Slashdot Mirror

An anonymous reader quotes The Hill: China said Saturday it will return the unmanned U.S. drone it seized in the South China Sea, calling the issue "hyped up" by the U.S. "Upon confirming that the device was a U.S. underwater drone, the Chinese side decided to transfer it to the U.S. side in an appropriate manner," said the spokesman for the Chinese Defense Ministry, Sr. Col. Yang Yujun, according to CNN. "China and the United States have been communicating about this process. It is inappropriate -- and unhelpful for a resolution -- that the U.S. has unilaterally hyped up the issue. We express our regret over that."
A Defense Ministry spokesman added that China opposes U.S. "surveillance and military surveys in waters facing China...and demands the U.S. cease such activities. China will stay alert over relevant U.S. activities and will take necessary measures to counter them."

The Department of Homeland Security's CERT issued a warning last week that users should "strongly consider" not using some models of NetGear routers, and the list expanded this week to include 11 different models. Netgear's now updated their web page, announcing eight "beta" fixes, along with three more "production" fixes. chicksdaddy writes: The company said the new [beta] firmware has not been fully tested and "might not work for all users." The company offered it as a "temporary solution" to address the security hole. "Netgear is working on a production firmware version that fixes this command injection vulnerability and will release it as quickly as possible," the company said in a post to its online knowledgebase early Tuesday.

The move follows publication of a warning from experts at Carnegie Mellon on December 9 detailing a serious "arbitrary command injection" vulnerability in the latest version of firmware used by a number of Netgear wireless routers. The security hole could allow a remote attacker to take control of the router by convincing a user to visit a malicious web site... The vulnerability was discovered by an individual...who says he contacted Netgear about the flaw four months ago, and went public with information on it after the company failed to address the issue on its own.

ATT and Verizon have responded to the FCC's letters that argued the way the two companies handle the practice of exempting their own video apps from data caps on customers' smartphones can hurt competition and consumers. The Verge reports: The companies defended the programs, which allow select data sources to not count toward customers' data plans through a process known as zero-rating. Although it did not explicitly ban them in new net neutrality rules laid out last year, the FCC has been critical of such programs, arguing that they can be used to hurt competition by unfairly favoring some data, creating an uneven playing field for businesses. In a noticeably pointed response, ATT takes a similar line to the position it's held all along: programs like Data Free TV, which allows customers to use data from ATT-owned DirecTV without it counting toward a plan, are not anticompetitive, but are simply a perk consumers enjoy. Verizon, in its response, makes similar arguments defending its FreeBee data program, which allows data from Verizon-owned Go90 to not count toward a data plan. "FreeBee data provides tangible benefits to consumers by increasing the amount of what they can do and watch online, at no cost to them," the company's response says.

An anonymous reader writes: One of the biggest selling points of ATT's DirecTV Now service is that it streams video without counting against data caps on the ATT mobile network. But T-Mobile USA customers will also be able to watch DirecTV Now without using up data, the carrier announced yesterday. DirecTV Now is one of the latest services added to Binge On, which exempts dozens of video services from data caps as long as customers are willing to limit mobile viewing quality to about 480p. T-Mobile also promised to reimburse customers for DirecTV Now for 12 months if they port a phone number from the ATT network to T-Mobile and purchase at least two lines. This offer consists of a $35 monthly bill credit, enough to cover the DirecTV Now promotional price. This is a limited-time offer and cannot be combined with other offers like "Carrier Freedom," which reimburses customers for early termination fees when they switch to T-Mobile. "ATT wants you to think DirecTV is theirs exclusively, but that's a load of crap," Legere said in T-Mobile's press release yesterday. "Both DirecTV Now and the DirecTV apps stream free on T-Mobile with a faster, more advanced network that covers nearly every American. ATT is so distracted by their new businesses and DirecTV that they continue to ignore their 110 million wireless customers. Luckily, the Un-carrier's here to show them how to actually take care of customers!"

Evernote has withdrawn planned changes to its privacy policy that would have permitted some employees to view the content of users' note, as the company works on new features that rely on machine-learning technology. From a report on VentureBeat: The company caused an uproar earlier this week when news emerged of the pending changes, which were due to take effect on January 23. Even if users were to opt out of allowing their information to be viewed by employees, the planned changes drew attention to the company's existing policy that permitted employees to look at users' content "for other reasons stated in our Privacy Policy," which included quite a few vague reasons, including "to maintain and improve the service." Evernote CEO Chris O'Neill issued an apology of sorts yesterday for the company's "poor communication" around the policy, and pointed out that users' information would be anonymized. But today the company has gone one step further by announcing that it's no longer implementing the planned changes in their current form .

An anonymous reader writes: Swedish hardware hacker Ulf Frisk has created a device that can extract Mac FileVault2 (Apple's disk encryption utility) passwords from a device's memory before macOS boots and anti-DMA protections kick in. The extracted passwords are in cleartext, and they also double as the macOS logon passwords. The attack requires physical access, but it takes less than 30 seconds to carry out. A special device is needed, which runs custom software (available on GitHub), and uses hardware parts that cost around $300. Apple fixed the attack in macOS 10.12.2. The device is similar to what Samy Kamker created with Poison Tap.

Apple's AirPods finally went on sale earlier this week after being announced in September and delayed in October. Now that people are able to actually purchase these wireless earphones for $159, many are wondering what happens if they lose an AirPod. Apple has recently updated its repair and replacement costs for AirPods on its iPhone Service Pricing Page, mentioning a $69 fee for those who need to replace an AirPod or charging case. Mac Rumors reports: Apple doesn't appear to be offering AppleCare+ for AirPods, instead providing a standard one-year warranty that's available on all Apple products. If the AirPods need service during that one year period, all work will be covered for free. After the one-year warranty has expired, Apple will charge a $69 fee for out-of-warranty service repairs. Battery service for AirPods that lose battery capacity is free during the one-year warranty period or $49 out of warranty. If you lose or damage one of the AirPods or the charging case, Apple will charge $69 for a replacement, regardless of whether or not the AirPods are still under warranty. The pricing in Apple's support document is U.S. pricing, and will vary based on country.

Apple's AirPods finally went on sale earlier this week after being announced in September and delayed in October. Now that people are able to actually purchase these wireless earphones for $159, many are wondering what happens if they lose an AirPod. Apple has recently updated its repair and replacement costs for AirPods on its iPhone Service Pricing Page, mentioning a $69 fee for those who need to replace an AirPod or charging case. Mac Rumors reports: Apple doesn't appear to be offering AppleCare+ for AirPods, instead providing a standard one-year warranty that's available on all Apple products. If the AirPods need service during that one year period, all work will be covered for free. After the one-year warranty has expired, Apple will charge a $69 fee for out-of-warranty service repairs. Battery service for AirPods that lose battery capacity is free during the one-year warranty period or $49 out of warranty. If you lose or damage one of the AirPods or the charging case, Apple will charge $69 for a replacement, regardless of whether or not the AirPods are still under warranty. The pricing in Apple's support document is U.S. pricing, and will vary based on country.

Nintendo's first smartphone game "Super Mario Run" is now available in the App Store across the world. The game follows the success of Pokemon Go, which launched earlier this year. Nintendo owns a third of the Pokemon Company, but the game itself was developed by Niantic. The Independent reports: But just like Pokemon Go, the game requires that anyone playing it has a connection to the internet. That's intended as a way of stopping pirates getting around the game's relatively expensive $10 price -- not required to download the game, but to unlock it -- but has already drawn some complaints. In the case of Pokemon Go, which also required that people were online, the huge popularity of the game meant that its servers regularly crashed and were sometimes intentionally taken offline. That in turn meant that the game was impossible to play for large amounts of time, since it required that same connection, as Super Mario Run will. The restriction will also mean that fans won't be able to play the game underground or on flights, or anywhere else with restricted Wi-Fi. But for the most part, the game has been hailed as a signal that Nintendo are finally bringing their nostalgia-inducing characters to a broader range of platforms and consoles. The company unveiled the game at the launch event for the iPhone 7, drawing praise for having liberated Mario and his friends and enemies from Nintendo's own consoles for the first time. You can download Super Mario Run here.

An anonymous reader quotes a report from The Next Web: A few months I wrote about the Consumer Review Fairness Act. In a nutshell, this offers legal protections to consumers who leave negative reviews on sites like Yelp and TripAdvisor. You can now call out the restaurant who gave you food poisoning, or a bed-bug infested hotel without the risk of being dragged into a civil court. The long-overdue bill explicitly bans non-disparagement clauses in contracts between businesses and patrons. Over the years, there's been a rash of people getting sued after speaking their mind online. Today, President Obama signed off on the Consumer Review Fairness Act. It's now law. As great as this is for consumers, it's even better for the likes of TripAdvisor and Yelp, whose business model relies on people being able to speak their minds.

Verizon has just announced that it plans to roll out Samsung's upcoming Note 7 update, which permanently stops the recalled smartphone from charging and disables its wireless radios, on January 5th. Only last week, the leading US carrier took a controversial stance when it said it would "not be taking part in this update because of the added risk this could pose to Galaxy Note 7 users that do not have another device to switch to." From a report on The Verge: The company was particularly concerned about nuking the Note 7 during the holiday travel season, something that its US rivals also seemed to take into consideration when scheduling a roll-out date for the update. AT&T is waiting until the very same day. Sprint will release it on January 8th. And T-Mobile's going first among major US carriers on December 27th. Verizon still seems to think it's making the right decision pushing things off a bit for the same reasons. "We want to make sure you can contact family, first responders, and emergency medical professionals during the holiday travel season."

Earlier this week, Fitbit announced that it was buying up the assets of smartwatch maker Pebble, and a lot of questions still exist around exactly how Pebble's existing products will work. Today a member of Pebble's developer team attempted to address some of those questions. From a report on The Next Web: In a blog post, it noted that it will keep Pebble software and services running through 2017. Jon Barlow, who was previously on Pebble's Developer Evangelist team and is now part of Fitbit's transition effort, wrote: "To be clear, no one on this freshly-formed team seeks to brick Pebble watches in active service. The Pebble SDK, CloudPebble, Timeline APIs, firmware availability, mobile apps, developer portal, and Pebble appstore are all elements of the Pebble ecosystem that will remain in service at this time. Pebble developers are welcome to keep creating and updating apps. Pebble users are free to keep enjoying their watches."

Verizon is reconsidering its $4.8 billion purchase of Yahoo, according to Bloomberg. Citing a source, the publication claims that Wednesday's announcement by Yahoo -- theft of info from one billion users -- has led Verizon to consider scrapping the deal entirely. From the report: While a Verizon group led by AOL Chief Executive Officer Tim Armstrong is still focused on integration planning to get Yahoo up and running, another team, walled off from the rest, is reviewing the breach disclosures and the company's options, said the person, who asked not to be identified discussing private information. A legal team led by Verizon General Counsel Craig Silliman is assessing the damage from the breaches and is working toward either killing the deal or renegotiating the Yahoo purchase at a lower price, the person said. One of the major objectives for Verizon is negotiating a separation from any future legal fallout from the breaches. Verizon is seeking to have Yahoo assume any lasting responsibility for the hack damage, the person said.

An anonymous reader quotes a breaking report from ABC News: Yahoo says it believes hackers stole data from more than one billion user accounts in August 2013. The Sunnyvale, California, company says it's a different breach from the one it disclosed in September, when it said 500 million accounts were exposed. That new hack revelation raises questions about whether Verizon will try to change the terms of its $4.8 billion proposed acquisition of Yahoo. Yahoo says the information stolen may include names, email addresses, phone numbers, birthdates and security questions and answers. The company says it believes bank-account information and payment-card data were not affected.

An anonymous reader quotes a breaking report from ABC News: Yahoo says it believes hackers stole data from more than one billion user accounts in August 2013. The Sunnyvale, California, company says it's a different breach from the one it disclosed in September, when it said 500 million accounts were exposed. That new hack revelation raises questions about whether Verizon will try to change the terms of its $4.8 billion proposed acquisition of Yahoo. Yahoo says the information stolen may include names, email addresses, phone numbers, birthdates and security questions and answers. The company says it believes bank-account information and payment-card data were not affected.

An anonymous reader quotes a report from Ars Technica: On Monday, energy company Deepwater Wind announced that its wind farm three miles off the coast of Block Island, Rhode Island, has the all-clear to sell electricity to the regional power grid. The Block Island Wind Farm is the first offshore wind energy plant in the U.S., and it's expected to produce 30 MW of electricity at full capacity. Deepwater Wind is slowly ramping up energy output and still must provide additional paperwork to the Rhode Island Coastal Resources Management Council, but the executive director of that organization, Grover Fugate, told the Providence Journal, "we don't anticipate any major issues" to getting the wind farm fully online. The one hitch in the Deepwater's plan is that one of the five turbines was recently damaged when a drill bit was left in a critical part of turbine. According to the Providence Journal, "the bit had caused damage to an unspecified number of the 128 magnet modules that line the circular generator and are critical to producing energy." Although the magnet modules can apparently be replaced easily, Deepwater needs to have the components shipped from France, where General Electric, the manufacturer of the wind turbines, makes them. For now, four turbines capable of churning out 6 MW of power each are operational. The Providence Journal notes that National Grid will pay Deepwater Wind 24.4 cents per kilowatt hour of power, with the price escalating over time to 47.9 cents per kilowatt hour. Because the residents of Block Island have some of the most expensive electricity rates in the nation, they will actually see energy savings, despite the price. Mainland Rhode Islanders, on the other hand, will pay an extra $1.07 per month on average.

An anonymous reader quotes a report from Windows Central: Microsoft is surging forward with its commitment to artificial intelligence (AI), formally announcing its latest chatbot, Zo. In a post outlining its commitment to AI, Microsoft introduced Zo as the next chapter in the evolution of its attempts to create a social chatbot. Zo is built on the back of the same technology that powers Microsoft's other chatbots in China and Japan, Xiaoice and Rinna. Zo is meant to learn from her interactions with humans, and is able to respond to conversations with her own personality. In a nod to an awkward turn of events involving Microsoft's last attempt at a social chatbot, Tay, the company notes that Zo has guards in place to prevent exploitation. While you can currently only strike up a conversation with Zo on Kik messenger, Microsoft says it has plans to bring the chatbot to Skype and Facebook Messenger as well. Still, if you use Kik, you can start a conversation up with Zo now. Otherwise, head to Zo.ai to request an invite to chat with the bot on Messenger when it's available.

An anonymous reader quotes a report from The Hill: The Obama administration released a long-awaited rule on Tuesday requiring all new vehicles to have communication technology that allows them to "talk" to each another, which officials say could prevent tens of thousands of crashes each year. The proposal calls for all new light-duty cars and trucks to eventually be equipped with vehicle-to-vehicle (V2V) technology, a safety system that enables cars to send wireless signals to each other, anticipate each other's moves and thus avoid crashes. The rule would require 100 percent of new vehicle fleets to have V2V technology within four years of the final rule's enactment. The proposal will be open for public comment for 90 days. The connected vehicle rule builds on previous work by the outgoing administration to accelerate the deployment of innovative safety technology. The Department of Transportation released the first-ever federal guidelines for driverless cars in September. "We are carrying the ball as far as we can to realize the potential of transportation technology to save lives," said Transportation Secretary Anthony Foxx. "This long-promised V2V rule is the next step in that progression. Once deployed, V2V will provide 360-degree situational awareness on the road and will help us enhance vehicle safety." Officials say V2V has the potential to mitigate 80 percent of non-impaired crashes and can interact with other crash avoidance systems, like automatic braking. V2V uses dedicated short-range radio communications to exchange messages about a car's speed, direction and location. The system uses that information from other vehicles to identify potentials risks and warn its driver. A pair of Democratic senators called on the agency to ensure that vehicles have "robust" cybersecurity and privacy protections in place before automakers deploy V2V.

Uber is defending the scope of its privacy practices after a wide-ranging report alleged employees were tracking individual riders. From a CNBC report: "We have hundreds of security and privacy experts working around the clock to protect our data," Uber told "Reveal" in a statement. Additionally, Uber told CNBC that it is continuing to increase its security investments. The company pointed to workers that needed data for their roles, such as anti-fraud experts, or employees that validate driver insurance documents or investigate traffic incidents. "It's absolutely untrue that 'all' or 'nearly all' employees have access to customer data, with or without approval," Uber said. "We have built [an] entire system to implement technical and administrative controls to limit access to customer data to employees who require it to perform their jobs. This could include multiple steps of approval -- by managers and the legal team -- to ensure there is a legitimate business case for providing access." According to legal documents filed by ex-employee Ward Spangenberg in October and reported by The Center for Investigative Reporting on Monday, "Uber's lack of security regarding its customer data was resulting in Uber employees being able to track high profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses."

China may have been hoping to attract tech talent to its nation, but it is unlikely that people in the tech industry will move there. A columnist at Bloomberg explains why: The biggest problem is government control of the internet. For a software developer, the inconvenience goes well beyond not being able to access YouTube during coffee breaks. It means that key software libraries and tools are often inaccessible. In 2013, China blocked Github, a globally important open-source depository and collaboration tool, thereby forcing developers to seek workarounds. Using a virtual private network to "tunnel" through the blockades is one popular option. But VPNs slow uploads, downloads and collaboration. And it isn't just developers who suffer. Among the restricted sites in China is Google Scholar, a tool that indexes online peer-reviewed studies, conference proceedings, books and other research material into an easily accessible format. It's become a crucial database for academics around the world, and Chinese researchers -- even those with VPNs -- struggle to use it. The situation grew so dire this summer that several state-run news outlets published complaints from Chinese scientists, with one practically begging the nationalist Global Times newspaper: "We hope the government can relax supervision for academic purposes." The cumulative impact of these restrictions is significant. Scientists unable to keep up with what researchers in other countries are publishing are destined to be left behind, which is one reason China is having difficulty luring foreign scholars to its universities. Programmers who can't take advantage of the sites and tools that make development a global effort are destined to write software customized solely for the Chinese market. The author has raised several other reasons to make his case.

Following a lawsuit revealed back in October in which Apple exposed an issue with a large percentage of fake Apple adapters being marketed as "genuine" online, today the company has posted an official warning to customers. From a report on 9to5Mac: The message, posted on the front page of the company's support webpage, warns customers that counterfeit power adapters and batteries could pose safety issues. The company also offers customers that might have had a recent battery replacement the option to bring in their devices to an Apple Store or authorized service provider to check if the battery is genuine.

An anonymous reader quotes a report from Motherboard: A little over a year ago, it was big news that thousands of people and hundreds of institutions controlling more than $2.6 trillion in total assets had pledged to remove their investments from stocks, mutual funds, and bonds that invest in fossil fuel companies. A year later, that number has doubled. According to a report by DivestInvest, a philanthropy helping to lead the movement, more than 688 institutions and 60,000 individual investors worth $5.2 trillion have pulled their investments from fossil fuel companies and have reinvested a portion of their assets into clean energy companies. In September 2015, 436 institutions and 2,040 individuals worth $2.6 trillion had divested. For comparison, the total net worth of investors who had pulled out of the fossil fuel market was just $52 billion in September 2014. Divestment is increasingly seen as one of the stronger moves that private citizens and companies can take to support the move to clean energy. The movement started in earnest in 2011 when college students began petitioning their institutions to remove their assets from stocks, bonds, and mutual funds that invest in fossil fuel companies. What was seen as a gimmick at the time appears to be gaining real momentum a year after the Paris Climate Treaty was signed.

The Wall Street Journal is reporting (Warning: paywalled; alternate source) that Panasonic is "introducing convenience-store checkout machines that can scan and bag items on their own, joining Amazon.com Inc. in the push for more retail automation." The machines will also tally up the total amount owed at checkout so that all you have to do is pay. TechCrunch reports: Last week, Amazon revealed its own more frictionless convenience store pilot, with a location that lets shoppers simply walk out with whatever they want to purchase, for which they're charged automatically via their Amazon account. The Panasonic system uses tags applied to the goods you pick up to tally the cost as you shop, and then automatically bags your selections via a trap-door in the counter that accepts your basket when you're ready to go. It could help with lines, and could also help address some of the issues with current self-checkout system, which require a user to scan their own items to find out their bill prior to paying. That added step may seem small, but it actually causes a lot of headaches and hangups, especially with shoppers who aren't so comfortable with tech. Panasonic's setup is already in use at a Lawson convenience store near its Osaka HQ, but the broader rollout is still a while off.

An anonymous reader writes: To protect Tor users from FBI hacking tools that include all sorts of Firefox zero-days, the Tor Project started working on a sandboxed version of the Tor Browser in September. Over the weekend, the Tor Project released the first alpha version of the sandboxed Tor Browser. "Currently, this version is in an early alpha stage, and only available for Linux," reports BleepingComputer. "There are also no binaries available, and users must compile it themselves from the source code, which they can grab from here." The report notes: "Sandboxing is a security mechanism employed to separate running processes. In computer security, sandboxing an application means separating its process from the OS, so vulnerabilities in that app can't be leveraged to extend access to the underlying operating system. This is because the sandboxed application works with its own separate portion of disk and memory that isn't linked with the OS."

The most anxious day of Reddit CEO Steve Huffman's life, he says, was showing up to work on the Monday after Thanksgiving this year. The week before, he had thrown the company into a minor political crisis. From a CNBC report: After weeks being antagonized by the users of Reddit communities like /r/The_Donald and /r/pizzagate, Huffman had covertly edited messages posted by other users that were critical of him, to instead be critical of those communities' leaders. On the latest episode of Recode Decode, hosted by Kara Swisher, Huffman said he conceived this as a prank, "in the spirit of fun." "I figured, I'm just going to mess with these bullies, and I actually have the capability of messing with them, so I'll do so," Huffman said. "I wanted to do something. I didn't do the right thing, but that was my mentality." Huffman says the aftermath of this "prank," users questioning whether their posts had ever been edited without their consent in the past, was "devastating," and that he knows it will take time to rebuild trust within the community. At an all-hands staff meeting on that anxious Monday, he apologized directly to Reddit's staff and said he wanted them all to be proud to work there.

Apple is rolling out a fix for the iCloud Calendar spam issue that has plagued users over the past few weeks. On iCloud.com, reports 9to5Mac, the company has added a new Report Junk feature. This lets users remove spammy invites from their calendar and reports the sender to Apple for further investigation. From the report: The feature is currently only available on Apple's iCloud.com Calendar web app but it is likely to roll out to the iOS and Mac native Calendar in a future software update. Since early November, some Apple users were seeing a deluge of calendar invites from unsolicited people (usually with Chinese names) that used the description field of calendar invites to 'advertise' junkware and various physical products.

An anonymous reader quotes BuzzFeed: On Saturday evening, Twitter reinstated -- with verification -- the account of Richard Spencer, a leading figure of the so-called alt-right movement, and the head of the white nationalist think tank, The National Policy Institute. Spencer's account was suspended mid-November as part of a larger cull of prominent alt-right accounts... However, according to Twitter, Spencer was banned on a technicality: creating multiple accounts with overlapping uses. Twitter's multiple account policy was put in place as a safeguard to help curb dog piling and targeted harassment. [Twitter] offered to reinstate one of Spencer's accounts if he agreed to follow the company's protocols.
Vox says the move "raises the question of to what extent Twitter intends to enforce the 'hateful conduct' policy." But the suspension had also been criticized by David Frum, a senior editor at the Atlantic, who wrote that "The culture of offense-taking, platform-denying, and heckler-vetoing...lets loudmouths and thugs present themselves as heroes of free thought. They do not deserve this opportunity... today, a neo-Nazi has more right to build an arsenal of weapons and drill a militia than to speak on Twitter." But BuzzFeed points out that though the account's been reinstated, Spencer "is now tip-toeing around the company's three strike policy, which carries a permanent suspension."

"As expected, today, December 11, 2016, Linus Torvalds unleashed the final release of the highly anticipated Linux 4.9 kernel," reports Softpedia. prisoninmate shares their article: Linux kernel 4.9 entered development in mid-October, on the 15th, when Linus Torvalds decided to cut the merge window short by a day just to keep people on their toes, but also to prevent them from sending last-minute pull requests that might cause issues like it happened with the release of Linux kernel 4.8, which landed just two weeks before first RC of Linux 4.9 hit the streets... There are many great new features implemented in Linux kernel 4.9, but by far the most exciting one is the experimental support for older AMD Radeon graphics cards from the Southern Islands/GCN 1.0 family, which was injected to the open-source AMDGPU graphics driver...

There are also various interesting improvements for modern AMD Radeon GPUs, such as virtual display support and better reset support, both of which are implemented in the AMDGPU driver. For Intel GPU users, there's DMA-BUF implicit fencing, and some Intel Atom processors got a P-State performance boost. Intel Skylake improvements are also present in Linux kernel 4.9.
There's also dynamic thread-tracing, according to Linux Today. (And hopefully they fixed the "buggy crap" that made it into Linux 4.8.) LWN.net calls this "by far the busiest cycle in the history of the kernel project."

Everyone's suggesting gifts to teach the next generation of geeks about science, technology, engineering, and math. Slashdot reader theodp writes: In "My Guide to Holiday Gifts," Melinda Gates presents "a STEM gift guide" [which] pales by comparison to Amazon's "STEM picks". Back in 2009, Slashdot discussed science gifts for kids. So, how about a 2016 update?
I've always wanted to ask what geeky gifts Slashdot's readers remember from when they were kids. (And what geeky gifts do you still bitterly wish some enlightened person would've given you?) But more importantly, what modern-day tech toys can best encourage the budding young geeks of today? Leave your best answers in the comments. What's the best geeky gift for children?

"At least three tents have been spotted in woodland beside the online retail giant's base," reports a Scottish newspaper -- hidden behind trees, but within sight of Amazon's warehouse, and right next to a busy highway. An anonymous reader writes: Despite Scotland's "bitterly cold winter nights" -- with lows in the 30s -- the tent "was easier and cheaper than commuting from his home," one Amazon worker told the Courier. (Though yesterday someone stole all of his camping equipment.) Amazon charges its employees for shuttle service to the fulfillment center, which "swallows up a lot of the weekly wage," one political party leader told the Courier, "forcing people to seek ever more desperate ways of making work pay.

"Amazon should be ashamed that they pay their workers so little that they have to camp out in the dead of winter to make ends meet..." he continued. "They pay a small amount of tax and received millions of pounds from the Scottish National Party Government, so the least they should do is pay the proper living wage." Though the newspaper reports that holiday shopping has created 4,000 temporary jobs in the small town of Dunfermline, "The company came under fire last month from local activists who claimed that agency workers are working up to 60 hours per week for little more than the minimum wage and are harshly treated."
Amazon responded, "The safety and well-being of our permanent and temporary associates is our number one priority."

New submitter mikehusky quotes a report from The Register: Washington D.C. think tank the Institute for Critical Infrastructure Technology is calling for regulation on "negligence" in the design of internet-of-things (IoT) devices. If the world wants a bonk-detecting Wi-Fi mattress, it must be a malware-free bonk-detecting Wi-Fi mattress. The report adds: "Researchers James Scott and Drew Spaniel point out in their report Rise of the Machines: The Dyn Attack Was Just a Practice Run [PDF] that IoT represents a threat that is only beginning to be understood. The pair say the risk that regulation could stifle market-making IoT innovation (like the Wi-Fi cheater-detection mattress) is outweighed by the need to stop feeding Shodan. 'Regulation on IoT devices by the United States will influence global trends and economies in the IoT space, because every stakeholder operates in the United States, works directly with United States manufacturers, or relies on the United States economy. Nonetheless, IoT regulation will have a limited impact on reducing IoT DDoS attacks as the United States government only has limited direct influence on IoT manufacturers and because the United States is not even in the top 10 countries from which malicious IoT traffic originates.' State level regulation would be 'disastrous' to markets and consumers alike. The pair offer their report in the wake of the massive Dyn and Mirai distributed denial of service attacks in which internet of poorly-designed devices were enslaved into botnets to hammer critical internet infrastructure, telcos including TalkTalk, routers and other targets."

Google announced in a blog post today that it will be rolling out a feature over the next few months that starts disabling Flash and displaying HTML5 content instead on certain websites. Google notes, "This change disables Adobe Flash Player unless there's a user indication that they want Flash content on specific sites, and eventually all websites will require the user's permission to run Flash." VentureBeat reports: Google has deployed the change for half of the people who are using Chrome 56 beta, which rolled out yesterday, Google technical program manager Eric Deily wrote in a blog post. Then, "in the next few days," Deily wrote, the feature will be active for 1 percent of users of Chrome 55 stable. And by February 2016 it will be live for all users in Chrome 56 stable, Deily wrote. The idea is to lessen the dependence on a web component that can cause a drag on CPU and memory usage and shorten battery life as a result. Flash also has a track record of security issues.

An anonymous reader quotes a report from Mac Rumors: AirPods were originally slated to launch in October, but the wireless earphones were later delayed. Apple said it needed "a little more time" before they are ready for customers, and it has yet to provide an official update since. While the exact reason for the delay remains unclear, a person familiar with the development of AirPods told The Wall Street Journal that Apple's troubles appear to be related to its "efforts to chart a new path for wireless headphones," in addition to resolving what happens when users lose one of the earpieces or the battery dies. The Wall Street Journal reports: "A person familiar with the development of the AirPod said the trouble appears to stem from Apple's effort to chart a new path for wireless headphones. In most other wireless headphones, only one earpiece receives a signal from the phone via wireless Bluetooth technology; it then transmits the signal to the other earpiece. Apple has said AirPod earpieces each receive independent signals from an iPhone, Mac or other Apple device. But Apple must ensure that both earpieces receive audio at the same time to avoid distortion, the person familiar with their development said. That person said Apple also must resolve what happens when a user loses one of the earpieces or the battery dies."

Samsung confirmed on Friday that it will indeed release an update to Galaxy Note7 smartphones in the United States to "prevent US Galaxy Note7 devices from charging and will eliminate their ability to work as mobile devices." In a new wrinkle to this whole situation, Verizon said today it will not be releasing Samsung's software update to Galaxy Note7 users on Verizon network. In a blog post, Verizon said: "Verizon will not be taking part in this update because of the added risk this could pose to Galaxy Note 7 users that do not have another device to switch to. We will not push a software upgrade that will eliminate the ability for the Note 7 to work as a mobile device in the heart of the holiday travel season. We do not want to make it impossible to contact family, first responders or medical professionals in an emergency situation." To recall, the Galaxy Note7 remains banned on airlines by the FAA and has also been prohibited from being used on many other public transit services in the United States. Elsewhere in the world, similar bans have been imposed on the phone.

Those who are still clinging on to their Galaxy Note 7, even after Samsung recalled the devices due to faulty batteries in mid-September, may want to seriously reconsider returning them to the Korean company. The Verge has obtained an image of an alert that went out to at least one Note 7 owner on U.S. Cellular today stating that, "As of December 15th, Samsung will modify the software to prevent the Galaxy Note 7 from charging. The phone will no longer work." The Verge reports: It's not clear whether Note 7s will be disabled across the major U.S. carriers as well, but it seems likely that'll be the case. In the past, updates disabling Note 7 features have rolled out across Verizon, ATT, and other carriers within a matter of days. That's probably what'll happen here, as well. By preventing the phone from charging, Samsung takes the final step to making the phone entirely unusable. It's still offering Note 7 owners the ability to fully return the phone or exchange it for another Samsung device. As of November 4th, when Samsung last provided an update, 85 percent of Note 7s sold in the U.S. had been recovered. That still left around 285,000 phones unaccounted for. Completely disabling the phone seems to be Samsung's last-ditch effort to either recover the remaining devices or remove what risk they still pose to consumers.

Yesterday, France's Le Monde newspaper issued a report, citing documents from NSA whistleblower Edward Snowden, that says American and British spies have since 2005 been working on intercepting phone calls and data transfers made from aircraft. Assuming the report is accurate, national security agencies may soon have their hands full if a new proposal by the Department of Transportation becomes official, which would allow each airline to decide whether its passengers will be permitted to make in-flight phone calls using the aircraft's onboard Wi-Fi system. ABC News reports: The Department of Transportation's proposal leaves it up to airlines whether to allow the calls. But carriers would be required to inform passengers at the time they purchase a ticket if the calls are allowed. That would give passengers the opportunity to make other travel arrangements if they don't want to risk the possibility of sitting near passengers making phone calls. The Federal Communications Commission prohibits using mobile phones to make calls during flights, but not Wi-Fi calls. There is a minimum 60-day comment period and the proposal leaves the door open to an outright ban. The Wall Street Journal first reported on the proposal.

It appears many major stakeholders in the movie industry want to bring new titles to you within days, if not hours, as they hit cinemas. Earlier this year, we learned that Sean Parker is working on a service called "Screening Room", an idea that was reportedly backed by Peter Jackson, Steven Spielberg and JJ Abrams, to bring movies on the same day as they show up in theaters. Apple seems interested as well. It is reportedly in talks with Hollywood studios to get iTunes rentals of movies that are still playing on the big screen. Earlier this month, Bloomberg reported that several studios are exploring the idea of renting new movies for $25 to $50 just two weeks after they have hit cinemas.

None of such deals have materialized yet, of course, and also it needs to be pointed out that several movie companies have discarded these ideas before because they know that by offering you new titles so early they are going to lose on all the overpriced cold drinks, and snacks they sell you at the theatre. There's also piracy concerns. If a movie is available early, regardless of the DRM tech these companies deploy, good-enough footage of the movies will crop up on file-sharing websites almost immediately.

But leaving all those aspects aside, would you be interested in getting new titles just hours or a week or two after they hit the cinemas? Would you want to end the decades-long practice of going to a theater?

It appears many major stakeholders in the movie industry want to bring new titles to you within days, if not hours, as they hit cinemas. Earlier this year, we learned that Sean Parker is working on a service called "Screening Room", an idea that was reportedly backed by Peter Jackson, Steven Spielberg and JJ Abrams, to bring movies on the same day as they show up in theaters. Apple seems interested as well. It is reportedly in talks with Hollywood studios to get iTunes rentals of movies that are still playing on the big screen. Earlier this month, Bloomberg reported that several studios are exploring the idea of renting new movies for $25 to $50 just two weeks after they have hit cinemas.

None of such deals have materialized yet, of course, and also it needs to be pointed out that several movie companies have discarded these ideas before because they know that by offering you new titles so early they are going to lose on all the overpriced cold drinks, and snacks they sell you at the theatre. There's also piracy concerns. If a movie is available early, regardless of the DRM tech these companies deploy, good-enough footage of the movies will crop up on file-sharing websites almost immediately.

But leaving all those aspects aside, would you be interested in getting new titles just hours or a week or two after they hit the cinemas? Would you want to end the decades-long practice of going to a theater?

Samsung may have big plans to overcome the whammy of its disastrous Galaxy Note7 this year. The company is reportedly planning to push the boundaries of design with the next flagship smartphone, dubbed the Galaxy S8. The smartphone, which was recently pegged to ship without a headphone jack, will have an "all-screen" design, Bloomberg is reporting. The report adds that there might not be a home button -- at least the way we know it -- and that any part of the lower display will serve as a fingerprint scanner. From the report: The bezel-less displays will provide more viewing real estate while a virtual home button will be buried in the glass in the lower section. Samsung needs the Galaxy S8 to be a hit after suffering through the Note 7 debacle that tarnished its brand, led to an embarrassing recall and may cost the company more than $6 billion. While Samsung is targeting a March release of the S8, that could be delayed until April, the people said. Samsung is adopting tougher testing procedures in the wake of the Note 7 debacle that could push back the launch by about a month, one of the people said.

YouTube said Tuesday that it has paid the music industry over one billion dollars in advertising revenue in the past 12 months. The music industry thinks that sum is not enough. From a report on BBC: "Google has issued more unexplained numbers on what it claims YouTube pays the music industry," said a spokesperson for the global music body, the IFPI. "The announcement gives little reason to celebrate, however. With 800 million music users worldwide, YouTube is generating revenues of just over $1 per user for the entire year. "This pales in comparison to the revenue generated by other services, ranging from Apple to Deezer to Spotify. For example, in 2015 Spotify alone paid record labels some $2bn, equivalent to an estimated $18 per user." In his blog post, Mr Kyncl conceded that the current model was not perfect, arguing: "There is a lot of work that must be done by YouTube and the industry as a whole. "But we are excited to see the momentum," he added.

theodp writes: If you never got around to reading Dave Eggers' novel The Circle, the tale of a powerful tech company that bears a more-than-passing resemblance to Google (and has an Apple spaceship-like HQ) is coming to the big screen and the first trailer is out. The film has a release date of spring 2017, and stars Tom Hanks, Emma Watson and John Boyega. Remember, sharing is caring!

theodp writes: If you never got around to reading Dave Eggers' novel The Circle, the tale of a powerful tech company that bears a more-than-passing resemblance to Google (and has an Apple spaceship-like HQ) is coming to the big screen and the first trailer is out. The film has a release date of spring 2017, and stars Tom Hanks, Emma Watson and John Boyega. Remember, sharing is caring!

Last month, Apple announced a repair program for a "small number" of iPhone 6s phones that suffer from faulty batteries. The phones that were affected by this fault were manufactured between September and October 2015. Two weeks later, Apple now says the fault was caused by overexposure to "controlled ambient air." Ars Technica reports: The same press release -- issued only in China so far, but available in English if you scroll down -- says that some owners of later iPhone 6S models are also reporting problems with unexpected shutdowns. Apple isn't replacing those batteries just yet, but the company says that an iOS update "available next week" will add "additional diagnostic capability" that will allow Apple to better track down and diagnose the causes of these shutdowns. It "may potentially help [Apple] improve the algorithms used to manage battery performance and shutdown," as well. Those improvements will be included in future iOS updates. Apple says that the battery problem "is not a safety issue," an important thing to note given the way the Galaxy Note 7 blew up in Samsung's face. The software update that Apple mentions in the release is almost certainly iOS 10.2, which is currently in its sixth beta build. The update will be the first major bug-fix release since October's iOS 10.1, and it also includes a handful of other changes like new and redesigned emoji, the TV app that Apple demoed at its last product event, and other features.

Though several companies are struggling to sell their smartwatches, Apple CEO Tim Cook says sales of Apple Watch set a record during the first week of holiday shopping. Cook added that the current quarter is on track to be the best ever for the product. The only problem: The company, which loves to numbers do all the talking, won't disclose how many Apple Watch units were shipped or sold. From a report on Mashable: "During the first week of holiday shopping, our sell-through of Apple Watch was greater than any week in the product's history. And as we expected, we're on track for the best quarter ever for Apple Watch," Cook told Reuters in an email. This is not surprising: The company has never revealed any sales data for the Watch, bundling it with the "other products" category in its earnings reports. There have been quite a few attempts to extrapolate what this means in numbers, but the truth is that any of those attempts could be a few million units wrong either way.

theodp writes: "2016 as a year of action builds on a decade of national, state, and grassroots activity to revitalize K-12 computer science education," reads the upbeat White House blog post kicking off Computer Science Education Week. But conspicuous by its absence in the accompanying fact sheet for A Year of Action Supporting Computer Science for All is any mention of the status of President Obama's proposed $4 billion Computer Science For All initiative, which enjoyed support from the likes of Microsoft, Facebook, and Google. On Friday, tech-backed Code.org posted An Update on Computer Science Education and Federal Funding, which explained that Congress's passage of a 'continuing resolution' extending the current budget into 2017 spelled curtains for federal funding for the program in 2016 and beyond. "We don't have any direct feedback yet about the next administration's support for K-12 CS," wrote CEO Hadi Partovi and Govt. Affairs VP Cameron Wilson, "other than a promise to expand 'vocational and technical education' as part of Trump's 100-day plan which was published in late October. I am hopeful that this language may translate into support for funding K-12 computer science at a federal level. However, we should assume that it will not."

An anonymous reader quotes a report from Ars Technica: A rifle-wielding North Carolina man was arrested Sunday in Washington, DC for carrying his weapon into a pizzeria that sits at the center of the fake news conspiracy theory known as "Pizzagate," authorities said Monday. DC's Metropolitan Police Department said it had arrested 28-year-old Edgar Maddison Welch on allegations of assault with a dangerous weapon. "During a post arrest interview this evening, the suspect revealed that he came to the establishment to self-investigate 'Pizza Gate' (a fictitious online conspiracy theory," the agency said in a statement. "Pizzagate" concerns a baseless conspiracy theory about a secret pedophile group, the Comet Ping Pong restaurant, and Hillary Clinton's campaign chief, John Podesta. The Pizzagate conspiracy names Comet Ping Pong as the secret headquarters of a non-existent child sex-trafficking ring run by Clinton and members of her inner circle. James Alefantis, the restaurant's owner, said he has received hundreds of death threats. According to Buzzfeed, the Pizzagate theory is believed to have been fostered by a white supremacist's tweets, the 4chan message board, Reddit, Donald Trump supporters, and right-wing blogs. The day before Thanksgiving, Reddit banned a "Pizzagate" conspiracy board from the site because of a policy about posting personal information of others. Alefantis, the pizzeria's owner, told CNN, "What happened today demonstrates that promoting false and reckless conspiracy theories comes with consequences. I hope that those involved in fanning these flames will take a moment to contemplate what happened here today, and stop promoting these falsehoods right away."

Engineers with manufacturing technology company Instrumental tore apart a Galaxy Note 7 to try and figure out what may have caused some devices to overheat and explode, causing Samsung to recall and eventually cancel all Galaxy Note 7 devices. In their damning new report, the engineers discovered the root of the problem appears to be that the battery is too tightly packed inside the body of the Note 7. Digital Trends reports: They discovered the battery was so tightly packed inside the Galaxy Note 7's body that any pressure from battery expansion, or stress on the body itself, may squeeze together layers inside the battery that are never supposed to touch -- with explosive results. Batteries swell up under normal use, and we place stress on a phone's body by putting it our pocket and sitting down, or if it's dropped. Tolerances for battery expansion are built into a smartphone during design, and Instrumental notes Samsung used "a super-aggressive manufacturing process to maximize capacity." In other words, the Galaxy Note 7 was designed to be as thin and sleek as possible, while containing the maximum battery capacity for long use, thereby better competing against rival devices such as the iPhone 7 Plus and improving on previous Note models. The report speculates that any pressure placed on the battery in its confined space may have squeezed together positive and negative layers inside the cell itself, which were thinner than usual in the Note 7's battery already, causing them to touch, heat up, and eventually in some cases, catch fire. Delving deeper into the design, the engineers say the space above a battery inside a device needs a "ceiling" that equates to approximately 10 percent of the overall thickness. The Galaxy Note 7 should have had a 0.5mm ceiling; it had none.

In 1962, 24-year-old Donald Knuth began writing The Art of Computer Programming, publishing three volumes by 1973, with volume 4 arriving in 2005. (Volume 4A appeared in 2011, with new paperback fascicles planned for every two years, and fascicle 6, "Satisfiability," arriving last December). "You should definitely send me a resume if you can read the whole thing," Bill Gates once said, in a column where he described working through the book. "If somebody is so brash that they think they know everything, Knuth will help them understand that the world is deep and complicated."

But now long-time Slashdot reader Qbertino has a question: I've had The Art of Computer Programming on my book-buying list for just about two decades now and I'm still torn...about actually getting it. I sometimes believe I would mutate into some programming demi-god if I actually worked through this beast, but maybe I'm just fooling myself...

Have any of you worked through or with TAOCP or are you perhaps working through it? And is it worthwhile? I mean not just for bragging rights. And how long can it reasonably take? A few years?
Share your answers and experiences in the comments. Have you read The Art of Computer Programming?

An anonymous reader quotes OStatic's update on Canonical's lawsuit against a cloud provider: Canonical posted Thursday that they've been in a dispute with "a European cloud provider" over the use of their own homespun version of Ubuntu on their cloud servers. Their implementation disables even the most basic of security features and Canonical is worried something bad could happen and it'd reflect badly back on them... They said they've spent months trying to get the unnamed provider to use the standard Ubuntu as delivered to other commercial operations to no avail. Canonical feels they have no choice but to "take legal steps to remove these images." They're sure Red Hat and Microsoft wouldn't be treated like this.
Mark Shuttleworth, the founder of Ubuntu, wrote in his blog post that Ubuntu is "the leading cloud OS, running most workloads in public clouds today," whereas these homegrown images "are likely to behave unpredictably on update in weirdly creative and mysterious ways... We hear about these issues all the time, because users assume there is a problem with Ubuntu on that cloud; users expect that 'all things that claim to be Ubuntu are genuine', and they have a right to expect that...

"To count some of the ways we have seen home-grown images create operational and security nightmares for users: clouds have baked private keys into their public images, so that any user could SSH into any machine; clouds have made changes that then blocked security updates for over a week... When things like this happen, users are left feeling let down. As the company behind Ubuntu, it falls to Canonical to take action."

An anonymous reader quotes OStatic's update on Canonical's lawsuit against a cloud provider: Canonical posted Thursday that they've been in a dispute with "a European cloud provider" over the use of their own homespun version of Ubuntu on their cloud servers. Their implementation disables even the most basic of security features and Canonical is worried something bad could happen and it'd reflect badly back on them... They said they've spent months trying to get the unnamed provider to use the standard Ubuntu as delivered to other commercial operations to no avail. Canonical feels they have no choice but to "take legal steps to remove these images." They're sure Red Hat and Microsoft wouldn't be treated like this.
Mark Shuttleworth, the founder of Ubuntu, wrote in his blog post that Ubuntu is "the leading cloud OS, running most workloads in public clouds today," whereas these homegrown images "are likely to behave unpredictably on update in weirdly creative and mysterious ways... We hear about these issues all the time, because users assume there is a problem with Ubuntu on that cloud; users expect that 'all things that claim to be Ubuntu are genuine', and they have a right to expect that...

"To count some of the ways we have seen home-grown images create operational and security nightmares for users: clouds have baked private keys into their public images, so that any user could SSH into any machine; clouds have made changes that then blocked security updates for over a week... When things like this happen, users are left feeling let down. As the company behind Ubuntu, it falls to Canonical to take action."