Feed aggregator

Flush Times For Hackers in Booming Cyber Security Job Market

/. - 2 hours 54 min ago
The surge in far-flung and destructive cyber attacks is not good for national security, but for an increasing number of hackers and researchers, it is great for job security. From a report: The new reality is on display in Las Vegas this week at the annual Black Hat and Def Con security conferences, which now have a booming side business in recruiting. "Hosting big parties has enabled us to meet more talent in the community, helping fill key positions and also retain great people," said Jen Ellis, a vice president with cybersecurity firm Rapid7 Inc, which filled the hip Hakkasan nightclub on Wednesday at one of the week's most popular parties. Twenty or even 10 years ago, career options for technology tinkerers were mostly limited to security firms, handfuls of jobs inside mainstream companies, and in government agencies. But as tech has taken over the world, the opportunities in the security field have exploded.

Read more of this story at Slashdot.

Intelligence Chairman Accuses Obama Aids of Hundreds of Unmasking Requests

/. - 3 hours 55 min ago
mi writes: When American spies capture our communications with foreigners, the identities of Americans on the other side of the conversation are generally protected -- if not by bona-fide laws, then certainly by rules and regulations. A transcript of the conversation should have their name replaced with labels like "U.S. person 1". The citizen involved can only be "unmasked" with a good reason. In 2011, Obama relaxed these rules, making it much simpler even for officials without any intelligence role to obtain the identities. Predictably, certain top officials of the Obama Administration abused their access to get this information: "The [House Intelligence] committee has learned that one official, whose position had no apparent intelligence related function, made hundreds of unmasking requests during the final year of the Obama administration," [Intelligence Chairman Devin] Nunes wrote. "Of those requests, only one offered a justification that was not boilerplate."

Read more of this story at Slashdot.

SpaceX Is Now One of the World's Most Valuable Privately Held Companies

/. - 6 hours 55 min ago
An anonymous reader quotes a report from The Verge: Elon Musk's aerospace company SpaceX is now valued at $21.2 billion, knocking off WeWork as the fourth most valuable privately held tech company in America. This skyrocket in valuation comes after another round of funding that raised $351 million for the company. According to Equidate, a marketplace for trading private tech company stocks, SpaceX's price per share is now $135, up from $96.42 prior to the new funding round. The latest valuation makes SpaceX one of the top five most valuable private, venture-backed tech companies in the US, joining Uber ($69.8B), Airbnb ($31B), WeWork ($20.8B), and the less consumer-facing analytics company Palantir ($21.3B). (SpaceX previously held the sixth spot before Snap, Inc. went public in March.) All five companies are disruptive forces in their respective industries, and also top the world's most valuable startups alongside Didi Chuxing and Xiaomi, as first pointed out by The New York Times. Last year, SpaceX was valued at $14.6 billion.

Read more of this story at Slashdot.

Solar-Eclipse Glasses On Amazon May Not Meet NASA's Safety Requirements

/. - 9 hours 55 min ago
For those planning to watch the solar eclipse on August 21st, you're going to want to make sure you have some specialized, ultra-dark glasses to see safely, especially if you're not in the "path of totality." If you're on the hunt for said glasses, please be on the lookout to make sure you buy glasses that meet NASA's safety standards. Quartz is reporting that there are many "fly-by-night manufacturers looking to turn a quick profit by selling subpar and potentially dangerous goods to unsuspecting Americans." From the report: The first stop for most seeking a pair of eclipse glasses is likely to be Amazon, where there are literally thousands of listings for the devices, ranging in materials from cardboard to bronze. I, too, went on Amazon to scout out a pair. I picked more or less at random: I chose a cheap pack of 10 cardboard glasses with five different designs, at least two of which were not garishly jingoistic. About a week after I bought them, I had a thought: Maybe I should double-check to make sure they met safety standards set by the scientific community. Next stop: NASA. NASA, of course, has a website dedicated to the 2017 eclipse, and on it, they have a section dedicated to eclipse-viewing safety. The site says that eclipse-viewing glasses must meet a few basic criteria: Have ISO 12312-2 certification (that is, having been certified as passing a particular set of tests set forth by the International Organization of Standardization); Have the manufacturer's name and address printed somewhere on the product; Not be older than three years, or have scratched or wrinkled lenses.

Read more of this story at Slashdot.

Researchers Discover Critical Security Flaws Found In Nuke Plant Radiation Monitors

/. - 27 July 2017 - 11:30pm
wiredmikey writes from a report via Security Week: Researchers have discovered multiple unpatched vulnerabilities in radiation monitoring devices that could be leveraged by attackers to reduce personnel safety, delay detection of radiation leaks, or help international smuggling of radioactive material. Ruben Santamarta, a security consultant at Seattle-based IOActive, at the Black Hat conference on Wednesday, saying that radiation monitors supplied by Ludlum, Mirion and Digi contain multiple vulnerabilities. There are many kinds of radiation monitors used in many different environments. IOActive concentrated its research on portal monitors, used at airports and seaports; and area monitors, used at Nuclear Power Plants (NPPs). However, little effort was required for the portal monitors: "the initial analysis revealed a complete lack of security in these devices, so further testing wasn't necessary to identify significant vulnerabilities," Santamarta explained in his report (PDF). In the Ludlum Model 53 personnel portal, IOActive found a backdoor password, which could be used to bypass authentication and take control of the device, preventing the triggering of proper alarms.

Read more of this story at Slashdot.

Heavier Rainfall Will Increase Water Pollution In the Future

/. - 27 July 2017 - 9:25pm
An anonymous reader shares a report from National Geographic: If climate change continues to progress, increased precipitation could mean detrimental outcomes for water quality in the United States, a major new study warns. An intensifying water cycle can substantially overload waterways with excess nitrogen runoff -- which could near 20 percent by 2100 -- and increase the likelihood of events that severely impair water quality, according to a new study published by Science. When rainfall washes nitrogen and phosphorus from human activities like agriculture and fossil fuel combustion into rivers and lakes, those waterways are overloaded with nutrients, and a phenomenon called "eutrophication" occurs. This can be dangerous for both people and animals. Toxic algal blooms can develop, as well as harmful low-oxygen dead zones known as hypoxia, which can cause negative impacts on human health, aquatic ecosystems, and the economy. In the new study, researchers predict how climate change might increase eutrophication and threats to water resources by using projections from 21 different climate models, each of which was run for three climate scenarios and two different time periods (near future, 2031-2060, and far-future, 2071-2100).

Read more of this story at Slashdot.

YouTube Red and Google Play Music Will Merge To Create a New Service

/. - 27 July 2017 - 8:45pm
YouTube's head of music, Lyor Cohen, confirmed that the company is planning on merging its Google Play Music service with YouTube Red to create a new streaming offering. "The important thing is combining YouTube Red and Google Play Music, and having one offering," Cohen said. The Verge reports: Right now, YouTube's music ecosystem is unnecessarily complicated. There's YouTube Red, which removes ads from videos and lets you save them offline, while also giving you access to Google Play Music for free. Then there's YouTube Music, which anyone can use, but it gets better if you're signed up for YouTube Red. And YouTube TV is also a thing -- an entirely separate thing -- but it's not available everywhere yet. The merger has been rumored within the industry for months, and recently picked up steam after Google combined the teams working on the two streaming services earlier this year. In a statement to The Verge, Google said it will notify users of any changes before they happen. "Music is very important to Google and we're evaluating how to bring together our music offerings to deliver the best possible product for our users, music partners and artists. Nothing will change for users today and we'll provide plenty of notice before any changes are made."

Read more of this story at Slashdot.

US Indicts Suspected Russian 'Mastermind' of $4 Billion Bitcoin Laundering Scheme

/. - 27 July 2017 - 8:05pm
schwit1 shares a report from Reuters: A U.S. jury indicted a Russian man on Wednesday as the operator of a digital currency exchange he allegedly used to launder more than $4 billion for people involved in crimes ranging from computer hacking to drug trafficking. Alexander Vinnik was arrested in a small beachside village in northern Greece on Tuesday, according to local authorities, following an investigation led by the U.S. Justice Department along with several other federal agencies and task forces. U.S. officials described Vinnik in a Justice Department statement as the operator of BTC-e, an exchange used to trade the digital currency bitcoin since 2011. They alleged Vinnik and his firm "received" more than $4 billion in bitcoin and did substantial business in the United States without following appropriate protocols to protect against money laundering and other crimes. U.S. authorities also linked him to the failure of Mt. Gox, a Japan-based bitcoin exchange that collapsed in 2014 after being hacked. Vinnik "obtained" funds from the hack of Mt. Gox and laundered them through BTC-e and Tradehill, another San Francisco-based exchange he owned, they said in the statement.

Read more of this story at Slashdot.

Subscription Journals Are Doomed Because of Sci-Hub's Big Cache of Pirated Papers, Suggests Data Analyst

/. - 27 July 2017 - 7:20pm
An anonymous reader quotes a report from Science Magazine: There is no doubt that Sci-Hub, the infamous -- and, according to a U.S. court, illegal -- online repository of pirated research papers, is enormously popular. But just how enormous is its repository? That is the question biodata scientist Daniel Himmelstein at the University of Pennsylvania and colleagues recently set out to answer, after an assist from Sci-Hub. Their findings, published in a preprint on the PeerJ journal site on July 20, indicate that Sci-Hub can instantly provide access to more than two-thirds of all scholarly articles, an amount that Himmelstein says is "even higher" than he anticipated. For research papers protected by a paywall, the study found Sci-Hub's reach is greater still, with instant access to 85% of all papers published in subscription journals. For some major publishers, such as Elsevier, more than 97% of their catalog of journal articles is being stored on Sci-Hub's servers -- meaning they can be accessed there for free. In a chat with ScienceInsider, Himmelstein concludes that the results of his study could mark "the beginning of the end" for paywalled research.

Read more of this story at Slashdot.

FreeBSD 11.1 Released

/. - 27 July 2017 - 6:40pm
Billly Gates writes: Linux is not the only free open-source operating system. FreeBSD, which is based off of the historical BSD Unix in which TCP/IP was developed on from the University of California at Berkeley, has been updated. It does not include systemd nor PulseAudio and is popular in many web server installations and networking devices. FreeBSD 11.1 is out with improvements in UEFI and Amazon cloud support in addition to updated userland programs. EFI improvements including a new utility efivar(8) to manage UEFI variables, EFI boot from TFTP or NFS, as well as Microsoft Hyper-V UEFI and Secure Boot for generation 2 virtual machines for both Windows Server and Windows 10 Professional hosts. FreeBSD 11.1 also has extended support Amazon Cloud features. A new networking stack for Amazon has been added with the ena(4) driver, which adds support for Amazon EC2 platform. This also adds support for using Amazon EC2 NFS shares and support for the Amazon Elastic Filesystem for NFS. For application updates, FreeBSD 11.1 Clang, LLVM, LLD, LLDB, and libc++ to version 4.0.0. ZFS has been updated too with a new zfsbootcfg with minor performance improvements. Downloads are here which include Sparc, PowerPC, and even custom SD card images for Raspberry Pi, Beagle-bone and other devices.

Read more of this story at Slashdot.

First Human Embryos Edited In US

/. - 27 July 2017 - 6:00pm
randomErr shares a report from MIT Technology Review: The first known attempt at creating genetically modified human embryos in the United States has been carried out by a team of researchers in Portland, Oregon, MIT Technology Review has learned. The effort, led by Shoukhrat Mitalipov of Oregon Health and Science University, involved changing the DNA of a large number of one-cell embryos with the gene-editing technique CRISPR. Until now, American scientists have watched as scientists elsewhere were first to explore the controversial practice. To date, three previous reports of editing human embryos were all published by scientists in China. Now Mitalipov is believed to have broken new ground both in the number of embryos experimented upon and by demonstrating that it is possible to safely and efficiently correct defective genes that cause inherited diseases. In altering the DNA code of human embryos, the objective of scientists is to show that they can eradicate or correct genes that cause inherited disease, like the blood condition beta-thalassemia. The process is termed "germline engineering" because any genetically modified child would then pass the changes on to subsequent generations via their own germ cells -- the egg and sperm. Reached by Skype, Mitalipov declined to comment on the results, which he said are pending publication. But other scientists confirmed the editing of embryos using CRISPR.

Read more of this story at Slashdot.

German Court Rules Bosses Can't Use Keyboard-Tracking Software To Spy On Workers

/. - 27 July 2017 - 5:20pm
An anonymous reader quotes a report from The Local: The Federal Labour Court ruled on Thursday that evidence collected by a company through keystroke-tracking software could not be used to fire an employee, explaining that such surveillance violates workers' personal rights. The complainant had been working as a web developer at a media agency in North Rhine-Westphalia since 2011 when the company sent an email out in April 2015 explaining that employees' complete "internet traffic" and use of the company computer systems would be logged and permanently saved. Company policy forbade private use of the computers. The firm then installed keylogger software on company PCs to monitor keyboard strokes and regularly take screenshots. Less than a month later, the complainant was called in to speak with his boss about what the company had discovered through the spying software. Based on their findings, they accused him of working for another company while at work, and of developing a computer game for them. [...] So the programmer took his case to court, arguing that the evidence used against him had been collected illegally. The Federal Labour Court agreed with this argument, stating in the ruling that the keylogger software was an unlawful way to control employees. The judges added that using such software could be legitimate if there was a concrete suspicion beforehand of a criminal offense or serious breach of work duties.

Read more of this story at Slashdot.

Where's All My CPU and Memory Gone? The Answer: $5B Worth Slack App

/. - 27 July 2017 - 4:49pm
Slack, valued at $5 billion, has received buyout pitches from several companies including Amazon and Microsoft. But the team collaborations service, which has over 5 million active users, continues to offer one of the most resource intensive apps you could find on Mac and iOS. From an article: TLDR; If you care about battery life or availability of your finite CPU and memory on your computer, then you probably won't want to use Slack desktop with more than one or two accounts. Slack resource usage increases linearly as you add more accounts, and it quickly adds up. [...] I noticed that my machine has been sluggish and its battery life has become poor. Whilst investigating this, it turns out that Slack desktop fails badly when used with multiple accounts. This is because CPU and memory usage increases linearly as you add more accounts to your Slack desktop client. As a result, I believe the growing trend to use Slack to be part of multiple communities is seriously flawed until Slack resolve this problem. The author, Matthew O'Riordan, has shared screenshots of Activity Monitor which shows that Slack application on his Mac was consuming more than 1.5GB of memory, and as much as 70 percent of the energy. The company's iOS app instills several more issues.

Read more of this story at Slashdot.

Why Your Call Center is Only Getting Noisier

/. - 27 July 2017 - 4:05pm
From a report by research firm McKinsey & Company: Organizations have been investing in all manner of customer-facing technology solutions to replace live calls. Of all operational call-center technologies, digital solutions were ranked as one of the most important over the next five years by four out of five executives. Only agent desktop tools ranked higher. These technologies begin with websites, chat bots, and apps and extend to artificial-intelligence robots that simulate human conversations -- redefining the way organizations interact with customers -- as well as more tried-and-tested functionalities such as improved web, app, or self-service capabilities in interactive voice-response (IVR) systems. And yet, despite this plethora of technology solutions, we see that calls are not going away and instead are catching call-center executives off guard in their efforts to reduce volumes. It's not that a spike in call volumes is necessarily a bad thing. On the contrary, the proliferation of digital tools can awaken previously dormant customers, sparking new inquiries from an engaged customer base. But in many instances, we've also observed that the volumes of unwanted calls exceed what would be expected during a learning period, or remain constant or rise over time, defeating strategic goals and leaving managers bewildered and unable to tie tech investments to improved operational outcomes. Why are so many organizations struggling with reaping the full benefits from these investments? In our experience, the answer often lies in two core areas. First, as companies turn to technology to address call-center volumes, they allow customer experience to take a back seat to digital technology in their operations, creating dissonance in direct customer interaction, where the objective is harmony and efficiency. Second, by counting on technology to solve their call-center issues, executives lose focus on core operations and upset the balance between human interaction and automation in an era of evolved customer service.

Read more of this story at Slashdot.

Twitter Added Zero New Users Last Quarter Despite Trump Tweets

/. - 27 July 2017 - 3:25pm
Twitter did not add any new users in Q2, a disappointing follow-up to what had been a promising start to 2017. Twitter reported earnings Thursday morning, claiming 328 million total users -- the same number it reported after Q1. Analysts had been hoping the company would add around four million new users last quarter. From a report: Despite its appeal among celebrities and public figures, Twitter has struggled to sustain its closely watched user growth even as it invests in features and live content to help draw viewers and boost user engagement. It is in stiff competition for advertising dollars with other platforms like larger rival Facebook and Snap's messaging app Snapchat. The company also reported a wider quarterly net loss and lower revenue, and said it did not expect its total revenue growth to pick up in the second half of the year. [...] President Donald Trump, one of the most active politicians on Twitter, has tweeted multiple times a day on average since his inauguration in January, according to social media analytics company Zoomph.

Read more of this story at Slashdot.

AMD Launches Ryzen 3 Series Low Cost Processors Starting At $109

/. - 27 July 2017 - 2:45pm
Reader MojoKid writes: AMD is launching a new series of Ryzen processors today, the affordably priced Ryzen 3. Ryzen 3 will complement the previously launched Ryzen 7 and Ryzen 5 series of desktop processors, but will target entry-level price points. Ryzen 3 features the same die as its higher-end Ryzen 7 and 5 siblings, but has fewer active cores and symmetrical multi-threading (SMT) has been disabled. Ryzen 3 processors feature quad-core configurations, leverage the same socket and chip packaging and are also fully unlocked for easy overclocking. The Ryzen 3 1300X has a base clock of 3.5GHz, with a 3.6GHz all-core boost clock, a 3.7GHz two-core boost, and a max XFR boost clock of 3.9GHz. The Ryzen 3 1200's default clocks are decidedly lower. Its base and all-boost clocks are both only 3.1GHz, and its two-core boost tops out at 3.4GHz. XFR pushes its max single-core clock up to 3.45GHz. In the benchmarks, with multi-threaded workloads, the Ryzen 3's quad-core configuration generally gives it an edge over the dual-core / quad-thread Intel Core i3 and in some cases allows it to compete with more expensive Intel Core i5 chips. With single or lightly threaded workloads, however, Kaby Lake-based Core i3s are likely to pull ahead due to their increased IPC and typically higher clocks. Ryzen 3 1300X will retail for $129, while Ryzen 3 1200 will list for $109. Retail chips should be available today in the channel.

Read more of this story at Slashdot.

'Apple's Refusal To Support Progressive Web Apps is a Detriment To Future of the Web'

/. - 27 July 2017 - 2:06pm
From a blog post: Progressive Web Applications (PWAs) are one of the most exciting and innovative things happening in web development right now. PWAs enable you to use JavaScript to create a "Service Worker", which gives you all sorts of great features that you'd normally associate with native apps, like push notifications, offline support, and app loading screens -- but on the web! Awesome. Except for is one major problem -- While Google has embraced the technology and added support for it in Chrome for Android, Apple has abstained from adding support to mobile Safari. All they've done is say that it is "Under Consideration." Seemingly no discussion about it whatsoever.

Read more of this story at Slashdot.

Samsung Said To Open Its Pay Service, Could Make It Available On Rival Companies' Smartphones

/. - 27 July 2017 - 1:25pm
Samsung Pay, the second most OEM-Pay mobile payments service (only second to Apple Pay), may be available on smartphones from other manufacturers, according to a report. From an article: Samsung is in talks with other device makers about bringing Samsung Pay to non-Samsung high-end devices, according to a report from Gadgets 360. Samsung is reportedly aiming to offer Samsung Pay support for these non-Samsung devices by mid-2018. As for how it'll happen, Samsung is said to be considering two options. Samsung Pay relies on MST chips in order to offer contactless payments with non-NFC terminals, and so Samsung is said to be talking with other smartphone makers about adding MST tech to their devices. Another option that Samsung is thinking about is an external accessory like the LoopPay Card Case. This would enable Samsung Pay on supported devices without requiring the phones' manufacturers to add MST tech into their phones. Magnetic Secure Transmission technology is patented to LoopPay, which Samsung acquired two years ago. The feature, which mimics a card swipe, enables Samsung Pay to work on any card swiping machine, an advantage it has over Android Pay and Apple Pay.

Read more of this story at Slashdot.

Apple Discontinues iPod Nano and iPod Shuffle

/. - 27 July 2017 - 12:45pm
From a report: Apple today removed the iPod nano and iPod shuffle from its website and online store around the world, suggesting the iconic portable media players may be discontinued. Apple continues to sell the iPod touch. Beyond new colors and storage capacities, Apple had last updated the iPod nano in October 2012 and the iPod shuffle in September 2010. Apple last updated the iPod touch in July 2015 with an 8-megapixel rear camera. Apple introduced the iPod shuffle in January 2005, followed by the iPod nano in September 2005. In total, there were seven generations of the iPod nano, and four generations of the iPod shuffle. The company has confirmed that it has discontinued the devices.

Read more of this story at Slashdot.

More Than One Billion People Use Facebook's WhatsApp Service Every Day

/. - 27 July 2017 - 12:05pm
Facebook has announced that more than one billion people use its instant messages and voice calling app WhatsApp every day. To put that in perspective, there are 7.5 billion people on this planet. And Facebook, whose marquee service itself is used by more than two billion people every month, says that 13.3 percent of the world's population is using Whatsapp every day.

Read more of this story at Slashdot.

Pages