DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Businesses

Should Banks Let Ancient Programming Language COBOL Die? (thenextweb.com) 111

COBOL is a programming language invented by Hopper from 1959 to 1961, and while it is several decades old, it's still largely used by the financial sector, major corporations and part of the federal government. Mar Masson Maack from The Next Web interviews Daniel Doderlein, CEO of Auka, who explains why banks don't have to actively kill COBOL and how they can modernize and "minimize the new platforms' connections to the old systems so that COBOL can be switched out in a safe and cheap manner." From the report: According to [Doderlein], COBOL-based systems still function properly but they're faced with a more human problem: "This extremely critical part of the economic infrastructure of the planet is run on a very old piece of technology -- which in itself is fine -- if it weren't for the fact that the people servicing that technology are a dying race." And Doderlein literally means dying. Despite the fact that three trillion dollars run through COBOL systems every single day they are mostly maintained by retired programming veterans. There are almost no new COBOL programmers available so as retirees start passing away, then so does the maintenance for software written in the ancient programming language. Doderlein says that banks have three options when it comes to deciding how to deal with this emerging crisis. First off, they can simply ignore the problem and hope for the best. Software written in COBOL is still good for some functions, but ignoring the problem won't fix how impractical it is for making new consumer-centric products. Option number two is replacing everything, creating completely new core banking platforms written in more recent programming languages. The downside is that it can cost hundreds of millions and it's highly risky changing the entire system all at once. The third option, however, is the cheapest and probably easiest. Instead of trying to completely revamp the entire system, Doderlein suggests that banks take a closer look at the current consumer problems. Basically, Doderlein suggests making light-weight add-ons in more current programming languages that only rely on COBOL for the core feature of the old systems.
Chrome

Chrome Will Start Marking HTTP Sites In Incognito Mode As Non-Secure In October (venturebeat.com) 25

Reader Krystalo writes: Google today announced the second step in its plan to mark all HTTP sites as non-secure in Chrome. Starting in October 2017, Chrome will mark HTTP sites with entered data and HTTP sites in Incognito mode as non-secure. With the release of Chrome 56 in January 2017, Google's browser started marking HTTP pages that collect passwords or credit cards as "Not Secure" in the address bar. Since then, Google has seen a 23 percent reduction in the fraction of navigations to HTTP pages with password or credit card forms on Chrome for desktop. Chrome 62 (we're currently on Chrome 58) will take this to the next level.
Facebook

Facebook Pledges To Crack Down on Government-led Misinformation Campaigns (theverge.com) 58

Facebook is pressing its enforcement against what it calls "information operations" -- bad actors who use the platform to spread fake news and false propaganda. From a report: The company, which published a report on the subject today, defines these operations as government-led campaigns -- or those from organized "non-state actors" -- to promote lies, sow confusion and chaos among opposing political groups, and destabilize movements in other countries. The goal of these operations, the report says, is to manipulate public opinion and serve geopolitical ends. The actions go beyond the posting of fake news stories. The 13-page report specifies that fake news can be motivated by a number of incentives, but that it becomes part of a larger information operation when its coupled with other tactics and end goals. Facebook says these include friend requests sent under false names to glean more information about the personal networks of spying targets and hacking targets, the boosting of false or misleading stories through mass "liking" campaigns, and the creation propaganda groups. The company defines these actions as "targeted data collection," "false amplification," and "content creation." Facebook plans to target these accounts by monitoring for suspicious activity, like bursts of automated actions on the site, to enact mass banning of accounts.
Privacy

'World's Most Secure' Email Service Is Easily Hackable (vice.com) 65

Nomx, a startup that offers an email client by the same name, bills itself as the maker of the "world's most secure email service." The startup goes on to suggest that "everything else is insecure." So it was only a matter of time before someone decided to spend some time on assessing how valid Nomx's claims are. Very misleading, it turns out. From a report on Motherboard: Nomx sells a $199 device that essentially helps you set up your own email server in an attempt to keep your emails away from mail exchange (or MX) -- hence the brand name -- servers, which the company claims to be inherently "vulnerable." Security researcher Scott Helme took apart the device and tried to figure out how it really works. According to his detailed blog post, what he found is that the box is actually just a Raspberry Pi with outdated software on it, and several bugs. So many, in fact, that Helme wrote Nomx's "code is riddled with bad examples of how to do things." The worst issue, Helme explained, is that the Nomx's web application had a vulnerability that allowed anyone to take full control of the device remotely just by tricking someone to visit a malicious website. "I could read emails, send emails, and delete emails. I could even create my own email address," Helme told Motherboard in an online chat. A report on BBC adds: Nomx said the threat posed by the attack detailed by Mr Helme was "non-existent for our users." Following weeks of correspondence with Mr Helme and the BBC Click Team, he said the firm no longer shipped versions that used the Raspberry Pi. Instead, he said, future devices would be built around different chips that would also be able to encrypt messages as they travelled. "The large cloud providers and email providers, like AOL, Yahoo, Gmail, Hotmail - they've already been proven that they are under attack millions of times daily," he said. "Why we invented Nomx was for the security of keeping your data off those large cloud providers. To date, no Nomx accounts have been compromised."
Security

Hackers Exploited Word Flaw For Months While Microsoft Investigated (reuters.com) 40

An anonymous reader writes: To understand why it is so difficult to defend computers from even moderately capable hackers, consider the case of the security flaw officially known as CVE-2017-0199. The bug was unusually dangerous but of a common genre: it was in Microsoft software, could allow a hacker to seize control of a personal computer with little trace, and was fixed April 11 in Microsoft's regular monthly security update. But it had traveled a rocky, nine-month journey from discovery to resolution, which cyber security experts say is an unusually long time. Google's security researchers, for example, give vendors just 90 days' warning before publishing flaws they find. Microsoft declined to say how long it usually takes to patch a flaw. While Microsoft investigated, hackers found the flaw and manipulated the software to spy on unknown Russian speakers, possibly in Ukraine. And a group of thieves used it to bolster their efforts to steal from millions of online bank accounts in Australia and other countries.
NASA

NASA Inspector Says Agency Wasted $80 Million On An Inferior Spacesuit (arstechnica.com) 68

An anonymous reader quotes a report from Ars Technica: When NASA began developing a rocket and spacecraft to return humans to the Moon a decade ago as part of the Constellation Program, the space agency started to think about the kinds of spacesuits astronauts would need in deep space and on the lunar surface. After this consideration, NASA awarded a $148 million contract to Oceaneering International, Inc. in 2009 to develop and produce such a spacesuit. However, President Obama canceled the Constellation program just a year later, in early 2010. Later that year, senior officials at the Johnson Space Center recommended canceling the Constellation spacesuit contract because the agency had its own engineers working on a new spacesuit and, well, NASA no longer had a clear need for deep-space spacesuits. However, the Houston officials were overruled by agency leaders at NASA's headquarters in Washington, DC. A new report released Wednesday by NASA Inspector General Paul Martin sharply criticizes this decision. "The continuation of this contract did not serve the best interests of the agency's spacesuit technology development efforts," the report states. In fact, the report found that NASA essentially squandered $80.6 million on the Oceaneering contract before it was finally ended last year.
Security

British Cops Will Scan Every Fan's Face At the Champions League Final (vice.com) 86

Using a new facial recognition surveillance system, British police will scan every fan's face at the UEFA Champions League on June 3rd and compare them to a police database of some 500,000 "persons of interest." "According to a government tender issued by South Wales Police, the system will be deployed during the day of the game in Cardiff's main train station, as well as in and around the Principality Stadium situated in the heart of Cardiff's central retail district." From the report: Cameras will potentially be scanning the faces of an estimated 170,000 visitors plus the many more thousands of people in the vicinity of the bustling Saturday evening city center on match day, June 3. Captured images will then be compared in real time to 500,000 custody images stored in the police information and records management system alerting police to any "persons of interest," according to the tender. The security operation will build on previous police use of Automated Facial Recognition, or AFR technology by London's Metropolitan Police during 2016's Notting Hill Carnival.
Piracy

Pirate Site Blockades Violate Free Speech, Mexico's Supreme Court Rules (torrentfreak.com) 35

New submitter happyfeet2000 quotes a report from TorrentFreak: Broad pirate sites blockades are disproportional, Mexico's Supreme Court of Justice has ruled. The government can't order ISPs to block websites that link to copyright-infringing material because that would also restrict access to legitimate content and violate the public's freedom of expression. The ruling is a win for local ISP Alestra, which successfully protested the government's blocking efforts. Alestra was ordered to block access to the website mymusiic.com by the government's Mexican Institute of Industrial Property (IMPI). The website targeted a Mexican audience and offered music downloads, some of which were shared without permission. "The ISP was not pleased with the order and appealed it in court," reports TorrentFreak. "Among other things, the defense argued that the order was too broad, as it also restricted access to music that might not be infringing." The Supreme Court of Justice of the Nation heard the case and ruled that the government's order is indeed disproportional.
Government

FCC Announces Plan To Reverse Title II Net Neutrality (theverge.com) 193

An anonymous reader quotes a report from The Verge: The Federal Communications Commission is cracking open the net neutrality debate again with a proposal to undo the 2015 rules that implemented net neutrality with Title II classification. FCC chairman Ajit Pai called the rules "heavy handed" and said their implementation was "all about politics." He argued that they hurt investment and said that small internet providers don't have "the means or the margins" to withstand the regulatory onslaught. "Earlier today I shared with my fellow commissioners a proposal to reverse the mistake of Title II and return to the light touch framework that served us so well during the Clinton administration, Bush administration, and first six years of the Obama administration," Pai said today. His proposal will do three things: first, it'll reclassify internet providers as Title I information services; second, it'll prevent the FCC from adapting any net neutrality rules to practices that internet providers haven't thought up yet; and third, it'll open questions about what to do with several key net neutrality rules -- like no blocking or throttling of apps and websites -- that were implemented in 2015. Pai will publish the full text of his proposal tomorrow, and it will be voted on by the FCC on May 18th.
Government

Energy Star Program For Homes And Appliances Is On Trump's Chopping Block (npr.org) 265

Appliance manufacturers and home builders are in Washington, D.C., today to celebrate a popular energy efficiency program, even as it's slated for elimination in President Trump's proposed budget. NPR adds: You probably know the program's little blue label with the star -- the Environmental Protection Agency says 90 percent of U.S. households do. [...] The 25-year-old Energy Star program appears to be targeted simply because it's run by the federal government. It's one of 50 EPA programs that would be axed under Trump's budget plan, which would shrink the agency's funding by more than 30 percent. Critics of Energy Star say the government should get involved in the marketplace only when absolutely necessary. But that argument doesn't hold sway for the program's legions of supporters, which span nonprofits, companies and trade groups.
The Courts

Mylan's Epic EpiPen Price Hike Wasn't About Greed -- It's Worse, Lawsuit Claims (arstechnica.com) 155

Mylan engaged in a campaign to squash a rival to its EpiPen allergy treatment and artificially inflate the price of the drug to maintain a market monopoly, French drugmaker Sanofi said in a lawsuit. From a report: With the lofty prices and near-monopoly over the market, Mylan could dangle deep discounts to drug suppliers -- with the condition that they turn their backs on Sanofi's Auvi-Q -- the lawsuit alleges. Suppliers wouldn't dare ditch EpiPens, the most popular auto-injector. And with the high prices, the rebates wouldn't put a dent in Mylan's hefty profits, Sanofi speculates. Coupled with a smear campaign and other underhanded practices, Mylan effectively pushed Sanofi out of the US epinephrine auto-injector market, Sanofi alleges. The lawsuit, filed Monday in a federal court in New Jersey, seeks damages under US Antitrust laws.
Government

The Cheap Energy Revolution Is Here, and Coal Won't Cut It (bloomberg.com) 451

An anonymous reader shares a report: Wind and solar are about to become unstoppable, natural gas and oil production are approaching their peak, and electric cars and batteries for the grid are waiting to take over. This is the world Donald Trump inherited as U.S. president. And yet his energy plan is to cut regulations to resuscitate the one sector that's never coming back: coal. Clean energy installations broke new records worldwide in 2016, and wind and solar are seeing twice as much funding as fossil fuels, according to new data released Tuesday by Bloomberg New Energy Finance (BNEF). That's largely because prices continue to fall. Solar power, for the first time, is becoming the cheapest form of new electricity in the world. But with Trump's deregulations plans, what "we're going to see is the age of plenty -- on steroids," BNEF founder Michael Liebreich said. "That's good news economically, except there's one fly in the ointment, and that's climate."
Businesses

Amazon Wants To Put a Camera and Microphone in Your Bedroom (vice.com) 202

On Wednesday, Amazon announced the Echo Look, the latest gadget in the company's new Echo-powered hardware lineup. Motherboard explains: The newly announced Echo Look is a virtual assistant with a microphone and a camera that's designed to go somewhere in your bedroom, bathroom, or wherever the hell you get dressed. Amazon is pitching it as an easy way to snap pictures of your outfits to send to your friends when you're not sure if your outfit is cute, but it's also got a built-in app called StyleCheck that is worth some further dissection. [...] "All photos and video captured with your Echo Look are securely stored in the AWS cloud and locally in the Echo Look app until a customer deletes them," a spokesperson for the company said. "You can delete the photos or videos associated with your account anytime in the Echo Look App." Motherboard also asked if Echo Look photos, videos, and the data gleaned from them would be sold to third parties; the company did not address that question.
Databases

Five Years Later, Legal Megaupload Data Is Still Trapped On Dead Servers (arstechnica.com) 82

An anonymous reader quotes a report from Ars Technica: It's been more than five years since the government accused Megaupload and its founder Kim Dotcom of criminal copyright infringement. While Dotcom himself was arrested in New Zealand, U.S. government agents executed search warrants and grabbed a group of more than 1,000 servers owned by Carpathia Hosting. That meant that a lot of users with gigabytes of perfectly legal content lost access to it. Two months after the Dotcom raid and arrest, the Electronic Frontier Foundation filed a motion in court asking to get back data belonging to one of those users, Kyle Goodwin, whom the EFF took on as a client. Years have passed. The U.S. criminal prosecution of Dotcom and other Megaupload executives is on hold while New Zealand continues with years of extradition hearings. Meanwhile, Carpathia's servers were powered down and are kept in storage by QTS Realty Trust, which acquired Carpathia in 2015. Now the EFF has taken the extraordinary step of asking an appeals court to step in and effectively force the hand of the district court judge. Yesterday, Goodwin's lawyers filed a petition for a writ of mandamus (PDF) with the U.S. Court of Appeals for the 4th Circuit, which oversees Virginia federal courts. "We've been asking the court for help since 2012," said EFF attorney Mitch Stolz in a statement about the petition. "It's deeply unfair for him to still be in limbo after all this time."
The Courts

Uber Must Provide Waymo With Data Regarding Its Otto Acquisition, Rules Court (thetechportal.com) 31

An appeals court today has ruled that Anthony Levandowski, the Uber executive accused of taking documents from Google's Waymo, can't use the Fifth Amendment to prevent Uber from turning over documents in the case. "The court has now directed Uber to provide data associated with its Otto acquisition to Waymo," reports The Tech Portal. From the report: Following the case, Levandowski invoked the fifth amendment, so as to prevent any other information which could implicate him from coming to the surface. Meanwhile, Waymo has been claiming that Levandowski and Uber signed an agreement with each other just a few days after the former quit his job at Google. The company has also asked Uber to provide it with a log containing details of the cab aggregator's legal involvement with Levandowski. Levandowski has been opposing the motion, stating that it would violate his fifth amendment. However, a new court ruling has quashed these hopes. With this ruling, Waymo can technically also request Uber for a copy of the due diligence report. The United States Court of Appeals for the Federal Circuit said: "Mr. Levandowski argues that he is entitled to relief under the Fifth Amendment because production of the unredacted privilege log could potentially incriminate him. We are not persuaded that the district court erred in its ruling requiring defendants to produce an unredacted privilege log."

Slashdot Top Deals