Reader Trailrunner7 writes: The stakes in the vulnerability acquisition and bug bounty game have just gone up several notches, with a well-known security startup now offering $1.5 million for a remote jailbreak in iOS 10.The payout was put on the table Thursday by Zerodium, a company that buys vulnerabilities and exploits for high-value target platforms and applications. The company has a set of standing prices for the information it will buy, which includes bugs and exploits for iOS, Android, Flash, Windows, and the major browsers, and the top tier of that list has been $500,000 for an iOS jailbreak. But that all changed on Thursday when Zerodium announced that the company has tripled the standing price for iOS to $1.5 million.
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
An anonymous reader writes: Mozilla announced today Project Mortar, an initiative to explore the possibility of deploying alternative technologies in Firefox to replace its internal implementations. The project's first two goals are to test two Chrome plugins within the Firefox codebase. These are PDFium, the Chrome plugin for viewing PDF files, and Pepper Flash, Google's custom implementation of Adobe Flash. The decision comes as Mozilla is trying to cut down development costs, after Firefox took a nose dive in market share this year. "In order to enable stronger focus on advancing the Web and to reduce the complexity and long term maintenance cost of Firefox, and as part of our strategy to remove generic plugin support, we are launching Project Mortar," said Johnny Stenback, Senior Director Of Engineering at Mozilla Corporation. "Project Mortar seeks to reduce the time Mozilla spends on technologies that are required to provide a complete web browsing experience, but are not a core piece of the Web platform," Stenback adds. "We will be looking for opportunities to replace such technologies with other existing alternatives, including implementations by other browser vendors."
You don't need someone to point out to you that you probably spend too many hours on the internet. Maybe it's your job, maybe it's a growing habit, maybe it's both of them. An anonymous reader shared a link on Business Insider, in which an author named Roy Hessel shares what happened after he started to force himself to go offline for 24 hours every week. (He chose the duration between sundown on Friday to sunset on Saturday as the time for disconnect.) From the article:No emails, no calls, no Tweets, no tech, no matter what. For anyone who's struggling with finding time for self and family, I'd like to share what I've learned. For health, sanity, and happiness, I think it can make all the difference. It's not enough to carve out time in your schedule. You need to approach this blackout period with an unwavering belief in its benefit and a commitment to see it through. For me, this means abstaining from work and, in the deepest sense, simply resting. It grounds me and allows me to re-energize and focus on what's really important in my life. The key is to be unapologetic rather than aspirational about unplugging. As soon my family and I get home from our workweek, there's nothing, with the exception of a life and death situation, that would cause me to compromise that time. As far as business and my income is concerned, it can wait.We understand that not everyone wants or afford to go offline for a complete day, but do you also ensure that you are offline for a few hours everyday or every week or every month?
Paul Miller, a reporter at The Verge, went offline in 2012 for a complete year and shared his experience when he got back. You might find it insightful.
Paul Miller, a reporter at The Verge, went offline in 2012 for a complete year and shared his experience when he got back. You might find it insightful.
Mazin Sidahmed and Nicky Woolf, reporting for The Guardian: A male Saudi Arabian teenager has been arrested in Riyadh over a series of online videos of conversations between him and a female Californian streaming-video star that went viral. A Riyadh police spokesperson, Colonel Fawaz Al-Mayman, said the teenager, known online as Abu Sin, was arrested on Sunday for engaging in "unethical behaviour" in videos with Christina Crockett, a popular broadcaster on the conversational live-streaming site YouNow. Abu Sin's real name is not known. "His videos received many comments and many of the commenters of the general public demanded for him to be punished for his actions," Al-Maymann added, according to the Saudi Gazette. The two amassed thousands of fans on the YouNow network, and later on YouTube after videos of the two speaking were uploaded there. The videos featured Abu Sin -- a nickname given to him for his broken teeth -- and Crockett communicating despite their significant language barriers. The popularity of the videos of the two of them surprised Crockett, she told the Guardian in an interview. As a broadcaster on YouNow, she can invite her fans to join her broadcasts on split-screen, which is known as "guesting."
AT&T has confirmed to ArsTechnica that it is getting rid of Internet Preferences, a controversial program that analyzed home internet customers' web browsing habits in order to serve some targeted ads. From the report:"To simplify our offering for our customers, we plan to end the optional Internet Preferences advertising program related to our fastest Internet speed tiers," an AT&T spokesperson said. "As a result, all customers on these tiers will receive the best rate we have available for their speed tier in their area. We'll begin communicating this update to customers early next week." Data collection and targeted ads will be shut off, AT&T also confirmed. Since AT&T introduced Internet Preferences for its GigaPower fiber Internet service in 2013, customers had to opt into the traffic scanning program in order to receive the lowest available rate. Customers who wanted more privacy had to pay another $29 a month for standalone Internet access; bundles including TV or phone service could cost more than $60 extra when customers didn't opt in.
Amazon has announced the Alexa Prize, a $2.5 million award for college students who develop technology to make it more natural to talk with company's Alexa virtual assistant. Amazon said it hopes to build a socialbot on Alexa which is capable of conversing with people about popular topics and news events. VentureBeat adds: Up to ten teams will be sponsored by Amazon and receive a $100,000 stipend, Alexa-enabled devices, free AWS services, and support from the Alexa team. [...] The first contest will be held at AWS re:invent in November 2017. Among other bot-building contests, the Watson Group at IBM has prizes and cash for anyone who can make bots that talk to each other.
Avast Software, maker of the world's most popular computer antivirus program, will need a year to absorb its $1.3 billion buy of rival AVG but may seek further acquisitions before an expected flotation, its chief executive said in an interview, according to Reuters. From a report: Prague-based Avast closed its purchase on Friday of AVG Technologies, another software firm with Czech roots specializing in consumer security. The combined company will have over 400 million users and 40 percent of the consumer computer market outside of China. While Avast will delist AVG shares, it has its own plans to eventually offer shares, maybe as soon as 2019. Before that, it must fully integrate AVG and will then look at mid-tier acquisitions for its push into mobile and, possibly, to expand its small- and medium-sized business offering. "We have to digest AVG first and that is going to take us pretty much all of 2017 to really integrate. Then we will look at expanding the business after that," Avast CEO Vincent Steckler said.
Apple removed the headphone jack in the iPhone 7 and iPhone 7 Plus, forcing users to use either Bluetooth, the Lightning port or included Lightning to 3.5mm headphone jack adaptor in order to listen to music through headphones. However, one company took it upon themselves to create an iPhone 7 case with a built-in 3.5mm headphone jack. The company is called Fuze and they recently launched an Indiegogo campaign that promises to bring the audio port back to the iPhone 7. The Next Web reports: To achieve this, the company is taking Apple's Lightning to 3.5mm adapter and building it straight into a case, where you can plug your headphones with "no dongles, no adapters, no problems." In addition to the audio port, the Fuze Case will also serve as a battery pack as it adds 2,400mAh of extra battery life to the iPhone 7 and 3,600mAh to the 7 Plus. It will be available in five different colors including white, black, gold, rose gold and blue. The case is currently available for $49 to "super early bird" backers, but will increase to $59 once more people have chipped in and will eventually sell for $69 in retail. The company expects to start shipping the accessory in December later this year.
turkeydance quotes a report from Hollywood Reporter: Given the increased frequency of terrorist bombings and mass shootings and an under-lying sense of havoc fed by divisive election politics, it's no surprise that home security is going over the top and hitting luxurious new heights. Or, rather, new lows, as the average depth of a new breed of safe haven that occupies thousands of square feet is 10 feet under or more. Those who can afford to pull out all the stops for so-called self-preservation are doing so -- in a fashion that goes way beyond the submerged corrugated metal units adopted by reality show "preppers" -- to prepare for anything from nuclear bombings to drastic climate-change events. Gary Lynch, GM at Rising S Bunkers, a Texas-based company that specializes in underground bunkers and services scores of Los Angeles residences, says that sales at the most upscale end of the market -- mainly to actors, pro athletes and politicians (who require signed NDAs) -- have increased 700 percent this year compared with 2015, and overall sales have risen 150 percent. Any time there is a turbulent political landscape, we see a spike in our sales. Given this election is as turbulent as it is, "we are gearing up for an even bigger spike," says marketing director Brad Roberson of sales of bunkers that start at $39,000 and can run $8.35 million or more (FYI, a 12-stall horse shelter is $98,500). Adds Mike Peters, owner of Utah-based Ultimate Bunker, which builds high-end versions in California, Texas and Minnesota: "People are going for luxury [to] live underground because they see the future is going to be rough. Everyone I've talked to thinks we are doomed, no matter who is elected." Robert Vicino, founder of Del Mar, Calif.-based Vivos, which constructs upscale community bunkers in Indiana (he believes coastal flooding scenarios preclude bunkers being safely built west of the Rockies), says, "Bill Gates has huge shelters under every one of his homes, in Rancho Santa Fe and Washington. His head of security visited with us a couple years ago, and for these multibillionaires, a few million is nothing. It's really just the newest form of insurance."
sciencehabit writes from a report via Science Magazine: All good things must come to an end, and so it will be tomorrow when the Rosetta spacecraft makes its planned soft landing onto the surface of comet 67P/Churyumov-Gerasimenko, the culmination of 2 years of close-up studies. Solar power has waned as 67P's orbit takes it and Rosetta farther from the sun, and so the mission team decided to go on a last data-gathering descent before the lights go out. This last data grab is a bonus after a mission that is already changing theorists' views about how comets and planets arose early in the solar system. Several Rosetta observations suggest that comets form not from jolting mergers of larger cometesimals, meters to kilometers across, but rather from the gentle coalescence of clouds of pebbles. And the detection of a single, feather-light, millimeter-sized particle -- preserved since the birth of the solar system -- should further the view of a quiet birth. The report concludes: "A slew of instruments will keep gathering data as Rosetta approaches the surface at the speed of a gentle stroll. For team members whose instruments have already been turned off to conserve power, the ending is bittersweet -- but their work is far from over. Most instrument teams have only examined their own data, and are just now thinking about combining data sets. "We've just started collaborating with other teams," [Holger Sierks of the Max Planck Institute for Solar System Research in Gottingen, Germany, chief of Rosetta's main camera,] says. "This is the beginning of the story, not the end."
An anonymous reader quotes a report from The Verge: The Americas are now free of measles and we have vaccines to thank, the Pan American Health Organization said earlier this week. This is the first region in the world to be declared measles-free, despite longtime efforts to eliminate the disease entirely. The condition -- which causes flu-like symptoms and a blotchy rash -- is one of the world's most infectious diseases. It's transmitted by airborne particles or direct contact with someone who has the disease and is highly contagious, especially among small children. To be clear, there are still people with measles in the Americas, but the only cases develop from strains picked up overseas. Still, the numbers are going down: in the U.S. this year, there have been 54 cases, down from 667 two years ago. The last case of measles that developed in the Americas was in 2002. (It took such a long time to declare the region measles-free because of various bureaucratic issues.) Health officials say that credit for this victory goes to efforts to vaccinate against the disease. Though the measles, mumps, and rubella (MMR) vaccine is recommended for all children and required by many states, anti-vaxxers have protested it due to since-discredited claims that vaccines can cause autism. NPR interviewed Dr. Seth Berkley, the CEO of GAVI, a Geneva-based nonprofit organization whose mission is to improve and provide vaccine and immunization coverage to children in the world's poorest countries. She says that 90 to 95 percent of people in a given region need to be vaccinated in order to stop transmission in a region. The rate worldwide is about 80 percent for measles, which means that 20 percent of people around the world are not covered.
Orome1 quotes a report from Help Net Security: Despite high-profile, large-scale data breaches dominating the news cycle -- and repeated recommendations from experts to use strong passwords -- consumers have yet to adjust their own behavior when it comes to password reuse. A global Lab42 survey, which polled consumers across the United States, Germany, France, New Zealand, Australia and the United Kingdom, highlights the psychology around why consumers develop poor password habits despite understanding the obvious risk, and suggests that there is a level of cognitive dissonance around our online habits. When it comes to online security, personality type does not inform behavior, but it does reveal how consumers rationalize poor password habits. My personal favorite: password paradox. "The survey revealed that the majority of respondents understand that their digital behavior puts them at risk, but do not make efforts to change it," reports Help Net Security. "Only five percent of respondents didn't know the characteristics of a secure password, with the majority of respondents understanding that passwords should contain uppercase and lowercase letters, numbers and symbols. Furthermore, 91 percent of respondents said that there is inherent risk associated with reusing passwords, yet 61 percent continue to use the same or similar passwords anyway, with more than half (55 percent) doing so while fully understanding the risk." The report also found that when attempting to create secure passwords, "47 percent of respondents included family names or initials," while "42 percent contain significant dates or numbers and 26 percent use the family pet."
An anonymous reader quotes a report from ZDNet: IBM said Thursday it plans to acquire compliance consulting firm Promontory Financial Group to bring more financial regulatory expertise to Watson's cognitive computing platform. Promontory is a global consulting operation with an aim of helping banks manage the ever-increasing regulation and risk management requirements in the financial sector. With that in mind, IBM wants to use the industry expertise of Promontory's workforce -- which is made up of ex-regulators and banking executives -- to teach Watson all about regulation, risk and compliance. IBM is also using the deal to create a new subsidiary called Watson Financial Services, which will build cognitive tools for things things like tracking regulatory obligations, financial risk modeling, surveillance, anti-money laundering detection systems. "This is a workload ideally suited for Watson's cognitive capabilities intended to allow financial institutions to absorb the regulatory changes, understand their obligations, and close gaps in systems and practices to address compliance requirements more quickly and efficiently," IBM said in a press release.
Google has renamed "Apps for Work" to "G Suite" to "help people everywhere work and innovate together, so businesses can move faster and go bigger." They have also added a bunch of new features, such as a "Quick Access" section for Google Drive for Android that uses machine learning to predict what files you're going to need when you open up the app, based off your previous behavior. Calendar will automatically pick times to set up meetings through the use of machine intelligence. Sheets is also using AI "to turn your layman English requests into formulas through its 'Explore' feature," reports The Next Web. "In Slides, Explore uses machine learning to dynamically suggest and apply design ideas, while in Docs, it will suggest backup research and images you can use in your musings, as well as help you insert files from your Drive account. Throughout Docs, Sheets, and Slides, you can now recover deleted files on Android from a new 'Trash' option in the side/hamburger menu." Google's cloud services will now fall under a new "Google Cloud" brand, which includes G Suite, Google Cloud Platform, new machine learning tools and APIs, and Google's various devices that access the cloud. Slashdot reader wjcofkc adds: I just received the following email from Google. When I saw the title, my first thought was that there was malware lying at the end -- further inspection proved it to be real. Is this the dumbest name change in the history of name changes? Google of all companies does not have to try so hard. "Hello Google Apps Customer, We created Google Apps to help people everywhere work and innovate together, so that your organization can move faster and achieve more. Today, we're introducing a new name that better reflects this mission: G Suite. Over the coming weeks, you'll see our new name and logo appear in familiar places, including the Admin console, Help Center, and on your invoice. G Suite is still the same all-in-one solution that you use every day, with the same powerful tools -- Gmail, Docs, Drive, and Calendar. Thanks for being part of the journey that led us to G Suite. We're always improving our technology so it learns and grows with your team. Visit our official blog post to learn more."
itwbennett writes from a report via CSO Online: After Yahoo raised eyebrows in the security community with its claim that state-sponsored hackers were responsible for the history-making breach, security firm InfoArmor now says it has evidence to the contrary. InfoArmor claims to have acquired some of the stolen information as part of its investigation into "Group E," a team of five professional hackers-for-hire believed to be from Eastern Europe. The database that InfoArmor has contains only "millions" of accounts, but it includes the users' login IDs, hashed passwords, mobile phone numbers and zip codes, said Andrew Komarov, InfoArmor's chief intelligence officer. Earlier this week, Chase Cunningham, director of cyber operations at security provider A10 Networks, called Yahoo's claim of state-sponsored actors a convenient, if trumped up, excuse: "If I want to cover my rear end and make it seem like I have plausible deniability, I would say 'nation-state actor' in a heartbeat." "Yahoo was compromised in 2014 by a group of professional blackhats who were hired to compromise customer databases from a variety of different targeted organizations," Scottsdale, Arizona-based InfoArmor said Wednesday in a report. "The Yahoo data leak as well as the other notable exposures, opens the door to significant opportunities for cyber-espionage and targeted attacks to occur."