Make everyone stand. Work to an agenda. Don't let people go on endlessly. There are plenty of suggestions on how to run meetings so they are not a waste of time. People pay less attention to a bigger waste of time: the multi-participant conference call, argues a story on Financial Times. The story -- shared by an anonymous reader and which may be paywalled -- makes a case against the need for conference calls: You know the drill. An invitation arrives in your inbox with a date and time, a list of participants, numbers for dialling in from different countries and a sign-in code (followed by the pound or hash sign). I have had dozens of these invitations to conference calls, particularly those to discuss forthcoming panels and events. None of the calls has contributed much to the eventual event. I know this because my role is often to chair the eventual event. This is the first difference between a conference call and a face-to-face meeting: it is clear who is chairing the meeting, whereas it is seldom clear who is chairing the call. On conference calls, there is usually someone listed as the organiser, with their own sign-in code (followed by the pound or hash sign), but they are often not the most senior person on the call. The organiser, I can say from experience, is seldom the person who is going to be chairing the planned event. Usually, they are the person who organised the call. That may be a senior person; it may be their personal assistant.

The call organiser may take the leading role in the call. It is hard to tell because -- unless you have met several times before -- it is difficult to know who is speaking at any time. Unlike in a face-to-face meeting, you cannot see people's faces. As participants "arrive" in the conference call, they usually say, "Hi, this is Diane", or are announced by a recorded voice like entrants to a 19th-century ball -- "Simon Oates has joined the call" -- but after that you have to listen keenly for any voice marker (an accent, a shouty tone) that will help you identify who is talking. That is if you can remember who is on the call in the first place. What do you think?

With few uses to anchor their value, and little in the way of regulation, cryptocurrencies have instead become a focus for speculation, The Economist magazine said this week. From the story, which may be paywalled: Some people have made fortunes as cryptocurrency prices have zoomed and dived; many early punters have cashed out. Others have lost money. It seems unlikely that this latest boom-bust cycle will be the last. Economists define a currency as something that can be at once a medium of exchange, a store of value and a unit of account. Lack of adoption and loads of volatility mean that cryptocurrencies satisfy none of those criteria. That does not mean they are going to go away (though scrutiny from regulators concerned about the fraud and sharp practice that is rife in the industry may dampen excitement in future). But as things stand there is little reason to think that cryptocurrencies will remain more than an overcomplicated, untrustworthy casino.

Can blockchains -- the underlying technology that powers cryptocurrencies -- do better? These are best thought of as an idiosyncratic form of database, in which records are copied among all the system's users rather than maintained by a central authority, and where entries cannot be altered once written. Proponents believe these features can help solve all sorts of problems, from streamlining bank payments and guaranteeing the provenance of medicines to securing property rights and providing unforgeable identity documents for refugees. Those are big claims. Many are made by cryptocurrency speculators, who hope that stoking excitement around blockchains will boost the value of their related cryptocurrency holdings.

On the surface, the world of agile software development is bright, since it is now mainstream. But the reality is troubling, because much of what is done is faux-agile, disregarding agile's values and principles, writes programmer Martin Fowler. The three main challenges we should focus on are: fighting the Agile Industrial Complex and its habit of imposing process upon teams, raising the importance of technical excellence, and organizing our teams around products (rather than projects), he added. An anonymous reader shares his post: Now agile is everywhere, it's popular, but there's been an important shift. It was summed up quite nicely by a colleague of mine who said, "In the old days when we talked about doing agile, there was always this pushback right from the beginning from a client, and that would bring out some important conversations that we would have. Now, they say, 'Oh, yeah, we're doing agile already,' but you go in there and you suddenly find there's some very big differences to what we expect to be doing. As ThoughtWorks, we like to think we're very deeply steeped in agile notions, and yet we're going to a company that says, "Yeah, we're doing agile, it's no problem," and we find a very different world to what we expect.

Our challenge at the moment isn't making agile a thing that people want to do, it's dealing with what I call faux-agile: agile that's just the name, but none of the practices and values in place. Ron Jeffries often refers to it as "Dark Agile," or specifically "Dark Scrum." This is actually even worse than just pretending to do agile, it's actively using the name "agile" against the basic principles of what we were trying to do, when we talked about doing this kind of work in the late 90s and at Snowbird. So that's our current battle. It's not about getting agile respectable enough to have a crowd like this come to a conference like this, it's realizing that a lot of what people are doing and calling agile, just isn't. We have to recognize that and fight against it because some people have said, "Oh, we're going to 'post-agile,' we've got to come up with some new word," - but that doesn't help the fundamental problem. It's the values and principles that count and we have to address and keep pushing those forwards and we might as well use the same label, but we've got to let people know what it really stands for.

Last month, Google introduced its Titan Key -- a physical security key used for two-factor authentication -- and now it's widely available for purchase in the US through company's Google Store. Almost any modern browser and mobile device, as well as services such as Dropbox, Twitter, Facebook, Salesforce, Stripe support the Titan Key. It's Google's take on a Fast Identity Online key, a physical device used to authenticate logins over Bluetooth. From a report: For $50, you'll get a USB security key and a Bluetooth security key as well as a USB-C to USB-A adapter and a USB-C to USB-A connecting cable. What happens if you lose them? From a report: A downside of physical keys is that if lose them, you're toast. That's why you have two keys -- one is meant to be a backup. Google says it can help you gain access to your account again but the recovery process can take days. VentureBeat adds: It's not meant to compete with other FIDO keys on the market, stressed Sam Srinivas, product management director for information security at Google, during a press pre-briefing. Rather, it's "for customers who want security keys and trust Google," he said. Further reading: None of Google's 85,000 Employees Have Been Phished in More Than a Year After Company Required Them to Use Physical Security Keys For 2FA.

AmiMoJo shares a report from Boing Boing: Josh Mitchell's Defcon presentation analyzes the security of five popular brands of police bodycams (Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc) and reveals that they are universally terrible. All the devices use predictable network addresses that can be used to remotely sense and identify the cameras when they switch on. None of the devices use code-signing. Some of the devices can form ad-hoc Wi-Fi networks to bridge in other devices, but they don't authenticate these sign-ons, so you can just connect with a laptop and start raiding the network for accessible filesystems and gank or alter videos, or just drop malware on them.

According to a new study from market research firm SimilarWeb, Facebook may cede its runner-up position to YouTube in the next two to three months. Currently, the top five most-visited websites in the U.S. are Google, Facebook, YouTube, Yahoo and Amazon, in that order. However, Facebook's monthly page visits are declining rapidly, from 8.5 billion to 4.7 billion in the last two years, which could shake up that order. CNBC reports: YouTube, which is owned by Google parent Alphabet, has seen increased traffic, the study said. The app has also experienced in increase in viewership. Yahoo is also poised to lose its position in the ranking. Amazon has already surpassed Yahoo during big spending months, including December 2017 and July 2018, when the e-commerce giant held its annual Prime Day. The study projects that Amazon will take over Yahoo's ranking in the next two to three months. However, none of the bottom four of the top five comes close to Google. Although it has seen some decline in website traffic thanks to app use and voice search, it saw approximately 15 billion visits in July 2018, the study said. The others were all below 5 billion, according to the report.

AXS, a digital marketplace operated by Anschutz Entertainment Group (AEG), is the second largest presenter of live events in the world after Live Nation Entertainment (i.e. Ticketmaster). Paris Martineau of The Outline reports that the company forces customers to download a predatory app which goes on to snatch up a range of personally identifiable data and sells it to a range of companies, including Facebook and Google, without ever anonymizing or aggregating them. From the report: The company requires users to download an app to use any ticket for a concert, game, or show bought through AXS, and it doesn't come cheap. AXS uses a system called Flash Seats, which relies on a dynamically generated barcode system (read: screenshotting doesn't work) to fight off ticket scalping and reselling. [...] Here's a brief overview of all of the information that can be collected from just the mobile app alone, nearly all of which is shared with third parties without being anonymized or aggregated: first and last name, precise location (as determined by GPS, WiFi, and other means), how often the app is used, what content is viewed using the app, which ads are clicked, what purchases are made (and not made), a user's personal advertising identifier, IP address, operating system, device make and model, billing address, credit card number, security code, mailing address, phone number, and email address, among many others. [...] AXS also shares the personal data collected on its customers with event promoters and other clients, none of whom are bound even by this (extremely lax) privacy policy.

On Monday, Senator Mark Warner published 20 proposals on how to regulate big tech platforms. What's interesting is that none of the proposals call for breaking up the pseudo-monopolies. Instead, they aim to start a substantive debate by laying out different paths to address problems posed by the platforms. Gizmodo reports: What may be more important than the individual proposals themselves is that the document is at least trying to organize a holistic way of thinking about the issues now on the table. It breaks down the areas that need addressing into the promotion of disinformation, privacy and consumer protection, and ensuring competition in the marketplace. Just to highlight a few of the good issues on the table, the white paper blessedly brings the conversation back to privacy and data ownership -- something that seems to have been lost as the conversation has turned to content moderation. The easiest recommendation is to implement what it calls "GDPR-like" data protection legislation that would give Americans similar data rights as EU citizens gained in May. The jury is still out on the long-term consequences of those reforms, but they require greater transparency and consent for a company's terms of service, along with many more tools for keeping track of what information a company collects on you.

On the competition side of things, the proposal suggests a data-transparency bill that would give users a more granular idea of how their data is being used and how much its worth to an individual platform. One concern it addresses is that platforms expand how they monetize a person's data while the user is often unaware of how much they're actually giving up, value-wise, when they agree to hand over their data in exchange for a particular service. Another benefit would be that regulators would have a better idea of what they're evaluating in antitrust enforcement cases. The proposals relating to disinformation are a little more worrisome. A requirement that platforms "clearly and conspicuously label bots" wouldn't be so bad, but it's a daunting task and opens up the potential for false positives. Likewise, demanding networks identify a user's true identity is unrealistic, and the option of anonymity online should be protected. Axios was first to publish the list of 20 proposals compiled by Warner's staff. Is there a proposal that resonates with you? If not, how would you regulate the Big Tech platforms?

According to two complementary studies, sperm change their cargo as they travel the reproductive tract, which can have consequences on the viability of future offspring. Smithsonian reports: The legacy of a dad's behavior can even live on in his child if his epigenetic elements enter an embryo. For instance, mice born to fathers that experience stress can inherit the behavioral consequences of traumatic memories. Additionally, mouse dads with less-than-desirable diets can pass a wonky metabolism onto their kids. Upasna Sharma and Colin Conine, both working under Oliver Rando, a professor of biochemistry at the University of Massachusetts Medical School, were some of the researchers to report such findings in 2016. In their work, Sharma and Conine noted that, in mice, while immature testicular sperm contain DNA identical to that of mature sperm, immature sperm relay different epigenetic information. It turns out that sperm small RNAs undergo post-testes turnover, picking up intel on the father's physical health (or lack thereof) after they're manufactured, but before they exit the body. However, the exact pit stop at which these additional small RNAs hitch a ride remained unknown.

To solve the mystery, Sharma, who led the first of the two new studies, decided to track the composition of small RNAs within mouse sperm as they fled the testes and cruised through the epididymis. She and her colleagues isolated sperm of several different ages from mice, including those about to emerge from the testes, those entering the early part of the epididymis and those in the late part of the epididymis. Sharma was surprised to find that many small RNAs seemed to be discarded or destroyed upon entering the early epididymis; then, the newly vacated sperm reacquired epigenetic intel that reflected the father's state of being, boasting a full set by the time they left the late epididymis. There was only one possible source for the small RNA reacquisition: the cells of the epididymis -- which meant that cells outside of the sperm were transmitting information into future generations. [...] Colin Conine, who led the second of the two new studies, next tested if using immature sperm would have noticeable effects on the offspring of mice. He and his colleagues extracted sperm from the testes, early epididymis and late epididymis and injected them into eggs. All three types of sperm were able to fertilize eggs. However, when Conine transferred the resulting embryos into mouse surrogates, none derived from early epididymal sperm -- the intermediate stage devoid of most small RNAs -- implanted in the uterus. The least and most mature sperm of the bunch were winners -- but somehow, those in the middle were burning out, even though all their genes were intact. The only other explanation was that the defect was temporary. If this was the case, then perhaps, if fed the right small RNAs, the early epididymal sperm could be rescued.

An anonymous reader writes: Google launched its own Titan Security Key on Wednesday, a small USB device which includes firmware developed by the omnipresent tech giant itself. This comes days after Google said its workforce has been phish-proof for more than a year thanks to security keys distributed to its 85,000 employees. The new key means new competition for Yubikey manufacturer Yubico which confirmed it is not involved with Google's new key. The product is available now to Google Cloud customers and will eventually be available to general customers, the company announced Wednesday at its Google Cloud Next conference in San Francisco. CNET, which tested the device, adds: It'll come in a bundle with both the USB and Bluetooth versions for $50, or you can buy one or the other for about $20 to $25 each, Brand said. The set of security keys should work on any device with a USB port or a Bluetooth connection.

Google has not had any of its 85,000+ employees successfully phished on their work-related accounts since early 2017, when it began requiring all employees to use physical Security Keys in place of passwords and one-time codes, the company told KrebsOnSecurity. From the report: Security Keys are inexpensive USB-based devices that offer an alternative approach to two-factor authentication (2FA), which requires the user to log in to a Web site using something they know (the password) and something they have (e.g., a mobile device). A Google spokesperson said Security Keys now form the basis of all account access at Google. "We have had no reported or confirmed account takeovers since implementing security keys at Google," the spokesperson said. "Users might be asked to authenticate using their security key for many different apps/reasons. It all depends on the sensitivity of the app and the risk of the user at that point in time." The basic idea behind two-factor authentication is that even if thieves manage to phish or steal your password, they still cannot log in to your account unless they also hack or possess that second factor.

An anonymous reader shares a report: While the legal status of the Moon as a "global commons" accessible to all countries on peaceful missions did not meet any substantial resistance or challenge, the Outer Space Treaty left further details unsettled. Contrary to the very optimistic assumptions made at the time, so far humankind has not returned to the moon since 1972, making lunar land rights largely theoretical.

That is, until a few years ago when several new plans were hatched to go back to the moon. In addition at least two U.S. companies, Planetary Resources and Deep Space Industries, which have serious financial backing, have started targeting asteroids for the purpose of mining their mineral resources. Geek note: Under the aforementioned Outer Space Treaty, the moon and other celestial bodies such as asteroids, legally speaking, belong in the same basket. None of them can become the "territory" of one sovereign state or another.

The very fundamental prohibition under the Outer Space Treaty to acquire new state territory, by planting a flag or by any other means, failed to address the commercial exploitation of natural resources on the moon and other celestial bodies. This is a major debate currently raging in the international community, with no unequivocally accepted solution in sight yet. Roughly, there are two general interpretations possible. Countries such as the United States and Luxembourg (as the gateway to the European Union) agree that the moon and asteroids are "global commons," which means that each country allows its private entrepreneurs, as long as duly licensed and in compliance with other relevant rules of space law, to go out there and extract what they can, to try and make money with it. [...] On the other hand, countries such as Russia and somewhat less explicitly Brazil and Belgium hold that the moon and asteroids belong to humanity as a whole.

Kim Zetter, reporting for Motherboard: The nation's top voting machine maker has admitted in a letter to a federal lawmaker that the company installed remote-access software on election-management systems it sold over a period of six years, raising questions about the security of those systems and the integrity of elections that were conducted with them. In a letter sent to Sen. Ron Wyden (D-OR) in April and obtained recently by Motherboard, Election Systems and Software acknowledged that it had "provided pcAnywhere remote connection software ... to a small number of customers between 2000 and 2006," which was installed on the election-management system ES&S sold them.

The statement contradicts what the company told me and fact checkers for a story I wrote for the New York Times in February. At that time, a spokesperson said ES&S had never installed pcAnywhere on any election system it sold. "None of the employees -- including long-tenured employees, has any knowledge that our voting systems have ever been sold with remote-access software," the spokesperson said. ES&S did not respond on Monday to questions from Motherboard, and it's not clear why the company changed its response between February and April. Lawmakers, however, have subpoena powers that can compel a company to hand over documents or provide sworn testimony on a matter lawmakers are investigating, and a statement made to lawmakers that is later proven false can have greater consequence for a company than one made to reporters.

You asked questions, we've got the answers!

Christine Peterson is a long-time futurist who co-founded the nanotech advocacy group the Foresight Institute in 1986. One of her favorite tasks has been contacting the winners of the institute's annual Feynman Prize in Nanotechnology, but she also coined the term "Open Source software" for that famous promotion strategy meeting in 1998.

Christine took some time to answer questions from Slashdot readers.

An anonymous reader shares a report: Over 40 years ago, a NASA mission may have accidentally destroyed what would have been the first discovery of organic molecules on Mars, according to a report from New Scientist. Recently, NASA caused quite a commotion when it announced that its Curiosity rover discovered organic molecules -- which make up life as we know it -- on Mars. This followed the first confirmation of organic molecules on Mars in 2014. But because small, carbon-rich meteorites so frequently pelt the Red Planet, scientists have suspected for decades that organics exist on Mars.

But researchers were stunned in 1976, when NASA sent two Viking landers to Mars to search for organics for the first time and found absolutely none. Scientists didn't know what to make of the Viking findings -- how could there be no organics on Mars? "It was just completely unexpected and inconsistent with what we knew," Chris McKay, a planetary scientist at NASA's Ames Research Center, told New Scientist.

An anonymous reader quotes a report from Motherboard: Earlier this week, an algorithm made an absurd choice. Google AdSense, Google's advertising program that makes up the bulk of the tech giant's advertising revenue, decided that a web page about a decades-old bill about sexual abuse was "adult content," and wasn't allowed to display ads anymore. The page, which is at least six years old and contains strictly legislative information about a bill called the "Child Sexual Abuse and Pornography Act of 1986" on free legislative research and tracking website GovTrack.us, tripped the AdSense algorithm that decides what pages are allowed to run ads. This single, very dry page being flagged as "adult content" is most likely a minor fluke in the AdSense algorithm, but it's a perfect example of how a tiny tweak in the way a platform uses automation to enforce policies can send a ripple through seemingly-unrelated parts of the internet. The page was flagged by Adsense as "policy non-compliant" on Monday, with Google citing the page's "violations" in a summary of the AdSense adult content policy. Here's what Google told GovTrack: "As stated in our program policies, we may not show Google ads on pages with content that is sexually suggestive or intended to sexually arouse. This includes, but is not limited to: pornographic images, videos, or games; sexually gratifying text, images, audio, or video; pages that provide links for or drive traffic to content that is sexually suggestive or intended to sexually arouse." The GovTrack page contains none of these, yet the page still can't run AdSense.

An anonymous reader shares a report: A&R, or "artists and repertoire," are the people who look for new talent, convince that talent to sign to the record label and then nurture it: advising on songs, on producers, on how to go about the job of being a pop star. It's the R&D arm of the music industry. [...] What the music business doesn't like to shout about is how inefficient its R&D process is. The annual global spend on A&R is $2.8bn, according to the International Federation of the Phonographic Industry, and all that buys is the probability of failure: "Some labels estimate the ratio of commercial success to failure as 1 in 4; others consider the chances to be much lower -- less than 1 in 10," observes its 2017 report.

Or as Mixmag magazine's columnist The Secret DJ put it: "Major labels call themselves a business but are insanely unprofitable, utterly uncertain, totally rudderless and completely ignorant." In the golden age of the music industry, none of that really mattered. So much money was flowing in that mistakes could be ignored. There was no way to hear most music other than to buy a record, and when CDs entered the market in the 1980s -- costing little to produce, but selling for a fortune -- the major labels were more or less printing their own money. But then came the internet: first file-sharing, then streaming slashed sales of physical music so deeply that the record business became a safety-first game.

Every label executive has always wanted hits, but these days the people who run the big imprints want guaranteed hits. The rise of digital music brought with it a huge amount of data which, industry executives realized, could be turned to their advantage. In his first public speech as CEO of Sony, in May 2017, Rob Stringer asserted: "All our business units must now leverage data and analytics in innovative ways to dig deeper than ever for new talent. The modern day talent-spotter must have both an artistic ear and analytical eyes." Earlier this year, in the same week as Warner announced its acquisition of Sodatone, a company that has developed a tool for talent-spotting via data, another data company, Instrumental, secured $4.2m of funding. The industry appeared to have reached a tipping point -- what the website Music Ally called "A&R's data moment." Which is why, wherever the music industry's great and good gather, the word "moneyball" has become increasingly prevalent.

An anonymous reader quotes Reuters: Bitcoin's value slid to its lowest level since November on Friday, as waning investor interest and recent negative headlines from global regulators weakened demand for the cryptocurrency and most of its rivals. Virtual currencies, including the best-known and biggest, bitcoin, have been stuck in a downward trend for most of 2018 after last year's frenzied interest fizzled. Recent hacks and the "cyber intrusion" of cryptocurrency exchanges in key Asian markets has also encouraged investors to exit.

Bitcoin fell to as low as $5,774 on the Bitstamp exchange, the lowest since November 12... So far in 2018, bitcoin has tumbled almost 60 percent after soaring more than 1,300 percent last year. It is now down 70 percent from its December peak... The total market capitalization of cryptocurrencies has fallen to around $230 billion from a peak of around $800 billion in January.
Will Hobbs, Head of Investment Strategy at Barclays Smart Investor, now tells Reuters that "None of the crypto currencies currently fulfill any of the criteria that we would look for in an investible asset, and we would continue to advise extreme caution. The rout in crypto currencies is still not finished."

There are cyberheists, and then there's Carbanak, a cybercriminal gang that has stolen about $1.2 billion from more than 100 banks in 40 nations. The suspected 34-year-old ringleader is under arrest, but the whopping $1.2 billion amount remains missing. And to add insult to the injury, the malware attacks live on. Bloomberg Businessweek has an insightful story on this, which includes comments from none other than Europol itself, on the chase to catch Carabanak which has lasted for three years. Some excerpts from the story: Before WannaCry, before the Sony Pictures hack, and before the breaches that opened up Equifax and Yahoo!, there was a nasty bit of malware known as Carbanak. Unlike those spectacular attacks, this malware wasn't created by people interested in paralyzing institutions for ransom, publishing embarrassing emails, or taking personal data. The Carbanak guys just wanted loot, and lots of it.

Since late 2013, this band of cybercriminals has penetrated the digital inner sanctums of more than 100 banks in 40 nations, including Germany, Russia, Ukraine, and the U.S., and stolen about $1.2 billion, according to Europol, the European Union's law enforcement agency. The string of thefts, collectively dubbed Carbanak -- a mashup of a hacking program and the word "bank" -- is believed to be the biggest digital bank heist ever. In a series of exclusive interviews with Bloomberg Businessweek, law enforcement officials and computer-crime experts provided revelations about their three-year pursuit of the gang and the mechanics of a caper that's become the stuff of legend in the digital underworld.

Besides forcing ATMs to cough up money, the thieves inflated account balances and shuttled millions of dollars around the globe. Deploying the same espionage methods used by intelligence agencies, they appropriated the identities of network administrators and executives and plumbed files for sensitive information about security and account management practices. The gang operated through remotely accessed computers and hid their tracks in a sea of internet addresses.

Fake Fortnite Android apps are spreading around the internet, even though the game has not been officially released for the platform. From a report: Videos on YouTube with links to scam versions of the popular game have been viewed millions of times, according to security experts. None of the fake apps has made it on to the Google Play Store, but they are easy to find on search engines. According to one security firm, the apps look legitimate. Talking about one particular fake app, Nathan Collier, an analyst from security firm Malwarebytes, said: "It's so realistic that some may recognise it from the Apple iOS version. By stealing the icon directly from Apple, how could it not look real? In fact the app redirects users to a browser asking them to download a number of other apps in order to play the game. The scammers are paid each time someone downloads an app from the website.