Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Google Joins Mozilla, Microsoft In Pushing For Early SHA-1 Crypto Cutoff (blogspot.com)
itwbennett writes: Due to recent research showing that SHA-1 is weaker than previously believed, Mozilla, Microsoft and now Google are all considering bringing the deadline forward by six months to July 1, 2016. Websites like Facebook and those protected by CloudFlare have implemented a SHA-1 fallback mechanism. Both companies have argued that there are millions of people in developing countries that still use browsers and operating systems that do not support SHA-2, the replacement function for SHA-1, and will therefore be cut off from encrypted websites that move to SHA-2 certificates. -
Google Joins Mozilla, Microsoft In Pushing For Early SHA-1 Crypto Cutoff (blogspot.com)
itwbennett writes: Due to recent research showing that SHA-1 is weaker than previously believed, Mozilla, Microsoft and now Google are all considering bringing the deadline forward by six months to July 1, 2016. Websites like Facebook and those protected by CloudFlare have implemented a SHA-1 fallback mechanism. Both companies have argued that there are millions of people in developing countries that still use browsers and operating systems that do not support SHA-2, the replacement function for SHA-1, and will therefore be cut off from encrypted websites that move to SHA-2 certificates. -
BBC Launches Machine-Translated Synthetic Voiceovers (bbc.co.uk)
An anonymous reader writes: The BBC News service is trialling a tool which provides synthesized journalist voice-overs in different languages, with translation provided by unspecified established online translation services. Although the simulated speech in the BBC video betrays itself with the characteristic staccato flow most associated with Stephen Hawking, the result is above average in terms of natural-sounding speech. However, journalists still need to clean up the returned translations, particularly as the initial test involves Russian and Japanese, and oriental auto-translations can prove embarrassing. -
Vivendi Takes Over Radionomy, Winamp Relaunch Now Possible (windowsreport.com)
SmartAboutThings writes: Winamp could once again be brought back to life after Vivendi Group took over the majority stake in Radionomy, the previous owner of the app who purchased it from AOL in early 2014. AOL originally planned to discontinue both Winamp and Shoutcast, but instead the company decided to sell the software to Belgian online radio service, Radionomy. The new owners initially promised that they'll keep Winamp alive, but no updates have been released since the takeover, which made most people think that Winamp era has ended for good. Vivendi Group, which owns or is involved in famous companies such as Dailymotion, Ubisoft, and Deezer, could help relaunch Winamp, although the press release announcing the acquisition offers no suggestion in this regard. The company, however, does mention Winamp and Shoutcast as two of the most important assets that will join its portfolio following the takeover. -
FAA Drone Rules May Already Be Outlawed By Congress (hackaday.com)
szczys writes: New FAA rules about drone registration and operation are now in effect. So far the talk has centered around registering your aircraft, and about the weight restriction. But all of this may be moot since the US Congress made a law in 2012 prohibiting these types of rules: "The Administrator of the Federal Aviation Administration may not promulgate any rule or regulation regarding a model aircraft, or an aircraft being developed as a model aircraft." Even if the rules hold up under this law, it is not all doom and gloom for drones. The FAA rules could have been much more stringent, and in general they do make sense. Brian Benchoff walks through the regulation, comparing the new rules to the FAA's existing pilot rules, and juxtaposing the threat drones make to full-size aircraft in flight with those risks associated with bird strikes. -
HTTP Error Code 451 Approved For Censored Web Pages (mnot.net)
An anonymous reader writes: The Internet Engineering Steering Group (IESG) has finally approved the new 451 status code for HTTP error messages involving web pages which have been repressed or removed for legal or political reasons. The initiative was proposed in 2013, and gained interest from various groups, such as Lumen (formerly Chilling Effects), who see the potential of the Bradbury-inspired code to help develop comprehensive indexes of censorship on the internet. Mark Nottingham, chair the IETF HTTP Working Group, says, "It'll be an RFC after some work by the RFC Editor and a few more process bits, but effectively you can start using it now." -
Juniper's Backdoor Password Disclosed, Likely Added In Late 2013 (rapid7.com)
itwbennett writes: In a blog post on Rapid7's community portal Sunday, HD Moore posted some notes on the Juniper ScreenOS incident, notably that his team discovered the backdoor password that enables the Telnet and SSH bypass. Quoting: "Although most folks are more familiar with x86 than ARM, the ARM binaries are significantly easier to compare due to minimal changes in the compiler output. ... Once the binary is loaded, it helps to identify and tag common functions. Searching for the text "strcmp" finds a static string that is referenced in the sub_ED7D94 function. Looking at the strings output, we can see some interesting string references, including auth_admin_ssh_special and auth_admin_internal. ... The argument to the strcmp call is <<< %s(un='%s') = %u, which is the backdoor password, and was presumably chosen so that it would be mistaken for one of the many other debug format strings in the code. This password allows an attacker to bypass authentication through SSH and Telnet, as long as they know a valid username. If you want to test this issue by hand, telnet or ssh to a Netscreen device, specify a valid username, and the backdoor password. If the device is vulnerable, you should receive an interactive shell with the highest privileges." -
Tim Cook Calls Apple's Tax Questions 'Political Crap' (cbsnews.com)
nerdyalien writes: Apple CEO Tim Cook dismissed as "total political crap" the notion that the tech giant was avoiding taxes. Cook's remarks, made on CBS' 60 Minutes show, come amid a debate in the United States over corporations avoiding taxes through techniques such as so-called inversion deals, where a company redomiciles its tax base to another country. Apple holds $181.1 billion in offshore profits, more than any other U.S. company, and would owe an estimated $59.2 billion in taxes if it tried to bring the money back to the U.S., a recent study based on SEC filings showed. The current tax code was made for the industrial age, and not the "digital age," Cook said. -
Internet Archive Hosts 24-Hour Fund-Raising Telethon (archive.org)
martiniturbide writes: The Internet Archive, the online non-profit library that stores almost everything that is digital, the same one that hosts a lot of classic games , hosts a massive collection of MAME ROMs and runs the WayBackMachine to preserve the internet web pages.... started running an old fashioned, 24-hour fundraising telethon earlier today, 19 December, at 12:00 PM PST (20:00 UTC). This live event is being hosted by Michelle Krasowski and Jason Scott (the guy from Textfiles.com that Wants Your AOL & Shovelware CDs) with the support of several guests. You can visit the telethon live video and donate to support this library. -
Internet Archive Hosts 24-Hour Fund-Raising Telethon (archive.org)
martiniturbide writes: The Internet Archive, the online non-profit library that stores almost everything that is digital, the same one that hosts a lot of classic games , hosts a massive collection of MAME ROMs and runs the WayBackMachine to preserve the internet web pages.... started running an old fashioned, 24-hour fundraising telethon earlier today, 19 December, at 12:00 PM PST (20:00 UTC). This live event is being hosted by Michelle Krasowski and Jason Scott (the guy from Textfiles.com that Wants Your AOL & Shovelware CDs) with the support of several guests. You can visit the telethon live video and donate to support this library. -
Internet Archive Hosts 24-Hour Fund-Raising Telethon (archive.org)
martiniturbide writes: The Internet Archive, the online non-profit library that stores almost everything that is digital, the same one that hosts a lot of classic games , hosts a massive collection of MAME ROMs and runs the WayBackMachine to preserve the internet web pages.... started running an old fashioned, 24-hour fundraising telethon earlier today, 19 December, at 12:00 PM PST (20:00 UTC). This live event is being hosted by Michelle Krasowski and Jason Scott (the guy from Textfiles.com that Wants Your AOL & Shovelware CDs) with the support of several guests. You can visit the telethon live video and donate to support this library. -
White House Expected To Announce Big Computer Science Push
theodp writes: Politico reports that the White House is talking to groups about a push for computer science education in the coming weeks, possibly in mid-January, which could involve commitments from outside groups or companies. Code.org CEO Hadi Partovi recently credited a 2013 push from the White House for inspiring Code.org to dream up and team up with Big Tech on the wildly-successful Hour of Code, an event that brought teachers, schools, computer scientist volunteers, and other organizations together with the goal of bringing hands-on CS learning to 10 million K-12 students. Coincidentally, the Hour of Code event bears more than a passing similarity to the less-successful and now-abandoned National Lab Day (school flyer), an annual event announced by President Obama in 2009 that brought teachers, schools, computer scientist volunteers, and other organizations together with the goal of bringing hands-on STEM learning to 10 million K-12 students. -
Phantom Squad Hacking Group Claims Credit For Three-Hour Xbox Live Outage
An anonymous reader writes: The Phantom Squad hacking group appears to have anticipated its own Christmas schedule for attacks on the Xbox and PlayStation networks by taking credit for a three-hour outage on Xbox Live services in the last 24 hours. Apparently the group, which has disassociated itself from the Christmas 2014 attacks on the PS4 network, claims like them to be engaging in PenSec testing for gaming networks, and before itsTwitter account was suspended tweeted: 'If cyber security really has existed. Then what we do should not be possible.' -
Phantom Squad Hacking Group Claims Credit For Three-Hour Xbox Live Outage
An anonymous reader writes: The Phantom Squad hacking group appears to have anticipated its own Christmas schedule for attacks on the Xbox and PlayStation networks by taking credit for a three-hour outage on Xbox Live services in the last 24 hours. Apparently the group, which has disassociated itself from the Christmas 2014 attacks on the PS4 network, claims like them to be engaging in PenSec testing for gaming networks, and before itsTwitter account was suspended tweeted: 'If cyber security really has existed. Then what we do should not be possible.' -
Contradicting Previous Study, Cancer Risk Has Strong Environmental Component (washingtonpost.com)
The Real Dr John writes: A new study published in the journal Nature provides evidence that intrinsic risk factors contribute only modestly (less than ~10–30% of lifetime risk) to cancer development in humans (abstract). An earlier study had found that the more stem-cell divisions that occurred in a given tissue over a lifetime, the more likely it was to become cancerous. They said that though some cancers clearly had strong outside links – such as liver cancers caused by hepatitis C or lung cancer resulting from smoking – there were others for which the variation was explained mainly by defects in stem-cell division. The new research shows that the correlation between stem-cell division and cancer risk does not distinguish between the effects of internal (genetic) and external (environmental) factors such as chemical toxicity and radiation. They also found that the rates of endogenous mutation accumulation by internal processes are not sufficient to account for the observed cancer risks. The authors conclude that cancer risk is heavily influenced by environmental factors. -
Replacement For Mozilla Thunderbird?
maxcelcat writes: I've used Thunderbird for about a decade, and Netscape Mail before that (I have an email from 1998 from Marc Andreessen, welcoming me to Netscape Email, telling me different fonts can add impact to my emails). Thunderbird has served me well, but it's getting long in the tooth. Given the lack of development and the possibility that it's going End of Life, what should I use instead? I have multiple email accounts and an archive of sixteen years of email. I could get a copy of Outlook, but I don't like it.
Things I like about Thunderbird: Supports multiple email accounts; simple interface; storage structure is not one monolithic file; plain text email editor; filtering. Things I don't like: HTML email editor; folders are hard to change and re-arrange. -
"Most Hated Man In America" Martin Shkreli Arrested On Suspicion of Fraud (ibtimes.co.uk)
Ewan Palmer writes that everyone's least favorite medication price gouger, Martin Shkreli, has run into some legal problems. According to the article "Pharmaceutical start-up owner Martin Shkreli, dubbed the most hated man in the US over his controversial plans to significantly raise the price of life-saving drugs, has been arrested on suspicion of fraud. Shkreli, 32, who received widespread criticism for hiking up the price of Daraprim from $13 to $750 per pill in September, is being questioned over allegations involving stock from a company he founded in 2011. According to Bloomberg, Shkreli is accused of illegally taking stock from biotechnology Retrophin Inc to pay off debts from unrelated business dealings." -
Why Won't T-Mobile Let Us Binge On All Of It?
Bennett Haselton writes: T-Mobile has been accused of violating Net Neutrality by providing "Binge On" plans that come with unlimited data, but only from select streaming websites such as Hulu and Netflix streamed at low-quality speeds (while excluding Youtube and Google Play). Why not just duck the whole net neutrality debate by providing Binge On as a medium-bandwidth pipe, which has a limited data streaming speed, but can stream at that speed from any website? Read on for more on this question, and T-Mobile's stilted rationale for its provider-specific system.Previously I had argued that any violations of Net Neutrality could not exist in a setting where the marketplace was (1) transparent and (2) competitive. Under conditions of transparency and competitiveness, if ISP X were providing Internet connections which blocked certain websites, then ISP Y could offer Internet connections at the same speed and the same price but without the browsing restrictions (competitiveness), and if users knew about this (transparency), they would all switch to ISP Y. (The exception would be if a provider blocks high-bandwidth sites in a scarce-bandwidth setting, e.g. when an in-flight wifi blocks Netflix. In this case it's not true that another provider could step in and provide the same service at the same cost with no filtering, so it's not a case of abusing monopoly power.)
So, the argument goes, any prolonged violation of Net Neutrality could only take place either due to lack of transparency (e.g., the board members of a major backbone provider silently blocking their downstream customers from reaching websites whose content they disagreed with -- yes, this really happened), or, lack of competition (the Comcast monopoly throttling BitTorrent and just generally sucking). So, the argument goes, anything that can survive only by exploiting those market-unfriendly conditions is a Bad Thing, and should be prohibited, by rules that require Net Neutrality for all content. Q.E.D.
But T-Mobile's Binge On service would appear to prove me dead wrong. There's no lack of transparency -- they freely admit that they provide unmetered data access only from certain whitelisted video providers (at downgraded speeds so that the video only plays in 480p quality). And there's no lack of competitiveness, with the Big 4 mobile providers pulling out all the stops to steal each other's customers. So why are normal market forces not having the expected result here?
In other words: Assuming that it would cost T-Mobile the same to provide a low-bandwidth unlimited-data connection to the entire Internet, (as opposed to a low-bandwidth unlimited-data connection to just their whitelisted sites), and given that customers would obviously prefer this, why would they not do that?
T-Mobile's official response is that they want to make sure that a video provider's content is "supported" -- so that T-Mobile can detect when video is streaming, and then request for the content provider to downgrade the video quality to 480p so that it uses less bandwidth. (Users still have the option of switching to high-resolution video, but then it counts against their monthly data quota.) This sounds at first like it makes sense, but there's something missing here -- why not just provide the Binge-On connection as a rate-limited connection, and let the streaming website detect the lower speed, and downgrade to lower-quality video automatically? This is in fact what happens with Youtube and Google Play video, if you try to stream from a connection that is only fast enough to support the lower-quality stream. If the connection is rate-limited, it's not possible for the video provider to stuff too much data into the user's connection and cause them to incur overage charges.
So, why not let Binge On users stream from any site, at the low-quality stream rate? In the best-case scenario, the third-party site will detect the user's slow connection and downgrade to low-quality video, as Youtube and Google Play can already do. In the worst-case scenario, if the streaming provider can't downgrade the stream, then it just won't play (unless the user plays the higher-bandwidth version that eats into their data plan) but then the user is no worse off than they are under Binge On's current implementation anyway.
I did hear back from T-Mobile's PR team, but our emails back and forth tended to go in circles. Repeatedly, they told me: The reason we have a whitelist is because those are the providers where we know we can automatically request for them to downgrade to low-res video. And repeatedly, I would say back: I understand that, but why not just provide Binge On as just a simple data pipe at a fixed low speed, and then any video provider will automatically be able to use Binge On if they can detect the low-speed connection and downgrade their video automatically? You can let users switch between a fixed low-speed pipe which doesn't count against the data quota, or a high-bandwidth pipe which does -- but why not let the low-speed pipe access all sites equally?
So, this is a genuinely puzzling question to me. Assuming it would not cost them anything additional for the Binge-On pipe to offer low-speed access to all video sites, why hasn't T-Mobile done this, and why haven't market forces more or less compelled them to do it? Before one of the other Big 3 providers swoops in and offers a low-speed unlimited data plan that works with all websites which are able to downgrade to low-res video?
Perhaps the explanation is that even in the mobile data industry, what looks like cutthroat "competition" is not actually that competitive. T-Mobile is stuck with the reputation of having coverage not quite as good as the other Big 3, so they've carved out niches in other ways -- calling themselves "the Un-carrier" and selling phones at full price without locking users into a contract, or offering pricey but really actually unlimited data plans (something none of the other Big 3 are doing yet). In their new niche, "unlimited data for $60/month as long as you can live with low-res video", there is currently no competition, and hence no competitive penalty for not broadening the service to include all video streaming sites. Can you think of a better answer?
If that's the case, then competitive forces may work, albeit slowly, as the other Big Three eventually offer some form of "unlimited data for low-speed content," and some of them will offer low-speed unmetered access to the entire Internet, and then all of them will have to follow suit in order to remain competitive. In the meantime, Binge On customers can get their favorite shows on Hulu with no data overages, but cannot do the same thing on Google Play. This will annoy and even outrage some people, but it's also a reminder that "market forces" do not necessarily solve the problems that Net Neutrality legislation is intended to solve -- at least, not very quickly.
-
IBM and Linux Foundation To Create Blockchain For Major Financial Institutions (thestack.com)
An anonymous reader writes: Following initial news of the project in March, IBM, under the supervision of the Linux Foundation and in partnership with several major tech interests including Fujitsu, has announced today that it will lead development of a new blockchain — a financial transaction ledger fashioned after the Bitcoin model. Provisionally called Open Ledger, the new initiative is aimed specifically at financial transactions, and though it will be open source in terms of development, but 'semi-private' in operation. Those with an interest in the project are said to include JP Morgan, Wells Fargo and the Bank of England. IBM VP Jerry Cuomo, who has discussed the project with Fortune and Wired, commented "The current blockchain is a great design pattern...Now, how do we make that real for business? What are the key attributes needed to make that happen? That's what this organization is about." -
Ubuntu 16.04 Will Not Send Local Searches Over the Web By Default
jones_supa writes: Canonical introduced Amazon Product Results as part of Ubuntu 12.10, which meant that local searches performed by a user in Dash were also sent online. This made many Ubuntu users spill their coffee and got criticism from EFF and FSF as well. The so called "Shopping Lens" had to be manually disabled if that kind of search behavior was not desired. Finally after years, Canonical is reacting to the negative feedback and respecting users' privacy, so that Ubuntu 16.04 (the next Long Term Support release) won't send local searches over the web by default. The Amazon search feature is still available for those who explicitly want to use it. -
Ubuntu 16.04 Will Not Send Local Searches Over the Web By Default
jones_supa writes: Canonical introduced Amazon Product Results as part of Ubuntu 12.10, which meant that local searches performed by a user in Dash were also sent online. This made many Ubuntu users spill their coffee and got criticism from EFF and FSF as well. The so called "Shopping Lens" had to be manually disabled if that kind of search behavior was not desired. Finally after years, Canonical is reacting to the negative feedback and respecting users' privacy, so that Ubuntu 16.04 (the next Long Term Support release) won't send local searches over the web by default. The Amazon search feature is still available for those who explicitly want to use it. -
Over 650 TB of Data Up For Grabs From Publicly Exposed MongoDB Database (csoonline.com)
itwbennett writes: A scan performed over the past few days by John Matherly, the creator of the Shodan search engine, has found that there are at least 35,000 publicly accessible and insecure MongoDB databases on the Internet, and their number appears to be growing. Combined they expose 684.8 terabytes of data to potential theft. Matherly originally sounded the alarm about this issue back in July, when he found nearly 30,000 unauthenticated MongoDB instances. He decided to revisit the issue after a security researcher named Chris Vickery recently found information exposed in such databases that was associated with 25 million user accounts from various apps and services, including 13 million users of the controversial OS X optimization program MacKeeper, as reported on Slashdot on Wednesday. -
Dallas Buyers Club Case Struck Down By Federal Court (businessinsider.com.au)
thegarbz writes: After a previous court ruling covered on Slashdot where Dallas Buyers Club was forced to post a $600,000AU bond and accused of speculative invoicing, it appears they have once again failed to make a case for damages in the Australian Federal Court. After asking for a reduced bond of $60,000AU in exchange for details of only 10% of the original alleged pirates, and after dropping the request for punitive damages, Justice Perram concluded that the damages sought were still unrealistic severely limiting the liability of the alleged pirates if the case manages to go ahead. Dallas Buyers Club now has 60 days to respond before the case is terminated. -
Why President Obama Was Held Back a Year Before Starting Code School (quora.com)
theodp writes: Microsoft is boasting that UK Prime Minister David Cameron learned to code during this year's Hour of Code thanks to its Minecraft-themed tutorial, much like US President Barack Obama learned to code during 2014's Hour of Code thanks to Disney's Frozen Princess-themed tutorial. Interestingly, according to a recent Quora post by Code.org CEO Hadi Partovi, plans to have President Obama 'learn to code' a year earlier were torpedoed by the Healthcare.gov debacle. "We launched the first Hour of Code campaign, in 2013," explains Partovi. "We launched the first Hour of Code on the home page of Google, in every Apple Store, and we had convinced the President to issue a speech about computer science. But it was impossible to get the president to actually write any code that year — the administration had just launched its Healthcare.gov website, and after the infamous technical failures, nobody wanted the visual of website failing while the President is learning to code." -
Why President Obama Was Held Back a Year Before Starting Code School (quora.com)
theodp writes: Microsoft is boasting that UK Prime Minister David Cameron learned to code during this year's Hour of Code thanks to its Minecraft-themed tutorial, much like US President Barack Obama learned to code during 2014's Hour of Code thanks to Disney's Frozen Princess-themed tutorial. Interestingly, according to a recent Quora post by Code.org CEO Hadi Partovi, plans to have President Obama 'learn to code' a year earlier were torpedoed by the Healthcare.gov debacle. "We launched the first Hour of Code campaign, in 2013," explains Partovi. "We launched the first Hour of Code on the home page of Google, in every Apple Store, and we had convinced the President to issue a speech about computer science. But it was impossible to get the president to actually write any code that year — the administration had just launched its Healthcare.gov website, and after the infamous technical failures, nobody wanted the visual of website failing while the President is learning to code." -
Facebook Tweaks Its "Real Names" Policy (thestack.com)
An anonymous reader writes: Facebook has announced a US-based trial of minor changes to its controversial process of name verification, apparently in response to last year's controversy over LGBT and transgender users who were penalized for determining their own identity.
The post about the changes reveals that users who report someone else for using a 'fake' name can now provide more background information, and that users who have been asked to confirm their identity by uploading documents, such as a passport or birth certificate, can now also provide additional background information for Facebook to take into account.
This article argues that a frivolous social network should not be allowed to co-opt government-level identity checks simply because it began life in the university arena, and has telescoped the necessary supervision of teenagers transiting to adulthood into a far wider and more diverse network of users. -
Facebook Tweaks Its "Real Names" Policy (thestack.com)
An anonymous reader writes: Facebook has announced a US-based trial of minor changes to its controversial process of name verification, apparently in response to last year's controversy over LGBT and transgender users who were penalized for determining their own identity.
The post about the changes reveals that users who report someone else for using a 'fake' name can now provide more background information, and that users who have been asked to confirm their identity by uploading documents, such as a passport or birth certificate, can now also provide additional background information for Facebook to take into account.
This article argues that a frivolous social network should not be allowed to co-opt government-level identity checks simply because it began life in the university arena, and has telescoped the necessary supervision of teenagers transiting to adulthood into a far wider and more diverse network of users. -
LizardSquad Copycats Planning DDoS Attacks On Xbox & PSN For Christmas (softpedia.com)
An anonymous reader writes: Last year on Christmas, the LizardSquad hacking group took down PSN and Xbox Live for many hours via DDoS attacks. This year another group, called Phantom Squad, is planning the same thing. The group has been launching small test attacks on PSN, Xbox, Reddit, SWOTR, and other game servers over the past few days. -
Philips Won't Block Third-Party Bulbs After All (engadget.com)
An anonymous reader writes: A day after Philips announced that it would drop support for third-party Hue bulbs the company has reversed its decision. An announcement reads is part: "We recently upgraded the software for Philips Hue to ensure the best seamless connected lighting experience for our customers. This change was made in good faith. However, we under estimated the impact this would have on a small number of customers who use lights from other brands which could not be controlled by the Philips Hue software. In view of the sentiment expressed by our customers, we have decided to reverse the software upgrade so that lights from other brands continue to work as they did before with the Philips Hue system." -
North Carolina Town That Defeated Solar Plan Talks Back (newsobserver.com)
mdsolar writes with news that city officials in Woodland, North Carolina have taken issue with being ridiculed by the internet and want to set the record straight. According to the article: "Usually what happens in Woodland stays in Woodland, a town 115 miles east of Raleigh with one Dollar General store and one restaurant. But news of the Northampton County hamlet's moratorium on solar farms blew up on social media over the weekend after a local paper quoted a resident complaining to the Town Council that solar farms would take away sunshine from nearby vegetation. Another resident warned that solar panels would suck up energy from the sun. As outlandish as those claims seem, town officials say the Internet got it wrong." -
CISA Surveillance Bill Hidden Inside Last Night's Budget Bill (engadget.com)
An anonymous reader writes that the Cybersecurity Information Sharing Act (CISA) was inserted into the omnibus budget deal passed by the House of Representatives late last night. Engadget reports: "Last night's budget bill wasn't all about avoiding a government shutdown. Packed inside the 2,000-page bill announced by Speaker Paul Ryan (R-WI) is the full text of the controversial Cybersecurity Information Sharing Act (CISA) of 2015. If you'll recall, the measure passed the Senate back in October, leaving it up to the House to approve the bill that encourages businesses to share details of security breaches and cyber attacks. Despite being labeled as cybersecurity legislation, critics of CISA argue that it's a surveillance bill that would allow companies to share user info with the US government and other businesses. As TechDirt points out, this version of the bill stripped important protections that would've prevented directly sharing details with the NSA and required any personally identifying details to be removed before being shared. It also removes restrictions on how the government can use the data." -
Is OpenAI Solving the Wrong Problem? (hbr.org)
hype7 writes: The Harvard Business Review is running an article looking at the recently announced OpenAI initiative, and its decision to structure the venture as a non-profit. It goes on to ask some pretty provocative questions: why are the 21st century's greatest tech luminaries opting out of the system that made them so successful in order to tackle one of humanity's thorniest problems? "Implicit in this: You can do more good operating outside the bounds of capitalism than within them. Coming from folks who are at the upper echelons of the system, it’s a pretty powerful statement." And, if the underlying system that we all operate in is broken, is creating a vehicle without the profit motive inside of it going to be enough? -
Seattle Passes First Uber Drivers' Union Into Law (thestack.com)
An anonymous reader writes: The city council of Seattle has unanimously voted in favour of a proposal which will require Uber — and driving-related companies which operate on the same principle — to allow its drivers to be represented by a union, the first of its kind in the US. The lead-up to the vote was hallmarked by opposition from Seattle's mayor Ed Murray, and by a publicity campaign from Uber, which opposed the bill. Though the law will allow collective bargaining for drivers which are effectively on zero-hours contracts, any effect it has on current disputes as to whether Uber drivers are employees or contractors will be ambient rather than direct. -
Seattle Passes First Uber Drivers' Union Into Law (thestack.com)
An anonymous reader writes: The city council of Seattle has unanimously voted in favour of a proposal which will require Uber — and driving-related companies which operate on the same principle — to allow its drivers to be represented by a union, the first of its kind in the US. The lead-up to the vote was hallmarked by opposition from Seattle's mayor Ed Murray, and by a publicity campaign from Uber, which opposed the bill. Though the law will allow collective bargaining for drivers which are effectively on zero-hours contracts, any effect it has on current disputes as to whether Uber drivers are employees or contractors will be ambient rather than direct. -
Netflix To Re-Encode Entire 1 Petabyte Video Catalogue In 2016 To Save Bandwidth (variety.com)
An anonymous reader writes: Netflix has spent four years developing a new and more efficient video-encoding process that can shave off 20% in terms of space and bandwidth without reducing the quality of streamed video. With streaming video accounting for 70% of broadband use, the saving is much-needed, although the advent of 4K streaming, higher frame rates and HDR are likely to account for it all soon after. Netflix video algorithms manager Anne Aaron explained to Variety that certain types of video benefit little from the one-size-fits-all compression approach that Netflix has been using until now: "You shouldn't allocate the same amount of bits for My Little Pony as for The Avengers." -
Carly Fiorina Says Government Needs a Way To "Work Around" Encryption (dailydot.com)
Patrick O'Neill writes: Carly Fiorina wants the government to be able to "work around" encryption to aid intelligence agencies and law enforcement in their investigations, she said on Monday. The Republican presidential candidate and former HP CEO shifted the focus of her campaign to national security two days before the last Republican debate of 2015. Fiorina is the latest but not the first presidential candidate to weigh in on the encryption debate that has taken on a new life since terrorist attacks in Paris and California. -
Carly Fiorina Says Government Needs a Way To "Work Around" Encryption (dailydot.com)
Patrick O'Neill writes: Carly Fiorina wants the government to be able to "work around" encryption to aid intelligence agencies and law enforcement in their investigations, she said on Monday. The Republican presidential candidate and former HP CEO shifted the focus of her campaign to national security two days before the last Republican debate of 2015. Fiorina is the latest but not the first presidential candidate to weigh in on the encryption debate that has taken on a new life since terrorist attacks in Paris and California. -
Tor Hires Former EFF Chief As Executive Director (cio.com)
itwbennett writes: Shari Steele, a 20-year veteran of the Electronic Frontier Foundation (EFF), has been hired as executive director of the Tor Project, the widely used anonymity tool that frequently comes up in debates over encryption and privacy. Steele, who started at EFF as a staff attorney, then legal director and eventually executive director, comes on board at a time when Tor has been embroiled in controversy. In November, the organization accused the FBI of paying Carnegie Mellon University $1 million for information on security issues that later facilitated arrests related to online drug markets. -
A Typo Almost Derailed Paris Climate Deal (nytimes.com)
An anonymous reader writes: On Saturday, world leaders completed an ambitious international agreement to address climate change. But when the officials received the first copy of what was supposed to be the final draft, a one-word mistake threatened to derail their progress. Part of the agreement involved language that encouraged wealthy nations to provide monetary aid to poorer nations in order to help transition to more sustainable systems. But the draft used the word "shall," which would have made it a legally-binding requirement. U.S. Secretary of State John Kerry pushed back on the change, noting that previous versions of the document had used the word "should" instead. Officials tried to quickly figure out whether the swap had been made intentionally. Ultimately, they classified it as a typo, and hurriedly prepared a corrected version of the document, which was adopted without incident. -
Google Favors Less-Regulated UK For Self-Driving Car Development (telegraph.co.uk)
An anonymous reader writes: According to documents obtained by The Telegraph, Google considers the UK a key market for development of its self-driving car program. In one of the five meetings the documents describe, Sarah Hunter, head of Google's experimental SDV division, commented that the company is "very positive about the non-regulatory approach being taken in the UK [which] places the UK in a good position and could be seen as an example of best practice." Google has also escaped excessive regulation in the area of drone development by pursuing Project WinG in the easier regulatory climes of Australia. -
HHVM Beats Stable Version of PHP 7.0 In Recent Benchmark (kinsta.com)
campuscodi writes: PHP7 and HHVM have been exchanging punches for a while via benchmarks. While the PHP supporters were always saying, just wait until the stable version comes out, well... the stable version is out, and a recent benchmark reveals that "HHVM beats PHP7.0 hands down." Compared on: WordPress, Magento, Drupal8, Laravel, PyroCMS, and October CMS. You can still be a "PHP supporter" and favor HHVM, which "serves as an execution engine for the PHP and Hack programming languages." -
Mozilla Hands Out Open Source Awards (mozilla.org)
An anonymous reader writes: A couple months ago, we discussed news that Mozilla was planning to give back to the open source projects they rely on, to the tune of $1 million. Now, Mozilla has announced the first round of awards, giving out $503,000 in the process. The biggest payout, $200,000, went to Bro, who makes network monitoring software. They plan to use the funds to create "a public repository for sharing 3rd-party scripts and plug-ins." The Django project received $150,000, and they'll use it to "rewrite the core of Django to support (among other things) WebSockets and background tasks," and a few other goodies. Mercurial was awarded $75,000, which will go toward "better support for 'blame' (showing who last changed some code) and a better web UI." Also receiving awards were Read The Docs ($48,000), Discourse ($25,000), CodeMirror ($20,000), and BuildBot ($15,000). -
Write the Docs Helps Create FLOSS Software Documentation (Video #2)
Say hello once again to David Smatlak, who works with Write the Docs -- a group that started some years back as Read the Docs.They have conferences in the U.S.and Europe, and Meetups in over a dozen cities. We ran a conversation with David Wednesday, but couldn't fit all he had to say into one video, so here he is again, with additional info that tags onto Wednesday's video. -
SHA-1 Cutoff Could Block Millions of Users From Encrypted Websites (csoonline.com)
itwbennett writes: As previously reported on Slashdot, browser makers are considering an accelerated retirement of the older and increasingly vulnerable SHA-1 function. But Facebook and CloudFlare are warning some 37 million users of old browsers and operating systems that don't support SHA-2 will be left without access to encrypted websites. The majority of them are located in some of the "poorest, most repressive, and most war-torn countries in the world," CloudFlare's CEO Matthew Prince said Wednesday in a blog post. Facebook has solved this problem by building a mechanism that allows its certificates to be switched automatically based on the browser used by the visitor. -
"Happy Birthday To You" Set To Finally Reach the Public Domain
schnell writes: The New York Times reports that "the world's most popular song" is at last poised to be released into the public domain. From the story: "In September, a federal judge ruled that Warner Music, the song's publisher, did not have a valid copyright claim to 'Happy Birthday,' which has been estimated to collect $2 million a year in royalties. But what that ruling meant for the future of the song — and Warner's liability — was unclear, and a trial had been set to begin next week. In a filing on Tuesday in United States District Court in Los Angeles, the parties in the case said they had agreed to a settlement to end the case. The terms of that deal are confidential. But if the settlement is approved by the court, the song is expected to formally enter the public domain." (We mentioned the case in September, too.) -
Quantum Computer Security? NASA Doesn't Want To Talk About It (csoonline.com)
itwbennett writes: At a press event at NASA's Advanced Supercomputer Facility in Silicon Valley on Tuesday, the agency was keen to talk about the capabilities of its D-Wave 2X quantum computer. 'Engineers from NASA and Google are using it to research a whole new area of computing — one that's years from commercialization but could revolutionize the way computers solve complex problems,' writes Martyn Williams. But when questions turned to the system's security, a NASA moderator quickly shut things down [VIDEO], saying the topic was 'for later discussion at another time.' -
Interviews: Ask Attorney and Author Mike Godwin a Question
Mike Godwin worked as the first staff counsel of the EFF and served as general counsel for the Wikimedia Foundation. He has been a contributing editor of Reason magazine and was elected to the Open Source Initiative board in 2011. Mike is probably best known however for coining the internet adage Godwin's Law. He is currently general counsel and director of innovation policy at the R Street Institute. Mike has given us some of his time to answer any questions you may have. As usual, ask as many as you'd like, but please, one question (and one comparison involving Nazis or Hitler) per post. -
Japan Releases AKATSUKI's Pictures of Venus (discovery.com)
astroengine writes: The Japanese space agency JAXA has released a confirmation that their Venus mission Akatsuki did indeed enter orbit at Venus on Dec. 7 (JST) — releasing unprocessed images of the Venusian atmosphere as it entered orbit. The spacecraft is currently in a highly-elliptical 13-day, 14-hour orbit around the planet, coming within 400 kilometers (248 miles) at its closest point and reaching 440,000 kilometers (243,400 miles) away at its farthest. This mission has just become the most unlikely success story of 2015 after "missing" its intended Venus orbit way back in 2010. -
How the Thirty Meter Telescope Ruling Will Impact Future Astronomy Projects (forbes.com)
StartsWithABang writes: If you want to explore the Universe, you need a telescope with good light gathering power, a high-quality camera to make the most out of each photon, and a superior observing location, complete with dark skies, clear nights, and still, high-altitude air. There are only a few places on Earth that have all of these qualities consistently, and perhaps the best one is atop Mauna Kea on Hawaii. Yet generations of wrongs have occurred to create the great telescope complex that's up there today, and astronomers continue to lease the land for far less than it's worth despite violating the original contract. That's astronomy as we know it so far, and perhaps the Mauna Kea protests signal a long awaited end to that. -
Volkswagen Says Carbon Deviations Much Smaller Than Suspected (wsj.com)
An anonymous reader writes: Back in November, shortly after the Volkswagen emissions scandal broke, the company voluntarily disclosed the results of a quick internal probe which found that 800,000 more vehicles had inconsistencies with their CO2 output. After investigating the issue more fully, the company now says the vast majority of those cars — all but 36,000 — check out just fine. "Following extensive internal investigations and measurement checks, it is now clear that almost all of these model variants do correspond to the CO2 figures originally determine," they said. A report at the Wall Street Journal (paywalled) notes that this is good news, but reminds us that "Volkswagen has yet to clarify the much larger issue of how it came to outfit some 11 million diesel vehicles to cheat in emissions testing for nitrogen oxide."