You are here

Tech/Science News

Massachusetts Will Tax Ride-Sharing Companies To Subsidize Taxis

Slashdot - Mon, 08/22/2016 - 13:34
Massachusetts will tax ride-sharing services -- 20 cents for each ride -- with 25% of the money raised going into a special fund for the taxi industry (according to an article shared by schwit1 ). Reuters reports: Ride services are not enthusiastic about the fee. "I don't think we should be in the business of subsidizing potential competitors," said Kirill Evdakov, the chief executive of Fasten, a ride service that launched in Boston last year and also operates in Austin, Texas. Some taxi owners wanted the law to go further, perhaps banning the start-up competitors unless they meet the requirements taxis do, such as regular vehicle inspection by the police... The fee may raise millions of dollars a year because Lyft and Uber alone have a combined 2.5 million rides per month in Massachusetts... The 5-cent fee will be collected through the end of 2021. Then the taxi subsidy will disappear and the 20 cents will be split by localities and the state for five years. The whole fee will go away at the end of 2026. Republican Governor Charlie Baker signed the law, which specifically bans ride-sharing services from passing those costs on to their drivers or riders. And the article notes that Taiwan has also hit Uber with a $6.4 million tax bill, while Seattle has passed a new law allowing ride-sharing drivers to unionize.

Read more of this story at Slashdot.

Categories: Tech/Science News

Four Code Bootcamps Are Now Eligible For Government Financial Aid

Slashdot - Mon, 08/22/2016 - 09:34
Long-time Slashdot reader theodp notes a pilot program for improving computer science education which includes financial aid for students at four code bootcamps: In this week's Hack Education Weekly News, Audrey Watters writes, "The US Department of Education has selected eight higher ed institutions and eight 'non-traditional providers' that will work as partners to pilot the DoE's new EQUIP experiment, meaning that students will be able to receive federal financial aid for coding bootcamps, MOOCs, and the like... "Good thing there haven't been any problems with for-profit higher ed and exploitation of financial aid, otherwise this would all seem like a terrible idea." The original submission has more details on the participants (including the four code bootcamps). Ultimately the program involves pairing "non-traditional" providers with higher education institutions -- and then monitoring their results with a third-party "quality assurance entity" -- to improve the ways we measure a school's performance, but also testing new ways to fund training for computer careers. (I'm curious how Slashdot's readers feel about government loans for attendees at code bootcamps...)

Read more of this story at Slashdot.

Categories: Tech/Science News

Group Wants To Shut Down Tor For a Day On September 1

Slashdot - Mon, 08/22/2016 - 05:34
An anonymous reader writes: An internal group at the Tor Project is calling for a full 24-hour shutdown of the Tor network to protest the way the Tor Project dealt with the Jake Applebaum sexual misconduct accusations, and because of recent rumors it might be letting former government agents in its ranks. Two Tor members, also node operators, have shut down their servers as well, because of the same reason. They explained their motivations here and here. "The protesters have made 16 demands," according to the article, six related to related to supposed infiltration of Tor by government agents, and 10 regarding the Appelbaum ruling and investigation -- including "asking all Tor employees that participated in this investigation to leave" and "the persons behind the JacobAppelbaum.net and the @JakeMustDie and @VictimsOfJake Twitter accounts to come forward and their identities made public."

Read more of this story at Slashdot.

Categories: Tech/Science News

Group Wants To Shut Down Tor For a Day On September 1

Slashdot - Mon, 08/22/2016 - 05:34
An anonymous reader writes: An internal group at the Tor Project is calling for a full 24-hour shutdown of the Tor network to protest the way the Tor Project dealt with the Jake Applebaum sexual misconduct accusations, and because of recent rumors it might be letting former government agents in its ranks. Two Tor members, also node operators, have shut down their servers as well, because of the same reason. They explained their motivations here and here. "The protesters have made 16 demands," according to the article, six related to related to supposed infiltration of Tor by government agents, and 10 regarding the Appelbaum ruling and investigation -- including "asking all Tor employees that participated in this investigation to leave" and "the persons behind the JacobAppelbaum.net and the @JakeMustDie and @VictimsOfJake Twitter accounts to come forward and their identities made public."

Read more of this story at Slashdot.

Categories: Tech/Science News

Systemd Rolls Out Its Own Mount Tool

Slashdot - Mon, 08/22/2016 - 03:34
An anonymous Slashdot reader writes: I'm surprised this hasn't surfaced on Slashdot already, but yesterday Phoronix reported that systemd will soon be handling file system mounts, along with all the other stuff that systemd has encompassed. The report generated the usual systemd arguments over on Reddit.com/r/linux with Lennart Poettering, systemd developer and architect, chiming in with a few clarifications. Lennart argued it will greatly improve the handling of removable media like USB sticks.

Read more of this story at Slashdot.

Categories: Tech/Science News

Ask Slashdot: How Will You Handle Microsoft's New 'Cumulative' Windows Updates?

Slashdot - Mon, 08/22/2016 - 01:34
Microsoft's announced they'll discontinue "individual patches" for Windows 7 and 8.1 (as well as Windows Server 2008 R2, 2012, and 2012 R2). Instead they'll have monthly "cumulative" rollups of each month's patches, and while there will be a separate "security-only" bundle each month, "individual patches will no longer be available." This has one anonymous Slashdot reader asking what's the alternative: We've read about the changes coming to Windows Update in October 2016... But what happens when it's time to wipe and reload the OS? Or what about installing Windows on different hardware? Admittedly, there are useful non-security updates worth having, but plenty to avoid (e.g. telemetry). How does one handle this challenge? Set up a personal WSUS box before October to sync all desired updates through October 2016? System images can work if you don't change primary hardware, but what if you do? Or should one just bend the knee to Microsoft...? Should they use AutoPatcher? Switch to Linux? Or just disconnect their Windows boxes from the internet... Leave your answers in the comments. How do you plan to handle Microsoft's new 'cumulative' Windows Updates?

Read more of this story at Slashdot.

Categories: Tech/Science News

Software Exploits Aren't Needed To Hack Most Organizations

Slashdot - Mon, 08/22/2016 - 00:37
The five most common ways of hacking an organization all involve stolen credentials, "based on data from 75 organizations, 100 penetration tests, and 450 real-world attacks," writes an anonymous Slashdot reader. In fact, 66% of the researchers' successful attacks involved cracking a weak domain user password. From an article on Dark Reading: Playing whack-a-mole with software vulnerabilities should not be top of security pros' priority list because exploiting software doesn't even rank among the top five plays in the attacker's playbook, according to a new report from Praetorian. Organizations would be far better served by improving credential management and network segmentation... "If we assume that 1 percent [of users] will click on the [malicious] link, what will we do next?" says Joshua Abraham, practice manager at Praetorian. The report suggests specific mitigation tactics organizations should take in response to each one of these attacks -- tactics that may not stop attackers from stealing credentials, but "building in the defenses so it's really not a big deal if they do"... [O]ne stolen password should not give an attacker (or pen tester) the leverage to access an organization's entire computing environment, exfiltrating all documents along the way. Similar results were reported in Verizon's 2016 Data Breach Investigations Report.

Read more of this story at Slashdot.

Categories: Tech/Science News

'SingularDTV' Will Use Ethereum For DRM On A Sci-Fi TV Show

Slashdot - Sun, 08/21/2016 - 23:34
It's "an epic sci-fi adventure about the human race's journey into a theoretical technological Singularity." Or is it an "entertainment industry boondoggle...part DRM snake oil marketing, part pseudo-Bitcoin scam and part sincere Singularitarian weirdness?" Long-term Slashdot reader David Gerard writes: SingularDTV is an exciting new blockchain-based entertainment industry startup. Their plan is to adapt the DRM that made $121.54 for Imogen Heap, make their own completely pre-mined altcoin and use that to somehow sell two million views of a sci-fi TV show about the Singularity. Using CODE, which is explicitly modeled on The DAO ... which spectacularly imploded days after its launch. There's a white paper [PDF], but here's an analysis of why these schemes are a terrible idea for musicians. 'Singular' will be a one-hour adventure/drama "that explores the impact technology will have on the future of our planet and how it will shape the evolution of our human race," set in the years 2021 to 2045, "as an unprecedented technological revolution sweeps over the world..."

Read more of this story at Slashdot.

Categories: Tech/Science News

Will Internet Voting Endanger The Secret Ballot?

Slashdot - Sun, 08/21/2016 - 22:34
MIT recently identified the states "at the greatest risk of having their voting process hacked". but added this week that "Maintaining the secrecy of ballots returned via the Internet is 'technologically impossible'..." Long-time Slashdot reader Presto Vivace quotes their article: That's according to a new report from Verified Voting, a group that advocates for transparency and accuracy in elections. A cornerstone of democracy, the secret ballot guards against voter coercion. But "because of current technical challenges and the unique challenge of running public elections, it is impossible to maintain the separation of voters' identities from their votes when Internet voting is used," concludes the report, which was written in collaboration with the Electronic Privacy Information Center and the anticorruption advocacy group Common Cause. 32 states are already offering some form of online voting, apparently prompting the creation of Verified Voting's new site, SecretBallotAtRisk.org.

Read more of this story at Slashdot.

Categories: Tech/Science News

German Minister Wants Facial Recognition Software At Airports and Train Stations

Slashdot - Sun, 08/21/2016 - 21:34
An anonymous Slashdot reader quotes a surprising report from Ireland's National Public Service Broadcaster (based on a report in the German newspaper Bild am Sonntag): Germany's Interior Minister wants to introduce facial recognition software at train stations and airports to help identify terror suspects following two Islamist attacks in the country last month... "Then, if a suspect appears and is recognised, it will show up in the system," he told the paper. He said a similar system was already being tested for unattended luggage, which the camera reports after a certain number of minutes. The article reports that other countries are also considering the technology.

Read more of this story at Slashdot.

Categories: Tech/Science News

Twitter Announces New Blocking and Filtering Features

Slashdot - Sun, 08/21/2016 - 20:34
Twitter just began rolling out "new ways to control your experience," promising the two new features "will give you more control over what you see and who you interact with on Twitter." An anonymous Slashdot reader quotes a report from Wired UK: First up, notification settings will allow those using Twitter on the web or on desktop to limit the notifications they receive for @ mentions, RTs, and other interactions to just be from people they follow. The feature can be turned on through the notifications tab. Twitter is also expanding its quality filter -- also accessible through notifications. "When turned on, the filter can improve the quality of Tweets you see by using a variety of signals, such as account origin and behavior," the company's product manager Emil Leong said in a blog post. In December 2015, the company changed its rules to explicitly ban "hateful conduct" for the first time, while back in February last year, Twitter's then-CEO Dick Costolo admitted the network needed to improve how it handled trolls and abuse. In a leaked memo he said: "I'm frankly ashamed of how poorly we've dealt with this issue during my tenure as CEO. It's absurd. There's no excuse for it. I take full responsibility for not being more aggressive on this front. It's nobody else's fault but mine, and it's embarrassing." Meanwhile, the Twitter account of Wikipedia co-founder Jimmy Wales was hacked on Saturday.

Read more of this story at Slashdot.

Categories: Tech/Science News

Fake Google Salesmen Are Actually SEO Telemarketers

Slashdot - Sun, 08/21/2016 - 19:34
Long-time Slashdot reader Lauren Weinstein writes: It seems like almost every day I get junk solicitation phone calls "from Google." They call about my Google business local listings, about my not being on the first page of Google search results, and so on -- and they want me to pay them to "fix" this stuff. When I look up the Caller ID numbers they use, I often finds pages of people claiming they're Google phone numbers. Sometimes the Caller ID display actually says Google! Is Google really doing this? Negative. NONE of these calls are from Google. Zero. Zilch. Nada. These callers are inevitably "SEO"; (Search Engine Optimization) scammers of one sort or another. They make millions of "cold calls" to businesses using public phone listings (from the Web or other sources) or using phone number lists purchased from brokers. If you ever actually deal with them, you'll find that their services typically range from useless to dangerous.

Read more of this story at Slashdot.

Categories: Tech/Science News

KDE Edition Beta Released For Linux Mint 18 'Sarah'

Slashdot - Sun, 08/21/2016 - 18:34
An anonymous Slashdot reader quotes a report from fossBytes: Linux Mint 18 'Sarah' KDE Edition Beta is now available for download and testing. This release is based on the long-term supported Linux 4.4 kernel and KDE Plasma 5.6 desktop environment. The final release of this widely popular distro is expected to arrive in September... Just like MATE, Cinnamon, and Xfce releases, the KDE release is a long term release that will remain supported until 2021. Linux Mint 18 'Sarah' KDE Edition ships with Mozilla Firefox as default web browser and LibreOffice as the default office suite. The Linux distro also features a wide range of popular KDE apps like Kontact, Dolphin, Gwenview, KMail, digiKam, KTorrent, Skanlite, Konversation, K3b, Konsole, Amarok, Ark, Kate, Okular, and Dragon Player. "Unlike other Linux Mint editions, the KDE edition will ship with the SDDM display manager," reports the Linux Mint blog. Distrowatch notes that it's based on Ubuntu 16.04, and suggests "Mint's 'KDE' flavour might turn out to be the most interesting of the bunch, especially if the project's usually excellent quality assurance is applied to this edition in the same manner as in its 'MATE' and 'Cinnamon' variants."

Read more of this story at Slashdot.

Categories: Tech/Science News

India Threatens 3-Year Jail Sentences For Viewing Blocked Torrents

Slashdot - Sun, 08/21/2016 - 17:34
"It is official now. The punishment for rape is actually less..." writes an anonymous Slashdot reader, who adds that "Some users think that this is all the fault of Bollywood/Hollywood movie studios. They are abusing power, court and money..." India Today reports: The Indian government, with the help of internet service providers, and presumably under directives of court, has banned thousands of websites and URLs in the last five odd years. But until now if you somehow visited these "blocked URLs" all was fine. However, now if you try to visit such URLs and view the information, you may get a three-year jail sentence as well as invite a fine... This is just for viewing a torrent file, or downloading a file from a host that may have been banned in India, or even for viewing an image on a file host like Imagebam. You don't have to download a torrent file, and then the actual videos or other files, which might have copyright. Just accessing information under a blocked URL will land you in jail and leave your bank account poorer. While it's not clear how this will be enforced, visiting a blocked URL in India now leads to a warning that "Viewing, downloading, exhibiting or duplicating an illicit copy of the contents under this URL is punishable as an offence under the laws of India, including but not limited to under Sections 63, 63-A, 65 and 65-A of the Copyright Act, 1957 which prescribe imprisonment for 3 years and also fine of up to Rs. 3,00,000..."

Read more of this story at Slashdot.

Categories: Tech/Science News

Intel Demos A New Robotics Controller Running Ubuntu

Slashdot - Sun, 08/21/2016 - 16:34
Intel demoed their new robotics compute module this week. Scheduled for release in 2017, it's equipped with various sensors, including a depth-sensing camera, and it runs Ubuntu on a quad-core Atom. Slashdot reader DeviceGuru writes: Designed for researchers, makers, and robotics developers, the device is a self contained, candy-bar sized compute module ready to pop into a robot. It's augmented with a WiFi hotspot, Bluetooth, GPS, and IR, as well as proximity, motion, barometric pressure sensors. There's also a snap-on battery. The device is preinstalled with Ubuntu 14.04 with Robot Operating System (ROS) Indigo, and can act as a supervisory processor to, say, an Arduino subsystem that controls a robot's low-level functions. Intel demoed a Euclid driven robot running an obstacle avoidance and follow-me tasks, including during CEO Brian Krzanich's keynote (YouTube video). Intel says they'll also release instructions on how to create an accompanying robot with a 3D printer. This plug-and-play robotics module is a proof-of-concept device -- the article includes some nice pictures -- but it already supports programming in Node.js (and other high-level languages), and has a web UI that lets you monitor performance in real-time and watch the raw camera feeds.

Read more of this story at Slashdot.

Categories: Tech/Science News

Chicago's Experiment In Predictive Policing Isn't Working

Slashdot - Sun, 08/21/2016 - 15:35
The U.S. will phase out private prisons, a move made possible by fewer and shorter sentences for drug offenses, reports the BBC. But when it comes to reducing arrests for violent crimes, police officers in Chicago found themselves resorting ineffectively to a $2 million algorithm which ultimately had them visiting people before any crime had been committed. schwit1 quotes Ars Technica: Struggling to reduce its high murder rate, the city of Chicago has become an incubator for experimental policing techniques. Community policing, stop and frisk, "interruption" tactics --- the city has tried many strategies. Perhaps most controversial and promising has been the city's futuristic "heat list" -- an algorithm-generated list identifying people most likely to be involved in a shooting. The hope was that the list would allow police to provide social services to people in danger, while also preventing likely shooters from picking up a gun. But a new report from the RAND Corporation shows nothing of the sort has happened. Instead, it indicates that the list is, at best, not even as effective as a most wanted list. At worst, it unnecessarily targets people for police attention, creating a new form of profiling. The police argue they've updated the algorithm and improved their techniques for using it. But the article notes that the researchers began following the "heat list" when it launched in 2013, and "found that the program has saved no lives at all."

Read more of this story at Slashdot.

Categories: Tech/Science News

Has WikiLeaks Morphed Into A Malware Hub?

Slashdot - Sun, 08/21/2016 - 13:30
Slashdot reader mirandakatz writes: In releasing an unredacted database of emails from the Turkish party AKP, WikiLeaks exposed the public to a collection of malware -- and even after a Bulgarian security expert pointed this out publicly, the organization only removed the select pieces of malware that he identified, leaving well over a thousand malicious files on the site. That AKP leak also included the addresses and other personal details of millions of Turkish women, not unlike the recent DNC leak, which included the personal data of many private individuals. WikiLeaks says this is all in the name of its "accuracy policy," but the organization seems to be increasingly putting the public at risk. The article opens with the question, "What the hell happened to WikiLeaks?" then argues that "Once an inspiring effort at transparency, WikiLeaks now seems more driven by personal grudges and reckless releases of information..."

Read more of this story at Slashdot.

Categories: Tech/Science News

New Linux Trojan Is A DDoS Tool, a Bitcoin Miner, and Web Ransomware

Slashdot - Sun, 08/21/2016 - 09:30
An anonymous reader writes: A trojan that targeted Drupal sites on Linux servers last May that was incredibly simplistic and laughable in its attempt to install (and fail) web ransomware on compromised websites, has now received a major update and has become a top threat on the malware scene. That trojan, named Rex, has evolved in only three months into an all-around threat that can: (1) compromise servers and devices running platforms like Drupal, WordPress, Magento, Jetspeed, Exarid, AirOS; (2) install cryptocurrency mining in the background; (3) send spam; (4) use a complex P2P structure to manage its botnet; and (5) install a DDoS agent which crooks use to launch DDoS attacks. Worse is that they use their DDoS capabilities to extort companies. The crooks send emails to server owners announcing them of 15-minute DDoS tests, as a forewarning of future attacks unless they pay a ransom. To scare victims, they pose as a known hacking group named Armada Collective. Other groups have used the same tactic, posing as Armada Collective, and extorting companies, according to CloudFlare.

Read more of this story at Slashdot.

Categories: Tech/Science News

Ask Slashdot: Is KDE Dying?

Slashdot - Sun, 08/21/2016 - 05:34
A long-time loyal KDE user "always felt that it was the more complete and integrated of the many Linux desktop environments...thus having the most potential to win over new Linux converts." And while still using KDE exclusively without any major functional issues, now Slashdot reader fwells shares concerns about the future of desktop development, along with a personal opinion -- that KDE is becoming stale and stagnant: KDE-Look.org, once a fairly vibrant and active contributory site, has become a virtual ghost town... Various core KDE components and features are quite broken and have been so for some time... KDEPIM/KMail frankly seems targeted specifically at the poweruser, maintaining over many years its rather plain and arguably retro interface. The Konqueror web browser has been a virtual carcass for several years, yet it mysteriously remains an integral component... So, back to my opening question... Is KDE Dying? Has innovation and development evaporated in a development world dominated by the mobile device? And, if so, can it be reinvigorated? Will the pendulum ever swing back? Can it? Should it? The original submission has some additional thoughts on Windows 10 and desktop development -- but also specific complaints about KDE's Recent Items/Application Launcher History and the KDE theming engine (which "seems disjointed and rather non-intuitive".) The argument seems to be that KDE lacks curb appeal to fulfill that form-over-function preference of the larger community of users, so instead it's really retaining the practical appeal of "my 12 year old Chevy truck, feature rich for its time... Solid and reliable, but definitely starting to fade and certainly lacking some modern creature comforts." So leave your own thoughts in the comments. Does desktop development need to be reinvigorated in a world focused on mobile devices -- and if so, what is its future? And is KDE slowly dying?

Read more of this story at Slashdot.

Categories: Tech/Science News

How SSL/TLS Encryption Hides Malware

Slashdot - Sun, 08/21/2016 - 03:30
Around 65% of the internet's one zettabyte of global traffic uses SSL/TLS encryption -- but Slashdot reader River Tam shares an article recalling last August when 910 million web browsers were potentially exposed to malware hidden in a Yahoo ad that was hidden from firewalls by SSL/TLS encryption: When victims don't have the right protection measures in place, attackers can cipher command and control communications and malicious code to evade intrusion prevention systems and anti-malware inspection systems. In effect, the SSL/TLS encryption serves as a tunnel to hide malware as it can pass through firewalls and into organizations' networks undetected if the right safeguards aren't in place. As SSL/TLS usage grows, the appeal of this threat vector for hackers too increases. Companies can stop SSL/TLS attacks, however most don't have their existing security features properly enabled to do so. Legacy network security solutions typically don't have the features needed to inspect SSL/TLS-encrypted traffic. The ones that do, often suffer from such extreme performance issues when inspecting traffic, that most companies with legacy solutions abandon SSL/TLS inspection.

Read more of this story at Slashdot.

Categories: Tech/Science News

Pages

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer