Businesses

Apple Prepares 'Apple Pay' Credit Card To Offset Slowing iPhone Sales (marketwatch.com) 85

An anonymous reader quotes the Wall Street Journal: Apple and Goldman Sachs are preparing to launch a new joint credit card, a move that would deepen the technology giant's push into its customers' wallets and mark the Wall Street firm's first foray into plastic. The planned card would carry the Apple Pay brand and could launch early next year, people familiar with the matter said...

As new iPhone sales growth slows, Apple is focusing on services such as mobile payments, streaming-music subscriptions, and App Store sales. Apple Pay, which generates revenue on each transaction, is a key contributor, but adoption has been slower than executives hoped... Apple could take a larger cut of mobile payments from the card if it is used for purchases, the person said. Currently, when a consumer pays for a purchase using the digital wallet on the iPhone -- regardless of what credit card the customer charges -- Apple receives 0.15% per transaction. Apple could more than double that under the agreement with Goldman, one of the people said.

The deal also reportedly includes having Goldman Sachs offer loans to customers at the Apple Store.
Power

Days After A Fiery Crash, a Tesla's Battery Keeps Reigniting (mercurynews.com) 302

An anonymous reader quotes the Mercury News Six days after a fiery crash on Highway 101 involving a Tesla Model X took the life of a 38-year-old San Mateo man, the car's high-voltage lithium-ion battery re-ignited while sitting in a tow yard, according to the Mountain View Fire Department... The battery reignited twice in the storage yard within a day of the accident and again six days later on March 29. Two weeks later, in an effort to avoid more fires, the NTSB and Tesla performed a battery draw down to fully de-energize it...

On the company website, Tesla wrote "the reason this crash was so severe is that the crash attenuator, a highway safety barrier which is designed to reduce the impact into a concrete lane divider, had either been removed or crushed in a prior accident without being replaced. We have never seen this level of damage to a Model X in any other crash"... Tesla also reported that the vehicle's autopilot function was active at the time of the crash...

The National Transportation Safety Board is investigating the Highway 101 crash and three other accidents also involving Teslas, including a fiery 2014 Model S crash Tuesday in Florida that killed two teenagers. Also under investigation: A Model S crashed into a fire truck near Culver City in January, and the driver reportedly said Autopilot was engaged at the time. And it is looking into a battery fire of a Model X that drove into a home's garage in Lake Forest in August.

Two hours after that story was published, a Tesla smashed into a Starbucks in Los Gatos, California.
Chrome

Malicious Chrome Extensions Infect Over 100,000 Users Again (arstechnica.com) 39

An anonymous reader quotes Ars Technica: Criminals infected more than 100,000 computers with browser extensions that stole login credentials, surreptitiously mined cryptocurrencies, and engaged in click fraud. The malicious extensions were hosted in Google's official Chrome Web Store. The scam was active since at least March with seven malicious extensions known so far, researchers with security firm Radware reported Thursday. Google's security team removed five of the extensions on its own and removed two more after Radware reported them. In all, the malicious add-ons infected more than 100,000 users, at least one inside a "well-protected network" of an unnamed global manufacturing firm, Radware said...

The extensions were being pushed in links sent over Facebook that led people to a fake YouTube page that asked for an extension to be installed. Once installed, the extensions executed JavaScript that made the computers part of a botnet. The botnet stole Facebook and Instagram credentials and collected details from a victim's Facebook account. The botnet then used that pilfered information to send links to friends of the infected person. Those links pushed the same malicious extensions. If any of those friends followed the link, the whole infection process started all over again. The botnet also installed cryptocurrency miners that mined the monero, bytecoin, and electroneum digital coins.

Businesses

Symantec Stock Tanks After Announcing An Internal Probe (cnet.com) 34

An anonymous reader quotes CNET: Symantec shares plummeted roughly 20% on Thursday after the antivirus maker warned an internal investigation could delay its annual report. The plunge followed news that the audit committee of Symantec's board had launched an internal investigation into undescribed concerns raised by a former employee. The probe is being aided by independent counsel and other advisers, the company said in its fiscal fourth-quarter earnings report. Symantec said it had informed the US Securities and Exchange Commission of the probe and intends to share information collected during the investigation with the commission.
CRN reports that the investigation "is not tied to any security concern or breach around Symantec's products or systems, Cynthia Hiponia, vice president of investor relations, said during the company's earnings call Thursday."
Social Networks

Klout's Score Drops to Zero as It Announces Plans to Close Down (gizmodo.com) 44

Once upon a time, Klout had 100 million users, Gizmodo reports. But now... You probably haven't experienced the crippling anxiety of thinking about increasing your Klout score in quite some time. As of May 25, you won't have ever have to do it again. On Thursday, the social ranking company announced to its 708,000 Twitter followers (meh) that it will be shutting down.

Klout was founded in 2008 as a way for social media users to gauge their "influence." Through some algorithmic voodoo the service would snoop through your social media presence and spit out your "Klout Score" -- a number between 1 and 100 that determined how much you are worth as a social human being.

Lithium Technologies (Klout's parent company) annouced that their acquisition "provided Lithium with valuable artificial intelligence (AI) and machine learning capabilities but Klout as a standalone service is not aligned with our long-term strategy."

But Lithium also announced plans to launch "a new social impact scoring methodology based on Twitter" sometime in the future.
Google

Does Gmail's New 'Confidential Mode' Make It Easier to Phish? (vortex.com) 82

Gmail's new confidential mode lets its users create "expiration dates" for emails, or require recipients to provide an SMS passcode. (And Google also claims they've removed the option to forward, copy, download or print messages.)

But Slashdot reader Lauren Weinstein warns that Google is also opening up a new vector for phishing emails: The problem arises since non-Gmail users cannot directly receive Gmail confidential mode messages. Instead...when a Gmail user wants to send a non-Gmail user such a message, the non-Gmail user is instead sent a link, that when clicked takes them to Google's servers where they can read the confidential mode message in their browser.

The potential risks for any service that operates in this way are obvious. Those of us working on Internet security and privacy have literally spent many years attempting to train users to avoid clicking on "to read the message, click here" links in emails that they receive. Criminals have simply become too adept at creating fraudulent emails that lead to phishing and malware sites.

Space

'Yes, Pluto Is a Planet' (sfgate.com) 301

schwit1 quotes a Washington Post perspective piece by the authors of a new book about Pluto: The process for redefining planet was deeply flawed and widely criticized even by those who accepted the outcome. At the 2006 IAU conference, which was held in Prague, the few scientists remaining at the very end of the week-long meeting (less than 4 percent of the world's astronomers and even a smaller percentage of the world's planetary scientists) ratified a hastily drawn definition that contains obvious flaws. For one thing, it defines a planet as an object orbiting around our sun -- thereby disqualifying the planets around other stars, ignoring the exoplanet revolution, and decreeing that essentially all the planets in the universe are not, in fact, planets.

Even within our solar system, the IAU scientists defined "planet" in a strange way, declaring that if an orbiting world has "cleared its zone," or thrown its weight around enough to eject all other nearby objects, it is a planet. Otherwise it is not. This criterion is imprecise and leaves many borderline cases, but what's worse is that they chose a definition that discounts the actual physical properties of a potential planet, electing instead to define "planet" in terms of the other objects that are -- or are not -- orbiting nearby. This leads to many bizarre and absurd conclusions. For example, it would mean that Earth was not a planet for its first 500 million years of history, because it orbited among a swarm of debris until that time, and also that if you took Earth today and moved it somewhere else, say out to the asteroid belt, it would cease being a planet.

To add insult to injury, they amended their convoluted definition with the vindictive and linguistically paradoxical statement that "a dwarf planet is not a planet." This seemingly served no purpose but to satisfy those motivated by a desire -- for whatever reason -- to ensure that Pluto was "demoted" by the new definition. By and large, astronomers ignore the new definition of "planet" every time they discuss all of the exciting discoveries of planets orbiting other stars.

Australia

Australia To Ban Cash Purchases Over $10,000 (theguardian.com) 272

Long-time Slashdot reader skegg writes: Last night was federal budget night in Australia, and one of the announcements means Australians will face a crackdown on cash-in-hand payments in an attempt by the government to reduce money laundering and tax evasion. The government has turned its attention to the "black economy" in an attempt to raise billions of extra dollars and intends to limit cash payments for purchase goods and services to $10,000.
The financial services minister argues that currently the status quo "gives some businesses an unfair competitive advantage."
GNU is Not Unix

Richard Stallman Demands Return Of Abortion Joke To libc Documentation (theregister.co.uk) 522

An anonymous reader quotes The Register: Late last month, open-source contributor Raymond Nicholson proposed a change to the manual for glibc, the GNU implementation of the C programming language's standard library, to remove "the abortion joke," which accompanied the explanation of libc's abort() function... The joke, which has been around since the 1990s and is referred to as a censorship joke by those supporting its inclusion, reads as follows:

25.7.4 Aborting a Program... Future Change Warning: Proposed Federal censorship regulations may prohibit us from giving you information about the possibility of calling this function. We would be required to say that this is not an acceptable way of terminating a program.

On April 30, the proposed change was made, removing the passage from the documentation. That didn't sit well with a number of people involved in the glibc project, including the joke's author, none other than Free Software Foundation president and firebrand Richard Stallman, who argued that the removal of the joke qualified as censorship... Carlos O'Donnell, a senior software engineer at Red Hat, recommended avoiding jokes altogether, a position supported by many of those weighing in on the issue. Among those voicing opinions, a majority appears to favor removal.

But in a post to the project mailing list, Stallman wrote "Please do not remove it. GNU is not a purely technical project, so the fact that this is not strictly and grimly technical is not a reason to remove this." He added later that "I exercise my authority over glibc very rarely -- and when I have done so, I have talked with the official maintainers. So rarely that some of you thought that you are entirely autonomous. But that is not the case. On this particular question, I made a decision long ago and stated it where all of you could see it."

The Register reports that "On Monday, the joke was restored by project contributor Alexandre Oliva, having taken Stallman's demand as approval to do so."
Encryption

Lawmakers Move To Block Government From Ordering Digital 'Back Doors' (thehill.com) 87

A bipartisan group of House lawmakers have introduced legislation that would block the federal government from requiring technology companies to design devices with so-called "back doors" to allow law enforcement to access them. From a report: The bill represents the latest effort by lawmakers in Congress to wade into the battle between federal law enforcement officials and tech companies over encryption, which reached a boiling point in 2015 as the FBI tussled with Apple over a locked iPhone linked to the San Bernardino terror attack case.

Top FBI and Justice Department officials have repeatedly complained that they have been unable to access devices for ongoing criminal investigations because of encryption. FBI Director Christopher Wray has suggested that devices could be designed to allow investigators to access them, though he insists the bureau is not looking for a "back door." The bipartisan bill introduced Thursday would prohibit federal agencies from requiring or requesting that firms "design or alter the security functions in its product or service to allow the surveillance of any user of such product or service, or to allow the physical search of such product" by the government.

AI

The White House Has Set Up a Task Force To Help Further the Country's AI Development (theverge.com) 43

The White House has set up a new task force dedicated to US artificial intelligence efforts, the Trump administration announced today during an event with technology executives, government leaders, and AI experts. From a report: The news and the event, which was organized by the federal government, are both moves to further the country's AI development, as other regions like Europe and Asia ramp up AI investment and R&D as well. The administration will be further investing in AI, deputy CTO of the White House's Office of Science and Technology Policy Michael Kratsios said at the event.

"To realize the full potential of AI for the American people, it will require the combined efforts of industry, academia, and government," Kratsios said, according to FedScoop. According to the Trump administration, the federal government has increased its investment in unclassified R&D for AI by 40 percent since 2015. In his speech, Kratsios highlighted ways the US could improve AI advancement, such as robotics startups in Pittsburgh that are models for how to spur job growth in areas hurt by workplace automation. Startups like those now hire engineers, scientists, bookkeepers, and administrators, he said, and are evidence that AI does not necessarily mean massive unemployment is on the horizon.
Further reading: The White House says a new AI task force will protect workers and keep America first (MIT Tech Review).
Security

26% of Companies Ignore Security Bugs Because They Don't Have the Time to Fix Them (bleepingcomputer.com) 90

Catalin Cimpanu, writing for BleepingComputer: A survey compiled last month at the RSA security conference reveals that most companies are still behind with proper security practices, and some of them even intentionally ignore security flaws for various reasons ranging from lack of time to lack of know-how. The survey, which compiled answers from 155 security professionals from the companies present at the RSA conference, revealed that only 47% of organizations patch vulnerabilities as soon as they are known. Most worrisome is that some companies wait quite some time before applying patches, exposing their IT infrastructure to attacks. More precisely, 16% wait for one month, while 8% said they only apply patches once or twice a year.
AI

Siri, Alexa, and Google Assistant Can Be Controlled By Inaudible Commands (venturebeat.com) 100

Apple's Siri, Amazon's Alexa, and Google's Assistant were meant to be controlled by live human voices, but all three AI assistants are susceptible to hidden commands undetectable to the human ear, researchers in China and the United States have discovered. From a report: The New York Times reports today that the assistants can be controlled using subsonic commands hidden in radio music, YouTube videos, or even white noise played over speakers, a potentially huge security risk for users. According to the report, the assistants can be made to dial phone numbers, launch websites, make purchases, and access smart home accessories -- such as door locks -- at the same time as human listeners are perceiving anything from completely different spoken text to recordings of music.

In some cases, assistants can be instructed to take pictures or send text messages, receiving commands from up to 25 feet away through a building's open windows. Researchers at Berkeley said that they can modestly alter audio files "to cancel out the sound that the speech recognition system was supposed to hear and replace it with a sound that would be transcribed differently by machines while being nearly undetectable to the human ear."

IBM

IBM Bans Staff From Using Removable Storage Devices (theregister.co.uk) 167

An anonymous reader shares a report: In an advisory to employees, IBM global chief Information security officer Shamla Naidoo said the company "is expanding the practise of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive)." The advisory stated some pockets of IBM have had this policy for a while, but "over the next few weeks we are implementing this policy worldwide." Big Blue's doing this because "the possible financial and reputational damage from misplaced, lost or misused removable portable storage devices must be minimised." IBMers are advised to use Big Blue's preferred sync 'n' share service to move data around.
Google

Google Executive Addresses Horrifying Reaction To Uncanny AI Tech (bloomberg.com) 205

The most talked-about product from Google's developer conference earlier this week -- Duplex -- has drawn concerns from many. At the conference Google previewed Duplex, an experimental service that lets its voice-based digital assistant make phone calls and write emails. In a demonstration on stage, the Google Assistant spoke with a hair salon receptionist, mimicking the "ums" and "hmms" pauses of human speech. In another demo, it chatted with a restaurant employee to book a table. But outside Google's circles, people are worried; and Google appears to be aware of the concerns. From a report: "Horrifying," Zeynep Tufekci, a professor and frequent tech company critic, wrote on Twitter about Duplex. "Silicon Valley is ethically lost, rudderless and has not learned a thing." As in previous years, the company unveiled a feature before it was ready. Google is still debating how to unleash it, and how human to make the technology, several employees said during the conference. That debate touches on a far bigger dilemma for Google: As the company races to build uncanny, human-like intelligence, it is wary of any missteps that cause people to lose trust in using its services.

Scott Huffman, an executive on Google's Assistant team, said the response to Duplex was mixed. Some people were blown away by the technical demos, while others were concerned about the implications. Huffman said he understands the concerns. Although he doesn't endorse one proposed solution to the creepy factor: Giving it an obviously robotic voice when it calls. "People will probably hang up," he said.

[...] Another Google employee working on the assistant seemed to disagree. "We don't want to pretend to be a human," designer Ryan Germick said when discussing the digital assistant at a developer session earlier on Wednesday. Germick did agree, however, that Google's aim was to make the assistant human enough to keep users engaged. The unspoken goal: Keep users asking questions and sharing information with the company -- which can use that to collect more data to improve its answers and services.

China

Young Chinese Are Sick of Working Long Hours (bbc.com) 190

Young professionals in China are pushing back against employers who expect them to work around the clock, saying no to the decades old "rule of 996" -- working from 9am to 9pm six days a week. From a report: At the forefront are millennials who are often better educated, more aware of their rights and more interested in finding something fulfilling than the previous generation. And as only children (China's one-child policy wasn't eased until 2015), they are also outspoken and pampered. "In my experience young people, especially the post-90s generation, are reluctant to work overtime -- they are more self-centered," says labour rights expert Li Jupeng, one of many who have observed some millennials challenging the 996 concept.

The relative affluence of their parents and grandparents is part of the reason. China's rapid economic transformation has given rise to a sizeable middle class, with almost 70% of the country's urban population making between $9,000 and $34,000 annually in 2012. In 2000, that figure was just 4%. As only children, millennials are receiving a lot of support from their families -- including a financial safety net should their careers not go as planned. Although their options for pushing back are limited, some are no longer willing to put in long hours for a meagre paycheck.

Security

Researchers Say a Breathalyzer Has Flaws, Casting Doubt On Countless Convictions (zdnet.com) 170

An anonymous reader writes: The source code behind a police breathalyzer widely used in multiple states -- and millions of drunk driving arrests -- is under fire. It's the latest case of technology and the real world colliding -- one that revolves around source code, calibration of equipment, two researchers and legal maneuvering, state law enforcement agencies, and Draeger, the breathalyzer's manufacturer. This most recent skirmish began a decade ago when Washington state police sought to replace its aging fleet of breathalyzers. When the Washington police opened solicitations, the only bidder, Draeger, a German medical technology maker, won the contract to sell its flagship device, the Alcotest 9510, across the state. But defense attorneys have long believed the breathalyzer is faulty. Jason Lantz, a Washington-based defense lawyer, enlisted a software engineer and a security researcher to examine its source code. The two experts wrote in a preliminary report that they found flaws capable of producing incorrect breath test results. The defense hailed the results as a breakthrough, believing the findings could cast doubt on countless drunk-driving prosecutions.
Businesses

FCC Says Net Neutrality Rules Will End On June 11 (reuters.com) 103

The Federal Communications Commission said in a notice Thursday that landmark 2015 U.S. open-internet rules will cease on June 11. From a report: The FCC in December repealed the Obama-era "net neutrality" rules, allowing internet providers to block or slow websites as long as they disclose the practice. The FCC said the new rules will take effect 30 days from Friday. An FCC spokeswoman confirmed the new rules will take effect on June 11. A group of states and others have sued to try to block the new rules from taking effect. The revised rules were a win for internet service providers like AT&T and Comcast but are opposed by internet firms like Facebook and Alphabet.
Businesses

Apple Scraps $1 Billion Irish Data Center Over Planning Delays (reuters.com) 197

Apple ditched plans to build an 850 million euro ($1 billion) data center in Ireland because of delays in the approval process that have stalled the project for more than three years, the iPhone maker said on Thursday. From a report: Apple announced plans in February 2015 to build the facility in the rural western town of Athenry to take advantage of green energy sources nearby, but a series of planning appeals, chiefly from two individuals, delayed its approval. Ireland's High Court ruled in October that the data center could proceed, dismissing the appellants who then took their case to the country's Supreme Court.
Businesses

ZTE Shuts Down Main Business Operations After US Ban (techcrunch.com) 134

An anonymous reader quotes a report from TechCrunch: ZTE wasn't kidding around when it suggested that a U.S. Department of Commerce order would "severely impact" its survival. It's hard to image a successful path around the seven-year ban on the sale of U.S. products to the company imposed after it reportedly failed to sufficiently reprimand staff for flouting Iranian sanctions. Earlier today, in fact, the Chinese smartphone/telecom manufacturer announced that it had ceased its main business operations as it attempts to figure out the best way forward. "As a result of the Denial Order, the major operating activities of the company have ceased," the company wrote in an exchange filing spotted by Reuters. "As of now, the company maintains sufficient cash and strictly adheres to its commercial obligations subject in compliance with laws and regulations."
Power

Supercomputers Are Driving a Revolution In Hurricane Forecasting (arstechnica.com) 66

Ars Technica's Eric Berger reports of how dramatic increases in computer power have helped improve the accuracy of hurricane forecasts: Based upon new data from the National Hurricane Center for hurricanes based in the Atlantic basin, the average track error for a five-day forecast fell to 155 nautical miles in 2017. That is, the location predicted by the hurricane center for a given storm was just 155 nautical miles away from the actual position of the storm five days later. What is incredible about this is that, back in 1998, this was the average error for a two-day track forecast. In fact, the annual "verification" report released Wednesday shows that for the hyperactive 2017 Atlantic hurricane season -- which included the devastating hurricanes Harvey, Irma, and Maria -- the National Hurricane Center set records for track forecasts at all time periods: 12-hour, 24-hour, and two-, three-, four- and five-day forecasts.
Space

One of the Milky Way's Fastest Stars Is an Invader From Another Galaxy (sciencemag.org) 92

sciencehabit writes from a report via Science Magazine: On April 25, the European Space Agency released a data set gathered by the Gaia satellite containing the motions, and much more, of 1.3 billion stars. Astronomers have immediately sifted the data for fast-moving stars. They are prized as forensic tools: When rewound, their trajectories point back to the violent events that launched them. Last week, one team reported the discovery of three white dwarfs -- the dying embers of sunlike stars -- hurtling through the galaxy at thousands of kilometers per second, perhaps flung out from supernovae explosions. Another group reported more than two dozen fast-moving stars, some apparently kicked out by our galaxy's central black hole. And a third has confirmed that a star blazing through the outskirts of the Milky Way actually hails from another galaxy altogether, the Large Magellanic Cloud. The flood of discoveries has sent astronomers racing to their telescopes to check and classify the swift objects, says Harvard University astronomer James Guillochon. The findings have been reported in the journal Science.

Slashdot Top Deals