Chinese Police Begin Tracking Citizens With Face-Recognizing Smart Glasses ( 112

An anonymous reader quotes Reuters: At a highway check point on the outskirts of Beijing, local police are this week testing out a new security tool: smart glasses that can pick up facial features and car registration plates, and match them in real-time with a database of suspects. The AI-powered glasses, made by LLVision, scan the faces of vehicle occupants and the plates, flagging with a red box and warning sign to the wearer when any match up with a centralized "blacklist".

The test -- which coincides with the annual meeting of China's parliament in central Beijing -- underscores a major push by China's leaders to leverage technology to boost security in the country... Wu Fei, chief executive of LLVision, said people should not be worried about privacy concerns because China's authorities were using the equipment for "noble causes", catching suspects and fugitives from the law. "We trust the government," he told Reuters at the company's headquarters in Beijing.

This weekend while China's President Xi Jinping is expected to push through a reform allowing him to stay in power indefinitely, Reuters reports that the Chinese goverment is pushing the use of cutting-edge technology "to track and control behavior that goes against the interests of the ruling Communist Party online and in the wider world... A key concern is that blacklists could include a wide range of people stretching from lawyers and artists to political dissidents, charity workers, journalists and rights activists...

"The new technologies range from police robots for crowd control, to drones to monitor border areas, and artificially intelligent systems to track and censor behavior online," Reuters reports, citing one Hong Kong researcher who argues that China now sees internet and communication technologies "as absolutely indispensable tools of social and political control."
Open Source

Linux Developer McHardy Drops GPLv2 'Shake Down' Case ( 53

Former Linux developer Patrick McHardy dropped his Gnu General Public License version 2 (GPLv2) violation case against Geniatech in a German court this week. ZDNet explains why some consider this a big "win": People who find violations typically turn to organizations such as the Free Software Foundation, Software Freedom Conservancy (SFC), and the Software Freedom Law Center to approach violators. These organizations then try to convince violating companies to mend their ways and honor their GPLv2 legal requirements. Only as a last resort do they take companies to court to force them into compliance with the GPLv2. Patrick McHardy, however, after talking with SFC, dropped out from this diplomatic approach and has gone on his own way. Specifically, McHardy has been accused of seeking his own financial gain by approaching numerous companies in German courts. Geniatech claimed McHardy has sued companies for Linux GPLv2 violations in over 38 cases. In one, he'd requested a contractual penalty of €1.8 million. The company also claimed McHardy had already received over €2 million from his actions...

In July 2016, the Netfilter developers suspended him from the core team. They received numerous allegations that he had been shaking down companies. McHardy refused to discuss these issues with them, and he refused to sign off on the Principles of Community-Oriented GPL Enforcement. In October 2017, Greg Kroah-Hartman, Linux kernel maintainer for the stable branch, summed up the Linux kernel developers' position. Kroah-Hartman wrote: "McHardy has sought to enforce his copyright claims in secret and for large sums of money by threatening or engaging in litigation...."

Had McHardy continued on his way, companies would have been more reluctant to use Linux code in their products for fear that a single, unprincipled developer could sue them and demand payment for his copyrighted contributions... McHardy now has to bear all legal costs for both sides of the case. In other words, when McHardy was faced with serious and costly opposition for the first time, he waved a white flag rather than face near certain defeat in the courts.


Can Electricity Travel Through Space on Astrophysical Jets? ( 313

Slashdot reader Chris Reeve writes: An October 2017 paper titled Electric Currents along Astrophysical Jets reports that "Several researchers have reported direct evidence for large scale electric currents along astrophysical jets." A review of the citations at the end of that paper and others (here and here, for instance) would seem to suggest that one of the great Internet science debates has finally been settled: Electricity does indeed travel through space over vast cosmic distances.

What has been interesting to watch about this unexpected development is that science journalists have so far not explicitly reported this as a shift in theory, and commenters on sites like appear to deny that any change has even occurred: "The jets have been shown not to be electric currents, the energy and the physics involved are certainly not electromagnetic." This comment completely rejecting these new findings was highly rated by other readers, suggesting that the failure to explicitly report this as a change in theory has left this controversial topic in a highly confused state.

The paper summarizes what it calls "observational evidence for the existence of large scale electric currents and their associated grand design helical magnetic fields in kpc-scale astrophysical jets." And the original submitter details the history of the question in a follow-up comment arguing that at our current moment in time, "a mistaken bias against electricity in space continues to dominate conversations."

Kansas 'Swat' Perpetrator Is Now Also Wanted in Florida ( 87

An anonymous reader writes: Florida police recount how close they were to aresting 25-year-old Tyler Barriss before his fake call to Kansas police led to a fatal shooting. "Panama City Beach police Lt. J.R. Talamantez told the Panama City News Herald that police had tied Barriss to about 30 other bomb threats," reports the Wichita Eagle -- a full month before another call led to the fatal shooting of a father of two in Kansas. But attempts to secure an arrest warrant may have been slowed by the lack of an address, since apparently Barriss "lived in a shelter in South Los Angeles. Police there found him in a local library."

A Florida newspaper reports that their local police department is now doing what they can to right the situation. "Lt. J.R. Talamantez, cyber crimes investigator with the Panama City Beach police, said the department currently has two felony warrants issued for Barris' arrest and is providing the U.S. Attorney's Office with information... Talamantez said the end goal is to identify all victims of Barriss' calls and bring him to justice on all those incidents... "We just want to send a message that this isn't going to end with a slap on the wrist. The victims will see an appropriate punishment."


Debian 9.4 Released ( 78

An anonymous reader quotes The Debian project is pleased to announce the fourth update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems... Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.
Phoronix adds that Debian 9.4 "has a new upstream Linux kernel release, various dependency fixes for some packages, an infinite loop fix in Glade, several CVE security fixes, a larger stack size for NTP, a new upstream release of their NVIDIA proprietary driver package, Python 3 dependency fixes, and other security fixes."

Lawmakers Continue Fighting For Net Neutrality in the US Senate, Courts, and States ( 57

Here's the latest developments in the ongoing fight over net neutrality rules:
  • CNET reports that Democrats in the Senate "have been pushing to use the Congressional Review Act to roll back the FCC's repeal of net neutrality rules. They've gotten the support of 50 senators for the measure, including one Republican, Susan Collins of Maine. Sen. John Kennedy from Louisiana , who's been undecided in his support of the CRA bill, was being courted by Democrats as the tie-breaking vote to pass the measure in the Senate...

    "On Wednesday, Kennedy introduced a piece of legislation that would ban companies like AT&T and Comcast from slowing down or blocking access to websites or internet services. But the bill wouldn't prevent these broadband and wireless companies from offering paid prioritization, which many critics fear could lead to so-called internet 'fast lanes.'"
  • The Associated Press reports that on Monday, Washington became the first state to set up its own net-neutrality requirements. But they add that governors in five states -- Hawaii, New Jersey, New York, Montana and Vermont -- "have signed executive orders related to net-neutrality issues, according to the National Conference of State Legislatures. Montana's order, for instance, bars telecommunications companies from receiving state contracts if they interfere with internet traffic or favor higher-paying sites or apps."


Google Maps Apps Add 'Mario Kart' Feature ( 35

An anonymous reader quotes WLWT News: Starting Saturday, "Mario Time" will be available on the Google Maps app for iOS and Android, letting you drive around town with Mario as your guide, cruising the app in a go-kart similar to the iconic "Mario Kart" video game. When users launch the latest version of the app, the feature is activated by tapping a "?" beside the start button normally used to start navigation.
It includes sound effects -- "Woo-hoo! Let's-a go!" says Mario -- and will be available for the next week. It's to commemorate "Mario Day" -- Mar.10 -- that magical time of year one Portland newspaper has described as "the most manufactured of corporate holidays," on which Nintendo lowers the price on their Super Mario Run app and offers other discounts.

Massive DDOS Attacks Are Now Targeting Google, Amazon, and the NRA ( 121

PC Magazine reports: A new way to amplify DDoS attacks has been spotted harassing Google, Amazon, Pornhub and even the National Rifle Association's main website after striking Github last week. The attacks, which exploit vulnerable "memcached servers," have been trying to hose down scores of new targets with a flood of internet traffic, according to Chinese security firm Qihoo 360... Github was the first high-profile victim and suffered a 1.35 Tbps assault -- or what was then the biggest DDoS attack on record. But days later, an unnamed U.S. service provider fended off a separate assault, which measured at 1.7 Tbps. Unfortunately, the amplified DDoS attacks haven't stopped. They've gone on to strike over 7,000 unique IP addresses in the last seven days, Qihoo 360 said in a blog post... Gaming sites including,, and have been among those hit...

The security community is also steadily addressing the linchpin to all the assaults: the vulnerable memcached servers. About 100,000 of these online storage systems were publicly exposed over a week ago. But the server owners have since patched or firewalled about 60,000 of them, Radware security researcher Daniel Smith said. That leaves 40,000 servers open to exploitation. Smith points to how the coding behind the attack technique has started to circulate online through free tools and scripts.

Meanwhile, Slashdot reader darthcamaro shares an article about "the so-call 'kill switch'" that some vendors have been debating: "The 'kill switch' was immediately obvious to everyone who worked on mitigating this DDoS attack," John Graham-Cumming, CTO of CloudFlare said. "We chose not to use or test this method because it would be unethical and likely illegal since it alters the state of a remote machine without authorization."

SgxSpectre Attack Can Extract Data From Intel SGX Enclaves ( 28

An anonymous reader quotes BleepingComputer: A new variation of the Spectre attack has been revealed this week by six scientists from the Ohio State University. Named SgxSpectre, researchers say this attack can extract information from Intel SGX enclaves. Intel Software Guard eXtensions (SGX) is a feature of modern Intel processors that allow an application to create so-called enclaves. This enclave is a hardware-isolated section of the CPU's processing memory where applications can run operations that deal with extremely sensitive details, such as encryption keys, passwords, user data, and more... Neither Meltdown and Spectre were able to extract data from SGX enclaves. This is where SgxSpectre comes in.

According to researchers, SgxSpectre works because of specific code patterns in software libraries that allow developers to implement SGX support into their apps. Vulnerable SGX development kits include the Intel SGX SDK, Rust-SGX, and Graphene-SGX. Academics say an attacker can leverage the repetitive code execution patterns that these SDKs introduce in SGX enclaves and watch for small variations of cache size. This allows for side-channel attacks that allow a threat actor to infer and slowly recover data from secure enclaves.

Intel's recent Spectre patches don't necessarily help, as an attacker can work around these fixes. Intel says an update for the Intel SGX SDK that adds SgxSpectre mitigations will be released on March 16. Apps that implement Google's Retpoline anti-Spectre coding techniques are safe, researchers say.


Project Gutenberg Blocks German Users After Outrageous Court Ruling ( 265

Slashdot reader David Rothman writes: The oldest public domain publisher in the world, Project Gutenberg, has blocked German users after an outrageous legal ruling saying this American nonprofit must obey German copyright law... Imagine the technical issues for fragile, cash-strapped public domain organizations -- worrying not only about updated databases covering all the world's countries, but also applying the results to distribution. TeleRead carries two views on the German case involving a Holtzbrinck subsidiary...

Significantly, older books provide just a tiny fraction of the revenue of megaconglomerates like Holtzbrinck but are essential to students of literature and indeed to students in general. What's more, as illustrated by the Sonny Bono Copyright Term Extension Act in the U.S., copyright law in most countries tends to reflect the wishes and power of lobbyists more than it does the commonweal. Ideally the travails of Project Gutenberg will encourage tech companies, students, teachers, librarians and others to step up their efforts against oppressive copyright laws. While writers and publishers deserve fair compensation, let's focus more on the needs of living creators and less on the estates of authors dead for many decades. The three authors involved in the German case are Heinrich Mann (died in 1950), Thomas Mann (1955) and Alfred Döblin (1957).

One solution in the U.S. and elsewhere for modern creators would be national library endowments... Meanwhile, it would be very fitting for Google and other deep-pocketed corporations with an interest in a global Internet and more balanced copyright to help Gutenberg finance its battle. Law schools, other academics, educators and librarians should also offer assistance.


Elon Musk Changes 'Boring Company' Vision To Reward Cyclists and Pedestrians ( 152

"Remember Elon Musk's plan to dig a massive web of traffic-beating tunnels underneath Los Angeles...?" asks CNN. "Now, that plan appears to be getting a huge makeover." An anonymous reader quotes TechCrunch: While it will still focus on digging tunnels to provide a network of underground tubes suitable for use by high-speed Hyperloop pods, the plan now is to use that Hyperloop to transport pedestrians and cyclists first, and then only later to work on moving cars around underground to bypass traffic. Musk shared the update via Twitter, noting that the idea would be to load customers onto cars roughly the size that a single parking space takes up currently, [thousands of which] would be dotted around an urban environment close to any destinations where someone might travel. The single-car station model would be designed to replace the current subway-style model, Musk said, where only a few small stations are very spread out... This is a big departure from the original vision, and it seems like one that might have evolved after Musk and his collaborators on the project spoke to urban planners and transit authorities.
"If someone can't afford a car, they should go first," Musk posted on Twitter, sharing a new conceptual video where an elevator lowers one of these pedestrian- and cyclist-focussed shuttle pods underground.

TechCrunch says this new vision "would be appealing both to urban officials looking to decrease congestion on downtown roads and discourage personal vehicle use, and to anyone hoping to increase access to affordable transit options."

Reddit Admits Russian Trolls Got Into Website During 2016 Election ( 345

An anonymous reader quotes a report from VICE News: Reddit says it has identified and removed hundreds of Russian propaganda accounts, a few days after reports revealed that Russian trolls were active on the platform during the 2016 U.S. presidential election. In a post Monday, Reddit co-founder Steve Huffman said his site operators had been investigating for awhile and had found a few hundred accounts suspected to be of Russian origin or linked to known sources of Russian propaganda. "Of course, every account we find expands our search a little more," he said, also claiming the "vast majority" of the suspicious accounts were banned back in 2015-2016. An even bigger challenge was the problem of "indirect propaganda," where content produced by accounts now known to be Russian trolls was enthusiastically shared by Trump supporters on subreddits such as r/The_Donald. Reddit's investigation followed a report from The Daily Beast, based on leaked internal data from Kremlin-backed troll farm the Internet Research Agency, that confirmed Russian trolls were active on the site, as well as Tumblr, in their mission to spread disinformation, divide Americans and disrupt U.S. politics. The Washington Post reports that congressional investigators looking into the Russian issue intend to question Reddit and Tumblr over their involvement.

Scientists Unsure Where Chinese Space Station Will Crash To Earth 78

In 2016, the Chinese space agency lost control of its Tiangong-1, or Heavenly Palace, spacecraft, five years after it blasted into orbit. Scientists have determined that it will come crashing down to Earth in the coming weeks, be they do not know exactly where on Earth it will hit. The Guardian reports: The defunct module is now at an altitude of 150 miles and being tracked by space agencies around the world, with the European Space Agency's center in Darmstadt predicting a fiery descent for it between March 27 and April 8. Hurtling around the Earth at about 18,000mph, the module ranks as one of the larger objects to re-enter the atmosphere without being steered towards the ocean, as is standard for big and broken spacecraft, and cargo vessels that are jettisoned from the International Space Station (ISS), to reduce the risk to life below. The spacecraft's orbit ranges from 43 degrees north to 43 degrees south, which rules out a descent over the UK but includes vast stretches of North and South America, China, the Middle East, Africa, Australia, parts of Europe -- and great swaths of the Pacific and Atlantic oceans. Western analysts cannot be sure how much of the spacecraft will survive re-entry, because China has not released details of the design and materials used to make Tiangong-1. But the spacecraft may have well-protected titanium fuel tanks containing toxic hydrazine that could pose a danger if they land in populated areas.

FCC Accuses Stealthy Startup of Launching Rogue Satellites 128

Back in January, the FCC pulled permission from Silicon Valley startup Swarm Technologies to launch four satellites into space after what it says was an "apparent unauthorized launch." IEEE Spectrum reports that the unauthorized launch consisted of four experimental satellites that the FCC had decided were too small to be noticed in space -- and hence pose an unacceptable risk of collision -- but which the company may have launched anyway, using a rocket based in India. The federal regulator has since issued a letter to Swarm revoking its authorization for a follow-up mission to launch four new, larger versions of its "SpaceBee" satellites. From the report: Swarm was founded in 2016 by one engineer who developed a spacecraft concept for Google and another who sold his previous company to Apple. The SpaceBees were built as technology demonstrators for a new space-based Internet of Things communications network. Swarm believes its network could enable satellite communications for orders of magnitude less cost than existing options. It envisages the worldwide tracking of ships and cars, new agricultural technologies, and low cost connectivity for humanitarian efforts anywhere in the world. The four SpaceBees would be the first practical demonstration of Swarm's prototype hardware and cutting-edge algorithms, swapping data with ground stations for up to eight years.
The FCC told the startup that the agency would assess "the impact of the applicant's apparent unauthorized launch and operation of four satellites... on its qualifications to be a Commission licensee." If Swarm cannot convince the FCC otherwise, the startup could lose permission to build its revolutionary network before the wider world even knows the company exists. An unauthorized launch would also call into question the ability of secondary satellite "ride-share" companies and foreign launch providers to comply with U.S. space regulations.

Slashdot Top Deals