Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Comment FB is not entertainment (Score 3, Interesting) 29

It has long been proposed that TV and "social" could merge. There have been experiments with Twitter and TV shows (tune into the Show & Twitter and the director and main actors will be responding to tweets). Attempts to bring the viewers together and make the show more engrossing. Could FB be trying to merge the two on a single platform?

For awhile now I've just been speed scrolling through my feed - lots and lots of posts and nothing to watch (sounds like cable TV right?!) I figured I just wasn't the social type and peeked to stay in the know.

But I noticed my wife doing the same thing last night and putting her iPad down to read a book.

Maybe FB "see's" this and is concerned. Gotta keep eyeballs on the stream to feed the ad engine. The more I think about it - FB offers very little. A fun way to keep in touch with friends and family...yes. However I'm either tinkering with something, playing with the children, watching Netflix, or reading a book. Or doing Work!! Work!! Sorry boss just walked by.

Submission + - Number of Hijacked MongoDB Servers Doubles After Kraken Gang Gets Involved (bleepingcomputer.com)

An anonymous reader writes: The number of hijacked MongoDB servers held for ransom has skyrocketed in the past two days from 10,500 to over 28,200, thanks in large part to the involvement of a professional ransomware group known as Kraken, previously known for developing a poorly-coded Windows ransomware.

Ever since this group got involved, the number of hacked and ransomed MongoDB servers went from 10,000 to 28,000, with the Kraken group accounting for 56% of all hijacked servers. The group's efforts seem to be worth it, as they made over $6,000 worth of Bitcoin in just 2 days.

Comment Re:How does the receiver work? (Score 1) 207

It isn't built into phones (that I know of) ... Do you have the Facebook App installed? Any "Rewards" apps? This is the channel they are using. Any apps that causes the phone to prompt "allow access to microphone" has the potential to do this. I believe that iOS apps can only listen when running in the foreground.

When you are creating a Post on FB - FB is listening for songs and TV/Movies. Think Shazam. If they recognize something they suggest a tag "You are listening to XYZ song" I swear a few years ago that I tried out saying "I really like Ford cars" and my ad feed changed. They claim this can't happen. Maybe I said Ford because they had an ad blitz and was top of mind - and made it to my feed around the same time by coincidence. FB "app is only listening while you’re writing a status."

Still - I don't allow FB access to my microphone. Even Skype is disabled - I enable it only when I use Skype. But Siri & my watch are of concern - I have to trust Apple. And as Mark Zuckerberg has said before : what are you doing that others shouldn't know about?

Comment Re:Lots of sophistication required here (Score 1) 207

Yes - Facebook App for instance listens to the ambient sounds and you'll see the ads in your feed change based upon the words said. I saw this reported on a few years ago and couldn't believe it - so I tried it out myself and was very surprised when it worked. Granted that was a few years ago and I don't know if they still do it (too lazy to try it right now).

Which is why I have disabled audio Input for FB. Actually - it is why I do not allow access to the microphone from any app. Or terminate those apps when I'm not using them. Siri is the only thing that I believe is listening (and I have a watch too). For Apple to be sending back audio beacons would be a huge finding. The currently promise to only be listening under specific scenarios - a key trigger "Hi Siri" and only when plugged into power source.

FB / Google/ Amazon beacons do follow me across devices already. There's a Firefox plugin that shows your beacon propagating across the ad networks and draws a pretty network graph. I know - I've seen Amazon ads show up on my iOS FB feed...for items that I purchased on my laptop. I won't go into the usefulness of ads for already purchased items -- but they are tracking me across devices.

But - the multi-device case seems too brittle to work consistently. I appreciate raising the alarm. Now need time to digest and think about what it "really" means.

Comment Re:Is this even real? (Score 1) 207

and I forgot to mention Tor. Sure wanting to uncover people is interesting. But do advertisers believe there are enough people using Tor to invest and develop this technology - that the target audience is big enough?

Maybe a feedback loop on the same computer. A Tor ad playing and the computer listening to send it back through non-Tor channels. But that also assumes a computer has been compromised with an app that can listen. How many people have installed a Time Sync app? Fake/Hacked Java or Flash does not seem tactics of an advertiser --- maybe one selling fake drugs. But again - sounds more like the goal of a hacker and not an advertiser.

Comment Is this even real? (Score 1) 207

I read a similar article several days ago and came to the same conclusion that you did - this is very sophisticated. Maybe too sophisticated. Which made me wonder whether this is theoretical "in the lab" by researchers or actually out in the wild. As for dogs hearing it? sure - maybe. There are lots of noises. My furnace fan makes a blowing air sound. I don't howl because of it - it's just annoying white noise that I ignore.

Need a Raspberry Pi project to listen for this. Then becomes a keyfob that you carry with you that blinks when these secret US signals are detected.

At the time I wasn't able to find links to the actual work - just blog posts that circularly reported on this subject from each other. The quote "ultrasound cross-device tracking (uXDT), [..]. deployed in modern-day advertising platforms" -- really? like what and who?

The link to c3subtitle.de has vague statements in it too "newly-founded company faced the nemesis of the security community and the regulators (e.g., the Federal Trade Commission)" Really? Who?

The underlying premise that I have a phone near my computer that is listening to a beacon played by Ads seems incredulous. The idea that an ad agency would go to these lengths for such a brittle system is surprising. It would have to work "often" to pay off --- and for what gain that GeoIP doesn't provide today? What is that extra 1% that they are after? Plus in this day of auto-playing videos I have my audio muted (or headphones plugged in) - which I think many others do as well - or at least the volume is low. This again closes the door from an ad viability perspective. I get that advertisers want to link my laptop to phone to tablet together so that they can track Me! But there are other ways to do this already (FB beacons for example) that aren't as brittle.

While I appreciate Raising the Alarm - I doubt that (say) Google Ads is doing this. Sure -- maybe some govt spy agency is using this technique to spy on people (i.e. break through Tor). Yes I believe that. If I was a criminal I'd wrap my head and devices in tinfoil.

I'd like to see more evidence that advertising networks are actually doing this.

Comment Did /. get used for pump & dump? (Score 1) 296

It just occurred to me that /. just got used in a pump & dump scheme. Penny market emails that go out all the time --- "this stock is a big mover"... blah blah.

"hey look BTC is down" Was that supposed to evoke sells or buys - I'll never know. But advertising on /. is now free !!!

Submission + - Chernobyl's new sarcophagus now in place

MrKaos writes: 30 years and seven months since the explosion that set all of this in motion the project known as the 'Shelter Implementation Plan' has been rolled into place sealing the crippled Chernobyl reactor. More than 10,000 people were involved in the project, which includes an advanced ventilation systems and remote controlled robotic cranes to dismantle the existing Soviet-built structure and reactor.

This sarcophagus – or New Safe Confinement (NSC) – is taller than the Statue of Liberty and larger than Wembley stadium.

Submission + - NASA Unveils Two New Missions To Study Truly Strange Asteroids (space.com)

An anonymous reader writes: NASA's next low-cost planetary missions will attempt to unravel the mysteries of some seriously bizarre asteroids. The space agency has selected projects called Lucy and Psyche via its Discovery Program, which funds highly focused space missions to destinations throughout the solar system. The Lucy project will investigate the Trojan asteroids, which share an orbit with Jupiter, while Psyche will journey to the asteroid belt to study a huge, metallic asteroid named 16 Psyche that resides there. Lucy is scheduled to launch in October 2021. If all goes according to plan, the probe will visit an asteroid in the main asteroid belt — located between Mars and Jupiter — in 2025, and then go on to study six Trojan asteroids between 2027 and 2033, NASA officials said. There are two streams of Trojan asteroids. One trails Jupiter, and the other leads the giant planet around the sun. Scientists think both streams may be planetary building blocks that formed far from the sun before being captured into their current orbits by Jupiter's powerful gravity. Psyche will explore one of the oddest objects in the solar system — a 130-mile-wide (210 kilometers) metallic asteroid that may be the core of an ancient, Mars-size planet. Violent collisions billions of years ago might have stripped away the layers of rock that once lay atop this metallic object, scientists say. Psyche is scheduled to launch in October 2023 and arrive at the asteroid in 2030, NASA officials said.

Submission + - New analysis shows Lamar Smith's accusations on climate data are wrong (arstechnica.com)

Layzej writes: In 2015 NOAA released version 4 of their marine temperature dataset called ERSST. The new dataset accounted for a known cooling bias introduced when ocean temperature measurements transitioned from being taken in ship engine intake valves to buoy-based measurements. The warming of the last couple decades increased ever so slightly in NOAA's new analysis. This was a red flag for US House Science Committee Chair Lamar Smith (R-TX), who rejects the conclusions of climate science—like the fact that the Earth’s climate is warming. Suddenly he wanted to see the researchers’ e-mails and echoed the accusations of contrarian blogs about scientists’ supposedly nefarious adjustments to sea surface temperature measurements.

Rather than invoking scientific conspiracies, issues like this should be settled by analyzing the data. A new study, led by University of California Berkeley’s Zeke Hausfather, does just that—and Rep. Smith won’t like these results, either. To test the NOAA dataset, Zeke's team created instrumentally homogeneous temperature records from sensors available only over the last couple decades.. As it happens, the Argo float data, the buoy data, and the satellite data each hew closer to the updated dataset that NOAA used. The older version (3b) gives a global average that is too cool in recent years, growing to an offset of about 0.06 degrees Celsius. The researchers repeat this same analysis for two more major sea surface datasets that are used by the UK Met Office and the Japanese Meteorological Agency for their global temperature records. Both of those datasets also drift cooler than the comparison data, but less so than NOAA’s old dataset.

Comment Pull a Tonya Harding on them (Score 1) 3

... I mean... when nobody is looking. Reverse bullying works too - you know --- fire with fire. You just need to be more covert about it - you can always talk to the bosses boss and use mildly overt statements to paint the right picture - remember nobody likes a tattletale. So paint it as "we're doing this really great stuff - like hiding resources in the closet. It'll save the company money - my Boss has the best ideas!" If it is a "same level" colleague - sometimes meeting them "out back" is the right thing too. Not physical violence mind you - just a in their face veiled threat.

Or if you want to stay away from that - then take their comments as "thank you for your input, I'll take it under advisement." But make sure your voice has a firm but mild mocking tone to it. No eye rolling (wait for later if you need to amp it up). Just a gentle mocking tone. Sit back - lock your fingers behind your head - "ho hum" manner. "yeah okay I see what you mean" Willful disrespect. Of course this doesn't work against your boss because they can write you up. Normally I work with the system and let it play out - usually it is a pissing contest marking territory and will resolve itself. But if not then sometimes it needs help boiling faster. Always go to a Peer on the other leg of the company tree and see if they will bark up the (tree) chain for you.

If the boss really is the source of the problem then I recommend getting to know the bosses boss (or a peer of your boss) and have a fun "non-business" relationship with them. Talk sports etc. Then you'll have the opportunity to talk shop later. As was said elsewhere - management always knows what's going on it just takes a while for it to sort itself out.

So while some of this is humorous and would get you fired - it is intended to show a framework to resolve the problem.

Submission + - Ultrasound Tracking Could Be Used to Deanonymize Tor Users (bleepingcomputer.com)

An anonymous reader writes: Ultrasounds emitted by ads or JavaScript code hidden on a page accessed through the Tor Browser can deanonymize Tor users by making nearby phones or computers send identity beacons back to advertisers, data which contains sensitive information that state-sponsored actors can easily obtain via a subpoena.

The attack relies on the practice of ultrasound cross-device tracking (uXDT) that allows advertisers to link users to different devices by using inaudible ultrasounds secretly emitted via their ads. Nearby devices pick up these sounds and ping the advertisers' server with details about the user's devices. In tests, the research team has intercepted some of the traffic these ultrasound beacons trigger on behalf of the phone, traffic which contains details such as the user's real IP address, geo-location coordinates, telephone number, Android ID, IMEI code, and device MAC address.

Comment Re:Patent != Possible (Score 1) 455

Just because somebody patents something doesn't mean it is technically practical to create said device.

It may rely on technology that may not be practical (giant flying seeing-eye to monitor driver) or even exist. Unless they can show that it was possible/practical to implement, I don't see this suit going anywhere. Even then - this is a thin claim.

Slashdot Top Deals

The disks are getting full; purge a file today.

Working...