Slashdot Mirror

An anonymous reader writes: Google's Project Sunroof aims to make the task of installing solar panels easier by providing financial advice and stats on what solar energy could do for you. The project is only available in San Francisco, Boston, and Fresno for now. Techcrunch reports: "To get started, you simply plug in your address and some data about your monthly electricity bill, and the tool will tell you what the recommended solar installation size is and how much it would cost to buy or lease the hardware. In case you want to go ahead with a solar install, the tool also lets you reach out to local solar providers. Google says these listings are sponsored, so chances are it'll get a bit of a kickback when it generates a sales lead for these companies."

WearDuino, now being developed by PDX Wearable Health Lab, is the brainchild of Mark Leavitt, MD, PhD; "an experimenter, maker, mentor and consultant in wearable health technologies, drawing on his lifelong experience in the fields of engineering and medicine." The WearDuino, he says, "is an open source wearable wireless sensor." The prototype fits in a FitBit case because, according to Dr. Leavitt, there are millions of unused ones out there, both surplussed by people who bought Fitbits and then stopped using them, and in the form of aftermarket cases sold to make your Fitbit cuter than when it came from the factory. In any case, WearDuino is still in the prototype stage. Dr. Leavitt plans to look for funding through Crowd Supply, but isn't "there" yet, so if you want to get on board with this health wearables project, you'll want to sign up for their Google Group or follow them on Twitter. You might also want to check out Quantified Self (tag line: "self knowledge through numbers"), and even if you vastly prefer videos to text articles, check out the text transcript ("Show/Hide Transcript") attached to this article, because it contains nearly twice as much information as the video, and goes a little deeper than the video into Dr. Leavitt's reasons for building the WearDuino -- none of which are financial gain, believe it or not.

Keith Henson is an electrical engineer and writer on space engineering, space law, cryonics, and evolutionary psychology. He co-founded the L5 society in 1975, which sought to promote space colonization. In addition to being an outspoken critic and target of the Church of Scientology, Keith has recently been working on the design of an orbiting power satellite (video here). The proposed satellite would collect solar energy, send it to Earth via microwaves, and Henson has a plan on how to launch it cheaply. Keith has agreed to give us some of his time and answer any questions you might have. As usual, ask as many as you'd like, but please, one question per post.

Keith Henson is an electrical engineer and writer on space engineering, space law, cryonics, and evolutionary psychology. He co-founded the L5 society in 1975, which sought to promote space colonization. In addition to being an outspoken critic and target of the Church of Scientology, Keith has recently been working on the design of an orbiting power satellite (video here). The proposed satellite would collect solar energy, send it to Earth via microwaves, and Henson has a plan on how to launch it cheaply. Keith has agreed to give us some of his time and answer any questions you might have. As usual, ask as many as you'd like, but please, one question per post.

An anonymous reader writes with a link to a story about one of the unexciting but vital bits of technology that will need to be even further developed as autonomous cars' presence grows: making sure that those cars don't hit people. Google researchers have recently presented findings about a method that tops previous ones for real-time pedestrian detection using neural nets "that is both extremely fast and extremely accurate." From the article: There are other approaches that provide a real-time solution on the GPU but in doing so, have not achieved accuracy targets (in this real-time approach there was a miss rate of 42% on the Caltech pedestrian detection benchmark). Another approach called the VeryFast method can run at 100 frames per second (compared to the Google team's 15) but the miss rate is even greater. Others that emphasize accuracy, even with GPU acceleration, are up to 195 times slower.

Engadget reports that Harvard student Aran Khanna, who was about to begin an internship at Facebook, had that internship yanked after he created (and took down, but evidently too slowly for the company's taste) a browser plug-in that exposed a security flaw in Facebook, by allowing users to discover the location of other users when they use the Messenger app. Surely Khanna won't be jobless or internship-less for long. (Don't expect the app to work now; it's still in the Chrome store as a historical artifact, though, and at GitHub.)

An anonymous reader writes: Mozilla today launched Firefox 40 for Windows, Mac, Linux, and Android. Notable additions to the browser include official Windows 10 support, added protection against unwanted software downloads, and new navigational gestures on Android. Firefox 40 for the desktop is available for download now on Firefox.com, and all existing users should be able to upgrade to it automatically. As always, the Android version is trickling out slowly on Google Play. Changelogs are here: desktop and Android.

theodp writes: While the CollegeBoard warned against drawing a causal link between learning computer science and improved learning in other subjects, Google has no such qualms. "CS is much more than computer programming and coding," writes the Google for Education blog in a post announcing a new gateway for Google's CS education opportunities. "It's a gateway to creativity and innovation not just in technology but in fields as diverse as music, sports, the arts, and health." Among the technology showcased at the gateway is Pencil Code, a programming tool for beginning coders that Google boasts is already helping kids attending the $43K-a-year Beaver Country Day School to brush up their Shakespeare by having students create interactive chatbots that play the part of characters like Lady Macbeth. "After completing this code I knew more and understood more of the play," begins one student's featured testimonial. "It allowed me to interpret Macbeth in a new way that I had never thought of before. I really enjoyed using Pencil Code because it made coding simpler for me and helped me try something new." Elsewhere on its CS gateway, Google laments that a new Google-Gallup Research Study shows that 'Blacks and low-income are less likely to have access' to such computer science opportunities.

theodp writes: While the CollegeBoard warned against drawing a causal link between learning computer science and improved learning in other subjects, Google has no such qualms. "CS is much more than computer programming and coding," writes the Google for Education blog in a post announcing a new gateway for Google's CS education opportunities. "It's a gateway to creativity and innovation not just in technology but in fields as diverse as music, sports, the arts, and health." Among the technology showcased at the gateway is Pencil Code, a programming tool for beginning coders that Google boasts is already helping kids attending the $43K-a-year Beaver Country Day School to brush up their Shakespeare by having students create interactive chatbots that play the part of characters like Lady Macbeth. "After completing this code I knew more and understood more of the play," begins one student's featured testimonial. "It allowed me to interpret Macbeth in a new way that I had never thought of before. I really enjoyed using Pencil Code because it made coding simpler for me and helped me try something new." Elsewhere on its CS gateway, Google laments that a new Google-Gallup Research Study shows that 'Blacks and low-income are less likely to have access' to such computer science opportunities.

HughPickens.com writes: Lisa Rein writes in the Washington Post that a new government review of what the Chinese hack of sensitive security clearance files of 21 million people means for national security is in — and some of the implications are quite grave. According to the Congressional Research Service, covert intelligence officers and their operations could be exposed and high-resolution fingerprints could be copied by criminals. Some suspect that the Chinese government may build a database of U.S. government employees that could help identify U.S. officials and their roles or that could help target individuals to gain access to additional systems or information. National security concerns include whether hackers could have obtained information that could help them identify clandestine and covert officers and operations (PDF).

CRS says that if the fingerprints in the background investigation files are of high enough quality, "depending on whose hands the fingerprints come into, they could be used for criminal or counterintelligence purposes." Fingerprints also could be trafficked on the black market for profit — or used to blow the covers of spies and other covert and clandestine officers, the research service found. And if they're compromised, fingerprints can't be reissued like a new credit card, the report says, making "recovery from the breach more challenging for some." vivaoporto Also points out that these same hackers are believed to be responsible for hacking United Airlines.

An anonymous reader writes: Per Thorsheim, the founder of PasswordsCon, created and trained a biometric profile of his keystroke dynamics using the Tor browser at a demo site. He then switched over to Google Chrome and not using the Tor network, and the demo site correctly identified him when logging in and completing a demo financial transaction. Infosec consultant Paul Moore came up with a working solution to thwart this type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM. A Firefox version of the plugin is in the works.

theodp writes: Microsoft is applauding the Senate's passage of the Every Child Achieves Act, a rewrite of the No Child Left Behind Act, saying the move will improve access to K-12 STEM learning nationwide. The legislation elevates Computer Science to a "core academic subject", opening the door to a number of funding opportunities. The major overhaul of the U.S. K-12 education system, adds Microsoft on the Issues, also "advances some of the goals outlined in Microsoft's National Talent Strategy," its "two-pronged" plan to increase K-12 CS education and tech immigration. Perhaps Microsoft is tackling the latter goal in under-the-radar White House visits with the leaders of Mark Zuckerberg's FWD.us PAC, like this one, attended by Microsoft's William "It's Our Way Or the Canadian Highway" Kamela and FWD.us President Joe "Save Us From Just-Sort-of-OK US Workers" Green.

New submitter Grady Martin writes: Toshiaki Endo, Japan's government-appointed parliament member in charge of planning for the 2020 Tokyo Olympics, has expressed hopes of supplying the Olympic/Paralympic village with foods grown in Fukushima [Google's autotranslation], stating, 'Using foods from Fukushima in the village is another possibility. I wish to strengthen ties with ground zero in numerous ways.' Would you eat it?

An anonymous reader writes with news reported by VentureBeat that Google will be discontinuing developer access to its unofficial Autocomplete API, as of August 10 of this year. A snippet from the article: Google currently supports more than 80 APIs that developers can use to integrate Google services and data into their applications. The company also has unsupported and unpublished APIs which people outside the company have discovered and leveraged. One of those is the Autocomplete API. The company says it is making this move "in the interest of maintaining the integrity of autocomplete as part of Search," that it wants to "ensure that users experience autocomplete as it was designed to be used," and finally that "this provides the best user experience for both services." I'm sure many will disagree.

An anonymous reader writes: While YouTube's streaming platform currently supports 3D videos OR 360 degree videos, the combination of the two is essential for properly immersive virtual reality video. Fortunately, the company has announced that they'll soon enable support for 3D + 360 degree videos, bringing more immersive VR video capability to the platform. Currently, 360 degree YouTube videos can be viewed through desktop web browsers and on the YouTube Android and iOS apps, with the Android app being the only one of the bunch currently providing a side-by-side view for VR viewers like Google's Cardboard.

An anonymous reader writes: Now that Google Photos exists separately from Google+, the company is shutting down the Google+ version of Photos starting on August 1. The Android version will be the first to go, followed shortly thereafter by the iOS and web versions. Fortune calls the old Photos app "a relic of the times when the search giant thought its social network Google Plus could become a huge hit."

An anonymous reader points out The Register's story that recent changes to the spam filters that Google uses to pare down junk in gmail evidently are a bit overzealous. Linus Torvalds, who famously likes to manage by email, and whose email flow includes a lot of mailing lists, isn't happy with it. Ironically perhaps, it was only last week that the Gmail team blogged that its spam filter's rate of false positives is down to less than 0.05 per cent. In his post, Torvalds said his own experience belies that claim, and that around 30 per cent of the mail in his spam box turned out not to be spam. "It's actually at the point where I'm noticing missing messages in the email conversations I see, because Gmail has been marking emails in the middle of the conversation as spam. Things that people replied to and that contained patches and problem descriptions," Torvalds wrote.

VentureBeat, an anonymous reader notes, reports that Google has announced it will expand on an earlier move to provide free internet service to poor Austin residents. Now, rather than for 4300 residents of housing provided by the Housing Authority of Austin, the company "has promised to expand that offering to every other current and future Google Fiber market. The move is part of U.S. President Obama's ConnectHome program, launched by the White House and the Department of Housing and Urban Development (HUD) with the goal of bringing Internet connectivity to more school-aged children and families living in HUD-assisted housing in 27 communities across the country. ... Google promises the program will extend to all its Google Fiber cities."

Lauren Weinstein writes: Around the world, dictatorships and democracies alike are attempting to restrict access to strong encryption that governments cannot decrypt or bypass on demand. Firms providing strong encryption to protect their users — such as Google and Apple — are now being accused by government spokesmen of "aiding" terrorism by not making their users' communications available to law enforcement on demand. Increasingly, governments that have proven incapable of protecting their own systems from data thefts are calling for easily abused, technologically impractical government "backdoors" in commercial encryption that would put all private communications at extreme risk of attacks. This new G+ community will discuss means and methods to protect our rights related to encrypted communications, unfettered by government efforts to undermine our privacy in this context.

benrothke writes: Far too many technology books take a Hamburger Helper approach, where the first quarter or so of the book is about an introduction to the topic, and filler at the end with numerous appendices of publicly available information. These books end up being well over 800 pages without a lot of original information, even though they are written an advanced audience. In software engineering, a design pattern is a general repeatable solution to a commonly occurring problem in software design. A design pattern isn't a finished design that can be transformed directly into code. It is a description or template for how to solve a problem that can be used in many different situations. Using that approach for the cloud, in Cloud Computing Design Patterns, authors Thomas Erl, Robert Cope and Amin Naserpour have written a superb book that has no filler and fully stocked with excellent and invaluable content. Keep reading for the rest of Ben's review. Cloud Computing Design Patterns author Thomas Erl, Robert Cope, Amin Naserpour pages 592 publisher Prentice Hall rating 9/10 reviewer Ben Rothke ISBN 0133858561 summary Provides well-explained vendor-agnostic patterns to the challenges of providing or using cloud solutions from PaaS to SaaS. The authors use design patterns to refer to different aspects of cloud architectures and its design requirements. In the cloud, just as in software, design patterns can speed up the development process by providing tested, proven development paradigms. The book contains over 100 different design pattern scenario templates that are common to a standard enterprise cloud roll-out. Each scenario uses a common template which starts with a question or specific requirement. It then details the problem, solution, application and the mechanisms used to solve the problem.

The authors build on the notion that for anyone who wants to architect a large cloud solution, they need to have a broad understanding of the many factors involved with the real-world usage of cloud services. Because cloud services are so easy to deploy, they are often incorrectly misconfigured during roll-out and deployment. The authors write that its crucial have a strong background in cloud services before doing any sort of a rollout. Because it's often so easy to deploy cloud services, this results in far too many failed cloud projects. And when the project is poorly implemented, it can actually cause the business to be in a far worse point from where it was before the cloud rollout.

The authors deserve credit for writing a completely vendor agnostic reference, even though there are many times you would appreciate it if they could suggest a vendor for a specific solution. Some of the more interesting patterns detailed in the book are:

• Hypervisor clustering – how can a virtual server survive the failure of its hosting hypervisor or physical server?
• Stateless hypervisor – how can a hypervisor be deployed with a minimal amount of downtime, while allowing for quick updating and upgrading?
• Trusted platform BIOS – how can the BIOS on a cloud-based environment be protected from malicious code?
• Trusted cloud resource pools – how can cloud-based resource pools be secured and become trusted?
• Detecting and mitigating user-installed VMs – how can user installed VMs from non-authorized templates be detected and secured?

The book is replete with these scenarios, and each scenario includes downloadable figures that effectively illustrate the mechanisms used to solve the problem.

Chapter 3 provides a number of first-rate architectural ideas on how to design a highly resilient cloud solution. Much of the promise of the cloud is built on scalability, elasticity and overall optimization. These chapters show how to take those possibilities from conceptual to a working implementation.

Cloud failures are inevitable and chapter 4 details how to build failover, redundancy and recovery of IT resources for the cloud environment.

Chapter 9 is particularly important, as far too many designers think that since the underlying cloud abstraction layer is highly secure, everything they build on top of that will have the same level of security. The book details a number of design patterns that are crucial to ensuring the cloud design is securing that data at rest and is resistant against specific cloud attacks.

With a list price of $49.99, the book is a bargain considering the amount of useful information it provides. For anyone involved with cloud computing design and architecture, Cloud Computing Design Patterns, is an absolute must read.

Reviewed by Ben Rothke.

You can purchase Cloud Computing Design Patterns from amazon.com. Slashdot welcomes readers' book reviews (sci-fi included) -- to see your own review here, read the book review guidelines, then visit the submission page. If you'd like to see what books we have available from our review library please let us know.

Bismillah writes: Security researchers are confused as to how the export control and licensing controls covering exploits affect their work. The upcoming Wassenaar restrictions were expected to discourage publication of such research, and now it's already started to happen. Grant Wilcox, writing his dissertation for the University of Northumbria at Newcastle, was forced to take a better-safe-than-sorry approach when it came time to release the vulnerabilities he found in Microsoft's EMET 5.1. "No legal consultation on the matter took place, but Wilcox noted that exploit vendors such as Vupen had started to restrict sales of their products and services because of new export control and licensing provisions under the Wassenaar Arrangement. ... Wilcox investigated the export control regulations but was unable to clarify whether it applied to his academic work. The university did not take part. He said the provisions defining which type of exploits and software are and aren't controlled were written in ambiguous language and appeared to contradict each other."

TrixX writes: Police have raided the home of an Argentinian security professional who discovered and reported several vulnerabilities in the electronic ballot system (Google translation of Spanish original) to be used next week for elections in the city of Buenos Aires. The vulnerabilities (exposed SSL keys and ways to forge ballots with multiple votes) had been reported to the manufacturer of the voting machines, the media, and the public about a week ago. There has been no arrest, but his computers and electronics devices have been impounded (Spanish original). Meanwhile, the information security community in Argentina is trying to get the media to report this notorious attempt to "kill the messenger." Another source (Spanish original).

TrixX writes: Police have raided the home of an Argentinian security professional who discovered and reported several vulnerabilities in the electronic ballot system (Google translation of Spanish original) to be used next week for elections in the city of Buenos Aires. The vulnerabilities (exposed SSL keys and ways to forge ballots with multiple votes) had been reported to the manufacturer of the voting machines, the media, and the public about a week ago. There has been no arrest, but his computers and electronics devices have been impounded (Spanish original). Meanwhile, the information security community in Argentina is trying to get the media to report this notorious attempt to "kill the messenger." Another source (Spanish original).

TrixX writes: Police have raided the home of an Argentinian security professional who discovered and reported several vulnerabilities in the electronic ballot system (Google translation of Spanish original) to be used next week for elections in the city of Buenos Aires. The vulnerabilities (exposed SSL keys and ways to forge ballots with multiple votes) had been reported to the manufacturer of the voting machines, the media, and the public about a week ago. There has been no arrest, but his computers and electronics devices have been impounded (Spanish original). Meanwhile, the information security community in Argentina is trying to get the media to report this notorious attempt to "kill the messenger." Another source (Spanish original).

An anonymous reader writes: Last week, many Chromecast users were automatically "upgraded" to build 32904. Among the issues seen with this update are placing some users on the 'beta' release track, issues with popular apps such as Plex, HBO GO, (more embarassingly) YouTube, and others. Google so far has been slow to respond or even acknowledge the issues brought by customers, save for the beta release mishap. If you're a Chromecast user, what's been your experience?

An anonymous reader writes: Last week, many Chromecast users were automatically "upgraded" to build 32904. Among the issues seen with this update are placing some users on the 'beta' release track, issues with popular apps such as Plex, HBO GO, (more embarassingly) YouTube, and others. Google so far has been slow to respond or even acknowledge the issues brought by customers, save for the beta release mishap. If you're a Chromecast user, what's been your experience?

An anonymous reader writes: Last week, many Chromecast users were automatically "upgraded" to build 32904. Among the issues seen with this update are placing some users on the 'beta' release track, issues with popular apps such as Plex, HBO GO, (more embarassingly) YouTube, and others. Google so far has been slow to respond or even acknowledge the issues brought by customers, save for the beta release mishap. If you're a Chromecast user, what's been your experience?

An anonymous reader writes: Last week, many Chromecast users were automatically "upgraded" to build 32904. Among the issues seen with this update are placing some users on the 'beta' release track, issues with popular apps such as Plex, HBO GO, (more embarassingly) YouTube, and others. Google so far has been slow to respond or even acknowledge the issues brought by customers, save for the beta release mishap. If you're a Chromecast user, what's been your experience?

An anonymous reader writes: Last week, many Chromecast users were automatically "upgraded" to build 32904. Among the issues seen with this update are placing some users on the 'beta' release track, issues with popular apps such as Plex, HBO GO, (more embarassingly) YouTube, and others. Google so far has been slow to respond or even acknowledge the issues brought by customers, save for the beta release mishap. If you're a Chromecast user, what's been your experience?

HughPickens.com writes: Quentin Hardy reports at the NY Times that Google has announced it is opening its 14th data center inside a former coal-fired power plant in Stevenson, Alabama. While there is considerable irony in taking over a coal-burning plant and promoting alternative power, there are pragmatic reasons Google would want to put a $600 million data center in such a facility. These power facilities are typically large and solid structures with good power lines. The Alabama plant is next to a reservoir on the Tennessee River with access to lots of water, which Google uses for cooling its computers. There are also rail lines into the facility, which makes it likely Google can access buried conduits along the tracks to run fiber-optic cable. In Finland, Google rehabilitated a paper mill, and uses seawater for cooling. Salt water is corrosive for standard metal pipes, of course, so Google created a singular cooling system using plastic pipes.

HughPickens.com writes: Quentin Hardy reports at the NY Times that Google has announced it is opening its 14th data center inside a former coal-fired power plant in Stevenson, Alabama. While there is considerable irony in taking over a coal-burning plant and promoting alternative power, there are pragmatic reasons Google would want to put a $600 million data center in such a facility. These power facilities are typically large and solid structures with good power lines. The Alabama plant is next to a reservoir on the Tennessee River with access to lots of water, which Google uses for cooling its computers. There are also rail lines into the facility, which makes it likely Google can access buried conduits along the tracks to run fiber-optic cable. In Finland, Google rehabilitated a paper mill, and uses seawater for cooling. Salt water is corrosive for standard metal pipes, of course, so Google created a singular cooling system using plastic pipes.

HughPickens.com writes: The Intercept reports that in the aftermath of the NSA's sweeping surveillance of three French presidents, French Justice Minister Christiane Taubira thinks National Security Agency whistleblower Edward Snowden and WikiLeaks founder Julian Assange might be allowed to settle in France. Taubira was asked about the NSA's surveillance of three French presidents, disclosed by WikiLeaks this week, and called it an "unspeakable practice." Taubira's comments echoed those in an editorial in France's leftist newspaper Libération that France should respond to the U.S.'s "contempt" for its allies by giving Edward Snowden asylum. France would send "a clear and useful message to Washington, by granting this bold whistleblower the asylum to which he is entitled," wrote editor Laurent Joffrin in an angry editorial titled "Un seul geste" — or "A single gesture." (google translate) If Paris offers Snowden asylum, it will be joining several other nations who have done so in the past, including Bolivia, Nicaragua and Venezuela. However, Snowden is still waiting in Moscow to hear from almost two dozen other countries where he has requested asylum.

An anonymous reader writes: VentureBeat notes that Google has begun testing an unannounced service to host and edit source code repositories as part of its cloud platform. It's called Cloud Source Repositories, and it's currently being beta-tested. "Google is taking a gradual approach with the new service: It can serve as a 'remote' for Git repositories sitting elsewhere on the Internet or locally. Still, over time the new tool could help Google become more of an all-in-one destination for building and deploying applications."

Many millions of American students have been called on to construct a wooden birdhouse as part of a middle- or high-school shop class. To make a birdhouse from wood and nails may not requite advanced carpentry, but it does take eye-hand coordination, object recognition, the ability to lift constituent pieces, and to grasp and wield tools -- and each of those can be broken down further into smaller tasks and skills of the kind that we as humans don't generally have to think about. ("Rotate wrist slightly to account for board angle.") For robots, it's another story: like the computers that run them, robots generally only do what they're told. Industrial robots can do some complex tasks, but they're expensive and complex to program.

Benjamin Cohen is a Ph.D candidate at the University of Pennsylvania working under adviser Maxim Likhachev with a real-world, cheap way to make robots to accomplish a multi-step project with minimal human intervention, which he calls "autonomous robotic assembly." Project Birdhouse -- part of his Ph.D. work, along with teammates Mike Phillips and Ellis Ranter -- is Cohen's effort to create a sort of "Hello, World" for robots. With a combination of a research-platform robot base, off-the-shelf parts, like a nail gun (read: "One not built for robot use"), and software to squeeze greater accuracy out of the system as a whole, he and his colleagues have come up with a robot that can grab a selection of parts, align them properly, and assemble them with nails into a functional birdhouse. QR codes let the robot give the robot a sort of recipe to follow, and the system is smart enough to squawk if it doesn't have the right parts to complete the task. (Check out more video with the robot in action, and a great many photos, sketches, and diagrams illustrating the project's evolution.)

NOTE: We split today's video in half, with both halves running right here, today. This way, if you watch the first video and and want to learn more, you can move on to the second one. And the transcript not only covers both videos, but has "bonus" material that isn't in either one.

necro81 writes: James Horner, the Oscar-winning composer for the soundtracks of dozens of movies, died Monday while piloting his aircraft in California. Horner, who had a long collaboration with directors James Cameron and Ron Howard, was behind the music for major blockbusters like Avatar, Titanic, Braveheart, Apollo 13, and A Beautiful Mind. Other scores notable to the /. crowd include Star Trek II, Sneakers, Deep Impact, Aliens, Searching for Bobby Fischer, Willow, and *Batteries Not Included.

TigerPlish writes: Allstate has been granted patent no. US 20140080100 A1 for a "driving-behavior database that it said might be useful for health insurers, lenders, credit-rating agencies, marketers and potential employers." The program is just in the patent stage for now, but the company says: "the invention has the potential to evaluate drivers' physiological data, including heart rate, blood pressure and electrocardiogram signals, which could be recorded from steering wheel sensors." Imagine a world where you are denied employment or credit based on the information obtained from your car and sold by your insurer. What could possibly go wrong?

cjellibebi writes: Neural networks that were designed to recognize images also hold some interesting capabilities for generating them. If you run them backwards, they turn out to be capable of enhancing existing images to resemble the images they were meant to try and recognize. The results are pretty trippy. A Google Research blog post explains the research in great detail. There are pictures, and even a video. The Guardian has a digested article for the less tech-savvy.

cjellibebi writes: Neural networks that were designed to recognize images also hold some interesting capabilities for generating them. If you run them backwards, they turn out to be capable of enhancing existing images to resemble the images they were meant to try and recognize. The results are pretty trippy. A Google Research blog post explains the research in great detail. There are pictures, and even a video. The Guardian has a digested article for the less tech-savvy.

An anonymous reader writes: Google has fallen under criticism for including a compiled audio-monitoring binary in Chromium for Debian. A report was logged at Debian's bug register on Tuesday noting the presence of a non-auditable 'hotword' module in Chromium 43. The module facilitates Google's "OK, Google" functionality, which listens for that phrase via a Chrome user's microphone and attempts afterwards to interpret the user's instructions as a search query. Matt Giuca from the Chromium development team responded after the furore developed, disclaiming Google from any responsibility from auditing Chromium code, but promising clearer controls over the feature in release 45.

An anonymous reader writes: The NY Times previously reported that Disney made laid-off workers train their foreign replacements. The Times now reports that Disney has reversed its decision to lay off the workers and canceled training of the replacements. This follows public uproar, two investigations by the Department of Labor into outsourcing firms, complaints to the Justice Department, and calls for an investigation into the H-1B Visa program by Senator Bill Nelson. One of the workers said, "We were told our jobs were continuing and we should consider it as if nothing had happened until further notice." A former Disney employee who was forced to take an early retirement shared his personal thoughts on the matter in a Google+ post.

An anonymous reader notes a report from El Reg on a major cross-app resource vulnerability in iOS and Mac OS X. Researchers say it's possible to break app sandboxes, bypass App Store security checks, and crack the Apple keychain. The researchers wrote, "specifically, we found that the inter-app interaction services, including the keychain and WebSocket on OS X and URL Scheme on OS X and iOS, can all be exploited by [malware] to steal such confidential information as the passwords for iCloud, email and bank, and the secret token of Evernote. Further, the design of the App sandbox on OS X was found to be vulnerable, exposing an app’s private directory to the sandboxed malware that hijacks its Apple Bundle ID. As a result, sensitive user data, like the notes and user contacts under Evernote and photos under WeChat, have all been disclosed. Fundamentally, these problems are caused by the lack of app-to-app and app-to-OS authentications." Their full academic paper (PDF) is available online, as are a series of video demos. They withheld publication for six months at Apple's request, but haven't heard anything further about a fix.

An anonymous reader notes a report from El Reg on a major cross-app resource vulnerability in iOS and Mac OS X. Researchers say it's possible to break app sandboxes, bypass App Store security checks, and crack the Apple keychain. The researchers wrote, "specifically, we found that the inter-app interaction services, including the keychain and WebSocket on OS X and URL Scheme on OS X and iOS, can all be exploited by [malware] to steal such confidential information as the passwords for iCloud, email and bank, and the secret token of Evernote. Further, the design of the App sandbox on OS X was found to be vulnerable, exposing an app’s private directory to the sandboxed malware that hijacks its Apple Bundle ID. As a result, sensitive user data, like the notes and user contacts under Evernote and photos under WeChat, have all been disclosed. Fundamentally, these problems are caused by the lack of app-to-app and app-to-OS authentications." Their full academic paper (PDF) is available online, as are a series of video demos. They withheld publication for six months at Apple's request, but haven't heard anything further about a fix.

An anonymous reader sends news that Google has launched the Android Security Rewards program, which expands its bug bounty efforts to include vulnerabilities in the Android mobile operating system. At present, the program is fairly limited — only bugs found in the most recent version of Android are accepted, and only those that exist on the Nexus 6 phone or the Nexus 9 tablet. Google says that list will change in the future. "Eligible bugs include those in Android Open Source Project (AOSP) code, OEM code (libraries and drivers), the kernel, and the TrustZone OS and modules. Vulnerabilities in other non-Android code, such as the code that runs in chipset firmware, may be eligible if they impact Android’s overall security." Bounty amounts range from $500 for a moderate severity bug to $2,000 for a critical bug. The amounts can be increased by various multipliers if a security researcher is able to submit code that helps Google test or fix the issue.

HughPickens.com writes: Susan Crawford reports on "El Paquete" (the package), Cuba's answer to the internet, an informal but extraordinarily lucrative distribution chain where anyone in Cuba who can pay can watch telenovelas, first-run Hollywood movies, and even search for a romantic partner. The so-called "weekly package," which is normally distributed from house to house contains the latest foreign films a week, shows, TV series, documentaries, games, information, music, and more. The thumb drives make their way across the island from hand to hand, by bus, and by 1957 Chevy, their contents copied and the drive handed on. "El Paquete plays to Cuban strengths and needs," writes Crawford because Cubans are great at sharing. "And being paid to be part of the thumb-drive supply chain is a respectable job in an economy that is desperately short on employment opportunities." Sunday the "weekly package" of 1 terabyte is priced at $ 10, then $2 on Monday or Tuesday and $1 for the rest of the week.

The sneakernet is still in use today in other parts of the world including Bhutan where a sneakernet distributes offline educational resources, including Kiwix and Khan Academy on a Stick to hundreds of schools and other educational institutions. Google once used a sneaknet to transport 120 TB of data from the Hubble Space Telescope. "Never underestimate the bandwidth of a station wagon full of magnetic tapes hurtling down the highway".

Hundreds of CubeSats have been launched to Earth orbit since 2003. Now, though, two of the small-form-factor craft are set for a deeper space mission. According to Spaceflight Now, The twin CubeSat mission, known as Mars Cube One, will launch on an Atlas 5 rocket in March 2016 with NASA’s InSight lander. The CubeSats will relay status signals from InSight as the landing probe descends through the atmosphere, eliminating potential delays in verifying the success of the mission. ... Each Mars Cube One, or MarCO, CubeSat spacecraft measures 14.4 inches (36.6 centimeters) by 9.5 inches (24.3 centimeters) by 4.6 inches (11.8 centimeters) when closed up for launch, according to the Jet Propulsion Laboratory, which announced details of the mission Friday. The standardized and small CubeSat has made satellite design and launching accessible to schools and others; going to Mars costs a lot more (in this case it's a "$13 million secondary mission"), but it could conceivably put interplanetary probes possible for deep-pocketed universities or corporations.

An anonymous reader writes: As face recognition software becomes more capable, companies and governments are coming up with new ways to use it. Microsoft has already patented a Minority Report-style personalized billboard, and loss prevention departments in big stores are rolling out systems to "pre-identify" shoplifters. But this rush to implement the technology runs afoul of privacy laws in at least two U.S. states: Illinois and Texas forbid the use of face recognition software without "informed consent" from the target. Facebook is the target of a recent lawsuit in Illinois over this exact issue; it's likely to test the strength of such a law. "Facebook and Google use facial recognition to detect when a user appears in a photograph and to suggest that he or she be tagged. Facebook calls this "Tag Suggestions" ... With the boom in personalized advertising technology, a facial recognition database of its users is likely very, very valuable to Facebook. ... Eager to extract that value, Facebook signed users up by default when it introduced Tag Suggestions in 2011. This meant that Facebook calculated faceprints for every user who didn't take the steps to opt out." If Facebook loses and citizens start pushing for similar laws in other states, it could keep our activities in public relatively anonymous for a bit longer.

An anonymous reader writes: Last week, Mozilla updated Firefox to add Pocket integration — software that lets you save web articles to read later. Over the weekend, some Firefox users began to voice their displeasure over the move on public forums like Bugzilla, Google Groups, and Hacker News. The complaints center around Pocket being a proprietary third-party service, which already exists as an add-on, and is not a required component for a browser. Integrating Pocket directly into Firefox means it cannot be removed, only disabled. In response, Mozilla has released a statement saying users like the integration and the integration code is open source.

An anonymous reader writes: Back in May, a report from the Associated Press pieced together information on car accidents that involved autonomous vehicles. Google, the company testing the most self-driving cars on public roads right now, said the automation technology was not at fault in any of the accidents. However, they took criticism for declining to provide any detail. Now, they've changed that stance, releasing specifics on all of the accidents involving their autonomous cars. They set up a new website for releasing monthly reports. According to their first report (PDF), there have been 12 accidents since 2010. The vast majority of them involved another car rear-ending the Google car while waiting at a stop sign/light. There was one incident where another car rolled a stop sign, one in which another car veered into the AV's lane, and one incident where a Google employee driving the car in manual mode rear-ended another car. None of the accidents resulted in an injury.

theodp writes: Among the books recommended by Bill Gates for beach reading this summer is How to Lie With Statistics, the published-in-1954-but-timely-as-ever introduction to the (mis)use of statistics. So, how can one lie with statistics? "Sometimes it is percentages that are given and raw figures that are missing," explains the book, "and this can be deceptive too." So, does this explain Google's just-released Diversity Report and the accompanying chock-full-o-percentages narrative (find-all-%-image), which boasts "the Black community in grew [sic] by 38 percent", while the less-impressive raw figures — e.g., the number of Google employees increased by 5,928, but the ranks of Black females only increased by 35 (less than 0.6% of the net increase) — are relegated to a PDF of its EEO-1 Report that's linked to in the fine-print footnotes? To be fair to Google, Microsoft, Twitter, Apple and Amazon didn't want people to see their EEO-1 numbers, either.

theodp writes: Among the books recommended by Bill Gates for beach reading this summer is How to Lie With Statistics, the published-in-1954-but-timely-as-ever introduction to the (mis)use of statistics. So, how can one lie with statistics? "Sometimes it is percentages that are given and raw figures that are missing," explains the book, "and this can be deceptive too." So, does this explain Google's just-released Diversity Report and the accompanying chock-full-o-percentages narrative (find-all-%-image), which boasts "the Black community in grew [sic] by 38 percent", while the less-impressive raw figures — e.g., the number of Google employees increased by 5,928, but the ranks of Black females only increased by 35 (less than 0.6% of the net increase) — are relegated to a PDF of its EEO-1 Report that's linked to in the fine-print footnotes? To be fair to Google, Microsoft, Twitter, Apple and Amazon didn't want people to see their EEO-1 numbers, either.