Medicine

New Antibody Attacks 99% of HIV Strains (bbc.com) 7

An anonymous reader quotes a report from BBC: Scientists have engineered an antibody that attacks 99% of HIV strains and can prevent infection in primates. It is built to attack three critical parts of the virus -- making it harder for HIV to resist its effects. The work is a collaboration between the US National Institutes of Health and the pharmaceutical company Sanofi. Our bodies struggle to fight HIV because of the virus' incredible ability to mutate and change its appearance. These varieties of HIV -- or strains -- in a single patient are comparable to those of influenza during a worldwide flu season. So the immune system finds itself in a fight against an insurmountable number of strains of HIV. But after years of infection, a small number of patients develop powerful weapons called "broadly neutralizing antibodies" that attack something fundamental to HIV and can kill large swathes of HIV strains. Researchers have been trying to use broadly neutralizing antibodies as a way to treat HIV, or prevent infection in the first place. The study, published in the journal Science, combines three such antibodies into an even more powerful "tri-specific antibody." The experiments conducted on 24 monkeys showed none of those given the tri-specific antibody developed an infection when they were later injected with the virus. "We're getting 99% coverage, and getting coverage at very low concentrations of the antibody," said Dr Gary Nabel, the chief scientific officer at Sanofi and one of the report authors.
Iphone

Hackers Using iCloud's Find My iPhone Feature To Remotely Lock Macs, Demand Ransom Payments (macrumors.com) 25

AmiMoJo shares a report from Mac Rumors: Over the last day or two, several Mac users appear to have been locked out of their machines after hackers signed into their iCloud accounts and initiated a remote lock using Find My iPhone. With access to an iCloud user's username and password, Find My iPhone on iCloud.com can be used to "lock" a Mac with a passcode even with two-factor authentication turned on, and that's what's going on here. Affected users who have had their iCloud accounts hacked are receiving messages demanding money for the passcode to unlock a locked Mac device. The usernames and passwords of the iCloud accounts affected by this "hack" were likely found through various site data breaches and have not been acquired through a breach of Apple's servers. Impacted users likely used the same email addresses, account names, and passwords for multiple accounts, allowing people with malicious intent to figure out their iCloud details.
Power

Court Rules That Imported Solar Panels Are Bad For US Manufacturing (theverge.com) 61

The International Trade Commission has ruled that American companies are being hurt by cheap solar panels from overseas, providing an opportunity for President Donald Trump to tax imports from countries like China. The Verge reports: Today's unanimous decision ruled that the companies SolarWorld Americans and Suniva were struggling financially not because of their own poor management, but because they couldn't compete with cheap panels from countries like China, Mexico, and South Korea. Suniva is now suggesting import duties of 40 cents a watt for solar cells, and a floor price of 78 cents a watt for panels. (Right now, the average floor price, worldwide, for panels is about 32 cents.) The Solar Energy Industries Association warned that implementing these suggestions could end up doubling the price of solar, thus destroying demand and causing Americans to lose their jobs.
Microsoft

Microsoft and Canonical Make Custom Linux Kernel (neowin.net) 39

Billly Gates writes: Microsoft and Canonical's relationship is getting closer besides Ubuntu for Windows. Azure will soon be offering more customized Ubuntu containers with a MS optimized kernel. Uname -r will show 4.11.0-1011-azure for Ubuntu cloud based 16.04 LTS. If you want the non MS kernel you can still use it on Azure by typing:
$ sudo apt install linux-virtual linux-cloud-tools-virtual
$ sudo apt purge linux*azure
$ sudo reboot
The article mentions several benefits over the generic Linux kernel for Azure

Google

Google Experiment Tests Top 5 Browsers, Finds Safari Riddled With Security Bugs (bleepingcomputer.com) 60

An anonymous reader writes from a report via Bleeping Computer: The Project Zero team at Google has created a new tool for testing browser DOM engines and has unleashed it on today's top five browsers, finding most bugs in Apple's Safari. Results showed that Safari had by far the worst DOM engine, with 17 new bugs discovered after Fratric's test. Second was Edge with 6, then IE and Firefox with 4, and last was Chrome with only 2 new issues. The tests were carried out with a new fuzzing tool created by Google engineers named Domato, also open-sourced on GitHub. This is the third fuzzing tool Google creates and releases into open-source after OSS-Fuzz and syzkaller. Researchers focused on testing DOM engines for vulnerabilities because they expect them to be the next target for browser exploitation after Flash reaches end-of-life in 2020.
Communications

Verizon Backtracks Slightly In Plan To Kick Customers Off Network (arstechnica.com) 40

An anonymous reader quotes a report from Ars Technica: Verizon Wireless is giving a reprieve to some rural customers who are scheduled to be booted off their service plans, but only in cases when customers have no other options for cellular service. Verizon recently notified 8,500 customers in 13 states that they will be disconnected on October 17 because they used roaming data on another network. But these customers weren't doing anything wrong -- they are being served by rural networks that were set up for the purpose of extending Verizon's reach into rural areas. Today, Verizon said it is extending the deadline to switch providers to December 1. The company is also letting some customers stay on the network -- although they must switch to a new service plan. "If there is no alternative provider in your area, you can switch to the S (2GB), M (4GB), 5GB single-line, or L (8GB) Verizon plan, but you must do so by December 1," Verizon said in a statement released today. These plans range from $35 to $70 a month, plus $20 "line fees" for each line. The 8,500 customers who received disconnection letters have a total of 19,000 lines. Verizon sells unlimited plans in most of the country but said only those limited options would be available to these customers. Verizon also reiterated its promise that first responders will be able to keep their Verizon service even though some public safety officials received disconnection notices. "We have become aware of a very small number of affected customers who may be using their personal phones in their roles as first responders and another small group who may not have another option for wireless service," Verizon said. "After listening to these folks, we are committed to resolving these issues in the best interest of the customers and their communities. We're committed to ensuring first responders in these areas keep their Verizon service."
Privacy

Walmart Wants To Deliver Groceries Straight To Your Fridge (consumerist.com) 112

New submitter Rick Schumann writes: Walmart has a new marketing idea: "Going to the store? No one has time for that anymore," Walmart says. They want to partner with a company called August Home, who makes smart locks, so a delivery service can literally deliver groceries right into your refrigerator -- while you watch remotely on your phone. Great, time-saving idea, or super-creepy invasion of your privacy? You decide. Here's how the company says it would work:
1. Place an order on Walmart.com for groceries or other goods.
2. A driver for Deliv -- a same-day delivery service -- retrieves items when the order is ready, and brings them to the customer's home.
3. If no one answers, the delivery person can use a one-time passcode that's been pre-authorized by the customer to open the home's smart lock.
4. The customer receives a smartphone notification when the delivery is occurring, and can choose to watch it all play out in real-time on home security cameras through a dedicated app.
5. Delivery person leaves packages in the foyer, then brings the groceries to the kitchen, unloads them into the fridge, and leaves.
6. Customer receives notification that the door has locked behind them.
Security

Adobe Security Team Accidentally Posts Private PGP Key On Blog (arstechnica.com) 39

A member of Adobe's Product Security Incident Response Team (PSIRT) accidentally posted the PGP keys for PSIRT's email account -- both the public and the private keys. According to Ars Technica, "the keys have since been taken down, and a new public key has been posted in its stead." From the report: The faux pas was spotted at 1:49pm ET by security researcher Juho Nurminen. Nurminen was able to confirm that the key was associated with the psirt@adobe.com e-mail account. To be fair to Adobe, PGP security is harder than it should be. What obviously happened is that a PSIRT team member exported a text file from PSIRT's shared webmail account using Mailvelope, the Chrome and Firefox browser extension, to add to the team's blog. But instead of clicking on the "public" button, the person responsible clicked on "all" and exported both keys into a text file. Then, without realizing the error, the text file was cut/pasted directly to Adobe's PSIRT blog.
Privacy

Passwords For 540,000 Car Tracking Devices Leaked Online (thehackernews.com) 30

An anonymous reader quotes a report from The Hacker News: Login credentials of more than half a million records belonging to vehicle tracking device company SVR Tracking have leaked online, potentially exposing the personal data and vehicle details of drivers and businesses using its service. Just two days ago, Viacom was found exposing the keys to its kingdom on an unsecured Amazon S3 server, and this data breach is yet another example of storing sensitive data on a misconfigured cloud server. The Kromtech Security Center was first to discover a wide-open, public-facing misconfigured Amazon Web Server (AWS) S3 cloud storage bucket containing a cache belonging to SVR that was left publicly accessible for an unknown period. Stands for Stolen Vehicle Records, the SVR Tracking service allows its customers to track their vehicles in real time by attaching a physical tracking device to vehicles in a discreet location, so their customers can monitor and recover them in case their vehicles are stolen. The leaked cache contained details of roughly 540,000 SVR accounts, including email addresses and passwords, as well as users' vehicle data, like VIN (vehicle identification number), IMEI numbers of GPS devices. The leaked database also exposed 339 logs that contained photographs and data about vehicle status and maintenance records, along with a document with information on the 427 dealerships that use SVR's tracking services.
Oracle

Oracle Announces Java SE 9 and Java EE 8 (oracle.com) 45

rastos1 writes: Oracle has announced the general availability of Java SE 9 (JDK 9), Java Platform Enterprise Edition 8 (Java EE 8) and the Java EE 8 Software Development Kit (SDK). JDK 9 is a production-ready implementation of the Java SE 9 Platform Specification, which was recently approved together with Java EE 8 in the Java Community Process (JCP). Java SE 9 provides more than 150 new features, including a new module system and improvements that bring more scalability, improved security, better performance management and easier development to the world's most popular programming platform.
The Internet

Move Over Connected Cows, the Internet of Bees Is Here (cityam.com) 39

A new project is aiming to bring bees online by putting them in tiny "backpacks" so that scientists can track the threatened insect's behaviour and help its survival. From a report: Bees in Manchester initially will be connected to the internet using technology from Cisco to help researchers track their migration, pollination and movement, and eventually, across the UK. Sensors in hives located at a new 70,000 sq ft tech accelerator hub in the northern city called Mi-Idea, will measure the bee environment such as temperature, while the bees themselves will be tagged with RFID chips that look like tiny backpacks. All the information will be collected and made available to track online giving insight on their habitats, with the bees even providing "status updates" (albeit automated) on their whereabouts. Cisco is working on the project with the Manchester Science Partnership (MSP) and the hub is already home to six startups: Hark, an IoT data company, video platform Wattl, location data analytics startup PlaceDashboard, Steamaco, an energy technology company, IOT platform KMS and software firm Malinko.
Businesses

Nestle Makes Billions Bottling Water It Pays Nearly Nothing For (bloomberg.com) 282

Nestle, the world's largest food and beverage company, has been bottling water since 1843 and has grown into the largest seller of bottled water. But a detailed report on Bloomberg uncovers the company's operation in Michigan, revealing that Nestle has come to dominate in the industry in part by going into economically depressed areas with lax water laws. It makes billions selling a product for which it pays close to nothing. Find the Bloomberg Businessweek article here (it might be paywalled, here's an alternative source).
Security

Major Cyber-Attack Will Happen Soon, Warns UK's Security Boss (theguardian.com) 60

Alex Hern, writing for The Guardian: A "category one" cyber-attack, the most serious tier possible, will happen "sometime in the next few years", a director of the National Cybersecurity Centre has warned. According to the agency, which reports to GCHQ and has responsibly for ensuring the UK's information security, a category one cybersecurity incident requires a national government response. Speaking at an event about the next decade of information security, Levy warned that "sometime in the next few years we're going to have our first category one cyber-incident." The only way to prevent such a breach, he said, was to change the way businesses and governments think about cybersecurity. Rather than obsessing about buying the right security products, Levy argued, organisations should instead focus on managing risk: understanding the data they hold, the value it has, and how much damage it could do if it was lost, for instance.
Businesses

Anatomy of a Moral Panic: Reports About Amazon Suggesting 'Bomb-Making Items' Were Highly Misleading (idlewords.com) 63

Maciej Ceglowski, a Polish-American web developer, has demolished a news story from earlier this week in which a British outlet Channel 4 suggested that Amazon's algorithm-driven suggestions were helping people find items that are required to make bombs. Multiple credible news outlets picked the story, including The New York Times, Reuters, BBC, and CNBC. We ran an excerpt from the New York Times' article, which included a newsworthy response from Amazon that it was reviewing its website, on Slashdot. In reality what was happening was, Ceglowski wrote, the items Amazon suggested would help high school chemistry students with their experiments. From his blog: The 'common chemical compound' in Channel 4's report is potassium nitrate, an ingredient used in curing meat. If you go to Amazon's page to order a half-kilo bag of the stuff, you'll see the suggested items include sulfur and charcoal, the other two ingredients of gunpowder. [...] The Channel 4 piece goes on to reveal that people searching for 'another widely available chemical' are being offered the ingredients for thermite, a mixture of metal powders that when ignited "creates a hazardous reaction used in incendiary bombs and for cutting through steel." In this case, the 'widely available chemical' is magnesium ribbon. If you search for this ribbon on Amazon, the site will offer to sell you iron oxide (rust) and aluminum powder, which you can mix together to create a spectacular bit of fireworks called the thermite reaction. The thermite reaction is performed in every high school chemistry classroom, as a fun reward for students who have had to suffer through a baffling unit on redox reactions. [...] When I contacted the author of one of these pieces to express my concerns, they explained that the piece had been written on short deadline that morning, and they were already working on an unrelated article. The author cited coverage in other mainstream outlets (including the New York Times) as justification for republishing and not correcting the assertions made in the original Channel 4 report. The real story in this mess is not the threat that algorithms pose to Amazon shoppers, but the threat that algorithms pose to journalism. By forcing reporters to optimize every story for clicks, not giving them time to check or contextualize their reporting, and requiring them to race to publish follow-on articles on every topic, the clickbait economics of online media encourage carelessness and drama. This is particularly true for technical topics outside the reporter's area of expertise. And reporters have no choice but to chase clicks.
Nintendo

This Guy Is Digitizing the VHS History of Video Games (vice.com) 79

An anonymous reader shares a report: UK-based gaming journalist and blogger Chris Scullion is on a mission to preserve his collection -- and maybe your collection, too -- of these old video game VHS tapes. In the 80s and 90s, video game companies and trade magazines made these tapes to accompany popular titles or new issues with bonus material or promotional footage, giving a glimpse into how marketing for games was done in the industry's early days. Scullion has 18 tapes to upload so far, and plans to provide accompanying commentary as well as the raw video as they go up on his YouTube channel. Scullion's first upload is a promotional tape for Super Mario All-Stars, given away by Nintendo UK in 1993. It's hosted by Craig Charles, who played Lister in the British sci-fi sitcom Red Dwarf. Digitizing his collection keeps that sweet nostalgia content safe from degradation of the magnetic tape, which starts to go downhill within 10 to 25 years. He's capturing them in HD using a 1080p upscaler, at a full 50fps frame rate by converting to HDMI before grabbing -- a higher frame rate than many standard commercial digitizing devices that capture at 30fps -- so that no frames are missed. Some of the tapes he's planning to digitize have already been converted and uploaded to YouTube by other people, he says, but most are either poor quality or captured with less-advanced grabbing devices.
Red Hat Software

Red Hat Pledges Patent Protection For 99 Percent of FOSS-ware (theregister.co.uk) 61

Red Hat says it has amassed over 2,000 patents and won't enforce them if the technologies they describe are used in properly-licensed open-source software. From a report: The company has made more or less the same offer since 2002, when it first made a "Patent Promise" in order to "discourage patent aggression in free and open source software." Back then the company didn't own many patents and claimed its non-enforcement promise covered 35 per cent of open-source software. The Promise was revised in order to reflect the company's growing patent trove and to spruce up the language it uses to make it more relevant. The revised promise "applies to all software meeting the free software or open source definitions of the Free Software Foundation (FSF) or the Open Source Initiative (OSI)." [...] It's not a blank cheque. Hardware isn't covered and Red Hat is at pains to point out that "Our Promise is not an assurance that Red Hat's patents are enforceable or that practicing Red Hat's patented inventions does not infringe others' patents or other intellectual property." But the company says 99 percent of FOSS software should be covered by the Promise.
Businesses

Apple's Latest Products Get Rare Mixed-Bag Reviews, Muted Reception (bloomberg.com) 195

Mark Gurman, writing for Bloomberg: Despite the strength of its brand, Apple occasionally releases a product to mediocre reviews -- remember the original Apple TV or Apple Watch? But reviewers have rarely been as grumpy as this month, when Apple unveiled its collection of new gadgets for the holidays. "I can't think of a single compelling reason to upgrade [to iPhone 8, or iPhone 8 Plus] from an iPhone 7 [which was launched last year]," wrote Nilay Patel of The Verge. Another potential sign of trouble: the iPhone 8 models didn't sell out during pre-orders, another rare occurrence for Apple phones. [...] Reviewing the new Apple Watch Series 3 model, The Wall Street Journal's Joanna Stern wrote "On the AT&T-connected models, the cellular connection dropped, calls were often choppy and Siri sometimes failed to connect. On the one that ran on T-Mobile, I experienced several dropped connections." The Verge's Lauren Goode noticed a serious connection issue as well, saying the device "would appear to pick up a single bar of some random Wi-Fi signal, and hang on that, rather than switching to LTE." [...] Reviewing the Apple TV 4K, The Verge's Patel noted the device's high price, a lack of 4K support in major apps including YouTube, and a lack of support for the Dolby Atmos audio standard. Reuters reported on Friday: Hundreds of people usually gather at Apple's Sydney city store with queues winding down the town's main street, George Street, when there is a new product release. But there were fewer than 30 people lining up before the store opened on Friday, according to a Reuters witness. While the number of people queuing up outside Apple stores have dropped over the years with many opting for online purchases, the weak turnout for the latest iPhone has partly been due to poor reviews. Over at Financial Times, Tim Bradshaw reports: "I think demand is down from last year, for no other reason than you have another flagship phone," said Neil Cybart, an Apple analyst at Above Avalon. "A portion of the iPhone launch demand is not materialising quite yet." That could leave this weekend's initial sales lower than at any point since the iPhone 6 first launched in 2014, Mr Cybart added. Apple's decision to increase prices for the iPhone 8 compared with last year's model and a less aggressive launch push by mobile carriers could also affect demand.
Businesses

The Problem, Really, is This Thing Called 'Disruption' (wired.com) 96

New submitter mirandakatz writes: The word "disruption" is everywhere in tech -- and it's getting founders in trouble. Just look at what happened with Bodega last week: Had the startup not professed to be disrupting the mom-and-pop shops on every corner, it might not have landed itself in such hot water. At Backchannel, veteran Silicon Valley communications whiz Karen Wickre makes the case against "disruption," pointing out that many of today's biggest companies got their starts without claiming to completely upend an existing industry. She writes: "What if Sergey and Larry had touted Google, in 1998, as 'an unprecedented platform for disrupting global advertising?' Do you think Jeff Bezos claimed that Amazon.com was upending global retail? Netflix? Within a few months of its 1997 launch, it did not foresee the actual paradigm shift of media streaming."
Communications

T-Mobile, Sprint Close To Agreeing Deal Terms (reuters.com) 75

From a report: T-Mobile US is close to agreeing tentative terms on a deal to merge with peer Sprint Corp, people familiar with the matter said on Friday, a major breakthrough in efforts to merge the third and fourth largest U.S. wireless carriers. The development follows more than four months of on-and-off talks this year between T-Mobile and Sprint, and comes as the U.S. telecommunications sector seeks ways to tackle investments in 5G technology that will greatly enhance wireless data transfer speeds.
Businesses

London Has Decided To Ban Uber (recode.net) 195

Johana Bhuiyan, writing for Recode: Transport for London, the taxi regulating service in London, announced today that it would not be renewing Uber's license to operate because of concerns over the company's "lack of corporate responsibility" in relation to public safety issues. The ride-hail company, which launched in London in 2012, is appealing the TfL's decision and will be allowed to continue to operate until a court makes a decision on that appeal. That process could take months. London is a significant market for Uber: The company says there are 40,000 drivers and 3.5 million riders on its platform in London. And like New York City, it is one of the most regulated markets where Uber operates. Unlike most markets across the U.S., Uber drivers in London and New York City are required to participate in government administered background checks.

Slashdot Top Deals