Slashdot

Syndicate content Slashdot
News for nerds, stuff that matters
Updated: 19 hours 31 min ago

North Korean Hackers Stole U.S.-South Korean Military Plans, Lawmaker Says

Tue, 10/10/2017 - 12:50
North Korean hackers stole a vast cache of data, including classified wartime contingency plans jointly drawn by the United States and South Korea, when they breached the computer network of the South Korean military last year, a South Korean lawmaker said Tuesday (alternative source). From a report: One of the plans included the South Korean military's plan to remove the North Korean leader, Kim Jong-un, referred to as a "decapitation" plan, should war break out on the Korean Peninsula, the lawmaker, Rhee Cheol-hee, told reporters. Mr. Rhee, a member of the governing Democratic Party who serves on the defense committee of the National Assembly, said he only recently learned of the scale of the North Korean hacking attack, which was first discovered in September last year. It was not known whether any of the military's top secrets were leaked, although Mr. Rhee said that nearly 300 lower-classification confidential documents were stolen. The military has not yet identified nearly 80 percent of the 235 gigabytes of leaked data, he said.

Read more of this story at Slashdot.

It's Illegal to Pirate Films in Iran, Unless You're the Government

Tue, 10/10/2017 - 12:10
An anonymous reader shares a report: While legal "pirating" exists in Iran, six administrators of the Iranian pirate movie site TinyMoviez have been arrested by Iranian authorities. This was a website the Iranian national broadcaster had used to download and nationally air movies in the past. The exact date of the arrests are unknown, but Tehran's Prosecutor General announced the arrests on September 26, 2017. The website is still online, but users haven't been able to download content from it since September 19, 2017. Now TinyMoviez administrators are finding themselves on the wrong side of Iran's odd and often pirating friendly copyright laws. Iran's copyright law is a quagmire when it comes to understanding what rights exists for creators of an original piece of work, and what rights exist for those wanting to re-distribute original works, such as movies. Meanwhile, Article 8 gives the government broad powers to reproduce work that is not its own. This means that the government is exempt from Article 23, which criminalizes the theft of another's work.

Read more of this story at Slashdot.

'Sooty Birds' Reveal Hidden US Air Pollution

Tue, 10/10/2017 - 11:30
Soot trapped in the feathers of songbirds over the past 100 years is causing scientists to revise their records of air pollution. From a report: US researchers measured the black carbon found on 1,300 larks, woodpeckers and sparrows over the past century. They've produced the most complete picture to date of historic air quality over industrial parts of the US. The study also boosts our understanding of historic climate change. [...] This new study takes an unusual approach to working out the scale of soot coming from this part of the US over the last 100 years. The scientists trawled through natural history collections in museums in the region and measured evidence of black carbon, trapped in the feathers and wings of songbirds as they flew through the smoky air. The researchers were able to accurately estimate the amount of soot on each bird by photographing them and measuring the amount of light reflected off them. "We went into natural history collections and saw that birds from 100 years ago that were soiled, they were covered in soot," co-author Shane DuBay, from the Field Museum and the University of Chicago, told BBC News. "We saw that birds from the present were cleaner and we knew that at some point through time the birds cleaned up -- when we did our first pass of analysis using reflectance we were like wow, we have some incredible precision." Their analysis of over 1,000 birds shows that black carbon levels peaked in the first decade of the 1900s and that the air at the turn of the century was worse than previously thought.

Read more of this story at Slashdot.

T-Mobile Website Allowed Hackers to Access Your Account Data With Just Your Phone Number

Tue, 10/10/2017 - 10:50
Lorenzo Franceschi-Bicchierai, reporting for Motherboard: Until last week, a bug on a T-Mobile website let hackers access personal data such as email address, a customer's T-Mobile account number, and the phone's IMSI, a standardized unique number that identifies subscribers. On Friday, a day after Motherboard asked T-Mobile about the issue, the company fixed the bug. The flaw, which was discovered by security researcher Karan Saini, allowed malicious hackers who knew -- or guessed -- your phone number to obtain data that could've been used for social engineering attacks, or perhaps even to hijack victim's numbers. "T-Mobile has 76 million customers, and an attacker could have run a script to scrape the data (email, name, billing account number, IMSI number, other numbers under the same account which are usually family members) from all 76 million of these customers to create a searchable database with accurate and up-to-date information of all users," Saini, who is the founder of startup Secure7, told Motherboard in an online chat. "That would effectively be classified as a very critical data breach, making every T-Mobile cell phone owner a victim," he added.

Read more of this story at Slashdot.

Virtual Zuck Fails To Connect

Tue, 10/10/2017 - 10:10
Rory Cellan-Jones, writing for BBC: It must have seemed like a good idea. As a taster for a big announcement about Oculus VR on Wednesday, send Mark Zuckerberg on a little virtual reality trip, including a stop in Puerto Rico. But the reviews are in -- and they are not good. The sight of Mr Zuckerberg using VR to survey the devastation of an island still struggling to recover from Hurricane Maria may have been meant to convey Facebook's empathy with the victims. The fact that he was there in the form of a cartoon seemed to many the perfect visual metaphor for the gulf in understanding between Silicon Valley and the real world. Sure, he was talking about all the activities which his company had initiated to help the island, from helping people tell their families they were ok using Safety Check to sending Facebook employees to help restore connectivity. But cartoon Zuck showing us a 360 degree view of a flooded street before zipping back to a virtual California just seemed a little, well, crass. Is Facebook really concerned about the plight of Puerto Rico, or is it merely a handy backdrop to promote Oculus, whose sales have so far proved disappointing?

Read more of this story at Slashdot.

Microsoft May Have Price Increases in Store For Windows 10 Pro Workstation, Win 10 Downgrade Customers

Tue, 10/10/2017 - 09:30
Mary Jo Foley, reporting for ZDNet: Microsoft soon will be adding a new edition of Windows 10 to its lineup. That edition, Windows 10 Pro for Workstations, may include more than just a new name and feature set. It also may come with a change to the way Microsoft licenses and prices Windows 10 for its PC maker partners -- who potentially could pass on these changes to end-user customers. I've heard from a couple of customers recently who've been contacted by different OEMs about the coming changes. One said that Microsoft will begin licensing the Windows 10 Desktop operating system by processor family, and all PCs sold with Intel Xeon workstation processors will be affected by this change. One customer said he was told there could be a price increase of roughly $70 per operating system for use on systems with processors with four or fewer cores. For machines with Xeon processors with more than four cores, there could be a price increase of roughly $230 per operating system, I was told. Windows 10 Pro for Workstations is going to be available around the time Windows 10 Fall Creators Update starts rolling out, which is October 17.

Read more of this story at Slashdot.

Nvidia Introduces a Computer For Level 5 Autonomous Cars

Tue, 10/10/2017 - 08:50
From a report: At the center of many of the semi-autonomous cars currently on the road is NVIDIA hardware. Once automakers realized that GPUs could power their latest features, the chipmaker, best known for the graphics cards that make your games look outstanding, became the darling of the car world. But while automakers are still dropping level 2 and sometimes level 3 vehicles into the market, NVIDIA's first AI computer, the NVIDIA Drive PX Pegasus, is apparently capable of level 5 autonomy. That means no pedals, no steering wheel, no need for anyone to ever take control. The new computer delivers 320 trillion operations per second, 10 times more than its predecessor. Before you start squirreling away cash for your own self-driving car, though, NVIDIA's senior director of automotive, Danny Shapiro, notes that it's likely going to be robotaxis that drive us around. In fact, the company said that over 25 of its partners are already working on fully autonomous taxis. The goal with this smaller, more powerful computer is to remove the huge computer arrays that sit in the prototype vehicles of OEMs, startups and any other company that's trying to crack the autonomous car nut.

Read more of this story at Slashdot.

Why Is 'Blade Runner' the Title of 'Blade Runner'?

Tue, 10/10/2017 - 08:00
Why is Blade Runner called Blade Runner? Though the viewer is told in the opening text of Ridley Scott's 1982 original that "special Blade Runner units" hunt renegade replicants -- and though the term "Blade Runner" is applied to Harrison Ford's Rick Deckard a few times in the film -- we're never given an explanation of where the proper noun comes from. The novel upon which Blade Runner was based, Philip K. Dick's Do Androids Dream of Electric Sheep?, offers no clues either.

Read more of this story at Slashdot.

Google Paid $7.2 Billion Last Year To Partners, Including Apple, To Prominently Showcase Its Search Engine and Apps on Smartphones

Tue, 10/10/2017 - 07:24
A reader shares a Bloomberg report: There's a $19 billion black box inside Google. That's the yearly amount Google pays to companies that help generate its advertising sales, from the websites lined with Google-served ads to Apple and others that plant Google's search box or apps in prominent spots. Investors are obsessed with this money, called traffic acquisition costs, and they're particularly worried about the growing slice of those payments going to Apple and Google's Android allies. That chunk of fees now amounts to 11 percent of revenue for Google's internet properties. The figure was 7 percent in 2012. These Google traffic fees are the result of contractual arrangements parent company Alphabet makes to ensure its dominance. The company pays Apple to make Google the built-in option for web searches on Apple's Safari browsers for Mac computers, iPhones and other places. Google also pays companies that make Android smartphones and the phone companies that sell those phones to make sure its search box is front and center and to ensure its apps such as YouTube and Chrome are included in smartphones. In the last year, Google has paid these partners $7.2 billion, more than three times the comparable cost in 2012.

Read more of this story at Slashdot.

Russian Central Bank To Ban Websites Offering Crypto-currencies

Tue, 10/10/2017 - 06:44
An anonymous reader shares a report: Russia will block access to websites of exchanges that offer crypto-currencies such as Bitcoin, Russian Central Bank First Deputy Governor Sergei Shvetsov said on Tuesday. He called them "dubious." Russian financial authorities initially treated any sort of money issued by non-state approved institutions as illegal, saying they could be used to launder money. Later the authorities accepted the globally booming market of crypto-currencies but want to either control the turnover or to limit access to the market "We cannot stand apart. We cannot give direct and easy access to such dubious instruments for retail (investors)," Shvetsov said, referring to households.

Read more of this story at Slashdot.

Security Researcher Finds a Fundamental Flaw in iOS

Tue, 10/10/2017 - 06:04
Felix Krause writes: Do you want a user's Apple ID password to get access to their Apple account or to try the same email/password combination on different web services? Just ask your users politely, they'll probably just hand over their credentials, as they're trained to do so. This is just a proof of concept, phishing attacks are illegal! Don't use this in any of your apps. The goal of this blog post is to close the loophole that has been there for many years, and hasn't been addressed yet. For moral reasons, I decided not to include the actual source code of the popup, however it was shockingly easy to replicate the system dialog.

Read more of this story at Slashdot.

'Staying Longer At Home' Was Key To Stone Age Technology Change 60,000 Years Ago

Tue, 10/10/2017 - 05:00
A new study by scientists at the University of the Witwatersrand suggests that at about 58,000 years ago, Stone Age humans began to settle down, staying in one area for longer periods. The research also provides a potential answer to a long-held mystery: why older, Howiesons Poort complex technological tradition in South Africa, suddenly disappear at that time. Phys.Org reports: The Howiesons Poort at Sibudu contains many finely-worked, crescent-shaped stone tools fashioned from long, thin blades made on dolerite, hornfels and, to a lesser extent, quartz. These "segments," as they are called, were hafted to shafts or handles at a variety of angles using compound adhesives that sometimes included red ochre (an iron oxide). A diverse bone tool kit in the Howiesons Poort includes what may be the world's oldest bone arrowhead. Certainly a variety of hunting techniques was used perhaps including the first use of snares for the capture of small creatures. The animal remains brought to Sibudu reflect this diversity for there are bones from large plains game like zebra, tiny blue duiker, and even pigeons and small carnivores. Soft, clayey ochre pieces were collected in the Howiesons Poort perhaps at a considerable distance From Sibudu. Clayey ochre is useful for applying as paint. The beautiful Howiesons Poort industry with its long, thin blades is replaced at 58,000 years ago by a simple technology that could be rapidly produced. Coarse rocks like quartzite and sandstone became popular. These could be collected close to Sibudu. Post-Howiesons Poort tools were part of an unstandardized toolkit with triangular or irregularly-shaped flakes. Tiny scaled pieces were also produced using a bipolar technique (in the simplest terms this involves smashing a small piece of rock with a hammerstone). The study has been published in the journal PlosOne.

Read more of this story at Slashdot.

PSA: Microsoft Is Using Cortana To Read Your Private Skype Conversations

Tue, 10/10/2017 - 02:00
BrianFagioli shares a report from BetaNews: With Cortana's in-context assistance, it's easier to keep your conversations going by having Cortana suggest useful information based on your chat, like restaurant options or movie reviews. And if you're in a time crunch? Cortana also suggests smart replies, allowing you to respond to any message quickly and easily -- without typing a thing," says The Skype Team. The team further says, "Cortana can also help you organize your day -- no need to leave your conversations. Cortana can detect when you're talking about scheduling events or things you have to do and will recommend setting up a reminder, which you will receive on all your devices that have Cortana enabled. So, whether you're talking about weekend plans or an important work appointment, nothing will slip through the cracks." So, here's the deal, folks. In order for this magical "in-context" technology to work, Cortana is constantly reading your private conversations. If you use Skype on mobile to discuss private matters with your friends or family, Cortana is constantly analyzing what you type. Talking about secret business plans with a colleague? Yup, Microsoft's assistant is reading those too. Don't misunderstand -- I am not saying Microsoft has malicious intent by adding Cortana to Skype; the company could have good intentions. With that said, there is the potential for abuse. Microsoft could use Cortana's analysis to spy on you for things like advertising or worse, and that stinks. Is it really worth the risk to have smart replies and suggested calendar entries? I don't know about you, but I'd rather not have my Skype conversations read by Microsoft.

Read more of this story at Slashdot.

Tokyo Preparing For Floods 'Beyond Anything We've Seen'

Mon, 10/09/2017 - 23:00
In the face of an era of extreme weather brought on by climate change, global cities are working to improve their defenses. The New York Times reports (Warning: may be paywalled; alternative source) of Tokyo's $2 billion underground anti-flood system that consists of tunnels that divert water away from the region's most vulnerable floodplains. The city is "preparing for flooding beyond anything we've seen," says Kuniharu Abe, head of the underground site. From the report: But even in Tokyo, the onset of more frequent and intense storms has forced officials to question whether the region's protections are strong enough, a concern that has become more urgent as the city prepares to host the 2020 Olympic Games. Across Japan, rainfall measuring more than 2 inches an hour has increased 30 percent over the past three decades, the Japan Meteorological Agency estimates. The frequency of rainfall of more than 3 inches an hour has jumped 70 percent. The agency attributes the increase of these intense rains to global warming, heralding a new era in a country that is among the world's wettest, with a language that has dozens of words for rain. [...] Experts have also questioned the wisdom of erecting more concrete defenses in a country that has dammed most of its major river systems and fortified entire shorelines with breakwaters and concrete blocks. Some of these protections, they say, only encourage development in regions that could still be vulnerable to future flooding. In eastern Saitama, where the Kasukabe facility has done the most to reduce floods, local industry has flourished; the region has successfully attracted several large e-commerce distribution centers and a new shopping mall. Still, the Kasukabe operation remains a critical part of Tokyo's defenses, say officials at Japan's Land Ministry, which runs the site. Five vertical, underground cisterns, almost 250 feet deep, take in stormwater from four rivers north of Tokyo. A series of tunnels connect the cisterns to a vast tank, larger than a soccer field, with ceilings held up by 60-foot pillars that give the space a temple-like feel. From that tank, industrial pumps discharge the floodwater at a controlled pace into the Edo river, a larger river system that flushes the water into Tokyo Bay.

Read more of this story at Slashdot.

Equifax Made Salary, Work History Available To Anyone With Your SSN and DOB

Mon, 10/09/2017 - 19:30
An anonymous reader quotes a report from KrebsOnSecurity: In May, KrebsOnSecurity broke a story about lax security at a payroll division of big-three credit bureau Equifax that let identity thieves access personal and financial data on an unknown number of Americans. Incredibly, this same division makes it simple to access detailed salary and employment history on a large portion of Americans using little more than someone's Social Security number and date of birth -- both data elements that were stolen in the recent breach at Equifax. At issue is a service provided by Equifax's TALX division called The Work Number. The service is designed to provide automated employment and income verification for prospective employers, and tens of thousands of companies report employee salary data to it. The Work Number also allows anyone whose employer uses the service to provide proof of their income when purchasing a home or applying for a loan. The homepage for this Equifax service wants to assure visitors that "Your personal information is protected." "With your consent your personal data can be retrieved only by credentialed verifiers," Equifax assures us, referring mainly to banks and other entities that request salary data for purposes of setting credit limits. Sadly, this isn't anywhere near true because most employers who contribute data to The Work Number -- including Fortune 100 firms, government agencies and universities -- rely on horribly weak authentication for access to the information.

Read more of this story at Slashdot.

Alphabet's Waymo and Intel Are Launching Public Campaigns To Build Trust In Self-Driving Cars

Mon, 10/09/2017 - 16:50
Alphabet's Waymo and Intel announced plans today to sponsor ads about self-driving cars. "Alphabet's Waymo is launching a public education campaign today called "Let's Talk Self-Driving" aimed at addressing the skepticism many people have about autonomous technology," reports The Verge. Meanwhile, "Intel said it would be airing its commercial starring LeBron James in the run-up to the NBA season opener on October 17th. From the report: The ad campaign will launch first in Arizona, before spreading to other states. Waymo is preparing to launch its first commercial ride-hailing service powered by its self-driving Chrysler Pacifica minivans, according to a recent report in The Information. This public education campaign would appear to be a prelude to inviting ordinary people to take a ride in a driverless vehicle. Both companies recognize that in order to make lots of money, there will need to be a robust effort to persuade people that autonomous vehicles are as safe, if not safer, than human-operated ones. Recent polls suggest that most people wouldn't take a ride in a driverless car, even if they like the idea surrounding the technology.

Read more of this story at Slashdot.

Face ID Is Coming To the iPad Pro Next Year, Says Report

Mon, 10/09/2017 - 16:10
According to MacRumors, KGI Securities analyst Ming-Chi Kuo said iPad Pro models set to be released in 2018 will come equipped with a TrueDepth Camera and will support Face ID. Apple is believed to be adding TrueDepth cameras to the iPad Pro to introduce a user experience that's consistent with the iPhone X and boost competitiveness. From the report: According to Kuo, TrueDepth Cameras will be limited to the iPad Pro, which is Apple's main flagship tablet device. Kuo also predicts 2018 iPhone models will adopt the new camera technology coming in the iPhone X, as he has mentioned in a previous note: "We predict iOS devices to be equipped with TrueDepth Camera in 2018F will include iPhone X and 2018 new iPhone and iPad models. Because of this, we believe more developers will pay attention to TrueDepth Camera/ facial recognition related applications. We expect Apple's (U.S.) major promotion of facial recognition related applications will encourage the Android camp to also dedicate more resources to developing hardware and facial recognition applications."

Read more of this story at Slashdot.

EPA Announces Repeal of Major Obama-Era Carbon Emissions Rule

Mon, 10/09/2017 - 15:30
An anonymous reader quotes a report from The New York Times (Warning: source may be paywalled; alternative source: The Trump administration announced Monday that it would take formal steps to repeal President Barack Obama's signature policy to curb greenhouse gas emissions from power plants, setting up a bitter fight over the future of America's efforts to tackle global warming. At an event in eastern Kentucky, Scott Pruitt, the head of the Environmental Protection Agency, said that his predecessors had departed from regulatory norms in crafting the Clean Power Plan, which was finalized in 2015 and would have pushed states to move away from coal in favor of sources of electricity that produce fewer carbon emissions. The repeal proposal, which will be filed in the Federal Register on Tuesday, fulfills a promise President Trump made to eradicate his predecessor's environmental legacy. Eliminating the Clean Power Plan makes it less likely the United States can fulfill its promise as part of the Paris climate agreement to ratchet down emissions that are warming the planet and contributing to heat waves and sea-level rise. Mr. Trump has vowed to abandon that international accord. In announcing the repeal, Mr. Pruitt made many of the same arguments that he had made for years to Congress and in lawsuits: that the Obama administration exceeded its legal authority in an effort to limit greenhouse gas emissions from power plants. (Last year, the Supreme Court blocked the rule from taking effect while courts assessed those lawsuits.) A leaked draft of the repeal proposal asserts that the country would save $33 billion by not complying with the regulation and rejects the health benefits the Obama administration had calculated from the original rule.

Read more of this story at Slashdot.

Hulu Lowers Prices After Netflix Raises Theirs

Mon, 10/09/2017 - 14:50
Coincidentally, as Netflix raised their prices last week, Hulu decided to lower theirs. The streaming service is now offering a plan, which includes commercials, for $5.99 per month for the first year -- a short-term promotion aimed at luring new subs with the kickoff of the fall television and Hulu's expanded TV library lineup. Variety reports: Hulu's special offer for the limited-commercials plan is available through Jan. 9, 2018, only to new or returning Hulu subs. After one year, the regular $7.99 monthly price will kick in. Hulu offers a commercial-free option for $12 per month, and a live TV service (which includes access to original series like Emmy-winning "The Handmaid's Tale" and on-demand titles) for $40 monthly. A Hulu rep said the company's new promo is intended to draft off the fall 2017 TV season. As it looks for another original series on the order of "Handmaid's Tale" -- so far its only breakout hit -- Hulu has inked deals to bring thousands of current and older TV shows to the platform to armor-up in its battle with rivals Netflix and Amazon Prime.

Read more of this story at Slashdot.

OpenBSD 6.2 Released

Mon, 10/09/2017 - 14:10
basscomm writes: OpenBSD 6.2 has now been released. Check out the release notes if you're into that kind of thing. Some of the new features and systems include improved hardware support, vmm(4)/ vmd(8) improvements, IEEE 802.11 wireless stack improvements, generic network stack improvements, installer improvements, routing daemons and other userland network improvements, security improvements and more. Here is the full list of changes.

Read more of this story at Slashdot.