Slashdot Mirror

itwbennett writes: ITworld's Josh Fruhlinger asked seasoned (and some not-so-seasoned) tech professionals what they wished they knew back when they were newly minted graduates entering the workforce. Perhaps not surprisingly, some of the best advice has more to do with soft skills than with tech skills. To wit: 'When [managers] say they are suggesting you do something, it's not really a suggestion — it is an order disguised as a suggestion. Plain-speaking is a lost art at big companies and corporate double talk is the name of the game.' What's your best piece of advice for the newest among you?

itwbennett tips news that Uber has amended its privacy policy, making it much simpler to read and understand. But the policy also includes changes to what data Uber collects about its riders. Beginning July 15th, the Uber phone app will keep track of a rider's location while it's running in the background. Uber says riders will be able to opt out of this tracking. The policy changes also allow for advertising using the rider's contact list: "for example the ability to send special offers to riders' friends or family." The revision of Uber's privacy policy followed complaints at the end of last year that the company was overstepping its bounds.

jfruh writes: The FCC's Lifeline program subsidizes phone service for very poor Americans; it gained notoriety under the label "Obamaphone," even though the program started under Reagan and was extended to cell phones under Clinton. Now the FCC is proposing that the program, which is funded by a fee on telecom providers, be extended to broadband, on the logic that high-speed internet is as necessary today as telephone service was a generation ago.

jfruh writes: The promise of the cloud is that your storage and computing problems will be abstracted away from messy physical objects that you need to maintain, taken care of far way by other people. Well, it turns out that those other people need to buy a lot of servers.

chicksdaddy writes: In what may become a trend, an insurance company is denying a claim from a California healthcare provider following the leak of data on more than 32,000 patients. The insurer, Columbia Casualty, charges that Cottage Health System did an inadequate job of protecting patient data. In a complaint filed in U.S. District Court in California, Columbia alleges that the breach occurred because Cottage and a third party vendor, INSYNC Computer Solution, Inc. failed to follow "minimum required practices," as spelled out in the policy. Among other things, Cottage "stored medical records on a system that was fully accessible to the internet but failed to install encryption or take other security measures to protect patient information from becoming available to anyone who 'surfed' the Internet," the complaint alleges. Disputes like this may become more common, as insurers anxious to get into a cyber insurance market that's growing by about 40% annually use liberally written exclusions to hedge against "known unknowns" like lax IT practices, pre-existing conditions (like compromises) and so on.

jfruh writes: Point-of-sale software has meant that in many cases where once you'd have seen a cash register, you now see a general-purpose PC running point-of-sale (PoS) software. Unfortunately, those PCs have all the usual vulnerabilities, and when you run software on it that processes credit card payments, they become a tempting target for hackers. One of the latest attacks on PoS software comes in the form of malicious Word macros downloaded from spam emails.

itwbennett writes: In follow-up to a story that appeared on Slashdot yesterday about a critical vulnerability in the NetUSB service, networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected and said they are working on fixes. ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year.

itwbennett writes: The U.S. Commerce Department has proposed tighter export rules for computer security tools and could prohibit the export of penetration testing tools without a license. The proposal would modify rules added to the Wassenaar Arrangement in 2013 that limit the export of technologies related to intrusion and traffic inspection. The definition of intrusion software would also encompass 'proprietary research on the vulnerabilities and exploitation of computers and network-capable devices,' the proposal said.

jfruh writes: Java made its public debut twenty years ago today, and despite a sometimes bumpy history that features its parent company being absorbed by Oracle, it's still widely used. Mark Reinhold, chief architect for the Oracle's Java platform group, offers one explanation for its continuing popularity: it's easy for humans to understand it at a glance. "It is pretty easy to read Java code and figure out what it means. There aren't a lot of obscure gotchas in the language ... Most of the cost of maintaining any body of code over time is in maintenance, not in initial creation."

itwbennett writes: Google Tone is an experimental feature that could be used to easily and instantly share browser pages, search results, videos and other pages among devices, according to Google Research. "The initial prototype used an efficient audio transmission scheme that sounded terrible, so we played it beyond the range of human hearing," researcher Alex Kauffmann and software engineer Boris Smus wrote in a post on the Google Research blog.

itwbennett writes: NetUSB, a service that lets devices connected over USB to a computer be shared with other machines on a local network or the Internet, is implemented in Linux-based embedded systems, such as routers, as a kernel driver. Once enabled, it opens a server that listens on TCP port 20005 for connecting clients. Security researchers from a company called Sec Consult found that if a connecting computer has a name longer than 64 characters, a stack buffer overflow is triggered in the NetUSB service. The advisory notice has a list of affected routers.

jfruh writes: Much of the history of computing products and services involves getting people desperate for better performance and faster results to pay a premium to get what they want. But Google has a new beta service that's going in the other direction — offering cheap cloud computing services for customers who don't mind waiting. Jobs like data analytics, genomics, and simulation and modeling can require lots of computational power, but they can run periodically, can be interrupted, and can even keep going if one or more nodes they're using goes offline.

itwbennett writes: A startup company whose backers include Qualcomm, Cisco Systems and a former ARM executive, and which reportedly has raised "well north of $116 million" has just come out of stealth mode. The first thing to know about the company, which calls itself 21, is that it has designed an embedded chip for bitcoin mining. The details aren't entirely clear, but the plan seems to be to get its bitcoin mining chip embedded into millions of smartphones and tablets, and for those devices to work collectively to mine new currency. But the company has larger ambitions: It sees its chip as a way to solve the problem of micro payments and it could also be used to pay for the chips themselves. This was followed by news that the New York Stock Exchange will begin tracking and showing Bitcoin's dollar value. Reader Lashdots adds a link to an article describing how Silicon Valley finally joined the rush to invest in Bitcoin-related businesses.

itwbennett writes: Researchers from the University of Illinois at Urbana-Champaign and Duke University recently looked at the main causes of Internet latency and what it would take to achieve speed-of-light performance. The first part of the paper, titled Towards a Speed of Light Internet, is devoted to finding out where the slowdowns are coming from. They found that the bulk of the delay comes from the latency of the underlying infrastructure, which works in a multiplicative way by affecting each step in the request. The second part of the paper proposes what turns out to be a relatively cheap and potentially doable solution to bring Internet speeds close to the speed of light for the vast majority of us. The authors propose creating a network that would connect major population centers using microwave networks.

itwbennett writes: The FTC has weighed in on the contentious issue of the proposed sale of consumer data by RadioShack, recommending that a settlement with failed online toy retailer Toysmart.com be adopted as a model for dealings going forward. Director of the FTC's bureau of consumer protection Jessica L. Rich wrote in a letter to a court-appointed consumer privacy ombudsman that the agency's concerns about the transfer of customer information inconsistent with RadioShack's privacy promises "would be greatly diminished if certain conditions were met." These include: that the data was not sold standalone, and if the buyer is in the same lines of business, they agree to be bound by the same privacy policies.

jfruh writes: Starbucks inspires loyalty among its heavy users — so much so that they're willing to connect their Starbucks gift cards and phone apps directly to their credit or debit cards, auto-refilling the balance when it runs low. But this has opened up a hole hackers can exploit. Writing about the scheme journalist Bob Sullivan says: "The fraud is a big deal because Starbucks mobile payments are a big deal. Last year, Starbucks said it processed $2 billion in mobile payment transactions, and about 1 in 6 transactions at Starbucks are conducted with the Starbucks app. Maria Nistri, 48, was a victim this week. Criminals stole the Orlando women’s $34.77 in value she had loaded onto her Starbucks app, then another $25 after it was auto-loaded into her card because her balance hit 0. Then, the criminals upped the ante, changing her auto reload amount to $75, and stealing that amount, too. All within 7 minutes."

itwbennett writes: Slashdot readers will remember that back in February, electric car battery maker A123 Systems sued Apple for allegedly "raiding" the Waltham, Massachusetts, company and hiring five employees, including two top-level engineers. The loss of these workers essentially forced A123 to shut down some of its main projects, the suit alleged. Now, according to court documents filed Monday, A123 and Apple "have reached an agreement, signed a term sheet, and are in the process of drafting a final settlement agreement."

itwbennett writes: In a blog post, Rado Kotorov, Chief Innovation Officer at Information Builders asserts that the creators of enterprise apps implicitly assume some of the responsibility for other people's decision making. He says it's not just developers, but anyone who is involved, from defining the concept, to requirements gathering, to final implementation. Thus, the creators of the app have an ethical obligation to ensure that people can reach the right conclusions from the facts and the way they are presented in the app.

jfruh writes: One of the main selling points of ridesharing services like Uber are that they streamline the payment process: everything is taken care of in the app, which is already linked to your credit card. But in many places in the developing world, most people are unbanked and use only cash, and Uber will have to accommodate them to achieve its global ambitions. Thus, the company is launching a pilot project in India where passengers can pay in cash.

jfruh writes: Many security-savvy users have a password manager that stores their randomly-generated passwords — but if that manager is cracked, the gig is up. Some security researchers are suggesting a technique to stop this: a password manager that offers up fake passwords when an attacker tries and fails to crack it, which makes the process of figuring out if you've broken in much more difficult.

itwbennett writes: A team of anonymous developers who recently created a Linux rootkit that runs on graphics cards has released a new proof-of-concept malware program that does the same on Windows. A Mac OS X implementation is also in the works. The problem the developers are trying to highlight lies not with the operating systems, such as Windows or Linux, nor with the GPU (graphics processor unit) vendors, but rather with existing security tools, which aren't designed to scan the random access memory used by GPUs for malware code.

jfruh writes: When Nokia sold its handset business to Microsoft, one of the services left that it intended to rebuild the company on was Here, its rival to Google Maps. But now a deal is said to be in the works to sell Here to Uber, a company that relies heavily on navigation services and that doesn't want to end up too reliant on Google, a potential rival in the futuristic self-driving car business.

itwbennett writes: A team of developers has created a rootkit for Linux systems that uses the processing power and memory of graphics cards instead of CPUs in order to remain hidden. The rootkit, called Jellyfish, is a proof of concept designed to demonstrate that completely running malware on GPUs is a viable option. Such threats could be more sinister than traditional malware programs, according to the Jellyfish developers, in part because there are no tools to analyze GPU malware, they said.

itwbennett writes: FAA administrator Michael P. Huerta announced Wednesday a new Pathfinder Program under which the agency has partnered with three U.S. companies to explore three key types of unmanned operations, possibly paving the way for operations such as the aerial delivery of packages as proposed by companies like Amazon.com. One of the companies the FAA has partnered with is drone manufacturer PrecisionHawk, which will be surveying crops in rural areas using unmanned aircraft flying outside of the pilot's direct vision.

itwbennett writes: An analysis of GitHub data shows that C developers are creating the most ugly hacks — or are at least the most willing to admit to it. To answer the question of which programming language produces the most ugly hacks, ITworld's Phil Johnson first used the search feature on GitHub, looking for code files that contained the string 'ugly hack'. In that case, C comes up first by a wide margin, with over 181,000 code files containing that string. The rest of the top ten languages were PHP (79k files), JavaScript (38k), C++ (22k), Python (19k), Text (11k), Makefile (11k), HTML, (10k), Java (7k), and Perl (4k). Even when controlling for the number of repositories, C wins the ugly-hack-athon by a landslide, Johnson found.

jfruh writes: If you use a Mac, you probably recognize MacKeeper from the omnipresent popup ads designed to look vaguely like system warnings urging you to download the product and use it to keep your computer safe. Now the Ukranian company behind the software and the ads may have to pay millions in a class action suit that accuses them of exaggerating security problems in order to convince customers to download the software.

itwbennett writes: Several weeks ago, during a speech at the Founders Forum Smart Nation Singapore Reception, Singapore's prime minister Lee Hsien Loong said that he used to enjoy programming, and that the last program he wrote was a Sudoku solver in C++. To back that up, earlier today he announced (on Facebook and Twitter) that his code is available to download. He wrote on Facebook that he wrote the program 'several years ago' and that the code does 'a backtrack search, choosing the next cell to guess which minimises the fanout.'

itwbennett writes: An initiative between Apple, IBM and Japan Post Holdings could put iPads in the hands of up to 5 million members of Japan's elderly population. The iPads, which will run custom apps from IBM, will supplement Japan Post's Watch Over service where, for a monthly fee, postal employees check on elderly residents and relay information on their well-being to family members.

jfruh writes: Dozens died in the runup to Nigeria's most recent election — a shocking statistic to many Westerners, but a relief in comparison to the much more serious violence that plagued earlier elections. Observers are crediting technology with making the election safer: the use of biometric IDs gave voters more confidence in the results, and social media gave people a chance to blow of anger that might've otherwise results in street brawls.

itwbennett writes: Amateur radio has stepped in to fill communication gaps in Nepal, which is struggling with power outages and a flaky Internet after a devastating earthquake on Saturday killed over 5,000 people. Though 99 persons have ham licenses in Kathmandu, about eight use high-frequency (HF) radios that can transmit long distances, while another 30 have very high frequency and ultra high frequency sets for local traffic, said Satish Kharel, a lawyer in Kathmandu, who uses the ham call signal 9N1AA. The hobbyist radio operators are working round-the-clock to help people get in touch with relatives, pass on information and alert about developing crises.

jfruh writes: The "wild west" days of ridesharing services may be coming to an end. The governor of Massachusetts has proposed a bill that would regulate Uber, Lyft, and their rivals in the state. Among the new rules: ridesharing services would have to run background checks on their drivers and keep a roster of active drivers; vehicles would need to have some external marker indicating that they're a ridesharing car; and drivers would need to hold at $1 million worth of insurance when transporting passengers.

itwbennett writes: E-commerce giant Alibaba Group hasn't given up on its YunOS mobile operating system, and is taking the software to China's rural markets through a series of low-cost phones, which will be built by lesser-known Chinese brands and will range from 299 yuan ($49) to 699 yuan. Slashdot readers may remember that in 2012, Google claimed it was a variant of its Android OS, sparking a clash that threatened to derail Alibaba's effort to popularize the mobile OS.

itwbennett writes: The tools available to developers who need to build an application once and deploy everywhere have exploded. Frameworks like famo.us, Ionic, PhoneGap, Sencha Touch, Appcelerator, Xamarin, and others are reducing the grunt work and improving the overall quality of web based mobile applications dramatically. The benefits of a build once, deploy everywhere platform are pretty obvious, but are they enough to make up for the hits to user experience?

jfruh writes: Google has announced that it will be adding mobile-friendliness to the list of factors that will get a site bumped up in search rankings. Sites that have no mobile versions — which includes sites owned by Wikipedia, the BBC and the European Union — will find themselves with lower Google search placement, starting today.

jfruh writes In the early days of brands on Facebook, it was crucial for companies to garner as many "likes" as possible to boost their image, and that led to some unethical businesses selling likes that came from fake accounts. Now Facebook is informing brands that they're working to root out fake likes, leaving like counts lower but realer. Now if only I could get my relatives to stop clicking on pictures that say they like puppies and are against cancer.

jfruh writes Google has figured out how to produce an Internet-broadcast balloon in a few hours, and is on the verge of unleashing Project Loon onto the world. The project, which will work with ISPs to beam LTE cellular signals to remote regions that don't have Internet access, will be working with local ISPs rather than selling broadband directly to customers.

itwbennett writes Wikileaks has published a searchable database of thousands of emails and documents from Sony Pictures Entertainment that were leaked in late 2014 after the studio was attacked by hackers. Some of the 173,132 emails and 30,287 documents contain highly personal information about Sony employees including home addresses, personal phone numbers and social security numbers, a fact which is likely to raise new concerns about the use of stolen information online.

itwbennett writes: Called NailO, the prototype trackpad is similar to the stick-on nails sometimes used as a fashion accessory. It attaches to the user's thumb and can be controlled by running a finger over its surface. The processor, battery, sensing chip and Bluetooth radio are included on a circuit board that sits under the capacitive trackpad. The two are connected via a small ribbon cable, which means the trackpad is not quite as thin as a stick-on nail, but reducing the size is one of the aims of the researchers.

itwbennett writes The list of products designed to be security enhanced that turned out to be anything but seems to get longer by the day. In just the latest instance, reported by Wired last week, the crowd-funded privacy-enhancing home router Anonabox had to be recalled after an independent researcher discovered serious security flaws in the product. But security experts caution that the real problem may be bigger than vulnerabilities hidden in application code: "Designed for security products don't just have to be good. They have to be beyond reproach," explains John Dickson, a Principal at the Denim Group. "All it takes is one guy with a grudge to undo you."

itwbennett writes: MIT researchers are working on a new programming language called Picture, which could radically reduce the amount of coding needed to help computers recognize objects in images and video. It is a prototype of how a relatively novel form of programming, called probabilistic programming, could reduce the amount of code needed for such complex tasks. In one test of the new language, the researchers were able to cut thousands of lines of code in one image recognition program down to fewer than 50.

itwbennett writes A 56-page notebook manuscript by Alan Turing, the English mathematician considered to be the father of modern computer science, was sold at auction Monday for $1.025 million. Turing apparently wrote in the notebook in 1942 when he was working in Bletchley Park, England, trying to break German military code. “It gives us insight into how Alan Turing tackles problems. Sadly it shows us what he never got to finish,” said Cassandra Hatton, senior specialist at Bonhams.

itwbennett writes An otherwise unremarkable hacking group likely aligned with China appears to be one of the first to have targeted so-called air-gapped networks that are not directly connected to the Internet, according to FireEye, which released a 69-page technical report on Sunday on the group. FireEye picked up on it after some of the malware used by the group was found to have infected defense-related clients in the U.S., said Jen Weedon, manager of strategic analysis with FireEye.

itwbennett writes: U.S. government agencies have stopped Intel from selling microprocessors for China's supercomputers, apparently reflecting concern about their use in nuclear tests. In February, four supercomputing institutions in China were placed on a U.S. government list that effectively bans them from receiving certain U.S. exports. The institutions were involved in building Tianhe-2 and Tianhe-1A, both of which have allegedly been used for 'nuclear explosive activities,' according to a notice (PDF) posted by the U.S. Department of Commerce. Intel has been selling its Xeon chips to Chinese supercomputers for years, so the ban represents a blow to its business.

jfruh writes When Facebook's EdgeRank algorithm filters a meme you posted out of your friends' feed, you might find that annoying. When your bank's algorithm denies you a mortgage, that has a serious effect on your life. But both kinds of algorithms are generally opaque to customers and regulators, and the FTC's Bureau of Consumer Protection has set up an office dedicated to figuring out these algorithms affect our lives and intersect with the law. Perhaps they can start with how the IRS selects people to audit, and whether constantly shifting TSA policies make sense.

itwbennett writes Adam Wulf recently spent two weeks live-streaming himself writing every line of code for a new mobile app. He originally started to live-stream as 'a fun way to introduce the code to the community.' But he quickly learned that it helps him to think differently than when he was coding without the camera on. "Usually when I work, so much of my thought process is internal monologue," he said, "but with live streaming I try to narrate my thought process out loud. This has forced me to think through problems a little differently than I otherwise would, which has been really beneficial for me."

jfruh writes You might think that DSL lost the race to cable and fiber Internet years ago, but Alcatel-Lucent's Bell Labs is working on a host of projects to extract more and faster bandwidth out of existing technologies. The company's G.fast technology aims to get hundreds of megabits a second over telephone lines. Other projects are aiming to boost speeds over fiber and cell networks as well.

itwbennett writes Employees at three call centers in Mexico, Colombia and the Philippines sold hundreds of thousands of AT&T customer records, including names and Social Security numbers, to criminals who attempted to use the customer information to unlock stolen mobile phones, the U.S. Federal Communications Commission said. AT&T has agreed to pay a $25 million civil penalty, which is the largest related to a data breach and customer privacy in the FCC's history.

jfruh writes LG will let people in a host of countries use its G4 free for 30 days — with the hope that this will result in positive buzz on social media sites. From the article: "By offering 4,000 people a G4 for 30 days, the company hopes to create some buzz around its new device as flagship devices from its rivals Samsung Electronics and HTC go on sale. The Consumer Experience Campaign kicks off in South Korea on Wednesday, and will then expand to Turkey, Indonesia, Singapore, U.S., China, India, Brazil, Canada, U.K., France, Germany, Mexico, Japan and Hong Kong, LG said."

itwbennett writes The Bitcoin Foundation, an organization that promotes development of bitcoin, is 'effectively bankrupt' and has shed most of its staff, according to Olivier Janssens, a member of the foundation's board of directors. Janssens attributed the foundation's financial straits to two years of 'ridiculous spending and poorly thought out decisions,' adding that the board has tried to remedy the situation by finding a new executive director. Two other board members, however, said the foundation was not bankrupt, though in need of some kind of restructuring.

itwbennett writes The most interesting people that Uber is now hiring aren't drivers: they're engineers. The mobile ride-hailing app has listed a slew of jobs at its new Advanced Technologies Center in Pittsburgh. In particular, Uber is looking for engineers in the areas of robotics, machine learning, communications, traffic simulation, vehicle testing, and software and hardware development.