust home broadband connection earlier this decade. The changes remote work has introduced have happened so gradually you may not have noticed. But its growing popularity is remaking how we work, the tools we use to work, how we communicate at work, and even the hours we work. It's also connected to population shifts from big cities to less populated areas, and it's upending sectors of commercial real estate, both in terms of how spaces are designed and where they're located. What was once a rarity among a select set of workers is quickly becoming a defining feature of the future of work.

Hulu is finally allowing users to download TV shows and movies to their mobile devices to watch without an internet connection. Variety reports: The download feature, which has been several years in the works, gives Hulu subscribers on the $11.99 no-commercials plan the ability to download tens of thousands of TV episodes and movies. It's not available to customers who have the entry-level $5.99-per-month package with ads. For now, it's available only on Hulu's iOS app for Apple devices. The company says the feature will be coming to the Android app "soon."

The majority of Hulu's catalog, which includes some 85,000 total TV episodes, is available for offline viewing. That includes most Hulu originals, including full seasons of "The Handmaid's Tale," "Veronica Mars," "Shrill" and "The Act" as well as licensed content including "Family Guy," "Desperate Housewives," "This Is Us," "How I Met Your Mother" and "ER." A Hulu rep would not specify how much content is available to download for offline viewing, or spell out which TV shows or movies aren't included. The reason some content is excluded is that some of Hulu's past deals did not contemplate download rights. According to Hulu, customers can download a maximum of 25 titles across five different devices. Downloads are available for up to 30 days; they will expire two days after a user starts playback. After downloaded content expires, viewers can renew an expired download when they're connected online (assuming the content is still available on Hulu). The move comes nearly three years after Netflix added the feature , and four years after Amazon Prime Video added that ability for both iOS and Android apps. Disney Plus, which is launching on November 12, will also include content downloads.

An anonymous reader quotes ZDNet: A Russian cyber-espionage hacker group has been spotted using a novel technique that involves patching locally installed browsers like Chrome and Firefox in order to modify the browsers' internal components. The end goal of these modifications is to alter the way the two browsers set up HTTPS connections, and add a per-victim fingerprint for the TLS-encrypted web traffic that originates from the infected computers...

According to a Kaspersky report published this week, hackers are infecting victims with a remote access trojan named Reductor, through which they are modifying the two browsers. This process involves two steps. They first install their own digital certificates to each infected host. This would allow hackers to intercept any TLS traffic originating from the host. Second, they modify the Chrome and Firefox installation to patch their pseudo-random number generation (PRNG) functions. These functions are used when generating random numbers needed for the process of negotiating and establishing new TLS handshakes for HTTPS connections.

Turla hackers are using these tainted PRNG functions to add a small fingerprint at the start of every new TLS connection.
The attack is being attributed to Turla, "a well-known hacker group believed to operate under the protection of the Russian government," ZDNet reports. And though the remote-access trojan already grants full control over a victim's device, one theory is the modified browsers offer "a secondary surveillance mechanism" if that trojan was discovered and removed. Researchers believe the malware is installed during file transfers over HTTP connections, suggesting an ISP had been compromised, according to the article.

"A January 2018 report from fellow cyber-security firm ESET revealed that Turla had compromised at least four ISPs before, in Eastern Europe and the former Soviet space, also with the purpose of tainting downloads and adding malware to legitimate files."

Intel and Brown University have started work on a DARPA-backed Intelligent Spine Interface project that would use AI to restore movement and bladder control for those with serious spinal cord injuries. Engadget reports: The two-year effort will have scientists capture motor and sensory signals from the spinal cord, while surgeons will implant electrodes on both ends of an injury to create an "intelligent bypass." From there, neural networks running on Intel tools will (hopefully) learn how to communicate motor commands through the bypass and restore functions lost to severed nerves. The initial interface will use external computing hardware to interpret spine signals. In the long term, the collaborators would like a wholly implanted system to make the connection.

An anonymous reader quotes a report from The New York Times: The Trump administration is moving to begin collecting DNA samples from hundreds of thousands of people booked into federal immigration custody each year for entry into a national criminal database, an immense expansion of the use of technology to enforce the nation's immigration laws. Senior officials at the Department of Homeland Security said Wednesday that the Justice Department was developing a federal regulation that would give immigration officers the authority to collect DNA in detention facilities that are holding more than 40,000 people.

The move would constitute a major expansion of the use of a database maintained by the F.B.I., which has been limited mainly to genetic data collected from people who have been arrested, charged or convicted in connection with serious crimes. Immigrant and privacy advocates said the move raised privacy concerns for an already vulnerable population that could face profiling or discrimination as a result of their personal data being shared among law enforcement authorities. The new rules would allow the government to collect DNA from children, as well as those who seek asylum at legal ports of entry and have not broken the law. They warned that United States citizens, who are sometimes accidentally booked into immigration custody, could also be forced to hand over their private genetic information. Homeland security officials said the new initiative was permitted under the DNA Fingerprint Act of 2005. "Up until now, immigrant detainees have been exempt from the law, they said, because of an agreement between Eric H. Holder Jr. and Janet Napolitano, who served as attorney general and homeland security secretary, respectively, under President Barack Obama," reports The New York Times.

The new program "would provide a comprehensive DNA profile of individuals who are tested, as opposed to the more narrow test that was used only to determine parentage," the report says. "And unlike the testing under the pilot program, the results would be shared with other law enforcement agencies."

New submitter xack shares a report: Microsoft has annoyed some of its 900 million Windows 10 device users after apparently removing the 'Use offline account' as part of its effort to herd users towards its cloud-based Microsoft Account. The offline local account is specific to one device, while the Microsoft Account can be used to log in to multiple devices and comes with the benefit of Microsoft's recent work on passwordless authentication with Windows Hello. The local account doesn't require an internet connection or an email address -- just a username and password that are stored on the PC. But Windows 10 users are annoyed that Microsoft has hidden the local account option when setting up a new PC or reinstalling Windows 10. A user on a popular Reddit thread notes that the local account option is now invisible if the device is connected to the internet. "Either run the setup without being connected to the internet, or type in a fake phone number a few times and it will give you the prompt to create a local account," Froggyowns suggested as a solution.

Wired reports on both Sidewalk, Amazon's new low-bandwidth long-range wireless networking protocol, and Apple's new position- and distance-measuring U1 chip (mentioned in a recent keynote). Apple's U1 chip -- which allows precise, indoor positional tracking via the latest iPhones and will power, at the very least, directional AirDrop file-sharing -- popped up on screen but was never even mentioned. The interest-piquing phrase "GPS at the scale of your living room" was saved for the online iPhone product pages rather than the bombast of the Steve Jobs Theater... Both Amazon and Apple have the hardware scale to build up the base of access points needed to create a useful network before reaching out to, most likely, iOS developers in Apple's case, and hardware makers already on board with Alexa in Amazon's case. For Amazon, in fact, that work has already begun as Sidewalk originally came out of the Ring team's ambition to extend its connected security devices out into gardens. "Ring lighting was the first time we ran into it as a company, because we wanted to extend out onto the sidewalk," says Daniel Rausch, VP of smart home at Amazon (which owns Ring).

The smart outoor Ring lights are already out. Products like the Smart Floodlight and Pathlight list a "wireless connection to the Ring Bridge" in the tech specs but eagle-eyed Ring owners had already started to figure out what band Amazon was playing with for this connection, before the Sidewalk announcement. "They've been using an internal version of the protocol on the freely available and unlicensed 900MHz part of the spectrum already," explains Rausch. "What we realised was 'woah, we can actually do something special'. We can make a version of this protocol which is secure and have this unbelievably ubiquitous coverage if we bring it all together, neighbours and neighbours and neighbours...." An innocent smart dog tracker like Ring Fetch fits perfectly into this model of Amazon-networked communities sharing video, alerts and location tracking.

HTTP/3, the next major iteration of the HTTP protocol, is getting a big boost today with support added in Cloudflare, Google Chrome, and Mozilla Firefox. From a report: Starting today, Cloudflare announced that customers will be able to enable an option in their dashboards and turn on HTTP/3 support for their domains. That means that whenever users visit a Cloudflare-hosted website from an HTTP/3-capable client, the connection will automatically upgrade to the new protocol, rather than being handled via older versions. On the browser side, Chrome Canary added support for HTTP/3 earlier this month. Users can enable it by using the Chrome command-line flags of "--enable-quic --quic-version=h3-23". In addition, Mozilla too announced it would roll out support for HTTP/3. The browser maker is scheduled to ship HTTP/3 in an upcoming Firefox Nightly version later this fall.

A faulty Google Chrome update is likely to blame for the issue Monday that resulted in Mac Pro workstations being rendered unusable at a number of Hollywood studios. "We recently discovered that a Chrome update may have shipped with a bug that damages the file system on MacOS machines," the company wrote in a forum post. "We've paused the release while we finalize a new update that addresses the problem." Variety reports: Reports of Mac Pro workstations refusing to reboot started to circulate among video editors late Monday. At the time, the common denominator among impacted machines seemed to be the presence of Avid's Media Composer software. The issue apparently knocked out dozens of machines at multiple studios, with one "Modern Family" reporting that the show's entire editing team was affected. Avid's leadership updated users of its software throughout the day, advising them to back up their work and not to reboot their machines.

The real culprit was apparently a recent release of Google's Keystone software, which is included in its Chrome browser to automatically download updates of the browser. On computers that had Apple's System Integrity Protection disabled, the update corrupted the computer's file system, making it impossible to reboot. System Integrity Protection is an Apple technology that is meant to ensure that malicious software doesn't corrupt core system files. Google advised affected users on how to uninstall the Chrome update, and also suggested that most users may not be at risk at all. "If you have not taken steps to disable System Integrity Protection and your computer is on OS X 10.9 or later, this issue cannot affect you," the forum post reads. A possible connection to Chrome was first detailed on the Mr. Macintosh blog Tuesday afternoon. As for why several Hollywood studios were hit the hardest, one theory suggests it's because many of the video editors had to disable System Integrity Protection in order to work with external audio and video devices that are common in professional editing setups.

Variety also suggests that the hardware dongles used for licensing Avid may have played some role in the shut-downs.

tearmeapart writes (edited to add more details): Cloudflare is opening up its security and speed-focused mobile VPN service called WARP and WARP Plus to the general public. WARP is a mobile app for Android and Apple to establish a VPN to CloudFlare's huge global network. Cloudflare is promising:
1. No user-identifiable log data to disk;
2. No selling browsing data;
3. No need to provide any personal information
4. Regularly get audited. This is the second time Cloudflare is launching Warp. The VPN builds on Cloudflare's existing mobile app 1.1.1.1, which encrypts domain name system connections. But Warp goes beyond this protection to encrypt the whole journey from your device to a web server and back -- even if the website itself still isn't offering HTTPS web encryption. And all of this happens quickly, without draining your battery, and without complicated setup. In an interview with Wired, Cloudflare CEO Matthew Prince said: Yeah, what we thought was going to be easy back in April turned out to be a lot harder than we expected. We had been testing this primarily in San Francisco and Austin and London, which is where the teams that were working on this are based. But as soon as users started to get anywhere that didn't have a fairly reliable internet connection, just all hell broke loose. The report adds: In describing the hurdles Cloudflare faced getting Warp off the ground, John Graham-Cumming, the company's chief technology officer, and Dane Knecht, its head of product strategy, note that many of the challenges came from dealing with interoperability issues between mobile device models, operating system versions, and different mobile network and Wi-Fi configurations around the world. For example, Warp is built on a newer secure communication protocol for VPNs known as WireGuard, which isn't ubiquitous yet and therefore isn't always natively supported by devices. The team also faced challenges dealing with web protocols and standards that are implemented inconsistently across different wireless carriers and internet service providers around the world. Cloudflare's 1.1.1.1 focuses on encrypting DNS connections specifically, but Warp aims to encompass everything in one protected tunnel. Keeping everything together as data traverses the labyrinth of servers that make up the internet, including Cloudflare's own massive network, was tough. Warp is free to use without any bandwidth caps or limitations. But Warp Plus, which is being offered through a monthly subscription fee, offers a "faster version of Warp that you can optionally pay for. The fee for Warp Plus varies by region and is designed to approximate what a McDonald's Big Mac would cost in the region. On iOS, the Warp Plus pricing as of the publication of this post is still being adjusted on a regional basis, but that should settle out in the next couple days. Warp Plus uses Cloudflare's virtual private backbone, known as Argo, to achieve higher speeds and ensure your connection is encrypted across the long haul of the Internet. We charge for it because it costs us more to provide," the company said in the blog post.

SpaceX "built its experimental spaceport in and around Boca Chica Village, a decades-old community of about 20 elderly residents," reports Business Insider.

But now "SpaceX is trying to buy as much of Boca Chica Village as it can and move people out...following an accidental brush fire, public-safety notices warning of the possibility for explosions, and a push to have the Federal Aviation Administration approve orbital-class launches with larger rockets." "When SpaceX first identified Cameron County as a potential spaceport location, we did not anticipate that local residents would experience significant disruption from our presence," the letter said. "However, it has become clear that expansion of spaceflight activities as well as compliance with Federal Aviation Administration and other public safety regulations will make it increasingly more challenging to minimize disruption to residents of the Village... SpaceX is offering you three times the independently appraised fair market value of your property," the letter said. "The offer is good through two weeks from the date of this letter...."

For those who commit to a sale, SpaceX said it would cover closing and other real-estate costs. It also comes packaged with an additional perk. "SpaceX recognizes that your close proximity to its operations has offered a unique opportunity to experience at close-hand the development of what will be the world's most advanced rocket. In appreciation of your support, we will offer all residents of the Village who accept the purchase offer the opportunity to continue their connection with the development of Starship by extending an invitation to attend future private VIP launch viewing events that are unavailable to the public."
Homeowner Cheryl Stevens complained to CBS News that the company has encroached on their neighborhood. "They're behaving as if this is Cape Canaveral. And it's not. It's not a military base. It's just a regular neighborhood, and a public beach, and a state highway. And suddenly, because they're here, stop the presses. Everything has to change for SpaceX."

SpaceX issued the following statement to CBS News: "We are entering a new and exciting era in space exploration and Texas is playing an increasingly important role in our efforts to help make humanity multi-planetary.

"As we develop Starship -- the world's most advanced launch system ever -- we are listening and responding to our neighbors' concerns and are striving to minimize disruptions as much as possible. We are working closely with Cameron County to facilitate public safety and provide regular road and beach closure updates to the public through a telephone hotline and on Cameron County's website."

An anonymous reader quotes a report from Gizmodo: Two individuals were arrested this week in connection with a fraud scheme that manipulated thousands of victims into paying for invented tech services that they didn't need. The Department of Justice announced that the two individuals Romana Leyva, 35, and Ariful Haque, 33, were arrested Wednesday for their alleged participation in the fraud scheme, which involved convincing victims -- many of whom were elderly -- in both the U.S. and Canada that they needed tech and virus protection services that were neither real nor required.

Between March 2015 and December 2018, both Ariful and Haque were allegedly involved with the fraud ring responsible for the crimes. According to an unsealed indictment, the scheme involved targeting victims with pop-up windows -- sometimes under the guise of being a legitimate tech company -- that claimed their computer had been infected with a virus and directed them to call a number for technical support. In some cases, the message threatened that if the individual closed the window or shut down their computer, it would either bork their device or result in a "complete data loss." Once users contacted the number, they were connected with a fake technician. To convince victims to hand over money, after receiving "permission" from the victim, the fraud ring allegedly remotely accessed the individual's computer, loaded an anti-virus tool that's available for free online, and informed the individual that their computer was infected with a virus (which, again, was a lie). The DOJ says the scheme was able to successfully scam "at least" 7,500 victims out of a combined $10 million.

Both of the individuals arrested are charged with one count of wire fraud and one count of conspiracy to commit wire fraud. Each count carries a maximum penalty of 20 years imprisonment.

On Friday, Apple applied for a U.S. Trademark on "Slofie," a made-up name for slow-motion selfies, a feature that's new to the iPhone 11 models. "The phones' front camera can now record video at 120 frames per second, which when slowed down, results in a crisp slow-motion effect," writes Jacob Kastrenakes for The Verge. "The results are neat, though I'm not convinced they'll turn into the Animoji-like phenomenon Apple may be hoping for." From the report: Apple is applying for a trademark on slofies in connection with "downloadable computer software for use in capturing and recording video." That means this trademark seems to be more about preventing other companies from making slofie-branded camera apps than it is about limiting popular usage of this totally made-up word. Apple has reason to want to prevent the creation of knock-off slofie apps, too, since slofies are meant to be exclusive to the new iPhones.

Despite the focus on apps, Apple doesn't actually offer a slofie app or a slofie mode on the new iPhones. The feature is just called "slo-mo" in Apple's camera app, and the company's current usage of slofie refers exclusively to the resulting videos, not the app or mode used to capture them. Apple seems to be hoping slofies will be a fun selling point for its new phones. The feature is mentioned across Apple's website, and Apple presented a slofie ad during the phones' launch event. It wouldn't be surprising to see a lot more airing in the coming weeks once the phones are out.

The Wi-Fi Alliance, the organization that oversees implementation of the Wi-Fi standard, is launching its official Wi-Fi 6 certification program. "That might sound boring, but it means the Wi-Fi 6 standard is truly ready to go, and tech companies will soon be able to advertise their products -- mostly brand new ones -- as certified to properly support Wi-Fi 6," reports The Verge. From the report: So the point of Wi-Fi 6 is to boost speeds within a crowded network. The theoretical maximum speed for Wi-Fi is increasing, too -- to 9.6 Gbps from 3.5 Gbps -- but those numbers don't really matter since you'll never get them at home. What matters is that Wi-Fi 6 has a bunch of tools allowing it to operate faster and deliver more data at once, so the speeds you actually get will be higher than before. Those gains will be most noticeable on crowded networks, where the efficiency improvements will make up for the higher Wi-Fi demands. (Wi-Fi 6 also mandates a major security improvement.)

Really, though, today's launch is largely a formality. The Wi-Fi certification program -- while important, and very much marking the beginning of the Wi-Fi 6 era -- isn't required, and companies have been rolling out Wi-Fi 6 devices for months that likely work just fine. But the Wi-Fi Alliance is made up of members of the tech industry big and small, and its actions represent what wireless features and technologies they're interested in delivering, so this is a clear sign that Wi-Fi 6 has arrived. All that said, this week's biggest news for Wi-Fi 6 has no immediate connection to the Alliance: it's that the iPhone 11 and 11 Pro go on sale, and both support Wi-Fi 6. That's going to quickly put millions of Wi-Fi 6 devices into people's hands, meaning adoption of the new tech will very suddenly be well underway.

The Department of Justice today announced the arrest of 281 suspects in connection with email scams and wire transfer fraud. The action is the biggest of its kind yet against this type of digital scammer, and is a strong symbol of law enforcement's sense of urgency in trying to contain a rapidly growing threat. Wired reports: You're familiar with crimes like this, even if you don't know them by their proper name of "business email compromise" schemes. It involves the coordinated crafting of compelling scam emails that trick employees or vulnerable individuals into sending money, then using strategic mules to wire the funds back to the perpetrators. Such scams have ballooned in recent years, costing victims tens of billions of dollars over time. The DOJ said the new round of arrests took four months to carry out across 10 countries, and resulted in the seizure of almost $3.7 million.

Tuesday's law enforcement initiative, dubbed Operation reWired, involved extensive international coordination to make 167 arrests in Nigeria, 74 in the United States, 18 in Turkey, and 15 in Ghana. The remainder took place in France, Italy, Japan, Kenya, Malaysia, and the United Kingdom. Research and law enforcement investigations have shown that a large proportion of all email scamming originates in West Africa, specifically Nigeria, but the scams have spread, partly because some West African actors have moved around the world. The new arrest of 281 suspects involved global coordination among law enforcement agencies. In the U.S. alone, Operation reWired involved the DOJ, the Department of Homeland Security, the Treasury, the State Department, and the Postal Inspection Service.