Submission + - Who Is Afraid of Kaspersky Lab? (vice.com)

An anonymous reader writes: We went to Kaspersky Lab's SAS conference, where the controversial Russian anti-virus firm showcases its best research, wines and dines competitors and journalists, and burns American espionage operations. We visited the conference to see how the company was handling the allegations that it has deep connections with Russian spies, and to see how it's dealing with the US government ban,

Submission + - New EU privacy regs could help watermarking replace DRM (teleread.org) 1

David Rothman writes: Just about all of us hate DRM. New EU privacy regulations could help watermarking, a competing technology, by increasing consumer confidence in privacy protections for uniquely identified copies of ebooks. Contrary to popular belief, the best watermarks can be surprisingly hard to remove. Books can even contain multiple watermarking schemes, thwarting pirates hoping to remove hidden tracking. No technology is perfect, but watermarking has come a long way.

Letâ(TM)s hope that large U.S. publisherâ(TM)s will catch up with European counterparts in watermarking adoption.

Submission + - How Tesla can fix the brakes by "software update". (tesla.com) 1

140Mandak262Jamuna writes: A tesla owner had posted an interesting speculation about how Tesla can respond to the brake issue reported by Consumer Reports. Tesla cryptically mentioned, "it is in a unique position to use software updates". Many thought it was PR speak misdirection to be later clarified as a no op.

But looks like, Tesla *can* fix it using over the air software update for ALL users!



I calculate [*] the regenerative braking (usually called dynamic braking in railroad diesel/electric loco parlance) would stop the car in 164 feet without *any* friction brakes.

Then later ...

Tesla hinting software update to address makes me think it might do this: Always keep enough reserve battery capacity to absorb a few slammed brakes. So the emergency regen braking is *always* available. Adjust the regen braking knobs by software to turn it on more aggressively for brake pedal application. It can even turn on the "most aggressive mode" only when the pedals are fully depressed. In that mode if the disc brake and the motor dissipate the energy equally, you are looking at 82 feet stopping distance for a car that weighs nearly as much as Ford F150. (3850 lb LR version M3 vs 4050 lb F150 low end).


Submission + - The First Political Attack Ad Against Bitcoin Just Aired (vice.com)

dmoberhaus writes: Brian Forde was a senior adviser to the Obama administration on cryptocurrencies and other technologies, and he also ran MIT's Digital Currency Initiative. But that hasn't stopped him from becoming the target of the first political attack ad against Bitcoin. Forde is running for a seat in the House of Representatives in 2018, and his Democratic opponent Dave Min recently ran a TV slot calling out Forde's Bitcoin connections.

Submission + - Microsoft to Block Flash in Office 365 Starting January 2019 (bleepingcomputer.com)

An anonymous reader writes: Microsoft announced plans last week to block Flash, Shockwave, and Silverlight content from activating in Office 365. The block will only apply to Office 365 subscription clients, but not to Office 2016, Office 2013, or Office 2010 distributions, the company said. The change is set to come into effect starting with January 2019. This is a full-on block, and not just Microsoft disabling problematic controls with the option to click on a button and view its content. The block means that Office 365 will prevent Flash, Shockwave, or Silverlight content from playing inside Office documents altogether.

Microsoft cited different reasons for taking this decision. It said that malware authors have abused this mechanism for exploit campaigns, but also that Office users rarely used these features anyway. In addition, Microsoft said it was also taking this decision after Adobe announced Flash's end-of-life for 2020. Microsoft stopped supporting Silverlight in 2016, with the final end-of-support date for enterprise customers being scheduled for 2021.

Submission + - Comcast Website Bug Leaks Xfinity Customer Data (zdnet.com)

An anonymous reader writes: A bug in Comcast's website used to activate Xfinity routers can return sensitive information on the company's customers. The website, used by customers to set up their home internet and cable service, can be tricked into displaying the home address where the router is located, as well as the Wi-Fi name and password. Two security researchers, Karan Saini and Ryan Stevenson, discovered the bug. Only a customer account ID and that customer's house or apartment number is needed — even though the web form asks for a full address.

ZDNet obtained permission from two Xfinity customers to check their information. We were able to obtain their full address and zip code — which both customers confirmed. The site returned the Wi-Fi name and password — in plaintext — used to connect to the network for one of the customers who uses an Xfinity router. The other customer was using his own router — and the site didn't return the Wi-Fi network name or password.

Submission + - Project Indigo: the info-sharing program between banks and U.S. Cyber Command (cyberscoop.com)

An anonymous reader writes: A confidential information-sharing agreement between the Financial Services Information Sharing and Analysis Center (FS-ISAC) and U.S. Cyber Command reveals the blurring line between the country’s public and private sectors as the U.S. government becomes increasingly receptive to launching offensive hacking operations.

The pilot program, codenamed “Project Indigo,” recently established an information-sharing channel for a subunit of FS-ISAC known as the Financial Systemic Analysis & Resilience Center (FSARC). That subunit shares “scrubbed” cyberthreat data, including malware indicators, with the Fort Mead-based Cyber Command, according to current and former U.S. officials.

The broad purpose of Project Indigo is to help inform U.S. Cyber Command about nation-state hacking aimed at banks. In practice, this intelligence is independently evaluated and, if appropriate, Cyber Command responds under its own unique authorities.

Submission + - Microsoft wins lucrative cloud deal with intelligence community (tech-1st.com)

wyattstorch516 writes: Microsoft has won a contract to be the sole provider of cloud services to national intelligence agencies. The deal is reportedly worth hundreds of millions of dollars. Amazon was considered the favorite to win the contract but this deal will boost Azure in its competition with AWS.

Submission + - Google Removes 'Don't Be Evil' Clause From Its Code of Conduct (gizmodo.com)

Zorro writes: Google’s unofficial motto has long been the simple phrase “don’t be evil.” But that’s over, according to the code of conduct that Google distributes to its employees. The phrase was removed sometime in late April or early May, archives hosted by the Wayback Machine show.

“Don’t be evil” has been part of the company’s corporate code of conduct since 2000. When Google was reorganized under a new parent company, Alphabet, in 2015, Alphabet assumed a slightly adjusted version of the motto, “do the right thing.” However, Google retained its original “don’t be evil” language until the past several weeks. The phrase has been deeply incorporated into Google’s company culture—so much so that a version of the phrase has served as the wifi password on the shuttles that Google uses to ferry its employees to its Mountain View headquarters, sources told Gizmodo.

Submission + - Ask Slashdot: Is Android illegally requiring you to use your Google account? 2

daniel.benoy writes: In May of 1998, Microsoft was sued under antitrust law by the United States Department of Justice. The central accusation of the trial, which ended with a settlement in 2001, was that Microsoft was illegally compelling users to acquire a copy of Microsoft Internet Explorer in order to get access to new versions of Microsoft Windows. It's illegal, the DOJ argued, for a monopoly to force someone to get one product in order to get access to another, even if that product is 'free.'

Could Google be doing something similar today?

Most Android users enter their Google credentials into their Android device without giving it much thought, so they may not be aware of just how much is disabled when the credentials are removed. I invite you to give it a try for yourself. Of course, you will expect certain things to stop working, such as syncing to Gmail or accessing your paid apps, but perplexingly it will also block access to things that don't require personalized cloud access at all.

For example, you will no longer be able to download software from the App store, even if it's free and publicly available. You'll lose access to Google Daydream VR, including third-party apps that just want to use the headset. All your third-party apps will disappear from Android Auto. Some third-party apps relying on Google Play Services will stop functioning entirely. Google Assistant refuse to speak to you at all. Voice dictation using the virtual keyboard refuses to function. ... The list goes on.

What's worse is that Google will not allow you to pick and choose which apps you enter your credentials into. You don't enter them into the app, you enter them into the system. This can result in all sorts of undesirable side-effects. For example, Google will sync your calendar and contacts off to their servers without getting permission, because it will require you to explicitly opt-out, and who knows if it will finish syncing before you do. Also, it will enable remote phone wiping, and won't let you truly disable it without rooting the device. As a result, anyone who gains control of your Google account, including Google itself, could remotely wipe your phone at any time.

The cynical among us may suspect Google is deliberately holding Android features to ransom in order to coerce customers into connecting to a Google account.

Big data corporations nowadays are not shy to brag about how lucrative it is to collect detailed personal information on their users so they can sell it to advertisers, or exploit it directly. Most Android users have gotten those creepy 'Hey we noticed you were at a certain place. Would you like to write a review?' messages popping up on their phones. It would not come as a surprise to learn that Google is invested in ensuring that kind of intrusive data collection continues to flow, and that they may be going to some unethical lengths to make it happen.

My question to Slashot is, is this even legal? Is this the same crime that Microsoft Microsoft was committing back in the nineties? They're forcing you to use their free Google account service and all its associated functionality in order to access other features of the device.

Or are they perhaps guilty of another crime such as deceptive advertising for not explaining that, in addition to money, you will have to hand over your data as well to be able to use to your new Daydream View headset.

And when you do log in, is it illegal for Google to require you to opt-out of sending personal information to its servers, rather than asking you to opt-in first? Do they have a legal requirement to seek permission first before beaming your statistics off to Google HQ?

Submission + - AP Analysis Shows How Bill Gates Influences Education Policy

theodp writes: Lost in all the When-Bill-Gates-Met-Donald-Trump coverage hoopla this week was perhaps an even bigger Gates story. According to an AP analysis of grants, the Bill and Melinda Gates Foundation has given about $44 million to outside groups over the past two years to help shape new state education plans required under the 2015 Every Student Succeeds Act (ESSA). The spending, the AP reports, paid for research aligned with Gates' interests, led to friendly media coverage and had a role in helping write one state's new education system framework. Among other things, ESSA recognized K-12 computer science as important an academic subject as math and English, putting it on equal footing with other subjects when state policymakers decide how to dole out federal funds. Claiming credit for "pressing lawmakers" into finally making CS a core K-12 subject under ESSA was tech-bankrolled Code.org, which has received $3+ million from the Bill and Melinda Gates Foundation, and another $1+ million from Bill Gates. Not too surprisingly, Code.org — which earlier this year thanked BillG as it celebrated its success in "changing education policies in forty states" — offers a few ideas for Putting Computer Science Into State Plans for the Every Student Succeeds Act on its website.

Submission + - New Model Unites Classical & Quantum Physics: Describes Dark Energy & Bi (linkedin.com)

An anonymous reader writes: A new paper presents a complete description of modern theory in quantum terms, thus unifying classical and quantum physics.

http://www.scirp.org/Journal/P...

In addition to unification, the paper goes into great detail describing the expansion of the universe, dark energy, dark matter, gravity, quantum entanglement, energy/mass and their relation, the birth of the universe from a quantum fluctuation, the ensuing inflationary period, the trigger event that causes inflation to end and the resulting release of energy that we now see as the Cosmic Microwave Background (CMB). Calculations of the quantity, age, density and temperature of the CMB are precise to the best measurement data available.

A reader friendly narrative of the physicist may be found here:

https://www.linkedin.com/pulse...

In total the paper presents 27 verifiable results which may be found here:

https://www.informativity.org/...

Submission + - Using Google's Daydream VR Headset for Augmented Reality and Positional Tracking (vortex.com)

Lauren Weinstein writes: At first glance (no pun intended) one would assume that Daydream headsets are unsuitable for “augmented reality” VR applications that require use of the phone camera, since the Daydream flap that holds the phone in place completely blocks the back of the phone and the camera lens. This also seemingly eliminates the possibility of Daydream headset experimentation with “inside-out” 6DOF (six degrees of freedom) applications, that leverage the phone’s camera and Google’s “ARCore” platform to provide “positional tracking” capabilities that conventionally have only been available with far more expensive VR headsets.

Submission + - Tesla releases some GPL opensource code (sfconservancy.org)

Jeremy Allison - Sam writes: Congratulations to Tesla on Their First Public Step Toward GPL Compliance

Conservancy rarely talks publicly about specifics in its ongoing GNU General Public License (GPL) enforcement and compliance activity, in accordance with our Principles of Community Oriented GPL Enforcement. We usually keep our compliance matters confidential — not for our own sake — but for the sake of violators who request discretion to fix their mistakes without fear of public reprisal.

We're thus glad that, this week, Tesla has acted publicly regarding its current GPL violations and has announced that they've taken their first steps toward compliance. While Tesla acknowledges that they still have more work to do, their recent actions show progress toward compliance and a commitment to getting all the way there.

Submission + - Chinese 'Accelerators' In Silicon Valley Aim To Bring Startups Home (reuters.com)

An anonymous reader writes: Beijing’s unslakeable thirst for the latest technology has spurred a proliferation of “accelerators” in Silicon Valley that aim to identify promising startups and bring them to China. The surge in the number of China-focused accelerators — which support, mentor and invest in early-stage startups — is part of a larger wave of Chinese investment in Silicon Valley. At least 11 such programs have been created in the San Francisco Bay Area since 2013, according to the tech-sector data firm Crunchbase. Some work directly with Chinese governments, which provide funding. Reuters interviews with the incubators showed that many were focused on bringing U.S. startups to China. For U.S. government officials wary of China’s growing high-tech clout, the accelerator boom reaffirms fears that U.S. technological know-how is being transferred to China through investments, joint ventures or licensing agreements.

Submission + - Sensor portion of 1 millimeter wide self powered camera created (techcrunch.com)

davemc50 writes: Surveillance bugs get eyes. UoM develop a miniature camera sensor.

Who will be the first to combine this sensor with micro solar powered store & transmit electronics?

Potentially embeddable anywhere (with sufficient resources), these will lead to universal ability to see anything, an exponential expansion of our awareness. Useful for machines seeing inside themselves. Abusable for nefarious leaders seeing people resisting them.

Should you happen to be installing some of these, make sure you add a few extra that you control, pointed at the corrupt leadership, so their misdeeds can be leaked and they can be ejected from power promptly.

Submission + - IBM Warns Quantum Computing will Break Encryption (zdnet.com)

CrtxReavr writes: "Quantum computers will be able to instantly break the encryption of sensitive data protected by today's strongest security," warns Arvind Krishna, head of IBM Research. The article continues "It has been known since the 1980s that quantum computers would be great at factoring large numbers, which is the foundation of public key cryptography. But building large enough quantum computers was not possible then. Advances in novel materials and in low-temperature physics have led to many breakthroughs in the quantum computing field in recent years. and large commercial quantum computer systems will soon be viable and available within five years." The article says continued advances in material science and software technologies will be required to take best advantage of Quantum Computing.

What I wonder is, if encryption can be "instantly broken," does this also mean that remaining crypto-coins, can be instantly discovered?

Slashdot Top Deals