An anonymous reader quotes a report from Motherboard: Lobbying records in New York state show that Apple, Verizon, and the tech industry's largest trade organizations are opposing a bill that would make it easier for consumers and independent companies to repair your electronics. The bill, called the "Fair Repair Act," would require electronics companies to sell replacement parts and tools to the general public, would prohibit "software locks" that restrict repairs, and in many cases would require companies to make repair guides available to the public. Apple and other tech giants have been suspected of opposing the legislation in many of the 11 states where similar bills have been introduced, but New York's robust lobbying disclosure laws have made information about which companies are hiring lobbyists and what bills they're spending money on public record. According to New York State's Joint Commission on Public Ethics, Apple, Verizon, Toyota, the printer company Lexmark, heavy machinery company Caterpillar, phone insurance company Asurion, and medical device company Medtronic have spent money lobbying against the Fair Repair Act this year. The Consumer Technology Association, which represents thousands of electronics manufacturers, is also lobbying against the bill. The records show that companies and organizations lobbying against right to repair legislation spent $366,634 to retain lobbyists in the state between January and April of this year. Thus far, the Digital Right to Repair Coalition -- which is generally made up of independent repair shops with several employees -- is the only organization publicly lobbying for the legislation. It has spent $5,042 on the effort, according to the records.
Attend or create a Slashdot 20th anniversary party! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×
"Researchers at Universite Laval's Faculty of Science and Engineering and its Center for Optics, Photonics, and Lasers have created a smart T-shirt that monitors the wearer's respiratory rate in real time," reports Science Daily. The details have been published in the latest edition of Sensors. From the report: Unlike other methods of measuring respiratory rate, the smart T shirt works without any wires, electrodes, or sensors attached to the user's body, explains Younes Messaddeq, the professor who led the team that developed the technology. "The T shirt is really comfortable and doesn't inhibit the subject's natural movements. Our tests show that the data captured by the shirt is reliable, whether the user is lying down, sitting, standing, or moving around." The key to the smart T shirt is an antenna sewn in at chest level that's made of a hollow optical fiber coated with a thin layer of silver on its inner surface. The fiber's exterior surface is covered in a polymer that protects it against the environment. "The antenna does double duty, sensing and transmitting the signals created by respiratory movements," adds Professor Messaddeq, who also holds the Canada Excellence Research Chair in Photonic Innovations. "The data can be sent to the user's smartphone or a nearby computer." As the wearer breathes in, the smart fiber senses the increase in both thorax circumference and the volume of air in the lungs, explains Messaddeq. "These changes modify some of the resonant frequency of the antenna. That's why the T shirt doesn't need to be tight or in direct contact with the wearer's skin. The oscillations that occur with each breath are enough for the fiber to sense the user's respiratory rate."
lbalbalba writes: Elsevier, one of the largest academic publishers, is demanding $15 million in damages from Sci-Hub and LibGen, who make paywalled scientific research papers freely available to the public [without permission]. A good chunk of these papers are copyrighted, many by Elsevier. Elsevier has requested a default judgment of $15 million against the defendants for their "truly egregious conduct" and "staggering" infringement. Sci-Hub's efforts are backed by many prominent scholars, who argue that tax-funded research should be accessible to everyone. Others counter that the site doesn't necessarily help the "open access" movement move forward. Sci-Hub's founder Alexandra Elbakyan defends her position and believes that what she does is helping millions of less privileged researchers to do their work properly by providing free access to research results.
Waqas reports via Hack Read: Recently, HackRead found out a vendor going by the online handle of âoenclayâ is claiming to have hacked Zomato and selling the data of its 17 million registered users on a popular Dark Web marketplace. The database includes emails and password hashes of registered Zomato users while the price set for the whole package is USD 1,001.43 (BTC 0.5587). The vendor also shared a trove of sample data to prove that the data is legit. Here's a screenshot of the sample data publicly shared by "nclay." Upon testing the sample data on Zomato.com's login page, it was discovered that each and every account mentioned in the list exists on Zomato. Although Zomato didn't reply to our email but in their latest blog post the company has acknowledged the breach. Here's a full preview of the blog post published by Zomato 7hours ago: "Over 120 million users visit Zomato every month. What binds all of these varied individuals is the desire to enjoy the best a city has to offer, in terms of food. When Zomato users trust us with their personal information, they naturally expect the information to be safeguarded. And that's something we do diligently, without fail. We take cyber security very seriously -- if you've been a regular at Zomato for years, you'd agree."
An anonymous reader quotes a report from BleepingComputer: Starting with the release of Firefox 55, the Adobe Flash plugin for Firefox will be set to "Ask to Activate" by default for all users. This move was announced in August 2016, as part of Mozilla's plan to move away from plugins built around the NPAPI technology. Flash is currently the only NPAPI plugin still supported in Firefox, and moving its default setting from "Always Activate" to "Ask to Activate" is just another step towards the final step of stop supporting Flash altogether. This new Flash default setting is already live in Firefox's Nightly Edition and will move through the Alpha and Beta versions as Firefox nears its v55 Stable release. By moving Flash to a click-to-play setting, Firefox will indirectly start to favor HTML5 content over Flash for all multimedia content. Other browsers like Google Chrome, Brave, or Opera already run Flash on a click-to-play setting, or disabled by default. Firefox is scheduled to be released on August 8, 2017.
At its I/O 2017 conference, Google announced that it's launching a jobs search engine in the U.S. that will focus on a wide variety of jobs -- from entry-level and service industry positions to high-end professional jobs. The service will also use machine learning and artificial intelligence to better understand how jobs are classified and related, among other things. TechCrunch reports: In a few weeks, Google will begin to recognize when U.S. users are typing job search queries into Google Search, and will then highlight jobs that match the query. However, Google is not necessarily taking on traditional job search service providers with this launch -- instead, it's partnering with them. The company said that Google for Jobs will initially partner with LinkedIn, Facebook, Careerbuilder Monster, Glassdoor, and other services. The search engine will have a number of tools that will help you find the right jobs for you. For example, you'll be able to filter jobs by location, title, category or type, date posted or whether it's full or part-time, among other things. The service will also show applicants things like commute time, to help them figure out if the job is too far away to consider. What makes the service interesting is that it's leveraging Google's machine learning smarts to understand how job titles are related and cluster them together.
Researchers in Antarctica have discovered rapidly growing banks of mosses on the ice continent's northern peninsula, providing striking evidence of climate change in the coldest and most remote parts of the planet. Amid the warming of the last 50 years, the scientists found two different species of mosses undergoing the equivalent of growth spurts, with mosses that once grew less than a millimeter per year now growing over 3 millimeters per year on average, (the link could be paywalled; alternative source below) the Washington Post reported on Thursday. From a report: "Antarctica is not going to become entirely green, but it will become more green than it currently is," said Matt Amesbury, co-author of the research from the University of Exeter. "This is linking into other processes that are happening on the Antarctic Peninsula at the moment, particularly things like glacier retreat which are freeing up new areas of ice-free land -- and the mosses particularly are very effective colonisers of those new areas," he added. In the second half of the 20th century, the Antarctic Peninsula experienced rapid temperature increases, warming by about half a degree per decade. Plant life on Antarctica is scarce, existing on only 0.3% of the continent, but moss, well preserved in chilly sediments, offers scientists a way of exploring how plants have responded to such changes.
A popular font sharing site DaFont.com has been hacked, resulting in usernames, email addresses, and hashed passwords of 699,464 user accounts being stolen. ZDNet reports: The passwords were scrambled with the deprecated MD5 algorithm, which nowadays is easy to crack. As such, the hacker unscrambled over 98 percent of the passwords into plain text. The site's main database also contains the site's forum data, including private messages, among other site information. At the time of writing, there were over half-a-million posts on the site's forums. The hacker told ZDNet that he carried out his attack after he saw that others had also purportedly stolen the site's database. "I heard the database was getting traded around so I decided to dump it myself -- like I always do," the hacker told me. Asked about his motivations, he said it was "mainly just for the challenge [and] training my pentest skills." He told me that he exploited a union-based SQL injection vulnerability in the site's software, a flaw he said was "easy to find." The hacker provided the database to ZDNet for verification.
At its I/O 2017 developer conference, Google announced the Google Assistant is coming to iOS as a standalone app. Previously, the only way for iOS users to get access to the Assistant was through Allo, the Google messaging app nobody uses. For those interested, you can download the Google Assistant on your iOS device here, but keep in mind that your device needs to be running iOS 9.1 or higher. VentureBeat reports: Google Assistant for iPhone won't ship on Apple's mobile devices by default, and naturally won't be as tightly integrated into the OS. But it is addressable by voice and does work with other Google apps on Apple's platform. Apple has API restrictions on iOS, so Google Assistant can't set alarms like Siri can. It can, however, send iMessages for you or start playing music in third-party apps like Spotify. You also won't be able to use the Home button to trigger Google Assistant, so you'll need to use the app icon or a widget.
An anonymous reader quotes a report from Ars Technica: Owners of some Windows XP computers infected by the WCry ransomware may be able to decrypt their data without making the $300 to $600 payment demand, a researcher said Thursday. Adrien Guinet, a researcher with France-based Quarkslab, has released software that he said allowed him to recover the secret decryption key required to restore an infected XP computer in his lab. The software has not yet been tested to see if it works reliably on a large variety of XP computers, and even when it does work, there are limitations. The recovery technique is also of limited value because Windows XP computers weren't affected by last week's major outbreak of WCry. Still, it may be helpful to XP users hit in other campaigns. "This software has only been tested and known to work under Windows XP," he wrote in a readme note accompanying his app, which he calls Wannakey. "In order to work, your computer must not have been rebooted after being infected. Please also note that you need some luck for this to work (see below), and so it might not work in every case!"
An anonymous reader writes: A new report from Spiceworks, entitled A Portrait of IT Workers, says 41 per cent of IT pros in the UK consider themselves "accidental" -- and that they ended up in their career via a "non-traditional" route. The report, which covers areas including the career plans and education levels of IT professionals, found that a third (33 per cent) of the UK's IT job force don't have a college or a university degree. [...] When it comes to working, British IT bods work 41 hours a week, "far above" the 31 hour average across all industries. Almost all (89 per cent) see themselves as "somewhat stressed" at work, with a quarter (26 per cent) reported being extremely stressed.
Workers at Tesla's California car factory have been passing out and requiring rides in ambulances, the Guardian newspaper reported on Thursday. The conditions at the factory suggest the lengths the company is going to in order to meet its extremely ambitious production goals, and the tension employees feel between their pride in being part of the company and the stress and exhaustion the company's goals are causing them, according to the report. From the article: Ambulances have been called more than 100 times since 2014 for workers experiencing fainting spells, dizziness, seizures, abnormal breathing and chest pains, according to incident reports obtained by the Guardian. Hundreds more were called for injuries and other medical issues. In a phone interview about the conditions at the factory, which employs about 10,000 workers, the Tesla CEO conceded his workers had been "having a hard time, working long hours, and on hard jobs," but said he cared deeply about their health and wellbeing. His company says its factory safety record has significantly improved over the last year. Musk also said that Tesla should not be compared to major US carmakers and that its market capitalization, now more than $50bn, is unwarranted. "I do believe this market cap is higher than we have any right to deserve," he said, pointing out his company produces just 1% of GM's total output. "We're a money-losing company," Musk added. "This is not some situation where, for example, we are just greedy capitalists who decided to skimp on safety in order to have more profits and dividends and that kind of thing. It's just a question of how much money we lose. And how do we survive? How do we not die and have everyone lose their jobs?" The article also sheds light on the kind of manager Musk is. In early 2016, Musk slept on the factory floor in a sleeping bag "to make it the most painful thing possible. I knew people were having a hard time, working long hours, and on hard jobs. I wanted to work harder than they did, to put even more hours in," he was quoted as saying. "Because that's what I think a manager should do."
An anonymous reader writes: The thing is, WannaCry isn't the first of its kind. In fact, ransomware has been exploiting Windows vulnerabilities for a while. The first known ransomware attack was called "AIDS Trojan" that infected Windows machines back in 1989. This particular ransomware attack switched the autoexec.bat file. This new file counted the amount of times a machine had been booted; when the machine reached a count of 90, all of the filenames on the C drive were encrypted. Windows, of course, isn't the only platform to have been hit by ransomware. In fact, back in 2015, the LinuxEncoder ransomware was discovered. That bit of malicious code, however, only affected servers running the Magento ecommerce solution. The important question here is this: Have their been any ransomware attacks on the Linux desktop? The answer is no. With that in mind, it's pretty easy to draw the conclusion that now would be a great time to start deploying Linux on the desktop. I can already hear the tired arguments. The primary issue: software. I will counter that argument by saying this: Most software has migrated to either Software as a Service (SaaS) or the cloud. The majority of work people do is via a web browser. Chrome, Firefox, Edge, Safari; with few exceptions, SaaS doesn't care. With that in mind, why would you want your employees and staff using a vulnerable system? [...] Imagine, if you will, you have deployed Linux as a desktop OS for your company and those machines work like champs from the day you set them up to the day the hardware finally fails. Doesn't that sound like a win your company could use? If your employees work primarily with SaaS (through web browsers), then there is zero reason keeping you from making the switch to a more reliable, secure platform.
Reader BrianFagioli writes: A new survey reveals that families will spend more than a third of the 2017 summer season with their eyes glued to some sort of screen. To make matters worse, parents say that while they would prefer to do more activities away from devices, outings are far too expensive. A typical weekend family getaway with all things factored in, could average $2,328. Sadly, the overuse of "screens" are negatively impacting the health and behavior of children too. "With warmer weather finally arriving in most parts of the country and the school year winding down to a close, Groupon asked 1,000 U.S. parents how much time their families plan to spend on their electronic devices this summer -- and the results were staggering. The average American family will spend an average of 35 days of their summer, which is the equivalent of more than one-third, using their electronic devices. The survey, which was conducted for Groupon's Funtacular Fun Fest, found that the average child will watch an estimated 60 movies and play 150 hours of video games over the summer months," says Groupon.
Cisco said this week that it will cut an additional 1,100 employees as part of an expanded restructuring plan. From a report: The cuts come on top of the 5,500 job cuts, or 7 percent of its workforce, announced in August 2016, the enterprise technology company said. Cisco said it plans to recognize hundreds of millions of pretax charges related to the restructuring, which will end around the first quarter of the 2018 fiscal year.
Facebook is taking further steps to decrease the reach and prevalence of clickbait headlines on its social network. Facebook says it will target clickbait on an individual post level and not just by analyzing the bulk posts of a page. It will also look at two distinct signals: whether a headline "withholds information or if it exaggerates information separately." From a report: This should "more precisely" downplay the number of misleading stories cluttering your timeline, the social network says. Moreover, it's promising a more exacting approach when it looks at individual headlines. Until now, Facebook examined clickbait titles in a holistic way: it looked for both the exaggerated language ("you have to see this!") and deliberate attempts to withhold info ("eat this every day").
More than 35,000 AT&T workers plan to go on strike on Friday if they don't reach an agreement with the company for new contracts. From a report: The Communications Workers of America union said about 17,000 workers in AT&T's traditional wireline telephone and Internet business in Nevada and California who have been working without a contract for over a year would walk off the job on Friday afternoon for a three day strike if no deal is reached. On Tuesday, the union made a similar threat for 21,000 workers in AT&T's wireless business spread across 36 states and Washington, D.C. Workers are fed up with delays in the negotiations, Dennis Trainor, vice president of CWA District 1, said. "Now, AT&T is facing the possibility of closed stores for the first time ever," Trainor said. "Our demands are clear and have been for months: fair contract or strike. It's now in AT&T's hands to stand with workers or at 3pm Eastern Time on Friday workers will be off the job and onto picket lines across the country."
As we feared yesterday, the rollback of net neutrality rules officially began today. The FCC voted along party lines today to formally consider Chairman Ajit Pai's plan to scrap the legal foundation for the rules and to ask the public for comments on the future of prohibitions on blocking, throttling and paid prioritization. ArsTechnica adds: The Federal Communications Commission voted 2-1 today to start the process of eliminating net neutrality rules and the classification of home and mobile Internet service providers as common carriers under Title II of the Communications Act. The Notice of Proposed Rulemaking (NPRM) proposes eliminating the Title II classification and seeks comment on what, if anything, should replace the current net neutrality rules. But Chairman Ajit Pai is making no promises about reinstating the two-year-old net neutrality rules that forbid ISPs from blocking or throttling lawful Internet content, or prioritizing content in exchange for payment. Pai's proposal argues that throttling websites and applications might somehow help Internet users.
Mac and iOS software developer Panic has had the source code for several of its apps stolen. An anonymous reader writes: Panic founder Steven Frank said in a blog post that it happened after he downloaded an infected copy of the video encoding tool Handbrake. He said there was no sign that any customer data was accessed and that Panic's web server was not affected. Users have been warned to download Panic's apps only from its website or the Apple App Store. Panic is the creator of web editing and file transfer apps Coda and Transmit, and the video game Firewatch. On May 2, Handbrake was hacked, with the Mac version of the app on one of the site's download servers replaced by a malicious copy. In what Mr Frank called "a case of extraordinarily bad luck", he downloaded the malicious version of Handbrake and launched it "without stopping to wonder why Handbrake would need admin privileges... when it hadn't before. And that was that, my Mac was completely, entirely compromised in three seconds or less."
An anonymous reader shares a Motherboard article: Humans have accidentally created a protective bubble around Earth by using very low frequency (VLF) radio transmissions to contact submarines in the ocean. It sounds nuts, but according to recent research published in Space Science Reviews, underwater communication through VLF channels has an outer space dimension. This video explainer, released by NASA on Wednesday, visualizes how radio waves wafting into space interact with the particles surrounding Earth, and influence their motion. Satellites in certain high-altitude orbits, such as NASA's particle-watching Van Allen Probes, have observed these VLF ripples creating an 'impenetrable boundary,' a phrase coined by study co-author Dan Baker, director of the University of Colorado's Laboratory for Atmospheric and Space Physics. This doesn't mean impenetrable to spacecraft or asteroids, per se, but rather to potentially harmful particle showers created by turbulent space weather.
On Thursday, the European Union's powerful antitrust chief fined Facebook 110 million euros, or about $122 million, for giving misleading statements during the company's $19 billion acquisition of the internet messaging service WhatsApp in 2014. From a report: During the review process, the EC discussed the possibility of Facebook matching its users' accounts with WhatsApp users' accounts, to which Facebook replied that it "would be unable to establish reliable automated matching" between the two. Since then, though, the company has found a way, and it seems pretty straightforward. Unhappy with this, the EC today revealed a "proportionate and deterrent fine." How it acts as a deterrent, however, is unclear. Facebook was at risk of a fine totalling 1 percent of its turnover, which would have been closer to 200 million euros, but the figure was lower due to its compliance during the investigation. "The commission has found that, contrary to Facebook's statements in the 2014 merger review process, the technical possibility of automatically matching Facebook and WhatsApp users' identities already existed in 2014, and that Facebook staff were aware of such a possibility," the EC said.
An anonymous reader writes: US and EU officials have decided against a ban on laptops and tablets in cabin baggage on flights from Europe. But after a four-hour meeting in Brussels to discuss the threats to aviation security, officials said other measures were still being considered. US officials had previously said they were looking into extending to Europe a ban on electronics on flights from eight mostly Muslim countries. The measure was introduced over fears a bomb could be concealed in a device. The meeting was requested by EU officials after recent reports suggested US authorities had new information regarding laptop parts being turned into explosives.
MrCreosote writes: Properties owned and run by the Trump Organization, including places where Trump spends much of his time and has hosted foreign leaders, are a network security nightmare. From a report via ProPublica (co-published with Gizmodo): "We parked a 17-foot motor boat in a lagoon about 800 feet from the back lawn of The Mar-a-Lago Club in Palm Beach and pointed a 2-foot wireless antenna that resembled a potato gun toward the club. Within a minute, we spotted three weakly encrypted Wi-Fi networks. We could have hacked them in less than five minutes, but we refrained. A few days later, we drove through the grounds of the Trump National Golf Club in Bedminster, New Jersey, with the same antenna and aimed it at the clubhouse. We identified two open Wi-Fi networks that anyone could join without a password. We resisted the temptation. We have also visited two of President Donald Trump's other family-run retreats, the Trump International Hotel in Washington, D.C., and a golf club in Sterling, Virginia. Our inspections found weak and open Wi-Fi networks, wireless printers without passwords, servers with outdated and vulnerable software, and unencrypted login pages to back-end databases containing sensitive information. The risks posed by the lax security, experts say, go well beyond simple digital snooping. Sophisticated attackers could take advantage of vulnerabilities in the Wi-Fi networks to take over devices like computers or smart phones and use them to record conversations involving anyone on the premises."
nyquil superstar writes: Hey all, the Star Trek: Discovery trailer is out. Looks entertaining! From a report via Vox: "The trailer features Sonequa Martin-Green, fresh from The Walking Dead, as Michael Burnham, a first officer promoted unexpectedly to the position of captain by her mentor, Captain Georgiou (Michelle Yeoh). Set 10 years before the original Star Trek series (and 90 years after the franchise's only other prequel, Star Trek: Enterprise), the new series follows the starship Discovery as Burnham learns to become a captain. But she soon finds her abilities tested by a host of challenges that will be familiar to all lovers of the classic sci-fi universe: new worlds to explore and alliances to forge, hostile Klingons, and the difficulty of adhering to the Federation's peacekeeping mission."
China's Civil Aviation Authority has announced that drone pilots will be required to register any unmanned aerial vehicle heavier than 0.55 pounds with the government starting on June 1st. "Online registration will open up on May 18th, and the government will start publishing no-fly zone data for civilian airports on the same day," reports Engadget. From the report: The initiative will also see regulators working with local government and police to curb drone interference, and will eventually standardize commercial drone use with four main categories: aerial photography, agricultural use, aviation photography and license training. The country already recognizes over 200 training outlets that have issued over 14,000 certificates so far, so some of this standardization would really just expand on what's already happening. It's hard to escape concerns that this will help the government crack down on drone pilots for spurious reasons, such as when they record protests or questionable government activities. However, the registration officially comes as a response to a mounting number of safety incidents involving drones at airports. Authorities note that Chengdu alone saw eight examples of drone interference since April, six of which grounded 138 flights. If those sorts of figures are applicable elsewhere, that's a lot hassle and potential danger.