Chrome

Google Engineers Explore Ways To Stop In-Browser Cryptocurrency Miners in Chrome (bleepingcomputer.com) 43

An anonymous reader writes: Google Chrome engineers are considering adding a special browser permission that will thwart the rising trend of in-browser cryptocurrency miners. Discussions on the topic of in-browser miners have been going on the Chromium project's bug tracker since mid-September when Coinhive, the first such service, launched. "Here's my current thinking," Ojan Vafai, a Chrome engineering working on the Chromium project, wrote in one of the recent bug reports. "If a site is using more than XX% CPU for more than YY seconds, then we put the page into 'battery saver mode' where we aggressively throttle tasks and show a toast [notification popup] allowing the user to opt-out of battery saver mode. When a battery saver mode tab is backgrounded, we stop running tasks entirely. I think we'll want measurement to figure out what values to use for XX and YY, but we can start with really egregious things like 100% and 60 seconds. I'm effectively suggesting we add a permission here, but it would have unusual triggering conditions [...]. It only triggers when the page is doing a likely bad thing."

An earlier suggestion had Google create a blacklist and block the mining code at the browser level. That suggestion was shut down as being too impractical and something better left to extensions.

EU

EU: No Encryption Backdoors But, Let's Help Each Other Crack That Crypto (theregister.co.uk) 31

The European Commission has proposed that member states help each other break into encrypted devices by sharing expertise around the bloc. From a report: In an attempt to tackle the rise of citizens using encryption and its effects on solving crimes, the commission decided to sidestep the well-worn, and well-ridiculed, path of demanding decryption backdoors in the stuff we all use. Instead, the plans set out in its antiterrorism measures on Wednesday take a more collegiate approach -- by offering member states more support when they actually get their hands on an encrypted device. "The commission's position is very clear -- we are not in favour of so-called backdoors, the utilisation of systemic vulnerabilities, because it weakens the overall security of our cyberspace, which we rely upon," security commissioner Julian King told a press briefing. "We're trying to move beyond a sometimes sterile debate between backdoors or no backdoors, and address some of the concrete law enforcement challenges. For instance, when [a member state] gets a device, how do they get information that might be encrypted on the device." [...] Share the wealth. "Some member states are more equipped technically to do that [extract information from a seized device] than others," King said. "We want to make sure no member state is at a disadvantage, by sharing the tech expertise among the member states and reinforcing the support that Europol can offer."
Businesses

New Law Bans California Employers From Asking Applicants Their Prior Salary (sfgate.com) 135

An anonymous reader shares a report: California employers can no longer ask job applicants about their prior salary and -- if applicants ask -- must give them a pay range for the job they are seeking, under a new state law that takes effect Jan. 1. AB168, signed Thursday by Gov. Jerry Brown, applies to all public- and private-sector California employers of any size. The goal is to narrow the gender wage gap. If a woman is paid less than a man doing the same job and a new employer bases her pay on her prior salary, gender discrimination can be perpetuated, the bill's backers say. Last year, the state passed a weaker law that said prior compensation, by itself, cannot justify any disparity in compensation. The new bill goes further by prohibiting employers, "orally or in writing, personally or through an agent," from asking about an applicant's previous pay. However, if the applicant "voluntarily and without prompting" provides this information, the employer may use it "in determining the salary for that applicant."
Android

Samsung To Let Proper Linux Distros Run on Galaxy Smartphones (theregister.co.uk) 104

An anonymous reader shares a report: Samsung has announced it will soon become possible to run actual proper Linux on its Note8, Galaxy S8 and S8+ smartphones -- and even Linux desktops. Yeah, yeah, we know Android is built on Linux, but you know what we mean. Samsung said it's working on an app called "Linux on Galaxy" that will let users "run their preferred Linux distribution on their smartphones utilizing the same Linux kernel that powers the Android OS." "Whenever they need to use a function that is not available on the smartphone OS, users can simply switch to the app and run any program they need to in a Linux OS environment," Samsung says. The app also allows multiple OSes to run on a device. Linux desktops will become available if users plug their phones into the DeX Station, the device that lets a Galaxy 8 run a Samsung-created desktop-like environment when connected to the DeX and an external monitor.
Ubuntu

Ubuntu 17.10 Artful Aardvark Released 88

Canonical has made available the download links for Ubuntu 17.10 "Artful Aardvark". It comes with a range of new features, changes, and improvements including GNOME as the default desktop, Wayland display server by default, Optional X.org server session, Mesa 17.2 or Mesa 17.3, Linux kernel 4.13 or kernel 4.14, new Subiquity server installer, improved hardware support, new Ubuntu Server installer, switch to libinput, an always visible dock using Dash to Dock GNOME Shell extension, and Bluetooth improvements with a new BlueZ among others.
Businesses

Dodging Russian Spies, Customers Are Ripping Out Kaspersky (thedailybeast.com) 241

From a report: Multiple U.S. security consultants and other industry sources tell The Daily Beast customers are dropping their use of Kaspersky software all together, particularly in the financial sector, likely concerned that Russian spies can rummage through their files. Some security companies are being told to only provide U.S. products. And former Kaspersky employees describe the firm as reeling, with department closures and anticipation that researchers will jump ship soon. "We are under great pressure to only use American products no matter the technical or performance consequences," said a source in a cybersecurity firm which uses Kaspersky's anti-virus engine in its own services. The Daily Beast granted anonymity to some of the industry sources to discuss internal deliberations, as well as the former Kaspersky employees to talk candidly about recent events.
Robotics

Bankers Publicly Embracing Robots Are Privately Fearing Job Cuts (bloomberg.com) 141

An anonymous reader quotes a report from Bloomberg: Within the upper echelons of many financial firms, there's a lot of soul searching as executives prepare to roll out a new generation of technology. Publicly, they're upbeat, predicting machines will perform almost all repetitive tasks, freeing humans to focus on more valuable pursuits. Privately, many confide to peers, consultants and sometimes journalists that they're worried about what will happen to their staffs -- and what to tell them. There's also uncertainty. Maybe it's all overblown, executives say, because the tech will be hard to implement and humans will find new roles. Or perhaps it's the beginning of the end for legions of professionals in one of the world's most lucrative fields. Can jobs held by office-dwelling millionaires disappear like those on factory floors? The result, is that employees aren't getting a clear message on what's to come.

For a rosy scenario, look to McKinsey & Co. In July, the consulting firm published a report estimating machines are ready to assume roughly a third of the work now performed by banks' rank and file. The authors framed it as positive: People will have more time to tend to clients, conduct research or brainstorm ideas. So far, it noted, firms at the forefront aren't slashing jobs. At JPMorgan Chase & Co., one of the most tech-savvy banks, Chief Executive Officer Jamie Dimon predicted in June that his workforce will more likely grow than shrink over the next 20 years. Technology may displace workers, he's said, but it also creates opportunities. Yet in interviews, about a dozen Wall Street executives and consultants responsible for deploying technologies -- and steeped in their capabilities -- were more bearish on humans. Machines will take over task after task, they said, and banks simply won't need nearly as many people.

Businesses

First Floating Wind Farm Delivers Electricity (arstechnica.com) 70

The world's first floating offshore wind farm began delivering electricity to the Scottish grid today. "The 30MW installation, situated 25km (15.5mi) from Peterhead in Aberdeenshire, Scotland, will demonstrate that offshore wind energy can be harvested in deep waters, miles away from land, where installing giant turbines was once impractical or impossible," reports Ars Technica. "At peak capacity, the wind farm will produce enough electricity to power 20,000 Scottish homes." From the report: The installation, called Hywind Scotland, is also interesting because it was built by Statoil, a Norwegian mega-corporation known for offshore oil drilling. Statoil has pursued offshore wind projects in recent years, using the companyâ(TM)s experience building and managing infrastructure in difficult open sea conditions to its advantage. Hywind Scotland began producing power in September, and today it starts delivering electricity to the Scottish grid. Now, all that's left is for Statoil and its partner company Masdar to install a 1MWh lithium-ion battery, charmingly called âoeBatwind,â on shore. Batwind will help the offshore system regulate power delivery and optimize output. After a number of small demonstration projects, the five 6MW turbines are the first commercial turbines to lack a firm attachment to the seafloor. They're held in place using three giant suction anchors, which are commonly used in offshore oil drilling. Essentially, an enormous, empty, upside-down âoebucketâ is placed on the seafloor, and air is sucked out of the bucket, which forces the bucket downward, further into the seafloor sediment. The report mentions a 2013 video that shows how offshore wind farms work.
Books

Amazon E-Book Buyers Receive Payment From Antitrust Lawsuit Settlement (idropnews.com) 39

If you bought a Kindle e-book between April 2010 and May 2012, you might see some Amazon credit coming your way. The company is reportedly distributing funds from an antitrust lawsuit that it levied at Apple in 2013. From a report: Amazon has set up a website listing the available credits, and it has begun sending out emails this morning to U.S. customers who are eligible for a refund. Apple and a handful of book publishers, including Penguin, HarperCollins, Machete Book Group and Macmillan, were found guilty of conspiring to inflate the prices of e-books in order to weaken Amazon's grip on the market. While the book publishers settled out of court, Apple decided to fight the lawsuit and appealed several times. Eventually, it was ordered to pay a total of $450 million in the protracted antitrust case.

Several refunds have already been distributed because of the lawsuit. In fact, the bulk of credits were sent out in 2014 and 2016. The round of credits being sent out today comes from an earmarked $20 million meant to pay states involved in the suit. The Amazon credits have a six-month shelf life and must be spent by April 20, 2018, or they'll expire. In addition the Amazon credits, customers may also be receiving Apple credits that can be used toward iBooks, iTunes and App Store purchases. Apple is currently notifying eligible customers via email.

Earth

Flying Insects Have Been Disappearing Over the Past Few Decades, Study Shows (theguardian.com) 154

An anonymous reader quotes a report from The Guardian: The abundance of flying insects has plunged by three-quarters over the past 25 years, according to a new study that has shocked scientists. Insects are an integral part of life on Earth as both pollinators and prey for other wildlife and it was known that some species such as butterflies were declining. But the newly revealed scale of the losses to all insects has prompted warnings that the world is "on course for ecological Armageddon," with profound impacts on human society. The new data was gathered in nature reserves across Germany but has implications for all landscapes dominated by agriculture, the researchers said. The cause of the huge decline is as yet unclear, although the destruction of wild areas and widespread use of pesticides are the most likely factors and climate change may play a role. The scientists were able to rule out weather and changes to landscape in the reserves as causes, but data on pesticide levels has not been collected. The research, published in the journal Plos One, is based on the work of dozens of amateur entomologists across Germany who began using strictly standardized ways of collecting insects in 1989.
Medicine

Intelligent People More At Risk of Mental Illness, Study Finds (independent.co.uk) 196

schwit1 shares a report from The Independent: The stereotype of a tortured genius may have a basis in reality after a new study found that people with higher IQs are more at risk of developing mental illness. A team of U.S. researchers surveyed 3,715 members of American Mensa with an IQ higher than 130. An "average IQ score" or "normal IQ score" can be defined as a score between 85 and 115. The team asked the Mensa members to report whether they had been diagnoses with mental illnesses, including autism spectrum disorder (ASD) and attention deficit hyperactivity disorder (ADHD). They were also asked to report mood and anxiety disorders, or whether the suspected they suffered from any mental illnesses that had yet to be diagnosed, as well as physiological diseases, like food allergies and asthma. After comparing this with the statistical national average for each illness they found that those in the Mensa community had considerably higher rates of varying disorders. While 10 per cent of the general population were diagnosed with anxiety disorder, that rose to 20 percent among the Mensa community, according to the study which published in the Science Direct journal.
Security

Ask Slashdot: What Are Ways To Get Companies To Actually Focus On Security? 139

New submitter ctilsie242 writes: Many years ago, it was said that we would have a "cyber 9/11," a security event so drastic that it fundamentally would change how companies and people thought about security. However, this has not happened yet (mainly because the bad guys know that this would get organizations to shut their barn doors, stopping the gravy train.) With the perception that security has no financial returns, coupled with the opinion that "nobody can stop the hackers, so why even bother," what can actually be done to get businesses to have an actual focus on security. The only "security" I see is mainly protection from "jailbreaking," so legal owners of a product can't use or upgrade their devices. True security from other attack vectors are all but ignored. In fact, I have seen some development environments where someone doing anything about security would likely get the developer fired because it took time away from coding features dictated by marketing. I've seen environments where all code ran as root or System just because if the developers gave thought to any permission model at all, they would be tossed, and replaced by other developers who didn't care to "waste" their time on stuff like that.

One idea would be something similar to Underwriters Labs, except would grade products, perhaps with expanded standards above the "pass/fail" mark, such as Europe's "Sold Secure," or the "insurance lock" certification (which means that a security device is good enough for insurance companies to insure stuff secured by it.) There are always calls for regulation, but with regulatory capture being at a high point, and previous regulations having few teeth, this may not be a real solution in the U.S. Is our main hope the new data privacy laws being enacted in Europe, China, and Russia, which actually have heavy fines as well as criminal prosecutions (i.e. execs going to jail)? This especially applies to IoT devices where it is in their financial interest to make un-upgradable devices, forcing people to toss their 1.0 lightbulbs and buy 1.0.1 lightbulbs to fix a security issue, as opposed to making them secure in the first place, or having an upgrade mechanism. Is there something that can actually be done about the general disinterest by companies to make secure products, or is this just the way life is now?
Government

CNN Gets a First-Of-Its-Kind Waiver To Fly Drones Over Crowds (techcrunch.com) 53

The FAA has granted CNN a waiver that allows it to fly its Vantage Robotics Snap drone over open-air crowds of people at altitudes of up to 150 feet. "This is a new precedent in this kind of waiver: Previous exemptions allowed flight of drones over people in closed set operations (like for filmmaking purposes) and only when tethered, with a max height of 21 feet," reports TechCrunch. From the report: The new waiver granted to CNN, as secured through its legal counsel Hogan Lovells, allows for flight of the Vantage UAV (which is quite small and light) above crowds regardless of population density. It was a big win for the firm and the company because it represents a change in perspective on the issue for the FAA, which previously viewed all requests for exceptions from a "worst-case scenario" point of view. Now, however, the FAA has accepted CNN's "reasonableness Approach," which takes into account not just the potential results of a crashed drone, but also the safe operating history of the company doing the flying, their built-in safety procedures, and the features included on the drone model itself that are designed to mitigate the results of any negative issues.
Power

Microsoft Teases Multi-Day Battery Life For Upcoming ARM-Powered Windows Devices (techspot.com) 63

An anonymous reader quotes a report from TechSpot: Microsoft late last year announced a partnership with Qualcomm to bring the full Windows 10 experience to ARM-powered devices. Terry Myerson, Executive Vice President of Microsoft's Windows and Devices Group, promised at the time that Snapdragon-powered Windows 10 devices would be efficient in the power consumption department. We're still waiting for the partnership to bear fruit but in the interim, new details regarding efficiency (and a few other subjects) have emerged. With regard to battery life, Pete Bernard, Principal Group Program Manager for Connectivity Partners at Microsoft, said that to be frank, battery life at this point is beyond their expectations: ""We set a high bar for [our developers], and we're now beyond that. It's the kind of battery life where I use it on a daily basis. I don't take my charger with me. I may charge it every couple of days or so. It's that kind of battery life."

Slashdot Top Deals