Slashdot Mirror

An anonymous reader quotes a report from USA Today: [Recent rules from the Federal Aviation Administration mean delivery by drone is years away in the United States, but packages may be winging their way to customers sooner rather than later in the United Kingdom, where Amazon just got permission to begin a new trial of its delivery drones.] The U.K. Civil Aviation Authority gave Amazon permission to test several key drone delivery parameters. They include sending drones beyond the line of sight of their operator in rural and suburban areas, testing sensor performance to make sure the drones can identify and avoid obstacles and allowing a single operator to manage multiple highly-automated drones. U.S. rules are outlined in a 624-page rulebook from the Federal Aviation Administration. They allow commercial drones weighing up to 55 pounds to fly during daylight hours. The aircraft must remain within sight of the operator or an observer who is in communication with the operator. The operators must be pass an aeronautics test every 24 months for a certificate as well as a background check by the Transportation Security Administration. The rules govern commercial flights, such as for aerial photography or utilities inspection. Amazon's goal is to use drones to deliver packages up to 5 pound to customers in 30 minutes or less. Amazon released a statement today detailing its partnership with the UK Government that may one day turn its Prime Air drone delivery service into reality.

An anonymous reader writes from a report via ZDNet: Since announcing how many government data requests and wiretap orders it receives, Amazon has so far issued two transparency reports. The two reports outline how many subpoenas, search warrants, and court orders the company received to cloud service, Amazon Web Services. The cloud makes up a large portion of all the data Amazon gathers, but the company does also collect vast amounts of data from its retail businesses, mobile services, book purchases, and requests made to Echo. The company's third report is due to be released in a few weeks but an Amazon spokesperson wouldn't comment on whether or not the company will expand its transparency report to include information regarding whether or not the Amazon Echo has been wiretapped. There are reportedly more than three million Amazon Echo speakers out in the wild. Gizmodo filed a freedom of information (FOIA) request with the FBI earlier this year to see if the agency had wiretapped an Echo as part of a criminal investigation. The FBI didn't confirm or deny wiretapping the Echo. Amazon was recently awarded a patent for drone docking and recharging stations that would be built on tall, existing structures like lampposts, cell towers, or church steeples.

An anonymous reader quotes a report from Fortune: Amazon added a new skill for its voice assistant Alexa on Friday, and it could help the e-commerce giant add even more revenue to its already billions in yearly sales from selling everything from toilet paper to toothpaste. With today's update, now you can tell Alexa you want to buy any one of its tens of millions of items that are sold on Amazon. The one caveat is that the item must be a Prime product, meaning it is fulfilled by Amazon and can be shipped to shopper's doorsteps within two days or less. So if your daughter or son wants a Elsa doll from Disney's Frozen movie, you simply ask, "Alexa, please order the Elsa doll from Frozen," and Alexa will suggest a toy that fits that description. You then say "yes" to continue the transaction, and Alexa will take care of charging your credit card, and shipping the product to your home. Quartz posted a story in early June in which it documents several concerns from parents that Amazon Echo is conditioning the kids of this generation to be rude.

Kate Conger, reporting for TechCrunch:Amazon retailers sometimes go to extreme lengths to guarantee good reviews, as security developer Matthew Garrett recently discovered when he wrote a one-star review of an internet-connected electric socket. When Garrett politely pointed out that the socket in question was woefully insecure, he received emails from the manufacturer claiming that the review would get employees fired and that other reviewers were campaigning to get Garrett's review taken down. The socket in question is the AuYou Wi-Fi Switch, a $30 device that lets you turn the power from a wall outlet on and off using your phone. [...] But like so many Internet of Things devices, the AuYou switch seems to have a serious security flaw. As Garrett explains in his review, if your phone is connected to your home Wi-Fi, it sends the on/off command to the socket directly. But if you're not home, your phone sends the command to a server in China, which then passes the command along to the socket. "The command packets look like they're encrypted, but in reality there's no real cryptography here at all," Garrett explained in his review. [...] "Just now my boss has blamed me, and he said if I do not remove this bad review, he will quit me. Please help me," the representative wrote. "Could you please change your bad review into good?" Garrett responded that he would update the review if the manufacturer fixed the flaw. The AuYou representative insisted she would be fired if the review was not updated.

It's no secret that Apple makes a ton of money by charging 'astronomical' fee for replacing and fixing display and other components of iPhone and iPad (as well as Mac line). For instance, the company charges $599 for replacing the display on the iPad Pro tablet. Which sounds insane when you realize that you can almost certainly purchase a new iPad Pro under $700. And this is what most people do. A Huffington Post article notes that this behavior has contributed significantly in "generating heaps of e-waste." Citing many advocates, the publication claims that Apple has "opposed legislation that could help curb it." From the report: The Huffington Post spoke with politicians in two states who support such legislation, and confirmed through government filings that Apple has lobbied on the issue. Four states -- Minnesota, Nebraska, Massachusetts and New York -- have considered adopting "right to repair" amendments, which would update existing laws regarding the sale of electronic equipment. Amending these laws would make it easier to fix your devices and would help reduce "e-waste," a catch-all term for any electronic detritus. The New York State Senate and Assembly could approve one of these amendments next week. This would help unofficial repair shops get the information they need to fix your iPad, ideally driving down repair costs and encouraging you to squeeze more life out of your old devices -- thus cutting down on the e-waste generated by our voracious appetites for new gadgets. Apple asserts that it helps recycle millions of pounds of electronics equipment every year. But it won't support right to repair amendments.One would ask what is preventing a user from getting their device repaired by unofficial service person? In addition to the security implication, you also run a risk of getting your device bricked by Apple. To recall, the iPhone maker was found bricking the handsets that had been repaired by third-party vendors earlier this year.

HughPickens.com writes: As we come up on the 50th anniversary of the original Star Trek, Manu Saudia, author of Trekonomics, has an interesting article on BoingBoing about how according to Gene Roddenberry himself, no author had more influence on The Original Star Trek than Robert Heinlein, and more specifically his juvenile novel Space Cadet. That book, published in 1948, is considered a classic. It is a bildungsroman, retelling the education of young Matt Dodson from Iowa, who joins the Space Patrol and becomes a man. (In a homage from Roddenberry, Star Trek's Captain James Tiberius Kirk is also from Iowa.) The Space Patrol is a prototype of Starfleet: it is a multiracial, multinational institution, entrusted with keeping the peace in the solar system. In Space Cadet, Heinlein portrayed a society where racism had been overcome. Not unlike Starfleet, the Space Patrol was supposed to be a force for good. According to Saudia, the hierarchical structure and naval ranks of the first Star Trek series (a reflection of Heinlein's Annapolis days) were geared to appeal to Heinlein's readers and demographics, all these starry-eyed kids who, like Roddenberry himself, had read Space Cadet and Have Spacesuit -- Will Travel. Nobody cared about your sex or the color of your skin as long as you were willing to sign up for the Space Patrol or Starship Troopers' Federal service. Where it gets a little weird is that Heinlein's Space Patrol controls nuclear warheads in orbit around Earth, and its mission is to nuke any country that has been tempted to go to war with its neighbors. This supranational body in charge of deterrence, enforcing peace and democracy on the home planet by the threat of annihilation, was an extrapolation of what could potentially be achieved if you combined the UN charter with mutually assured destruction. "The fat finger on the nuclear trigger makes it a very doubtful proposition," concludes Saudia. "The Space Patrol, autonomous and unaccountable, is the opposite of the kind democratic and open society championed by Star Trek."

Jordan Novet, writing for VentureBeat: Amazon today announced the availability of Echosim.io, a website that simulates the capabilities of the Amazon Echo speaker, which employs Amazon's Alexa voice assistant technology. The thing about Alexa is that many people who don't own the Echo -- or its smaller siblings, the Tap and the Echo Dot -- haven't been able to see what Alexa is capable of. The new tool -- which was inspired by the Alexa in the Browser application that Nexmo developer advocate Sam Machin came up with during a hackathon last year -- solves that problem. All you have to do is head to the website, sign in with your Amazon credentials, and start holding your mouse down over the microphone button to see what Alexa can do. It's nifty for anyone to use, but it's also potentially useful to developers. "Developers worldwide can use Echosim to experience Alexa," Amazon Alexa developer marketing manager Glenn Cameron wrote in a blog post.Interesting move, especially for people who either do not want to -- or can't -- purchase the device (unavailability being one reason). You will need to login with your Amazon account in order to test Echosim.

An anonymous reader writes: Yuval Noah Harari, author of the international bestseller "Sapiens: A Brief History of Humankind," doesn't have a very optimistic view of the future when it comes to artificial intelligence. He writes about how humans "might end up jobless and aimless, whiling away our days off our nuts and drugs, with VR headsets strapped to our faces," writes The Guardian. "Harari calls it 'the rise of the useless class' and ranks it as one of the most dire threats of the 21st century. As artificial intelligence gets smarter, more humans are pushed out of the job market. No one knows what to study at college, because no one knows what skills learned at 20 will be relevant at 40. Before you know it, billions of people are useless, not through chance but by definition." He likens his predictions, which have been been forecasted by others for at least 200 years, to the boy who cried wolf, saying, "But in the original story of the boy who cried wolf, in the end, the wolf actually comes, and I think that is true this time." Harari says there are two kinds of ability that make humans useful: physical ones and cognitive ones. He says humans have been largely safe in their work when it comes to cognitive powers. But with AI's now beginning to outperform humans in this field, Harari says, that even though new types of jobs will emerge, we cannot be sure that humans will do them better than AIs, computers and robots.

An anonymous reader writes: The Wall Street Journal reports Amazon will soon roll-out its own private-label brands of common household items like coffee, diapers, and other perishable groceries. Such offerings include baby food, tea, coffee, spices, and even laundry detergent, and will live under the brand names Happy Belly, Wickedly Prime, and Mama Bear. The products are expected to go on sale as soon as this month, available exclusively for Amazon Prime members. The idea to sell private-label products is nothing new for Amazon. It's been selling consumer electronics devices under its Amazon Basics line for quite some time now. They launched several in-house clothing brands earlier this year as well. In 2014, the company had to recall its Element brand diapers due to a design flaw. With a wider array of private-label goods, especially edible goods, the stakes are only higher, as one recall could severely hurt the company's reputation.

An anonymous reader shares a Slashgear article: Amazon has revealed a programmable Dash Button which can be assigned to any product or purpose, a customizable version of its one-touch reordering gadgets. The AWS IoT Button looks just like the existing Dash Buttons, which allow products from more than 100 brands to be ordered with a single tap -- no web browser required -- and delivered to a preset address, but is designed for developers and Internet of Things tinkerers to dig into. So, rather than having a new multipack of toilet rolls, or a fresh box of laundry detergent added to your shopping list, the AWS IoT Button could be used to trigger your lights, integrate with popular APIs from Twitter, Slack, Facebook, or others, or summon a car through Uber.It appears Amazon has already sold out its current batch.

Spencer Soper, writing for Bloomberg (edited and condensed): Amazon will let people post videos to its website and earn money from advertising, royalties and other sources, putting the company in more-direct competition with Google's YouTube. Amazon already offers movies and television programs over the Internet -- including its own original productions -- to compete with Netflix. The new product dubbed Video Direct will let Amazon give consumers more options about what to watch without an upfront fee because many of those posting videos will be paid based on how their content performs. Competing streaming services have been driving up the cost of this material. Amazon used a similar strategy to boost its inventory of electronic books through Kindle Direct Publishing, which lets authors bypass traditional publishers and reach readers directly by posting and selling their own e-books online. The Seattle-based e-commerce giant said the service is designed for "professional video producers," but its only requirements are that the videos be high definition and have closed-captioning for the hearing impaired.The company is offering 15 cents for every hour of viewing a video creator's content via Prime Video in the U.S, and six cents an hour for views outside of the U.S. Content creators can also allow Amazon to show their videos to any visitor for free. In such case, Amazon says it is offering 55 percent of all ad revenue their clips generate. Content creators can also sell their videos via its subscription service, or its rental its store -- in which case, Amazon will offer 50 percent of the revenue. YouTube has been long criticized for paying less to YouTube creators, forcing many to leave the platform, or look for alternate revenue channels.

HughPickens.com writes: There's good news for aging Americans who may have damaged their hearing by attending one too many rock concerts when they were young. Andrew Pollack writes at the NYT that the consumer electronics industry is encroaching on the hearing aid business, offering products that are far less expensive and available without the involvement of audiologists or other professionals. The new devices are forcing a re-examination of the entire system for providing hearing aids, which critics say is too costly and cumbersome, hindering access to devices vital for the growing legions of older Americans. "The audiology profession is obviously scared, for good reason, right now," says Abram Bailey.

Hearing aids cost an average of nearly $2,400 each, or close to $5,000 a pair, according to a White House advisory group, and Medicare does not pay for them, nor do most insurers. By contrast, the consumer devices are not regulated and sell for a few hundred dollars apiece, at most. Hearing aid manufacturers say that diagnosing and treating hearing loss is too complex for consumers to do using consumer devices, without the aid of a professional. But sound amplifiers have been around for years and they are growing in sophistication, taking advantage of signal processing chips developed for phones, Bluetooth headsets and computers. The devices include the Smart Listening System from Soundhawk, which sells at $400 for a single ear; the Bean from Etymotic Research, at $300; the CS50+ from Sound World Solutions at $350; and the Crystal Ear from NeutronicEar, at $545. "To me it was a reasonable investment to experiment with," says Ira Dolich, 81, who bought the Soundhawk device, which he can adjust by himself using his smartphone. "I've been pretty pleased with it," he said.

An anonymous reader quotes a report from ZDNet: One reason Ubuntu is increasing its lead is that Jujo, Canonical's application modeling and deployment DevOps tool, has been gaining in popularity. In the latest OpenStack user survey, we see that OpenStack is finally gaining real momentum in private clouds. We also see that Ubuntu Linux is continuing to dominate OpenStack. As Canonical cloud marketing manager Bill Bauman said, "Ubuntu OpenStack continues to dominate the majority of deployments with 55 percent of production OpenStack clouds. The previous survey showed Ubuntu OpenStack at 33 percent of production clouds. Ubuntu has seen almost 67 percent growth in an area where Ubuntu was already the market leader. These numbers are a huge testament to the community support Ubuntu OpenStack receives every day." The Cloud Market's latest analysis of operating systems on the Amazon Elastic Compute Cloud (EC2) shows Ubuntu with just over 215,000 instances. Ubuntu is followed by Amazon's own Amazon Linux Amazon Machine Image (AMI), with 86,000 instances. Further back, you'll find Windows with 26,000 instances. In fourth and fifth place, respectively, you'll find Red Hat Enterprise Linux (RHEL) with 16,500 instances and then CentOS with 12,500 instances.

An anonymous reader quotes a report from ZDNet: One reason Ubuntu is increasing its lead is that Jujo, Canonical's application modeling and deployment DevOps tool, has been gaining in popularity. In the latest OpenStack user survey, we see that OpenStack is finally gaining real momentum in private clouds. We also see that Ubuntu Linux is continuing to dominate OpenStack. As Canonical cloud marketing manager Bill Bauman said, "Ubuntu OpenStack continues to dominate the majority of deployments with 55 percent of production OpenStack clouds. The previous survey showed Ubuntu OpenStack at 33 percent of production clouds. Ubuntu has seen almost 67 percent growth in an area where Ubuntu was already the market leader. These numbers are a huge testament to the community support Ubuntu OpenStack receives every day." The Cloud Market's latest analysis of operating systems on the Amazon Elastic Compute Cloud (EC2) shows Ubuntu with just over 215,000 instances. Ubuntu is followed by Amazon's own Amazon Linux Amazon Machine Image (AMI), with 86,000 instances. Further back, you'll find Windows with 26,000 instances. In fourth and fifth place, respectively, you'll find Red Hat Enterprise Linux (RHEL) with 16,500 instances and then CentOS with 12,500 instances.

Amazon, on Wednesday, announced the Kindle Oasis, the company's latest addition to its ebook reader offering. The Kindle Oasis offers a range of improvements and changes over the Kindle Paperwhite. Mashable's Lance Ulanoff writes, "[The company has] essentially discarded the previous design in favor of a paper-thin display attached to a somewhat thicker side grip." Elaborating: First of all, the 6-inch screen is close to square. Second of all, it no longer sits in the center of the device. And thirdly, the screen is now an insane 3.4-mm thick. Yes, that is as thin as you think it is. Amazon's Oasis e-reader even marks the return of buttons to the design.As for the specifications, the Kindle Oasis sports a 6-inch display of 300ppi screen resolution, and 10 LEDs for "enhanced page consistency." Instead of "weeks"-long battery life, Amazon is promising "months" of usage on a single charge with Oasis thanks to the cover that ships with it and doubles as a rechargeable battery. It starts at $289.99 (Wi-Fi-only edition and with "advertisements that appear when you wake up the reader"), and goes all the way up to $379 (Wi-Fi + 3G, and no ads).

An anonymous reader cites an article on CNET: Amazon's virtual assistant Alexa has already grown into a viable platform for voice-activated smart home control. Now, Amazon is introducing new, open software that will make it easier for smart home gadgets to hop aboard that platform. The software is a new addition to the Alexa Skills Kit called the Smart Home Skill API. The API makes it faster and easier for device makers to build the Skills that sync their products up with Alexa, and it standardizes the vocabulary that they'll use, too. If I make a smart thermostat and sync it up with Alexa using the Smart Home Skill API, I'll be using common terminology that Alexa already knows. That means that Alexa will be able to control my thermostat with basic commands like, "Turn the heat up" or, "Set the thermostat to 70" without me needing to program any of it.

An anonymous reader writes: Alexa, Tay, Siri, Cortana, Xiaoice, and Google Now. These technologies all have one thing in common -- they are digital servants aimed at a mass-market audience that feature a "female" voice or persona. And it's not just the voice or persona of the digital persona we interact with that is biased. The results of those interactions also demonstrate male favoritism. It took Apple more than four years to fix Siri's responses to questions about abortion services, and yet the company didn't seem to have any problem programming Siri to search for prostitutes and Viagra. Here's the gender breakdown for the tech workforce of each company:
Microsoft: 83.0% male, 16.9% female
Google: 82.0% male, 18.0% female
Apple: 79.0% male, 22.0% female
Amazon: 61.0% male, 39.0% female

Google engineer, Benson Leung has been on a mission to get rid of USB Type-C cables that aren't compliant with Type-C 1.1 spec. He reminds us that these cables could potentially lead to damage. Over the past few months, he has reviewed over a dozen of USB Type-C cables on Amazon.com and concluded that the vast majority of them aren't compliant with the aforementioned standard. Now he reports: Amazon.com has just made a change to their "Prohibited listings" for Electronics. They've added the following line: Any USB-C (or USB Type-C) cable or adapter product that is not compliant with standard specifications issued by "USB Implementers Forum Inc." What does this mean? It means that cable manufacturers who sell poorly made or intentionally deceptive USB Type-C cables and adapters are banned from Amazon, officially. Really great news, but we all have to continue to be vigilant and call out any bad products we find on Amazon and other stores (both online and brick and mortar) as we find them.

An anonymous reader quotes a report from BBC: Amazon has published an online guide explaining how to access its virtual assistant Alexa via a Raspberry Pi. The walkthrough includes access to the necessary app data and certificates in order to link the budget computer up to the tech giant's servers. Amazon says that users require at least the second-generation model, released in February 2015, as well as: a plug-in USB microphone, microSD card, ethernet cable, Wi-Fi wireless adapter, mouse, keyboard, and screen. The coding involved is limited to typing in sets of commands, but the guide explains the purpose of each one. Users also need to register for an Amazon Developer Account, which they can get for free.

An anonymous reader writes from a Fortune article: Comcast has struck a big online retail partnership. The media conglomerate has begun selling its Xfinity TV, phone, and Internet services through Amazon. Comcast's service bundles are available through Amazon.com's recently debuted Amazon Cable Store. Comcast customers have long complained about the company's shoddy customer service. "Xfinity purchases made on Amazon are supported by a dedicated team of highly trained Comcast customer service agents who are based in Comcast's new, state-of-the-art call centers in Spokane, Washington, and Tucson, Arizona," Comcast wrote in a blog post. According to Cable Store FAQ, users will have to go through Comcast directly if they want to make any changes to their existing plan.

An anonymous reader writes from a Fortune article: Comcast has struck a big online retail partnership. The media conglomerate has begun selling its Xfinity TV, phone, and Internet services through Amazon. Comcast's service bundles are available through Amazon.com's recently debuted Amazon Cable Store. Comcast customers have long complained about the company's shoddy customer service. "Xfinity purchases made on Amazon are supported by a dedicated team of highly trained Comcast customer service agents who are based in Comcast's new, state-of-the-art call centers in Spokane, Washington, and Tucson, Arizona," Comcast wrote in a blog post. According to Cable Store FAQ, users will have to go through Comcast directly if they want to make any changes to their existing plan.

An anonymous reader writes from a Fortune article: Comcast has struck a big online retail partnership. The media conglomerate has begun selling its Xfinity TV, phone, and Internet services through Amazon. Comcast's service bundles are available through Amazon.com's recently debuted Amazon Cable Store. Comcast customers have long complained about the company's shoddy customer service. "Xfinity purchases made on Amazon are supported by a dedicated team of highly trained Comcast customer service agents who are based in Comcast's new, state-of-the-art call centers in Spokane, Washington, and Tucson, Arizona," Comcast wrote in a blog post. According to Cable Store FAQ, users will have to go through Comcast directly if they want to make any changes to their existing plan.

An anonymous reader writes: If you have a Kindle device, you must update it before March 22 or else it's going to lose internet connectivity. Losing access to the internet means that you won't be able to use Kindle Store to purchase books, and your device won't be able to sync with the cloud. From a CNET article, "According to Amazon, the update is required to ensure the Kindle remains compliant with continuously evolving industry web standards." These are the devices that need to be updated: Kindle 1st Generation (2007), Kindle 2nd Generation (2009), Kindle DX 2nd Generation (2009), Kindle Keyboard 3rd Generation (2010), Kindle 4th Generation (2011), Kindle 5th Generation (2012), Kindle Touch 4th Generation (2011), and Kindle Paperwhite 5th Generation (2012). If you own a Kindle Paperwhite (6th or 7th Generation), or a Kindle 7th Generation, or a Kindle Voyage 7th Generation, you do not need to worry about the update. And suddenly, Amazon sending postcards to remind people about this update doesn't feel that wrong.

An anonymous reader writes from an article on Bloomberg: Executives at Google parent Alphabet Inc., absorbed with making sure all the various companies under its corporate umbrella have plans to generate real revenue, concluded that Boston Dynamics isn't likely to produce a marketable product in the next few years and have put the unit up for sale, according to two people familiar with the company's plans. Possible acquirers include the Toyota Research Institute, a division of Toyota Motor Corp., and Amazon.com Inc., which makes robots for its fulfillment centers, according to one person. Google acquired Boston Dynamics in late 2013 as part of a spree of acquisitions in the field of robotics. Over the following year, the robot initiative, dubbed Replicant, was plagued by leadership changes, failures to collaborate between companies and an unsuccessful effort to recruit a new leader. Jonathan Rosenberg, an adviser to Alphabet Chief Executive Officer Larry Page and former Google senior vice president, said, "we as a startup of our size cannot spend 30-plus percent of our resources on things that take ten years," and that "there's some time frame that we need to be generating an amount of revenue that covers expenses and (that) needs to be a few years." In December, Google announced that Replicant had been folded into Google's advanced research group, Google X. In a private all-hands meeting around that time, Astro Teller, the head of Google X, told Replicant employees that if robotics aren't the practical solution to problems that Google was trying to solve, they would be reassigned to work on other things, according to a person who was at that meeting. Boston Dynamics, though, was never folded into Google X and was instead put up for sale.

mmoorebz writes: Netflix is known as a place to binge watch television, but behind the scenes, there's a lot that goes on before everyone's favorite show can be streamed. The first step to deploying an application or service is building. Netflix created Nebula, a set of plugins for the Gradle build system, that "help with the heavy-lifting around building applications," said the engineers. Once the code has been built and tested locally using Nebula, the team pushes the updated source code to a Git repository. Every deployment at Neflix begins with the creation of an Amazon Machine Image, and to generate them from source, Netflix created what it calls "the Bakery." It exposes an API that facilitates the creation of AMIs globally, according to the blog. When it comes time to deploy and after the "baking" is complete, teams will use Spinnaker to manage multi-region deployments, canary releases, and red/black deployments. Netflix is continuing to look at the developer experience and determine how it can improve.

HughPickens.com writes: The Independent reports that smartwatches that allow students to cheat on exams are being openly sold on Amazon. An advert for one such watch, called a "New 2016 Student 8GB cheating watch," is offered on Amazon for $51.68. "This watch is specifically designed for cheating on exams with a special programmed software. It is perfect for covertly viewing exam notes directly on your wrist, by storing text and pictures in the 8GB memory storage. It supports various file formats, such as: TXT, MP3, JPG, GIF, WAV, WMV, AVI, etc. It has an emergency button, so when you press it — the watch's screen display changes from text to a regular clock, and blocks all other buttons." The watch has garnered good reviews. "this is amazing. it helps me cheat on my test and it is smart and i never got caught," writes one reviewer. Joe Sidders, the deputy head at Monkton Combe senior school, in Bath, told BBC News that such devices were making exams a "nightmare to administer". "I expect the hidden market for these sorts of devices is significant, and this offering on Amazon is just the tip of the iceberg." A spokesman for Amazon said the company did not want to comment on the sale of the cheating watches. But professors are striking back. "My microbiology professor does a watch check every time we have a test," says Abigail Lauze. "If it's not an old school analog it has to come off and go in the cell phone bin."

An anonymous reader writes: On Thursday, Amazon announced the winners of its first-ever "AWS IoT Mega Contest," a competitive hardware hacking event held in conjunction with Hackster last month which drew nearly a thousand participants. First place went to an RFID, infrared, light and sound sensor system that gathers data about a sleeping baby and to a voice-controlled drone that sends radio signals using a Raspberry Pi board. "IoT is here now," posted an Amazon cloud evangelist, just four months after Amazon released their own Internet of Things platform. "People are building devices, sites, and applications that are sophisticated and useful."

Dave Knott writes: Amazon has both announced and released a new, free game engine, Lumberyard, which offers deep integration with its Amazon Web Services server infrastructure to empower online play, and also with Twitch, its video game-focused streaming service. Lumberyard is powerful and full-featured enough to develop triple-A current-gen console games, with mobile support is coming down the road. Its core engine technology is based on Crytek's CryEngine. However, Lumberyard represents a branch of that tech, and the company is replacing or upgrading many of CryEngine's systems. Monetization for Lumberyard will come strictly through the use of Amazon Web Services' cloud computing. If you use the engine for your game, you're permitted to roll your own server tech, but if you're using a third-party provider, it has to be Amazon. Integration of Amazon's Twitch video streaming tools at a low level also helps to cement that platform's dominance in the game streaming space. Alongside Lumberyard, the company has also announced and released GameLift, a new managed service for deploying, operating, and scaling server-based online games using AWS. GameLift will be available only to developers who use Lumberyard, though it's an optional add-on. The game engine is in beta, but is freely usable and downloadable today.

Dave Knott writes: Amazon has both announced and released a new, free game engine, Lumberyard, which offers deep integration with its Amazon Web Services server infrastructure to empower online play, and also with Twitch, its video game-focused streaming service. Lumberyard is powerful and full-featured enough to develop triple-A current-gen console games, with mobile support is coming down the road. Its core engine technology is based on Crytek's CryEngine. However, Lumberyard represents a branch of that tech, and the company is replacing or upgrading many of CryEngine's systems. Monetization for Lumberyard will come strictly through the use of Amazon Web Services' cloud computing. If you use the engine for your game, you're permitted to roll your own server tech, but if you're using a third-party provider, it has to be Amazon. Integration of Amazon's Twitch video streaming tools at a low level also helps to cement that platform's dominance in the game streaming space. Alongside Lumberyard, the company has also announced and released GameLift, a new managed service for deploying, operating, and scaling server-based online games using AWS. GameLift will be available only to developers who use Lumberyard, though it's an optional add-on. The game engine is in beta, but is freely usable and downloadable today.

TheRealHocusLocus writes: Three Decembers ago I lauded the impending death of the trapezoid. Celebration of the rectangle might be premature however, because in the rush-to-market an appalling number of chargers, cables and legacy adapters have been discovered to be non-compliant. There have been performance issues with bad USB implementation all along, but now — with improved conductors USB-C offers to negotiate up to 3A in addition the 900ma base, so use of a non-compliant adapter may result in damage. Google engineer and hero Benson Leung has been waging a one-man compliance campaign of Amazon reviews to warn of dodgy devices and praise the good. Reddit user bmcclure937 offers a spreadsheet summary of the reviews. It's a jungle out there, don't get fried.

New submitter andyjl writes: The software industry lost one of its pioneers on Tuesday, January 20, 2016 when Ed Yourdon died from post-operative complications. Ed was a pioneer of Structured Programming methodologies, and was a prodigious author of software-related books, including topics such as "death march" projects, and the problems of Y2K. He was also a personal friend and fellow forensic software analyst specializing in the analysis of failed software development projects and the lack of software development disciplines. He once told me that he read a item on the Internet (which I cannot find) that said, "whenever a programmer writes a GOTO statement, somewhere a Yourdon dies." I am forced to conclude that one of you programmers out there did indeed write a GOTO statement on Tuesday and I want to know who it was. Look at what you did! Did you really have to use a GOTO? Adds reader theodp: Yourdon was a successful author, whose Slashdot-reviewed books included Rise and Resurrection of the American Programmer, Death March: The Complete Software Developer's Guide to Surviving "Mission Impossible" Projects, Byte Wars: The Impact of September 11 on Information Technology, and Outsourcing: Competing in the Global Productivity Race. Yourdon's Time Bomb 2000!: What the Year 2000 Computer Crisis Means to You!, written with daughter Jennifer, was a Y2K best-seller.

theodp writes: According to Chalkbeat, the expansion of charter schools, the movement to break New York City's large schools into smaller ones, and the push to teach computer science have something in common: the influence of philanthropy. Though contributions from big donors amount to only a fraction of New York City's education spending, they still have a real impact on public school policy, said Jeffrey Henig, the co-author of The New Education Philanthropy: Politics, Policy and Reform, which details how powerful individuals and organizations increasingly use donations to advance policies they support. Increasingly, Henig adds, some of those donors are paying more attention to advocacy, creating at least the appearance, if not the reality, of grassroots support.

theodp writes: Teaching multivariate statistics to college students, writes AnnMaria De Mars, was a piece of cake compared to her current project — making a game to teach statistics to middle school students who have never been exposed to the idea. In the interest of making a better game, De Mars asks, "Here's my question to you, oh reader people, what resources have you found useful for teaching statistics? I mean, resources you have really watched or used and thought, 'Hey, this would be great for teaching?' There is a lot of mediocre, boring stuff on the interwebz and if any of you could point me to what you think rises above the rest, I'd be super appreciative." Larry Gonick's The Cartoon Guide to Statistics is pretty amazing, but is it a little too advanced for this age group? Anyone have experience with the Khan Academy Data and Statistics offerings? Any other ideas?

AaronW writes: A 12-year-old Sikh boy in Dallas, Texas was accused by another student of bringing a bomb to school. Apparently he had a powerbag; a backpack with a built-in phone charger. Rather than send him to the principal's office or ask for an explanation, the teacher instead called the police, who promptly arrested him and threw him into a juvenile detention center for three days. The school promptly suspended Armaan, and the police released him after three days but required that he wear an ankle bracelet. Verifiable details are scant, for this case — probably because the whole thing seems to revolve around some 12-year-old kids talking to each other. Armaan's story is that another student said his bag looked like it had a bomb in it, and that he would report it. Believing it to be a joke, Armaan laughed. The police say he "admitted" to joking about a bomb, and they insist their actions were justified. A school district spokesman says the family was notified, but the parents say they had to dial 911 to find somebody who could tell them where their son was being held.

An anonymous reader writes: As more and more people live closer together in tightly packed subdivisions, the mental stress of noise becomes a serious issue. Noise nuisance complaints are on the rise, litigation increasing. We try to tune it out, yet the stress it causes is still present, and there's seemingly no way around it." Six months ago a new neighbor moved in next door who has two dogs, one of which barks incessantly with a high pitched yip that is driving my wife crazy and making it difficult for me to read or work on the computer. I've already talked to my neighbor and he will bring the dog inside but three days later it starts again. What is a cost effective technical solution to knock 10 or 20 dB off the exterior noise? soundproof windows, an interior acoustic blanket,a sound blocking fence, a sound absorbing fence, planting foliage or noise cancelling headphones, or something else. I'm sure I'm not the first slashdotter to have this problem. What has worked for you?

An anonymous reader writes: As more and more people live closer together in tightly packed subdivisions, the mental stress of noise becomes a serious issue. Noise nuisance complaints are on the rise, litigation increasing. We try to tune it out, yet the stress it causes is still present, and there's seemingly no way around it." Six months ago a new neighbor moved in next door who has two dogs, one of which barks incessantly with a high pitched yip that is driving my wife crazy and making it difficult for me to read or work on the computer. I've already talked to my neighbor and he will bring the dog inside but three days later it starts again. What is a cost effective technical solution to knock 10 or 20 dB off the exterior noise? soundproof windows, an interior acoustic blanket,a sound blocking fence, a sound absorbing fence, planting foliage or noise cancelling headphones, or something else. I'm sure I'm not the first slashdotter to have this problem. What has worked for you?

benrothke writes: Large enterprises have numerous information security challenges. Aside from the external threats; there's the onslaught of security data from disparate systems, platforms and applications. Getting a handle on the security output from numerous point solutions (anti-virus, routers/switches, firewalls, IDS/IPS, ERP, access control, identity management, single sign on and others), often generating tens of millions of messages and alerts daily is not a trivial endeavor. As attacks becoming more frequent and sophisticated and with regulatory compliance issues placing an increasing burden, there needs to be a better way to manage all of this. Getting the raw hardware, software and people to create a SOC is not that difficult. The challenge, and it's a big challenge, is integrating those 3 components to ensure that a formal SOC can operate effectively. In Security Operations Center: Building, Operating, and Maintaining your SOC, authors Joseph Muniz, Gary McIntyre and Nadhem AlFardan have written an indispensable reference on the topic. The authors have significant SOC development experience, and provide the reader with a detailed plan on all the steps involved in creating a SOC. Keep reading for the rest of Ben's review. Security Operations Center: Building, Operating, and Maintaining your SOC author Joseph Muniz, Gary McIntyre, Nadhem AlFardan pages 448 publisher Cisco Press rating 10/10 reviewer Ben Rothke ISBN 978-0134052014 summary Indispensable guide for those designing and deploying a SOC As Mike Rothman notedabout managed services providers, and something that is relevant to a SOC, you should have no illusions about the amount of effort required to get a SOC up and running, or what it takes to keep one current and useful. Many organizations have neither the time nor the resources to implement a SOC, but do, and are then trapped on the hamster wheel of pain, reacting without sufficient visibility, but without time to invest in gaining that much-needed visibility into threats that the SOC had the potential to provide them with, had they done it right. Those considering deploying a SOC and not wanting to be in the hamster wheel of pain will need this book.

The authors have done a great job in covering every phase and many details required to build out a SOC. After going through the book, some readers will likely reconsider deploying an internal SOC given the difficulties and challenges involved. This is especially true since SOC design and deployment is something not many people have experience with.

The book is written for an organization that is serious about building an enterprise SOC. The authors spend much of the book focusing on the myriad requirements for creation of a SOC. They constantly reiterate about details that need to be determined before moving forward.

Chapter 4 on SOC strategy is important as the way in which a firm determines their strategy will affect every aspect of the outcome. The authors wisely note that an inadequate or inaccurate SOC strategy, and the ensuing capabilities assessment exercises would produce a SOC strategy that does not properly address the actual requirements of the organization.

Ultimately, failing to adequately plan and design is a guarantee for SOC failure. That in turn will affect and impact deployment timelines, budgets and cause frustration, dissatisfaction and friction between the different teams involved in the SOC program.

The author's expertise is evident in every chapter, and their real-world expertise quite obvious in chapter 5 on facilities, which is an area often neglected in SOC design. The significant issue is that if the facility in which the SOC team operates out of does meet certain baseline requirements, the SOC effectiveness will be significantly and often detrimentally impacted. The chapter details many overlooked topics such as: acoustics, lighting, ergonomics, and more.

Staffing a SOC is another challenge, and the book dedicates chapter 8 to that. The SOC is only as good as the people inside it, and the SOC staff requires a blend of skills. If the organization wants their SOC to operate 24x7, it will obviously require a lot more manpower of these hard to find SOC analysts.

Another helpful aspect is found in chapter 10 which has a number of checklists you can use to verify that all the required pieces are in place prior to a go live data, or be able to identify area that many not be completed as expected.

With Muniz and AlFardan being Cisco employees and this being a Cisco Press title, the book has a strong emphasis towards Cisco hardware and software. Nonetheless, the book is still quite useful even for those who won't be using Cisco products.

Building a SOC is an arduous process which takes a huge amount of planning and of work. This work must be executed by people from different teams and departments, all working together. Based on these challenges, far too many SOC deployments fail. But for anyone who is serious about building out a SOC, this book should be a part of that effort.

The reason far too many, perhaps most SOC deployments fail is that firms makes the mistake of obsessing on the hardware and software, without adequately considering the security operations functions. The authors make it eminently clear that such an approach won't work, and provide you with the expert guidance to obviate that.

For anyone considering building a SOC, or wants to understand all of the details involved in building one, Security Operations Center: Building, Operating, and Maintaining your SOC, is an absolute must read.

Reviewed by Ben Rothke.

You can purchase Security Operations Center: Building, Operating, and Maintaining your SOC from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know.

theodp writes: The Intercept's Michael Massing takes a look at "How the Gates Foundation Reflects the Good and the Bad of 'Hacker Philanthropy." He writes, "Despite its impact, few book-length assessments of the foundation's work have appeared. Now Linsey McGoey, a sociologist at the University of Essex, is seeking to fill the gap. 'Just how efficient is Gates's philanthropic spending?' she asks in No Such Thing as a Free Gift. 'Are the billions he has spent on U.S. primary and secondary schools improving education outcomes? Are global health grants directed at the largest health killers? Is the Gates Foundation improving access to affordable medicines, or are patent rights taking priority over human rights?' As the title of her book suggests, McGoey answers all of these questions in the negative. The good the foundation has done, she believes, is far outweighed by the harm." Massing adds, "Bill and Melinda Gates answer to no electorate, board, or shareholders; they are accountable mainly to themselves. What's more, the many millions of dollars the foundation has bestowed on nonprofits and news organizations has led to a natural reluctance on their part to criticize it. There's even a name for it: the 'Bill Chill' effect."

HughPickens.com writes: Henry Farrel writes in the Washington Post that there's a group of people who appear to be somewhat prone to violent extremism: Engineers. They are nine times more likely to be terrorists than you would expect by chance. In a forthcoming book, Engineers of Jihad, published by Princeton University Press, Diego Gambetta and Steffen Hertog provide a new theory explaining why engineers seem unusually prone to become involved in terrorist organizations. They say it's caused by the way engineers think about the world. Survey data indicates engineering faculty at universities are far more likely to be conservative than people with other degrees, and far more likely to be religious. They are seven times as likely to be both religious and conservative as social scientists. Gambetta and Hertog speculate that engineers combine these political predilections with a marked preference towards finding clearcut answers.

Gambetta and Hertog suggest that this mindset combines with frustrated expectations in many Middle Eastern and North African countries (PDF), and among many migrant populations, where people with engineering backgrounds have difficulty in realizing their ambitions for good and socially valued jobs. This explains why there are relatively few radical Islamists with engineering backgrounds in Saudi Arabia (where they can easily find good employment) and why engineers were more prone to become left-wing radicals in Turkey and Iran.

Some people might argue that terrorist groups want to recruit engineers because engineers have valuable technical skills that might be helpful, such as in making bombs. This seems plausible – but it doesn't seem to be true. Terrorist organizations don't seem to recruit people because of their technical skills, but because they seem trustworthy and they don't actually need many people with engineering skills. "Bomb-making and the technical stuff that is done in most groups is performed by very few people (PDF), so you don't need, if you have a large group, 40 or 50 percent engineers," says Hertog. "You just need a few guys to put together the bombs. So the scale of the overrepresentation, especially in the larger groups is not easily explained."

An anonymous reader writes: Amazon has released new screenplay-writing software aimed to help connect new writing talent to its original content production company, Amazon Studios. Storywriter contains many of the autoformatting tools familiar to users of similar software such as Final Draft and Celtx, but no other screenwriting tool can claim to actually send unknown writers' output to potentially interested producers.

George Maschke writes: AntiPolygraph.org has published a document (14 MB PDF) on polygraph countermeasures that is allegedly derived from classified information. The document suggests techniques that polygraph operators might use in an attempt to detect efforts to beat the polygraph, but fails to offer any coherent strategy for detecting sophisticated countermeasures such as those outlined in AntiPolygraph.org's The Lie Behind the Lie Detector (1 MB PDF) or Doug Williams' How to Sting the Polygraph. Ominously, the leaked document avers that an examinee's stated lack of belief in polygraphy is a marker of deception. AntiPolygraph.org has also published an older U.S. Air Force Office of Special Investigations polygraph countermeasure handbook (3.2 MB PDF) that similarly offers no methodology for detecting sophisticated countermeasures (such as any actual spy, saboteur, or terrorist might be expected to use).

theodp writes: The New York Post has published an excerpt from Sold Out: How High-Tech Billionaires and Bipartisan Beltway Crapweasels Are Screwing America's Best and Brightest Workers, a new book on the H-1B debate from conservative syndicated columnist Michelle Malkin and programmer-turned-attorney John Miano. "Sold Out," notes a Computerworld review, "clearly has a point a view about the program (crapweasels, for instance), but it backs up its assertions and gives H-1B supporters a high threshold to cross. A serious argument in defense of the visa program requires explaining how America gains when a U.S. worker is replaced by a foreign visa holder hired to do the exact same job. If you are going to justify the H-1B program, then you have to defend firms that force their employees (no severance otherwise) to train their replacements. That may be the point here. This book lays bare the replacement process, the broad use of the H-1B visa by the IT offshore outsourcing industry, and the lobbying effort in Washington to minimalize the visa's use in displacing U.S. workers." With anecdotes like "how Microsoft wined and dined the Bush administration to expand the foreign worker supply through administrative fiat to circumvent public disclosure and congressional debate," the book seeks out a broader audience than just those already familiar with the H-1B issue.

Nigel Dessau has written a book titled Become a 21st Century Executive: Breaking Away from the Pack. One thing he mentions both in his book and in conversation is that you should harness conflict in the workplace rather than try to stop it. And the first name that came to mind was Linus Torvalds, and how kernel developer Sarah Sharp recently quit the kernel development team loudly and publicly because of Linus's 'Brutal' Communications Style. And now the Washington Post has put out an article under the headline, Net of Insecurity: The Kernel of the Argument, which is about Linus's management style and his recent conflicts with almost every Internet security maven within reach of his online writing. Meanwhile, at ZDNet, Steven J. Vaughan-Nichols calls the Post article "re-bundled old FUD about Linux and the internet's security."

Nigel likes Linus (as do most people who've met him in person) and points out that Linus can get away with being somewhat prickly because he's a genius. The same could be said about the late Steve Jobs and a number of other interesting leaders in the computer business. And Nigel's book and this interview also talk about something that may be more important in the long run than this year's small spate of Linux publicity, namely mentoring and how it can help millennials become productive workers in knowledge fields -- which a whole bunch of them need to start doing PDQ because all the baby boomers everybody loves to hate are either retired already or will be retired before long.

benrothke writes: It wasn't that long ago that building a full network security test lab was an expensive prospect. In The Network Security Test Lab: A Step-by-Step Guide, author Michael Gregg has written a helpful hands-on guide to provide the reader with an economical method to do that. The book is a step-by-step guide on how to create a security network lab, and how to use some of the most popular security and hacking tools. Read below for the rest of Ben's review. The Network Security Test Lab: A Step-by-Step Guide author Michael Gregg pages 480 publisher Wiley rating 9/10 reviewer Ben Rothk ISBN 978-1118987056 summary Good reference to use to build out home test lab for information security The book is a straightforward guide that will help the reader in their quest to master the art of effective use of security and hacking tools. The reader that can put in the time and plow through the 400 pages will certainly come out with a strong understanding of how to run the most common set of popular security tools.

The book is written for the reader on the budget. In the introduction, Gregg writes how one can easily find inexpensive networking equipment at budget prices on eBay. While brand new hardware devices can cost in the thousands; one can find Cisco Catalyst switches, and Nokia IP and Check Point firewalls for under $50. Combined with his emphasis on open source software and tools, this is a most practical reference for those looking to increase their security skills without breaking the bank.

The Network Security Test Lab is meant for the reader with a strong technical background looking to gain experience with network security and related security tools. Other similar books will often waste paper and the reader's time by devoting the first 50 to 100 pages with unwanted introductory text. This book hits the ground running and by page 100, the reader is already analyzing network packets with Wireshark.

As to Wireshark, the book references often. The books online site includes 6 pcap files that can be downloaded and used by the tool in order to analyze various attacks.

The book provides a good balance of coverage between Windows and Linux, and details the use of the many tools for each operating system. Each chapter ends with a series of exercises which can be used to help the reader put the information covered into practice. Those looking to gain experience on a wide variety of tools will enjoy the book. It covers a wide-range of tools and utilities.

The Network Security Test Lab is in the same genre as books such as Hacking Exposed 7: Network Security Secrets and Solutions. The difference is that Hacking Exposed focuses more on the tools, while this book shows the reader how to build a lab to mimic a real world environment. In addition, this book focuses a bit more on using a holistic approach to creating a secure network, as opposed to just hacking in.

In the effort to make the test lab as inexpensive to build as possible, the book places on emphasis on using virtualization. The book focuses on using the VMware Player; a free virtualization software toolkit for Linux and Windows.

The book is a straightforward read for the serious reader. Those willing to put in the effort and the time, to learn through the various tools will find The Network Security Test Lab: A Step-by-Step Guide a great resource in which to build and develop their information security skills.

Reviewed by Ben Rothke.

You can purchase The Network Security Test Lab: A Step-by-Step Guide from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know.

theodp writes: Surprisingly, says Ars Technica's review of Amazon's $50 Fire tablet, it doesn't suck. "There's simply very little reason to spend more when you can get 90 percent of the functionality for a fraction of the price," writes Mark Walton. "The only real niggle right now with the Fire Tablet is the display (and the camera, if you really want to take photos with your tablet). Once budget tabs start coming with 1080p displays as standard, the writing really will be on wall. For now, the Amazon Fire Tablet is the budget tablet to beat." How does cheap technology like this mesh with Bill Gates's dream of putting a computer in every home, and projects like OLPC? Beyond that, any thoughts on what a $50 tablet price point might inspire in education, gaming, and other areas?

sckirklan writes: Amazon has rolled out a new service called Amazon Flex. It lets people sign up to deliver packages using their mobile phone and their car, earning $18-25/hr while doing so. Think Uber, but for package delivery. Their goal is to fully support one-hour delivery within certain cities. The service is available in Seattle to start, and it'll soon expand to Manhattan, Baltimore, Miami, Dallas, Austin, Chicago, Indianapolis, Atlanta, and Portland. No news on what they think of bicycle couriers, but given their focus on being green, I'd imagine something is in the works.

sckirklan writes: Amazon has rolled out a new service called Amazon Flex. It lets people sign up to deliver packages using their mobile phone and their car, earning $18-25/hr while doing so. Think Uber, but for package delivery. Their goal is to fully support one-hour delivery within certain cities. The service is available in Seattle to start, and it'll soon expand to Manhattan, Baltimore, Miami, Dallas, Austin, Chicago, Indianapolis, Atlanta, and Portland. No news on what they think of bicycle couriers, but given their focus on being green, I'd imagine something is in the works.

New submitter sh0wstOpper writes: The topic of the Internet of Things (IoT) is gaining a lot of attention because we are seeing increasing amounts of "things", such as cars, door locks, baby monitors, etc, that are connected and accessible from the Internet. This increases the chances of someone being able to "attack" these devices remotely. The premise of Abusing the Internet of Things is that the distinction between our "online spaces" and our "physical spaces" will become harder to define since the connected objects supporting the IoT ecosystems will have access to both. Keep reading for the rest of sh0wstOpper's review. Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts author Nitesh Dhanjani pages 296 publisher O'Reilly rating 9/10 reviewer Dan Smith ISBN 1491902337 summary Attack & penetration techniques for the Internet of Things In chapter one the author takes apart the popular Philips hue lighting systems by examining the various types of communication protocols (Zigbee, TCP/IP). Packet captures of communications between various systems are presented in an easy to understand fashion. An actual vulnerability that can be abused to cause a blackout is also described.

This chapter also discusses how the lighting system and other IoT objects are starting to integrate with each other using the If This Then That (IFTTT) platform. As such, cross-platform vulnerabilities are discussed. I appreciated this section in particular because it did a good job of helping me think of how attackers are likely to leverage the fact that various IoT devices will want to integrate with each other and the compromise of one device can give someone access to other devices.

There has been a lot of research in the area of wireless door locks. It is easy to see how a simple vulnerability in such a device can compromise physical safety. Chapter 2 clearly articulates vulnerabilities in popular door locks in hotel rooms and how they have been already abused for theft. This chapter also discusses security issues in the Bluetooth Low Energy protocol and closes with good recommendations for consumers as well as for people responsible for designing locks.

I found chapter 3 interesting because it covers the "saga" of popular audio and video monitors manufactured by a company called Foscam. Many researchers have published multiple vulnerabilities in these monitors and this chapter shows how to actually locate hundreds of thousands of exploitable monitors on the Internet. This chapter shows how discussion on Foscam's own user forums have exploded vulnerabilities.

The Belkin WeMo baby monitor (audio only) is discussed next along with packet captures to show communication details. I like that this book lists such details because it helped me understand how the IoT devices are designed and that made me easier to understand the cause of vulnerabilities.

Real stories of concerned parents as well as incidents of how pranksters have been able to scare parents are also discussed. This really drives home the fact that security issues in these products are being exploited.

The topic of concern of chapter 4 is IoT based devices that can be leveraged to protect physical safety. The popular SmartThings suite of IoT devices are the scope of this chapter. Security issues that include hijacking credentials, abusing SmartThings' own IDE platform, and SSL validation vulnerabilities are described.

I enjoyed chapter 5 in particular because it walks through multiple security vulnerabilities targeting multiple products of one vendor: Samsung. The chapter describes the "TOCTTOU" attack and how it's exploited. I've tried to read the original researcher's white paper on this attack and found it confusing but this chapter described it elegantly and I was then able to go back and read the white paper easily.

Bad encryption is the focus of this chapter and I laughed at the heading "You call that encryption?" followed by the sub-heading "I call that encraption". These sections talk about how badly encryption (using XOR) by Samsung have been used to reverse engineer code. The section ends with the line "The slang term *encraption* (with the emphasis on *crap*) is affectionately used by the cyber- security community to call out badly implemented encryption. As this case shows, the title of this section is entirely justified."

Since the chapter is focused on one company, the author does a good job of equating the situation to other companies in the past (such as Microsoft) and how systemic security issues like these should ultimately be addressed by the leadership so that security is embedded into the DNA of the company. I found this perspective valuable.

The topic of car hacking is one of the reasons I bought this book. I have heard of the author in the past based on his research on the Tesla Model S since I came across his presentation at the Black Hat conference last year. Chapter 6 includes emphasis on the Tesla along with how the back end API works to support features such as locating the car remotely, unlocking it, and even starting it. The lack of 2 factor authentication is an an issue that gives rise to simple technique like phishing that can be used to steal a Tesla. Developers are insecurely leveraging Tesla's API in a way that is making car owners send over their clear-text credentials to them. I am amazed that this is currently happening and most Tesla owners don't even know that they are basically handing over their keys to people who they don't know.

This chapter also covers popular research by Chris Vaslek and Charlie Miller, along with remotely exploitable vulnerabilities in telematics systems which has gained a lot of media attention and concern recently.

I found chapter 7 refreshing because it approaches security from the eyes of someone who wants to design a new IoT product. The chapter walks though a design of a wireless door bell using the littleBits IoT platform which is primarily focused on prototyping. The main point of this chapter is that it is much more valuable to design security earlier on in the prototyping stage than deal with security bugs later on in the process. I liked that the chapter uncovered security flaws earlier on in the prototyping of the wireless door bell and tied it back to vulnerabilities found in previous chapters in existing IoT products.

A comprehensive list of threat agents, i.e. the types of entities that may attack an IoT device is presented. This list includes nation states, terrorists, criminal organizations, disgruntled employees, hacktivists, vandals, cyberbullies, and predators. The author does a good job of demonstrating that it is useful to take the use cases of IoT devices and see how each of these threat agents may want to leverage vulnerabilities to achieve their own goals.

The last topic covered here is the concept of bug bounty programs and why it is important for IoT companies to reward researchers who submit security bugs to them for free. I'm close to implementing such a program in my organization so I felt the content in this section was spot on.

Looking into the future, chapter 8 goes through very interesting methods in ways IoT ecosystems can be exploited, starting with the deployment of drones to track individuals, a group of people, or even take over a city. A 'cross-device' attack scenario (with code) to show how a website on a victim's laptop can verbally instruct the Amazon echo to turn lights off was fun an thought provoking, i.e. the fact that IoT devices around us will be able to tell each other what to do and how this can lead to chaos. In addition to other threats in our future, this chapter opens up discussion on the security of interspace communication (with respect to our goals to send manned spacecraft to mars) and also the importance of treading carefully when it comes to super intelligence.

Chapter 9 includes 2 short stories, i.e. "hypothetical scenarios" of an security executive abusing the "buzz" around IoT and failing to think of how to secure his company because of lack of strategical thinking. The second short story demonstrates how IoT companies also need to think of human elements, emotions, and public relations in addition to the technical content in this book.

Overall, I enjoyed this book and I would recommend it to others. I do feel that a lot of the content can be absorbed even if the reader isn't technical, but there may be some parts that may be frustrating to someone who doesn't understand basic concepts of HTTP, TCP/IP, and/or some coding. After reading this book, I feel I have a better grasp of what IoT means to us and what security issues we are facing, and will face.

You can purchase Abusing the Internet of Things: Blackouts, Freakouts, and Stakeouts from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know

MassDosage writes: If you are familiar with the "Effective" style of books then you probably already know how this book is structured. If not here's a quick primer: the book consists of a number of small sections each of which focus on a specific problem, issue or idea and these are discussed in a "here's the best way to do X" manner. These sections are grouped into related chapters but can be read in pretty much any order and generally don't depend on each other (and when they do this will be called out in the text). The idea is that you can read the book from cover to cover if you want but you can also just dip in and out and read only the sections that are of interest to you. This also means that you can use the book as a reference in future when you inevitably forget the details or want to double check something. Read below for the rest of Mass Dosage's review. Effective Python: 59 Specific Ways To Write Better Python author Brett Slatkin pages 227 publisher Addison-Wesley rating 9/10 reviewer Mass Dosage ISBN 978-0-13-403428-7 summary helps you harness the full power of Python to write exceptionally robust, efficient, maintainable, and well-performing code. Effective Python stays true to this ethos and delivers 59 (not 60, nope, not 55) but 59 specific ways to write better Python. These are logically grouped into chapters covering broader conceptual topics like "Pythonic thinking", general technical features like "Concurrency and parallelism" as well as nitty gritty language details like "Meta classes and attributes". The range of topics is excellent and cover relevant aspects of the language that I'd imagine pretty much any developer will encounter at some point while developing Python programs. Even though there is no required order to reading the various sections if you want to read the book from cover to cover it's organized in such a way that you can do this. It starts off with getting your head around coding in Python before moving on to specifics of the language and then ending with advice on collaboration and setting up and running Python programs in production environments.

I really enjoyed the author's approach to each of the topics covered. He explains each item in a very thorough and considered manner with plenty of detail but manages to do this while still being clear and concise. Where relevant he describes multiple ways of achieving a goal while contrasting the pros and cons of various alternative solutions, ending off with what he considers the preferred approach. The reader can then make up their own mind based on the various options which applies best in a given situation instead of just being given one solution. The author clearly understand the internals of the Python language and the philosophy behind some of the design decisions that have resulted in certain features. This means that instead of just offering a solution he also gives you the context and reasoning behind things which I found made it a lot easier to understand. The discussions and reasoning feel balanced and informed by the experience of a developer who has been doing this "in the trenches" for years as opposed to someone in an ivory tower issuing dictates which sound good in theory but don't actually work in the real world. The vast majority of the topics are illustrated through code samples which are built on and modified at each stage along the way to a final solution. This gives the reader something practical they can take away and use and experiment with and clearly shows how something is done. The code samples are easily comprehensible with just enough code to demonstrate a point but not so much that you get distracted by unnecessary additions.

While most of the topics are Python specific plenty of the best practices and advice apply equally well to other programming languages. For example in one section the author recommends resisting some of the brevity offered by the Python where this can lead to unreadable code that is hard to understand but the same could be said of writing code in many other languages (I'm looking at you, Perl). This also applies to a section related to choosing the best data structure for the problem at hand — if you end up nesting Maps within Maps in your code then you're probably doing something wrong regardless of the language. Still, the main focus here is Python and the author does not shy away from going deep into technical details so you'll definitely need some knowledge of the language and ideally some experience using it in order to get the most out of it.

Effective Python is not a book for complete newbies to Python and I think it's suited more to intermediate users of the language wanting to take their skills to the next level or advanced programmers who might need some fresh takes on the way they do things. The subjects and opinions in this book could either convince you to do something differently or reassure you of the reasons why you're already doing things a certain way (external affirmation that you're right is also useful at times!) I'm no Python expert but I found the book drew me in and kept my attention and I certainly learnt a lot which will come in handy the next time I put on my Pythonista hat and do some Python coding. Highly recommended.

You can purchase Effective Python: 59 Specific Ways to Write Better Python from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know.

Etherwalk writes: Windows 95 turns 20 tomorrow, August 24, 2015. Users looking to upgrade from Windows 3.1 should be warned that some reviewers on the Amazon purchase page have been receiving 3.5" high-density floppy disk versions instead of a modern 150 kbps CD-ROM disk. Do you remember first seeing or installing Windows 95? Do you have any systems still running it?