×
Security

New Traces of Hacking Team in the Wild (welivesecurity.com) 19

Previously unreported samples of Hacking Team's infamous surveillance tool -- the Remote Control System (RCS) -- are in the wild, and have been detected by ESET systems in fourteen countries. From a report: Our analysis of the samples reveals evidence suggesting that Hacking Team's developers themselves are actively continuing the development of this spyware. Since being founded in 2003, the Italian spyware vendor Hacking Team gained notoriety for selling surveillance tools to governments and their agencies across the world. The capabilities of its flagship product, the Remote Control System (RCS), include extracting files from a targeted device, intercepting emails and instant messaging, as well as remotely activating a device's webcam and microphone. The company has been criticized for selling these capabilities to authoritarian governments -- an allegation it has consistently denied. When the tables turned in July 2015, with Hacking Team itself suffering a damaging hack, the reported use of RCS by oppressive regimes was confirmed. With 400GB of internal data -- including the once-secret list of customers, internal communications, and spyware source code -- leaked online, Hacking Team was forced to request its customers to suspend all use of RCS, and was left facing an uncertain future.
Businesses

SXSW: No 'Hot Apps' Anymore But Still a Launchpad For Some Startups (axios.com) 28

South by Southwest is no longer the preferred launchpad for social apps, but it may be for others like Blue Duck, a San Antonio-based transportation company debuting its scooter service this weekend. From a report: Between Twitter's big breakout moment in 2007 and Meerkat's in 2015, SXSW has served as a great marketing opportunity for social apps. But that's ended as consumer trends have shifted and Hollywood and other consumer companies have taken over the festival. Standing outside the Austin Convention Center, co-founder Eric Bell tells me that he came up with the idea out of frustration with his local public transit, and he designed the scooters. For now, the company is self-funded, but he expects to soon raise outside funding.
Technology

Netflix's Secrets to Success: Six Cell Towers, Dubbing and More (variety.com) 78

Variety gets access to the people at Netflix who take care of the tech: Netflix has its own cell towers. Netflix wants to test its app running on mobile devices under a variety of conditions available around the world, so the company decided to bring the operating equipment of six cell towers to its Los Gatos offices. "Minus the towers," quipped Scott Ryder, the company's director of mobile streaming. The cell tower equipment is housed in the company's mobile device lab, where they are joined by a number of cabinets that look like fancy Netflix-themed fridges, but in reality are Faraday cage-like boxes to suppress any outside interference, and also make sure that those experimental cell towers don't mess up phone reception on the rest of the campus. Each of these boxes can house dozens of devices, and emulate certain mobile or Wi-Fi conditions. "We can make a box look like India, we can make a box look like the Netherlands," Ryder said. Altogether, Netflix runs over 125,000 tests in its mobile lab every single day.[...]

Netflix just re-encoded its entire catalog, again. To optimize videos for mobile viewing, Netflix recently re-encoded its entire catalog on a per-scene basis. "We segment the videos into shots, we analyze the video per shot," said the company's director of video algorithms Anne Aaron. Now, an action scene in a show may stream at a higher bit rate than a scene featuring a slow monologue -- and users with limited bandwidth are set to save a lot of data. A few years back, 4 GB of mobile data would get you just about 10 hours of Netflix video, said Aaron. Now, members can watch up to 26 hours while consuming the same amount of data. Netflix previously re-encoded its entire catalog on a per-title basis, which already allowed it to stream animated shows at much lower bitrates than action movies with a lot of visual complexity. The next step for the company will be to adopt AV1, an advanced video codec developed by an alliance of companies that also includes Apple, Amazon, and Google. Aaron said Netflix could start streaming in AV1 before the end of this year, with Chrome browsers likely being first in line to receive AV1 streams.

Privacy

MoviePass Wants To Gather a Whole Lot of Data About Its Users (fortune.com) 162

An anonymous reader writes: MoviePass CEO Mitch Lowe thinks his service's rapid growth will continue, projecting earlier this month that MoviePass will have 5 million subscribers by the end of 2018, and account for around 20% of all movie ticket purchases. But some of those future subscribers might be concerned about his company's tactics, which Lowe recently said includes tracking users' location before and after a trip to the movies. Lowe's comments, originally reported by Media Play News, were made at the Entertainment Finance Forum on March 2 in Hollywood. They came during a panel titled "Data is the New Oil: How Will MoviePass Monetize It?" Lowe's answer to that question, in part, was that "our bigger vision is to build a night at the movies," including by guiding users to a meal before or after seeing a film.

Lowe said that was possible because "we get an enormous amount of information. Since we mail you the card, we know your home address . . . we know the makeup of that household, the kids, the age groups, the income. It's all based on where you live. It's not that we ask that. You can extrapolate that. "Then," Lowe continued, "Because you are being tracked in your GPS by the phone . . . we watch how you drive from home to the movies. We watch where you go afterwards, and so we know the movies you watch. We know all about you. We don't sell that data. What we do is we use that data to market film."

Mars

Elon Musk: SpaceX's Mars Rocket Could Fly Short Flights By Next Year 144

On stage at SXSW, Elon Musk issued yet another incredibly ambitious timeline. During a Q&A session on Sunday, Musk said SpaceX will be ready to fly its Mars rocket in 2019. He said: We are building the first ship, or interplanetary ship, right now, and we'll probably be able to do short flights, short up and down flights, during the first half of next year. Further reading: Fortune.
AI

Elon Musk: The Danger of AI is Much Greater Than Nuclear Warheads. We Need Regulatory Oversight Of AI Development. (youtube.com) 322

Elon Musk has been vocal about the need for regulation for AI in the past. At SXSW on Sunday, Musk, 46, elaborated his thoughts. We're very close to seeing cutting edge technologies in AI, Musk said. "It scares the hell out of me," the Tesla and SpaceX showrunner said. He cited the example of AlphaGo and AlphaZero, and the rate of advancements they have shown to illustrate his point. He said: Alpha Zero can read the rules of any game and beat the human. For any game. Nobody expected that rate of improvement. If you ask those same experts who think AI is not progressing at the rate that I'm saying, I think you will find their betting average for things like Go and other AI advancements, is very weak. It's not good.

We will also see this with self driving. Probably by next year, self driving will encompass all forms of driving. By the end of next year, it will be at least 100 percent safer than humans. [...] The rate of improvements is really dramatic and we have to figure out some way to ensure that the advent of digital super intelligence is symbiotic with humanity. I think that's the single biggest existential crisis we face, and the most pressing one. I'm not generally an advocate of regulation -- I'm actually usually on the side of minimizing those things. But this is a case, where you have a very serious danger to the public. There needs to be a public body that has insight and oversight to ensure that everyone is developing AI safely. This is extremely important. The danger of AI is much greater than danger of nuclear warheads. By a lot.

Government

EPA's Science Advisory Board Has Not Met in 6 Months (scientificamerican.com) 212

The U.S. EPA Science Advisory Board has not met in at least six months, and some of its members say it's being sidelined to avoid getting in the way of agency Administrator Scott Pruitt's anti-regulatory agenda, Scientific American reported this week. From the report: Agency officials say the lapse isn't intentional and that it's just the result of delayed paperwork. That has prevented the group from meeting because there weren't enough members to make a quorum. The board, which typically has about 45 members, is tasked by Congress to evaluate the science used by EPA to craft policy. The full board has not met since August, nor has it had any conference calls or votes. In the past, members would have had multiple interactions during that time period, said William Schlesinger, a board member who is an emeritus professor of biogeochemistry at Duke University. "I guess the Science Advisory Board still exists; I guess I'm still on it," he said. "I think the answer is maybe they're giving it what we used to call the 'pocket veto': If you don't meet, then the scientists are not a pain, because they don't have a forum."

Submission + - Solving YouTube's Abusive Content Problems — via Crowdsoucing (vortex.com)

Lauren Weinstein writes: But we also know that the volume of videos in the uploading firehose is going to continue leaving very large numbers of abusive videos online that may quickly achieve high numbers of views, even if YT employed techniques that I’ve previously urged, such as human review of videos that are about to go onto the trending lists before they actually do so.

This scale of videos is enormous — yet the scale of viewing users is also very large.

Is there some way to leverage the latter to help deal with abusive content in the former, as a proactive effort to help keep government censorship of YT at bay?

Technology

Report Says Radioactive Monitors Failed at Nuclear Plant (apnews.com) 83

A new report says mistakes and mismanagement are to blame for the exposure of workers to radioactive particles at the Hanford Nuclear Reservation in Washington state. From the report: Contractor CH2M Hill Plateau Remediation on Thursday released its evaluation of what went wrong in December during demolition of the nuclear reservation's highly contaminated Plutonium Finishing Plant. The Tri-City Herald reports the study said primary radioactive air monitors used at a highly hazardous Hanford project failed to detect contamination. Then, when the spread of contamination was detected, the report said steps taken to contain it didn't fully work.

At least 11 Hanford workers checked since mid-December inhaled or ingested small amounts of radioactive particles. Private and government vehicles were contaminated with radioactive particles. The sprawling site in southeastern Washington contains more than 50 million gallons of radioactive and toxic wastes in underground storage tanks. It's owned by the U.S. Department of Energy, which hires private contractors to manage the cleanup work. Hanford was established during World War II and made the plutonium for the atomic bomb dropped on Nagasaki, Japan. The 560-square mile site also made most of the plutonium for the nation's nuclear arsenal during the Cold War.

Blackberry

Feds Bust CEO Allegedly Selling Custom BlackBerry Phones To Sinaloa Drug Cartel (vice.com) 115

An anonymous reader shares a Motherboard report: For years, a slew of shadowy companies have sold so-called encrypted phones, custom BlackBerry or Android devices that sometimes have the camera and microphone removed and only send secure messages through private networks. Several of those firms allegedly cater primarily for criminal organizations.Now, the FBI has arrested the owner of one of the most established companies, Phantom Secure, as part of a complex law enforcement operation, according to court records and sources familiar with the matter. "FBI are flexing their muscle," one source familiar with the secure phone industry, and who gave Motherboard specific and accurate details about the operation before it was public knowledge, said. Motherboard granted the sources in this story anonymity to talk about sensitive developments in the secure phone trade. The source said the Phantom operation was carried out in partnership with Canadian and Australian authorities.
Twitter

Twitter Suspends Numerous Popular Accounts That Are Known For Stealing Tweets (buzzfeed.com) 52

An anonymous reader shares a report: Continuing its battle against the "tweetdeckers," Twitter suspended on Friday several popular accounts known for stealing tweets or mass-retweeting tweets into manufactured virality. @Dory, @GirlPosts, @SoDamnTrue, Girl Code/@reiatabie, Common White Girl/@commonwhitegiri, @teenagernotes, @finah, @holyfag, and @memeprovider were among the accounts that got swept up in the purge. Many of these accounts were hugely popular, with hundreds of thousands or even millions of followers. In addition to stealing people's tweets without credit, some of these accounts are known as "tweetdeckers" due to their practice of teaming up in exclusive Tweetdeck groups and mass-retweeting one another's -- and paying customers' -- tweets into forced virality. A Twitter spokesperson declined to comment on individual accounts, but BuzzFeed News understands the accounts were suspended for violating Twitter's spam policy.
Ubuntu

Ubuntu Linux 18.04 'Bionic Beaver' Beta 1 Now Available For Download (betanews.com) 101

From a report: This week, Ubuntu Linux 18.04 'Bionic Beaver' Beta 1 became available for download. Ubuntu 18.04 is significant, as it will be an LTS (Long Term Support) version. As was the case when Unity was the primary DE, GNOME is not available in this beta stage. Instead, there are other flavors from which to choose, such as Kubuntu with KDE Plasma and Xubuntu, which uses Xfce.

"Pre-releases of the Bionic Beaver are not encouraged for anyone needing a stable system or anyone who is not comfortable running into occasional, even frequent breakage. They are, however, recommended for Ubuntu flavor developers and those who want to help in testing, reporting, and fixing bugs as we work towards getting this release ready. Beta 1 includes some software updates that are ready for broader testing. However, it is quite an early set of images, so you should expect some bugs," says Dustin Krysak, Ubuntu Budgie team member.

Science

Could This Bold New Technique Boost Gravitational-Wave Detection? (space.com) 32

Slashdot reader astroengine writes: One of the most expensive, complex and problematic components in gravitational wave detectors like the Laser Interferometer Gravitational-wave Observatory (LIGO) — which made the first, historic detection of these ripples in space-time in September 2015 — is the 4-kilometer-long vacuum chambers that house all the interferometer optics. But what if this requirement for ground-based gravitational wave detectors isn't required? This suggestion has been made by a pair of physicists at the University of Maryland, Baltimore County (UMBC) who are developing a method that could allow extremely sensitive interferometers to operate in the "open air."

Their work, published in the journal Physical Review Letters, uses the weird quantum properties of light to counteract interference from turbulence in the air to allow interferometer measurements to be made. Their method, which is a variation on the classic Young's double-slit experiment, has been demonstrated in a tabletop experiment — but gravitational wave scientists are skeptical that it could be scaled up to remove sophisticated vacuums from their detectors.

Government

Are The Alternatives Even Worse Than Daylight Saving Time? (chron.com) 322

The New York Times notes an important caveat to Florida's recently-approved law observing daylight savings time year-round: it specifies that their change will only go into effect if "the United States Congress amends 15 U.S.C. s. 260a to authorize states to observe daylight saving time year-round."

"In other words: Even if the governor signs the bill, nothing will happen now... States can choose to exempt themselves from daylight saving time -- Arizona and Hawaii do -- but nothing in federal law allows them to exempt themselves from standard time." Meanwhile one California legislator exploring the idea of year-round standard time discovered that "youth sports leagues and families worried that a year-round early sunset would shut down their kids' after-school games." But the Times also acknowledges problems in the current system. "In parts of Maine, for example, between Thanksgiving and Christmas, the sun sets before 4 p.m. -- more than an hour earlier than it does in Detroit, at the other end of the Eastern time zone." So is there a better alternative?

An anonymous reader quotes Business Insider: Standardtime.com has a unique suggestion. Their proposal has only two time zones in the continental U.S. that are two hours apart, which The Atlantic calls "a simple plan to fix [DST]"... Johns Hopkins University professors Richard Henry and Steven Hanke have come up with yet another possible fix: worldwide adoption of a single time zone. They argue that the internet has eliminated the need for discrete time zones across the globe, so we might as well just do away with them...

No plan will satisfy everyone. But that doesn't mean daylight-saving time is good. The absence of major energy-saving benefits from DST -- along with its death toll, health impacts, and economic ramifications -- are reason enough to get rid of the ritual altogether.

The article associates Daylight Saving Time with "a spike in heart attacks, increased numbers of work injuries, automobile accidents, suicides, and more." And in addition, it also blames DST for an increased use of gasoline and air conditioners -- adding that it will also "rob humanity of billions of hours of sleep like an evil spacetime vampire."
Hardware Hacking

ESR's Newest Project: An Open Hardware/Open Source UPS (ibiblio.org) 232

An anonymous reader writes: Last month Eric S. Raymond complained about his choices for a UPS (Uninterruptible Power Supply), adding that "This whole category begs to be disrupted by an open-hardware [and open-source] design that could be assembled cheaply in a makerspace from off-the-shelf components, an Arduino-class microcontroller, and a PROM...because it's possible, and otherwise the incentives on the vendors won't change." It could be designed to work with longer-lasting and more environmentally friendly batteries, using "EV-style intelligent battery-current sensors to enable accurate projection of battery performance" (along with a text-based alert system and a USB monitoring port).

Calling the response "astonishing," Raymond noted the emergence within a week of "the outlines of a coherent design," and in an update on GitLab reported that "The response on my blog and G+ was intense, almost overwhelming. It seems many UPS users are unhappy with what the vendors are pushing" -- and thus, the UPSide project was launched. "We welcome contributors: people with interest in UPSes who have expertise in battery technology, power-switching electronics, writing device-control firmware, relevant standards such as USB and the DMTF battery-management profile. We also welcome participation from established UPS and electronics vendors. We know that consumer electronics is a cutthroat low-margin business in which it's tough to support a real R&D team or make possibly-risky product bets. Help us, and then let us help you!"

There's already a Wiki with design documents -- plus a process document -- and Raymond says the project now even has a hardware lead with 30 years experience as a power and signals engineer, plus "a really sharp dev group. Half a dozen experts have shown up to help spec this thing, critique the design docs, and explain EE things to ignorant me." And he's already touting "industry participation! We have a friendly observer who's the lead software architect for one of the major UPS vendors." Earlier Raymond identified his role as "basically, product manager -- keeper of the requirements list and recruiter of talent" -- though he admits on his blog that he's already used a "cute hack" to create a state/action diagram for the system, "by writing a DSL to generate code in another DSL and provably correct equivalent C application logic."

He adds to readers of the blog that if that seems weird to you, "you must be new here."

Slashdot Top Deals