Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment Voice vs Allo vs Hangouts? (Score 2) 87

I'm still confused. How does this new Voice update integrate for fit with they new Allo? Allo is their new Text app. Wait - I thought Hangout was the new messaging and communication platform. No no -- wait there's an update for Voice. This should tie it all together...right?!

Whatever. I've had voice for many many years and it hasn't changed. I figured it was dead and stopped using it. It is still my public phone# (I use the PBX feature) but I've gone 99% native with iMessaging and find myself using FB Messenger a bit more too. But Hangout yeah never.

Allo was DOA. What is it?! How does it fit? Have you tried it - if not I'll wait... back yet? Did you try chatting with your G+ friends? Can't find them b/c they're on Hangout?! How about SMS? Totally bogus -- looks like a spam message on the recipient end. yeah what is it?!

Comment Easy fix - Reminds me of secure pinpad (Score 1) 143

An easy fix might be to steal ideas from a secure pin pad that I used to use. Long before modern RF badges existed, entry to my office was guarded by a devilish PIN pad designed to prevent stealing of PINs in the manner described. There were several things making it secure:

First - a computer chose my PIN for me. I had to (keep printed PIN in wallet ^H^H^H^H) memorize, I mean memorize !! the ....
10 digit long PIN...that was a random series of numbers.
One had to stand immediately in front of keypad to see the digits (and boy do I mean In Front).

And to make it extra user friendly !! (not) --- the digit location was dynamic, meaning the digits appeared in random locations each time it was turned on. 10 digits of hunting and pecking. The hack was they could just tailgate with everyone else and wait for the designated PIN "enterer" to open the door ("hi I'm the new guy"). Each morning it was a "race" to see who could walk the slowest across the parking lot and Not Be First!! Entering a PIN was slow so usually 5+ people would collect by the time the door was opened.

Now - if the Android Pattern shifted each time you turned it on - this video attack wouldn't work as well. It would also mean that your passcode couldn't be "the figure 8." Of course there might be an attack vector related to watching people pause to figure out how to connect their dots.

oh - and if you didn't punch your passcode fast enough it would timeout and shutoff. Forcing you to start over again. Yeah this system was despised by everyone. Later they put one on the data center door.

Comment Re:Buttons would be nice !!! (Score 1) 187

haa hahaa aahhh ha. [snort] You are not the first person to tell me about such a sign.

"Common" --right on! You think about it --- the shock of squat toilets...and what do the Locals think of "us" and the western toilet. When they travel to (say) the USA they must all laugh among themselves about our weird customs.

Comment Re:Buttons would be nice !!! (Score 1) 187

Right - the airports, offices, restaurants (in Tokyo & Yokohama), and apartments were all western style. Really never a problem.

Back in the more modern populated areas I found mostly western and several dual designs - squat & western in the same bathroom. Sometimes squat with a stall around it. Sometimes western in a stall and squat in the middle of the room ("them westerners sure like their privacy - weirdos!")

I found the "traditional" toilets north of Tokyo while touring the temples and gardens. I will always remember the giant single room with 6 metal collars rising from the floor - no privacy at all. Although the giant bathtub of a urinal in the Aloha stadium men's room in Honolulu was rather shocking. Hadn't seen that design since "that dive-bar" back in college.

Gee - almost seems like a topic for an architectural themed coffee table book?!!

Comment FB is not entertainment (Score 3, Interesting) 32

It has long been proposed that TV and "social" could merge. There have been experiments with Twitter and TV shows (tune into the Show & Twitter and the director and main actors will be responding to tweets). Attempts to bring the viewers together and make the show more engrossing. Could FB be trying to merge the two on a single platform?

For awhile now I've just been speed scrolling through my feed - lots and lots of posts and nothing to watch (sounds like cable TV right?!) I figured I just wasn't the social type and peeked to stay in the know.

But I noticed my wife doing the same thing last night and putting her iPad down to read a book.

Maybe FB "see's" this and is concerned. Gotta keep eyeballs on the stream to feed the ad engine. The more I think about it - FB offers very little. A fun way to keep in touch with friends and family...yes. However I'm either tinkering with something, playing with the children, watching Netflix, or reading a book. Or doing Work!! Work!! Sorry boss just walked by.

Submission + - Number of Hijacked MongoDB Servers Doubles After Kraken Gang Gets Involved (bleepingcomputer.com)

An anonymous reader writes: The number of hijacked MongoDB servers held for ransom has skyrocketed in the past two days from 10,500 to over 28,200, thanks in large part to the involvement of a professional ransomware group known as Kraken, previously known for developing a poorly-coded Windows ransomware.

Ever since this group got involved, the number of hacked and ransomed MongoDB servers went from 10,000 to 28,000, with the Kraken group accounting for 56% of all hijacked servers. The group's efforts seem to be worth it, as they made over $6,000 worth of Bitcoin in just 2 days.

Comment Re:How does the receiver work? (Score 1) 207

It isn't built into phones (that I know of) ... Do you have the Facebook App installed? Any "Rewards" apps? This is the channel they are using. Any apps that causes the phone to prompt "allow access to microphone" has the potential to do this. I believe that iOS apps can only listen when running in the foreground.

When you are creating a Post on FB - FB is listening for songs and TV/Movies. Think Shazam. If they recognize something they suggest a tag "You are listening to XYZ song" I swear a few years ago that I tried out saying "I really like Ford cars" and my ad feed changed. They claim this can't happen. Maybe I said Ford because they had an ad blitz and was top of mind - and made it to my feed around the same time by coincidence. FB "app is only listening while you’re writing a status."

Still - I don't allow FB access to my microphone. Even Skype is disabled - I enable it only when I use Skype. But Siri & my watch are of concern - I have to trust Apple. And as Mark Zuckerberg has said before : what are you doing that others shouldn't know about?

Comment Re:Lots of sophistication required here (Score 1) 207

Yes - Facebook App for instance listens to the ambient sounds and you'll see the ads in your feed change based upon the words said. I saw this reported on a few years ago and couldn't believe it - so I tried it out myself and was very surprised when it worked. Granted that was a few years ago and I don't know if they still do it (too lazy to try it right now).

Which is why I have disabled audio Input for FB. Actually - it is why I do not allow access to the microphone from any app. Or terminate those apps when I'm not using them. Siri is the only thing that I believe is listening (and I have a watch too). For Apple to be sending back audio beacons would be a huge finding. The currently promise to only be listening under specific scenarios - a key trigger "Hi Siri" and only when plugged into power source.

FB / Google/ Amazon beacons do follow me across devices already. There's a Firefox plugin that shows your beacon propagating across the ad networks and draws a pretty network graph. I know - I've seen Amazon ads show up on my iOS FB feed...for items that I purchased on my laptop. I won't go into the usefulness of ads for already purchased items -- but they are tracking me across devices.

But - the multi-device case seems too brittle to work consistently. I appreciate raising the alarm. Now need time to digest and think about what it "really" means.

Comment Re:Is this even real? (Score 1) 207

and I forgot to mention Tor. Sure wanting to uncover people is interesting. But do advertisers believe there are enough people using Tor to invest and develop this technology - that the target audience is big enough?

Maybe a feedback loop on the same computer. A Tor ad playing and the computer listening to send it back through non-Tor channels. But that also assumes a computer has been compromised with an app that can listen. How many people have installed a Time Sync app? Fake/Hacked Java or Flash does not seem tactics of an advertiser --- maybe one selling fake drugs. But again - sounds more like the goal of a hacker and not an advertiser.

Comment Is this even real? (Score 1) 207

I read a similar article several days ago and came to the same conclusion that you did - this is very sophisticated. Maybe too sophisticated. Which made me wonder whether this is theoretical "in the lab" by researchers or actually out in the wild. As for dogs hearing it? sure - maybe. There are lots of noises. My furnace fan makes a blowing air sound. I don't howl because of it - it's just annoying white noise that I ignore.

Need a Raspberry Pi project to listen for this. Then becomes a keyfob that you carry with you that blinks when these secret US signals are detected.

At the time I wasn't able to find links to the actual work - just blog posts that circularly reported on this subject from each other. The quote "ultrasound cross-device tracking (uXDT), [..]. deployed in modern-day advertising platforms" -- really? like what and who?

The link to c3subtitle.de has vague statements in it too "newly-founded company faced the nemesis of the security community and the regulators (e.g., the Federal Trade Commission)" Really? Who?

The underlying premise that I have a phone near my computer that is listening to a beacon played by Ads seems incredulous. The idea that an ad agency would go to these lengths for such a brittle system is surprising. It would have to work "often" to pay off --- and for what gain that GeoIP doesn't provide today? What is that extra 1% that they are after? Plus in this day of auto-playing videos I have my audio muted (or headphones plugged in) - which I think many others do as well - or at least the volume is low. This again closes the door from an ad viability perspective. I get that advertisers want to link my laptop to phone to tablet together so that they can track Me! But there are other ways to do this already (FB beacons for example) that aren't as brittle.

While I appreciate Raising the Alarm - I doubt that (say) Google Ads is doing this. Sure -- maybe some govt spy agency is using this technique to spy on people (i.e. break through Tor). Yes I believe that. If I was a criminal I'd wrap my head and devices in tinfoil.

I'd like to see more evidence that advertising networks are actually doing this.

Comment Did /. get used for pump & dump? (Score 1) 296

It just occurred to me that /. just got used in a pump & dump scheme. Penny market emails that go out all the time --- "this stock is a big mover"... blah blah.

"hey look BTC is down" Was that supposed to evoke sells or buys - I'll never know. But advertising on /. is now free !!!

Submission + - Chernobyl's new sarcophagus now in place

MrKaos writes: 30 years and seven months since the explosion that set all of this in motion the project known as the 'Shelter Implementation Plan' has been rolled into place sealing the crippled Chernobyl reactor. More than 10,000 people were involved in the project, which includes an advanced ventilation systems and remote controlled robotic cranes to dismantle the existing Soviet-built structure and reactor.

This sarcophagus – or New Safe Confinement (NSC) – is taller than the Statue of Liberty and larger than Wembley stadium.

Submission + - NASA Unveils Two New Missions To Study Truly Strange Asteroids (space.com)

An anonymous reader writes: NASA's next low-cost planetary missions will attempt to unravel the mysteries of some seriously bizarre asteroids. The space agency has selected projects called Lucy and Psyche via its Discovery Program, which funds highly focused space missions to destinations throughout the solar system. The Lucy project will investigate the Trojan asteroids, which share an orbit with Jupiter, while Psyche will journey to the asteroid belt to study a huge, metallic asteroid named 16 Psyche that resides there. Lucy is scheduled to launch in October 2021. If all goes according to plan, the probe will visit an asteroid in the main asteroid belt — located between Mars and Jupiter — in 2025, and then go on to study six Trojan asteroids between 2027 and 2033, NASA officials said. There are two streams of Trojan asteroids. One trails Jupiter, and the other leads the giant planet around the sun. Scientists think both streams may be planetary building blocks that formed far from the sun before being captured into their current orbits by Jupiter's powerful gravity. Psyche will explore one of the oddest objects in the solar system — a 130-mile-wide (210 kilometers) metallic asteroid that may be the core of an ancient, Mars-size planet. Violent collisions billions of years ago might have stripped away the layers of rock that once lay atop this metallic object, scientists say. Psyche is scheduled to launch in October 2023 and arrive at the asteroid in 2030, NASA officials said.

Slashdot Top Deals

Their idea of an offer you can't refuse is an offer... and you'd better not refuse.