Privacy

Sweden Accidentally Leaks Personal Details of Nearly All Citizens (thehackernews.com) 6

An anonymous reader quotes a report from The Hacker News: Swedish media is reporting of a massive data breach in the Swedish Transport Agency (Transportstyrelsen) after the agency mishandled an outsourcing deal with IBM, which led to the leak of the private data about every vehicle in the country, including those used by both police and military. The data breach exposed the names, photos and home addresses of millions of Swedish citizen, including fighter pilots of Swedish air force, members of the military's most secretive units, police suspects, people under the witness relocation program, the weight capacity of all roads and bridges, and much more. The incident is believed to be one of the worst government information security disasters ever.

In 2015, the Swedish Transport Agency hand over IBM an IT maintenance contract to manage its databases and networks. However, the Swedish Transport Agency uploaded IBM's entire database onto cloud servers, which covered details on every vehicle in the country, including police and military registrations, and individuals on witness protection programs. The transport agency then emailed the entire database in messages to marketers that subscribe to it. And what's terrible is that the messages were sent in clear text. When the error was discovered, the transport agency merely thought of sending a new list in another email, asking the subscribers to delete the old list themselves.

Businesses

Fact-checking and Rumor-dispelling Site Snopes.com Held Hostage By vendor (savesnopes.com) 135

Snopes.com, which began as a small one-person effort in 1994 and has since become one of the Internet's oldest and most popular fact-checking sites, is in danger of closing its doors. From a report: Since our inception, we have always been a self-sustaining site that provides a free service to the online world: we've had no sponsors, no outside investors or funding, and no source of revenue other than that provided by online advertising. Unfortunately, we have been cut off from our historic source of advertising income. We had previously contracted with an outside vendor to provide certain services for Snopes.com. That contractual relationship ended earlier this year, but the vendor will not acknowledge the change in contractual status and continues to essentially hold the Snopes.com web site hostage. Although we maintain editorial control (for now), the vendor will not relinquish the site's hosting to our control, so we cannot modify the site, develop it, or -- most crucially -- place advertising on it. The vendor continues to insert their own ads and has been withholding the advertising revenue from us. Our legal team is fighting hard for us, but, having been cut off from all revenue, we are facing the prospect of having no financial means to continue operating the site and paying our staff (not to mention covering our legal fees) in the meanwhile.
Businesses

Push Notifications From Popular Apps Are Becoming Increasingly Useless And Annoying (wired.com) 114

David Pierce, writing for Wired: Push notifications are ruining my life. Yours too, I bet. Download more than a few apps and the notifications become a non-stop, cacophonous waterfall of nonsense. Here's just part of an afternoon on my phone:
"Hi David! We found new Crown jewels and Bottle caps Pins for you!"
"Everyone's talking about Bill Nye's new book, Everything All at Once. Read a free sample."
"Alex just posted for the first time in a while."
I get notifications when an acquaintance comments on a stranger's Facebook posts, when shows I don't care about come to Netflix, and every single day at 6 PM when the crossword puzzle becomes available. Recently, I got a buzz from my close personal friends at Yelp. "We found a hot new business for you," it said. I opened the notification, on the off chance that Yelp had finally found the hot new business I've been waiting for. It did not. So I closed Yelp, stared into space for a second, and then opened Instagram. Productivity over. Over the last few years, there's been an increasingly loud call for a re-evaluation of the relationship between humans and smartphones. For all the good that phones do, their grip on our eyes, ears, and thoughts creates real and serious problems. "I know when I take [technology] away from my kids what happens," Tony Fadell, a former senior VP at Apple who helped invent both the iPod and the iPhone, said in a recent interview. "They literally feel like you're tearing a piece of their person away from them. They get emotional about it, very emotional. They go through withdrawal for two to three days." Smartphones aren't the problem. It's all the buzzing and dinging, endlessly calling for your attention.

Businesses

Unemployment in the UK is Now So Low It's in Danger of Exposing the Lie Used To Create the Numbers (businessinsider.com) 182

Unemployment in Britain is now just 4.5 percent. There are only 1.49 million unemployed people in the UK, versus 32 million people with jobs. This is almost unheard of. Unemployment was most recently this low in December 1973, when the UK set an unrepeated record of just 3.4 percent. From a report: The problem with this record is that the statistical definition of "unemployment" relies on a fiction that economists tell themselves about the nature of work. As the rate gets lower and lower, it tests that lie. Because -- as anyone who has studied basic economics knows -- the official definition of unemployment disguises the true rate. In reality, about 21.5 percent of all working-age people (defined as ages 16 to 64) are without jobs, or 8.83 million people, according to the Office for National Statistics. That's more than four times the official number. For decades, economists have agreed on an artificial definition of what unemployment means. Their argument is that people who are taking time off, or have given up looking for work, or work at home to look after their family, don't count as part of the workforce.
Security

Mysterious Mac Malware Has Infected Hundreds of Victims For Years (vice.com) 60

An anonymous reader shares a report: A mysterious piece of malware has been infecting hundreds of Mac computers for years -- and no one noticed until a few months ago. The malware is called "FruitFly," and one of its variants, "FruitFly 2" has infected at least 400 victims over the years. FruitFly 2 is intriguing and mysterious: its goals, who's behind it, and how it infects victims, are all unknown. Earlier this year, an ex-NSA hacker started looking into a piece of malware he described to me as "unique" and "intriguing." It was a slightly different strain of a malware discovered on four computers earlier this year by security firm Malwarebytes, known as "FruitFly." This first strain had researchers scratching their heads. On the surface, the malware seemed "simplistic." It was programmed mainly to surreptitiously monitor victims through their webcams, capture their screens, and log keystrokes. But, strangely, it went undetected since at least 2015. There was no indication of who could be behind it, and it contained "ancient" functions and "rudimentary" remote control capabilities, Malwarebytes's Thomas Reed wrote at the time.
Businesses

Pittsburgh Gets a Tech Makeover (nytimes.com) 31

An anonymous reader shares a report: In 2015, Monocle magazine, a favorite read of the global hipsterati, published an enthusiastic report on Lawrenceville, the former blue-collar neighborhood here filled with cafes, hyped restaurants and brick rowhouses being renovated by flippers. Last year, in a much-publicized development, Uber began testing self-driving cars on the streets, putting this city at the forefront of the autonomous-vehicle revolution. Also last year, in a less publicized development, Jean Yang, 30, returned to this city after more than a decade of living in Boston, finding a Pittsburgh she hardly recognized from her 1990s childhood. And four months ago, Caesar Wirth, a 28-year-old software engineer, moved from Tokyo to work for a local tech start-up, Duolingo. These seemingly unrelated events have one thing in common: Carnegie Mellon University's School of Computer Science. Much has been made of the "food boom" in Pittsburgh, and the city has long had a thriving arts scene. But perhaps the secret, underlying driver for both the economy and the cool factor -- the reason Pittsburgh now gets mentioned alongside Brooklyn and Portland, Ore., as an urban hot spot for millennials -- isn't chefs or artists but geeks. In a 2014 article in The Pittsburgh Post-Gazette, Mayor Bill Peduto compared Carnegie Mellon, along with the University of Pittsburgh, to the iron ore factories that made this city an industrial power in the 19th century. The schools are the local resource "churning out that talent" from which the city is fueled. Because of the top students and research professors at Carnegie Mellon, tech companies like Apple, Facebook, Google and Uber have opened offices here. The big tech firms, along with their highly skilled, highly paid workers, have made Pittsburgh younger and more international and helped to transform once-derelict neighborhoods like Lawrenceville and East Liberty. Indeed, East Liberty has become something of a tech hub, said Luis von Ahn, the co-founder and chief executive of Duolingo, a language-learning platform company with its headquarters in that neighborhood. Google Pittsburgh, with its more than 500 employees, also has part of its offices in East Liberty, as does AlphaLab, a start-up accelerator.
Transportation

Uber Takes Inspiration From Its Indian Rival, Plans To Introduce an Infotainment System in Its Cars In the Country (ndtv.com) 18

Reader manishs writes: Uber is taking a page out of Ola's playbook as it pushes to expand business in India, its largest overseas market. Months after its Indian rival introduced its 'connected platform' called Ola Play, Uber is set to launch its own infotainment system across several of its cab tiers in the country, people familiar with the matter have told Gadgets 360. The company began testing its infotainment system -- an Android tablet that comes loaded with a range of services -- in select cities in the country earlier this year. The ride-hailing service now plans to install the tablet on several of its premium cabs including its Uber X fleet, and make it available for passengers in select circles later this year, people said. Uber has been inviting select drivers in New Delhi and other cities to install an HD screen-enabled tablet, according to a source and two drivers who spoke on the condition of anonymity. This is the first time Uber is planning to bring an actual tablet to its cabs in any of the markets where it operates. The company currently offers Uber Trip Experiences in select markets where it lets passengers consume a range of services using their own phone.
Bug

DNS Lib Underscore Bug Bites Everyone's Favorite Init Tool, Blanks Netflix (theregister.co.uk) 150

Reader OneHundredAndTen writes and shares a report: Systemd doing what it does best. From a report on The Register: A few Penguinistas spent a weekend working out why they can't get through to Netflix from their Linux machines, because when they tried, their DNS lookups failed. The issue emerged over the weekend, when Gentoo user Dennis Schridde submitted a bug report to the Systemd project. Essentially, he described a failure within systemd-resolve, a Systemd component that turns human-readable domain names into IP addresses for software, like web browsers, to connect to. The Systemd resolver couldn't look up Netflix's servers for Schridde's web browser, according to the report. In his detailed post, Schridde said he expected this to happen: ipv6_1-cxl0-c088.1.lhr004.ix.nflxvideo.net gets resolved to 37.77.187.142 or 2a00:86c0:5:5::142. When in reality, that wasn't happening, so Netflix couldn't be reached on his box. His speculation that libidn2, which adds internationalised domain names support to the resolver, was at fault turned out to be accurate. Rebuilding Systemd without that library cleared the problem.
AI

Quest for AI Leadership Pushes Microsoft Further Into Chip Development (bloomberg.com) 32

From a Bloomberg report: Tech companies are keen to bring cool artificial intelligence features to phones and augmented reality goggles -- the ability to show mechanics how to fix an engine, say, or tell tourists what they are seeing and hearing in their own language. But there's one big challenge: how to manage the vast quantities of data that make such feats possible without making the devices too slow or draining the battery in minutes and wrecking the user experience. Microsoft says it has the answer with a chip design for its HoloLens goggles -- an extra AI processor that analyzes what the user sees and hears right there on the device rather than wasting precious microseconds sending the data back to the cloud. The new processor, a version of the company's existing Holographic Processing Unit, is being unveiled at an event in Honolulu, Hawaii, today. The chip is under development and will be included in the next version of HoloLens; the company didn't provide a date. This is one of the few times Microsoft is playing all roles (except manufacturing) in developing a new processor. The company says this is the first chip of its kind designed for a mobile device. Bringing chipmaking in-house is increasingly in vogue as companies conclude that off-the-shelf processors aren't capable of fully unleashing the potential of AI. Apple is testing iPhone prototypes that include a chip designed to process AI, a person familiar with the work said in May. Google is on the second version of its own AI chips. To persuade people to buy the next generation of gadgets -- phones, VR headsets, even cars -- the experience will have to be lightning fast and seamless.
Programming

How a VC-Funded Company Is Undermining the Open-Source Community (theoutline.com) 72

Adrianne Jeffries, reporting for The Outline: Is a $4 million venture capital-funded startup stealthily taking over popular coding tools and injecting ads and spyware into them? That's what some programmers fear may be happening. It is one of the most troubling scandals to hit the open-source community -- a robust network of programmers who work on shared tools for free -- in recent memory. It started back in April, when a programmer noticed a strange change to an open-source tool called Minimap. Minimap has had more than 3.5 million downloads, but like many open-source tools, it was maintained by a single person who no one knew much about other than their username: @abe33. At some point, @abe33, whose real name is Cedric Nehemie, was hired by Kite. Kite was started by Adam Smith, a successful tech entrepreneur who raised funding from a slew of big names including the CEO of Dropbox and the creator of WordPress. It is unclear what Kite's business model is, but it says it uses machine-learning techniques to make coding tools. Its tools are not open source. After being hired by Kite, @abe33 made an update to Minimap. The update was titled "Implement Kite promotion," and it appeared to look at a user's code and insert links to related pages on Kite's website. Kite called this a useful feature. Programmers said it was not useful and was therefore just an ad for an unrelated service, something many programmers would consider a violation of the open-source spirit. "It's not a feature, it's advertising -- and people don't want it, you want it," wrote user @p-e-w. "The least you can do is own up to that." "I have to wonder if your goal was to upset enough people that you'd generate real attention on various news sites and get Kite a ton of free publicity before your next funding round," @DevOpsJohn wrote. "That's the only sane explanation I can find for suddenly dropping ads into the core of one of the oldest and most useful Atom plugins." [...] Although Kite has no business model yet, it's widely thought in Silicon Valley that having users is the first step toward profitability. Adding users potentially benefits the company in another way, by giving it access to precious data. Kite says it uses machine learning tactics to make the best coding helper tools possible. In order to do that, it needs tons of data to learn from. The more code it can look at, the better its autocomplete suggestions will get, for example.
Microsoft

Microsoft Paint To Be Killed Off After 32 Years (theguardian.com) 283

Microsoft's next Windows 10 update, called the Fall Creators Update, will bring a variety of new features. But one long-standing stalwart of the Windows experience has been put on the chopping block: Microsoft Paint. From a report: First released with the very first version of Windows 1.0 in 1985, Paint in its various guises would be one of the first graphics editors used by many and became a core part of Windows. Starting life as a 1-bit monochrome licensed version of ZSoft's PC Paintbrush, it wasn't until Windows 98 that Paint could save in JPEG. With the Windows 10 Creators Update, released in April, Microsoft introduced the new Paint 3D, which is installed alongside traditional Paint and features 3D image making tools as well as some basic 2D image editing. But it is not an update to original Paint and doesn't behave like it. Now Microsoft has announced that, alongside Outlook Express, Reader app and Reading list, Microsoft Paint has been signalled for death having been added to the "features that are removed or deprecated in Windows 10 Fall Creators Update" list.
The Military

Top US General Warns Against Rogue Killer Robots (thehill.com) 145

Long-time Slashdot reader Zorro quotes The Hill: The second-highest-ranking general in the U.S. military last Tuesday warned lawmakers against equipping the armed forces with autonomous weapons systems... Gen. Paul Selva warned lawmakers that the military should keep "the ethical rules of war in place lest we unleash on humanity a set of robots that we don't know how to control. I don't think it's reasonable for us to put robots in charge of whether or not we take a human life," Selva told the committee.
There's already a Defense Department directive that requires humans in the decision-making process for lethal autonomous weapons systems. But it expires later this year...
Wireless Networking

Ask Slashdot: How Can You Avoid Routers With Locked Firmware? 280

thejynxed writes: Awhile ago the FCC in the USA implemented a rule that required manufacturers to restrict end-users from tampering with the radio outputs on wi-fi routers. It was predicted that manufacturers would take the lazy way out by locking down the firmware/bootloaders of the routers entirely instead of partitioning off access to the radio transmit power and channel ranges. This has apparently proven to be the case, as even now routers that were previously marketed as "Open Source Ready" or "DD-WRT Compatible" are coming with locked firmware.

In my case, having noticed this trend, I purchased three routers from Belkin, Buffalo, and Netgear in Canada, the UK, and Germany respectively, instead of the USA, and the results: All three routers had locked firmware/bootloaders, with no downgrade rights and no way to install Tomato, DD-WRT, OpenWRT, etc. It seems the FCC rule is an example of the wide-reaching effect of US law on the products sold in other nations, etc. So, does anyone know a good source of unlocked routers or other technical information on how to bypass this ridiculous outcome of FCC over-reach and manufacturer laziness?

The FCC later specified that they were not trying to block Open Source firmware modifications -- so leave your best suggestions in the comments. How can you avoid routers with locked firmware?
United States

US Agency Revokes All State Discounts For Kaspersky Products (thebaltimorepost.com) 85

The U.S. General Services Administration has removed Kapersky Lab from its list of approved vendors for federal systems, which also eliminates the discounts it previously offered to state governments. Long-time Slashdot reader Rick Zeman writes: "The agency's statement suggested a vulnerability exists in Kaspersky that could give the Russian government backdoor access to the systems it protects, though they offered no explanation or evidence of it," reports the Washington Post. Kaspersky, of course, denies this, offering their source code up for U.S. Government review... "Three current and former defense contractors told The Post that they knew of no specific warnings circulated about Kaspersky in recent years, but it has become an unwritten rule at the Pentagon not to include Kaspersky as a potential vendor on new projects."
"The lack of information from the GSA underscores a disconnect between local officials and the federal government about cybersecurity," the Post reports, adding that "the GSA's move on July 11 has left state and local governments to speculate about the risks of sticking with the company or abandoning taxpayer-funded contracts, sometimes at great cost."

The Post also quotes a cybersecurity expert at a prominent think tank -- the Center for Strategic and International Studies -- who believes that "it's difficult, if not impossible" for a company like Kaspersky to be headquartered in Moscow "if you don't cooperate with the government and the intelligence services."
Businesses

Amazon Report Predicts Pet Translation Devices By 2027 (cbslocal.com) 132

An anonymous reader writes: Devices that can talk to our pet dogs and cats could be less than 10 years away, according to a report Amazon commissioned that was co-authored by futurist William Higham. "Innovative products that succeed are based around genuine and major consumer needs," Higham wrote, noting the tremendous amounts already spent on our pets, and concluding, "Somebody is going to put this together." Amazon already sells one dubious device that converts human voices into meows using samples from 25 cats, according to the Guardian. (One reviewer who tested the device wrote that "the cat seems puzzled.") But Amazon's report also cites the work of Con Slobodchikoff, a professor emeritus in Northern Arizona University's biology department, who spent 30 years studying the behavior of prairie dogs. Slobodchikoff discovered prairie dogs have different words for colors and for species of predators, and is now already raising money to develop a translation device for pets.
Although Slobodchikoff concedes that "With cats I'm not sure what they'd have to say. A lot of times it might just be 'you idiot, just feed me and leave me alone.'"

Slashdot Top Deals