Slashdot Mirror

thegarbz writes: Denuvo, the darling of the DRM industry was once considered by publishers to be the final solution to piracy. Slashdot has documented the slow decline of Denuvo from stories in 2014, and 2016 where publishers were praising Denuvo's success at mitigating piracy for weeks, to its slow decline last year where games were being cracked within "hours" of release. The popular wisdom of publishers in the past considered DRM worth while as it thwarts piracy during the critical sales spike when games are first released. Last week saw Hitman 2, the latest Denuvo protected game get cracked in a short time. The kicker, the game isn't officially released until this Thursday.

Publishers are now eroding the potential sale day advantage of DRM through the latest practice of offering games for early release in an attempt to secure an ever larger number of pre-orders for popular titles. This leads to the obvious question: Does DRM make financial sense to include in titles if they risk being cracked before release date? Conversely, does releasing games early to selected customers make financial sense if it results in the DRM being cracked before release?

thegarbz writes: Denuvo, the darling of the DRM industry was once considered by publishers to be the final solution to piracy. Slashdot has documented the slow decline of Denuvo from stories in 2014, and 2016 where publishers were praising Denuvo's success at mitigating piracy for weeks, to its slow decline last year where games were being cracked within "hours" of release. The popular wisdom of publishers in the past considered DRM worth while as it thwarts piracy during the critical sales spike when games are first released. Last week saw Hitman 2, the latest Denuvo protected game get cracked in a short time. The kicker, the game isn't officially released until this Thursday.

Publishers are now eroding the potential sale day advantage of DRM through the latest practice of offering games for early release in an attempt to secure an ever larger number of pre-orders for popular titles. This leads to the obvious question: Does DRM make financial sense to include in titles if they risk being cracked before release date? Conversely, does releasing games early to selected customers make financial sense if it results in the DRM being cracked before release?

Microsoft on Wednesday resumed the rollout of Windows 10 version 1809. The re-release of the so-called October 2018 Update comes more than five weeks after the company pulled the original installation files from its download servers and stopped its scheduled delivery through Windows Update. From a report: In a blog post, Microsoft's John Cable, the director of Program Management for Windows Servicing and Delivery, says the data-destroying bug that triggered that unprecedented decision, as well as other quality issues that emerged during the unscheduled hiatus, have been "thoroughly investigated and resolved."

Microsoft on Wednesday resumed the rollout of Windows 10 version 1809. The re-release of the so-called October 2018 Update comes more than five weeks after the company pulled the original installation files from its download servers and stopped its scheduled delivery through Windows Update. From a report: In a blog post, Microsoft's John Cable, the director of Program Management for Windows Servicing and Delivery, says the data-destroying bug that triggered that unprecedented decision, as well as other quality issues that emerged during the unscheduled hiatus, have been "thoroughly investigated and resolved."

An anonymous reader writes: WannaCry, once the greatest cybersecurity calamity in history, now doesn't work. A website critical to its function is now controlled by civic-minded security researchers, and the fixed deadline to pay the ransom has long passed. Yet WannaCry still accounts for 28% of ransomware attacks -- the most of any ransomware family. According to a new study by Kaspersky Lab, the defanged North Korea linked ransomware is still spreading uncontrollably. The spreading mechanism that passed WannaCry from victim to victim that was so virulent in the 2017 attack is still active, even if the ransomware itself isn't. The firm discovered that since the WannaCry outbreak in May 2017 has affected 74,621 users across the globe.

An anonymous reader writes: WannaCry, once the greatest cybersecurity calamity in history, now doesn't work. A website critical to its function is now controlled by civic-minded security researchers, and the fixed deadline to pay the ransom has long passed. Yet WannaCry still accounts for 28% of ransomware attacks -- the most of any ransomware family. According to a new study by Kaspersky Lab, the defanged North Korea linked ransomware is still spreading uncontrollably. The spreading mechanism that passed WannaCry from victim to victim that was so virulent in the 2017 attack is still active, even if the ransomware itself isn't. The firm discovered that since the WannaCry outbreak in May 2017 has affected 74,621 users across the globe.

An anonymous reader shares an analysis: Last month, AI-generated art arrived on the world auction stage under the auspices of Christie's, proving that artificial intelligence can not only be creative but also produce world class works of art -- another profound AI milestone blurring the line between human and machine. Naturally, the news sparked debates about whether the work produced by Paris-based art collective Obvious could really be called art at all. Popular opinion among creatives is that art is a process by which human beings express some idea or emotion, filter it through personal experience and set it against a broader cultural context -- suggesting then that what AI generates at the behest of computer scientists is definitely not art, or at all creative.

The story raised additional questions about ownership. In this circumstance, who can really be named as author? The algorithm itself or the team behind it? Given that AI is taught and programmed by humans, has the human creative process really been identically replicated or are we still the ultimate masters? At GumGum, an AI company that focuses on computer vision, we wanted to explore the intersection of AI and art by devising a Turing Test of our own in association with Rutgers University's Art and Artificial Intelligence Lab and Cloudpainter, an artificially intelligent painting robot. We were keen to see whether AI can, in fact, replicate the intent and imagination of traditional artists, and we wanted to explore the potential impact of AI on the creative sector.

[...] Intriguingly, while at face value the AI artwork was indistinguishable from that of the more traditional artists, the test highlighted that the creative spark and ultimate agency behind creating a work of art is still very much human. Even though the Cloudpainter machine has evolved over time to become a highly intelligent system capable of making creative decisions of its own accord, the final piece of work could only be described as a collaboration between human and machine. Van Arman served as more of an "art director" for the painting. Although Cloudpainter made all of the aesthetic decisions independently, the machine was given parameters to meet and was programed to refine its results in order to deliver the desired outcome. This was not too dissimilar to the process used by Obvious and their GAN AI tool.

Doxing rivals, stealing each other's files, and poking around Nintendo's servers are all a normal part of the ballooning Nintendo Switch hacking and piracy scenes. Joseph Cox, reports for Motherboard: The Switch piracy community -- much of which operates on the gamer-focused chat app Discord -- is full of ingenuity, technical breakthroughs, and evolving cat-and-mouse games between the multi-billion dollar Nintendo and the passionate hackers who love the company but nonetheless illegally steal its games. Pirates deploy malware to steal each other's files so they can download more games themselves. Groups deliberately plant code into others' Switches so they no longer work. And some people in the scene have been doxed, meaning they've had their personal information published online.

Pirating games for the Switch is not technically straightforward. Instead, there's a complex supply chain constantly grinding away that helps people source and play unreleased games. There are reverse engineers who figure out how Nintendo's own tools work, so hackers can then use them for their own advantage. There are coders who make programs to streamline the process of downloading or running games. Reviewers, developers, or YouTubers with access to games before general Switch users often leak unlock codes or other information to small groups, which then may trickle out to the wider community.

[...] To release a game, pirates may dump a copy from the physical cartridge; they can do this before the game releases in the United States by sourcing the cartridge from an Australian store, which releases earlier because of the time difference. But this only gets a game out one or two days before official release. For the more sought-after and early dumps, pirates often manage to grab a copy from Nintendo's eShop, the company's digital download game store that is built into the Switch. Here, pirates will likely use a piece of hacker-made software on their computers to talk to Nintendo's servers, one pirate who uploads large archives of games explained to Motherboard in an online chat. The files can sometimes be downloaded early by anyone (by design), and are encrypted and need a so-called "titlekey" to unlock them and make the game playable. Further reading: Nintendo 'Wins' $12 Million From Pirate ROM Site Operators.

Google suffered a brief outage and slowdown Monday, with some of its traffic getting rerouted through networks in Russia, China and Nigeria. From a report: Incorrect routing instructions sent some of the search giant's traffic to Russian network operator TransTelekom, China Telecom (which, as you may recall, has been found of misdirecting internet traffic in recent months) and Nigerian provider MainOne between 1:00 p.m. and 2:23 p.m. PT, according to internet research group ThousandEyes. "This incident at a minimum caused a massive denial of service to G Suite and Google Search," wrote Ameet Naik, ThousandEyes' technical marketing manager, in a blog post. "However, this also put valuable Google traffic in the hands of ISPs in countries with a long history of Internet surveillance. Applications like Gmail and Google Drive don't appear to have been affected, but YouTube users experienced some slowdown. Google noted that the issue was resolved and said it would conduct an internal investigation. Update: Nigeria's Main One Cable Co has taken responsibility for the glitch.

S&P 500 executives are dropping blockchain buzzwords less on earnings calls and during presentations to analysts and investors. Analysts are also asking about it less. From a report: The hype was just that. The odds of a company turning blockchain "headlines into reality" are slim, as Forrester Research predicts. The prospect of incorporating blockchain technology or cryptocurrency into businesses excited investors and drove up share prices temporarily -- just look at Kodak, beverage company Long Blockchain, or Hooters franchisee Chanticleer Holdings -- so it's no wonder executives wanted shareholders to know that they too might get in on the new technologies. At the peak earlier this year, "blockchain" was mentioned 173 times, according to an analysis of company transcripts by Axios. The number has since fallen as much as 80%.

S&P 500 executives are dropping blockchain buzzwords less on earnings calls and during presentations to analysts and investors. Analysts are also asking about it less. From a report: The hype was just that. The odds of a company turning blockchain "headlines into reality" are slim, as Forrester Research predicts. The prospect of incorporating blockchain technology or cryptocurrency into businesses excited investors and drove up share prices temporarily -- just look at Kodak, beverage company Long Blockchain, or Hooters franchisee Chanticleer Holdings -- so it's no wonder executives wanted shareholders to know that they too might get in on the new technologies. At the peak earlier this year, "blockchain" was mentioned 173 times, according to an analysis of company transcripts by Axios. The number has since fallen as much as 80%.

Question: what is entertainment's highest-grossing weekend debut of all time? Hint: It only took place two weeks ago. From a report: It was claimed by a Western-themed video game called Red Dead Redemption 2 -- the second in a series dubbed 'Grand Theft Auto on horseback' -- which generated over $725m in just three days. The wording above ('highest-grossing weekend debut') has been carefully chosen. Because the highest-grossing entertainment launch of all time actually kicked off on a Tuesday, in September, 2013. That launch was Grand Theft Auto V, another video game, which grossed more than $1bn during its opening 72 hours on sale. Both Red Dead Redemption and Grand Theft Auto are made by Rockstar Games -- a New York-HQ'd interactive entertainment company famed for its ability to bring filmic sophistication to the world of PlayStations and Xboxes, and for its ability to generate billions upon billions of dollars by doing so.

Ready for this? The Grand Theft Auto franchise, and the core team behind Rockstar's success, were, unbelievably, both once part of the music business. They were allowed to leave 20 years ago. For an absolute pittance. Let's rewind. Back in 1990, London-born Sam Houser, aged 19, landed a dream first job -- working in the post-room at BMG's UK HQ. Houser then supplemented his university studies by continuing to work at BMG for the next four years, focusing on pop music videos and VHS releases. By 1994, he'd graduated, and took a full-time role within BMG's new interactive entertainment division. Houser, it turned out, had a natural talent for 'A&R'ing' video games -- spotting titles that would sell big and signing them up as a label would an artist -- and, by 1996, he was named Head of Development at BMG Interactive in the UK. Got your palm located somewhere roughly near your forehead? Good. Prepare for the two to forcibly meet.

Interactive released Grand Theft Auto, a 2D action-adventure game, which saw players fulfilling the objectives of criminal overlords across three cities. The title was a commercial smash in the US and Europe -- yet it emerged amid serious corporate turbulence. In March 1998, convinced that its foray into video games had been a waste of time and money, BMG -- under the instruction of owner Bertelsmann -- agreed to sell off BMG Interactive. According to Sam Houser, BMG let the company go, to New York-based Take Two Interactive, for a total consideration of $9m. (For those who can see where this narrative is going: Red Dead Redemption 2 generated that $9m back within an hour of going on sale last month.) The story doesn't end there.

ZDNet's Steven J. Vaughan-Nichols argues that the founder of Oculus, Palmer Luckey, wasn't fired because of his political views, as a recently-published Wall Street Journal article suggests, but because the virtual-reality company lost a $500 million intellectual property theft case to game maker ZeniMax. An anonymous reader shares the report: According to The Wall Street Journal, Palmer Luckey, the founder of Oculus, a virtual reality company, was fired by Facebook because "he donated $10,000 to an anti-Hillary Clinton group" during the 2016 U.S. Presidential campaign. But the article fails to mention a simple little fact: On Feb. 1, 2017, Oculus lost an intellectual property (IP) theft case against game maker ZeniMax, to the tune of $500 million. So, if one of your employees just cost your company a cool half-billion bucks for doing wrong what would you do? Well, Facebook isn't saying, even now, but on March 30, 2017, it let Luckey go.

Yes, Luckey also lied about his political moves, which went well beyond donating to an anti-Hillary billboard campaign. But let's look at the record. Everyone knew he'd lied by Feb. 22, 2016. Was he fired then? No. Was he fired after being found guilty of stealing ZeniMax's trade secrets? Yes. Officially, Facebook stated: "All details associated with specific personnel matters are kept strictly confidential. This is our policy for all employees, no matter their seniority. But we can say unequivocally that Palmer's departure was not due to his political views." Let me spell it out for you: He made some political waves. Nothing happened. He cost Facebook $500 million. He was fired. Can anyone here seriously not draw the lines between the dots?

ZDNet's Steven J. Vaughan-Nichols argues that the founder of Oculus, Palmer Luckey, wasn't fired because of his political views, as a recently-published Wall Street Journal article suggests, but because the virtual-reality company lost a $500 million intellectual property theft case to game maker ZeniMax. An anonymous reader shares the report: According to The Wall Street Journal, Palmer Luckey, the founder of Oculus, a virtual reality company, was fired by Facebook because "he donated $10,000 to an anti-Hillary Clinton group" during the 2016 U.S. Presidential campaign. But the article fails to mention a simple little fact: On Feb. 1, 2017, Oculus lost an intellectual property (IP) theft case against game maker ZeniMax, to the tune of $500 million. So, if one of your employees just cost your company a cool half-billion bucks for doing wrong what would you do? Well, Facebook isn't saying, even now, but on March 30, 2017, it let Luckey go.

Yes, Luckey also lied about his political moves, which went well beyond donating to an anti-Hillary billboard campaign. But let's look at the record. Everyone knew he'd lied by Feb. 22, 2016. Was he fired then? No. Was he fired after being found guilty of stealing ZeniMax's trade secrets? Yes. Officially, Facebook stated: "All details associated with specific personnel matters are kept strictly confidential. This is our policy for all employees, no matter their seniority. But we can say unequivocally that Palmer's departure was not due to his political views." Let me spell it out for you: He made some political waves. Nothing happened. He cost Facebook $500 million. He was fired. Can anyone here seriously not draw the lines between the dots?

An anonymous reader shares a report from The Verge about Apple's new security-focused T2 chip found in the newest Mac computers. The introduction of the chip "has renewed concerns that Apple is trying to further lock down its devices from third-party repair services," The Verge reports. From the report: The T2 is "a guillotine that [Apple is] holding over" product owners, iFixit CEO Kyle Wiens told The Verge over email. That's because it's the key to locking down Mac products by only allowing select replacement parts into the machine when they've come from an authorized source -- a process that the T2 chip now checks for during post-repair reboot. "It's very possible the goal is to exert more control over who can perform repairs by limiting access to parts," Wiens said. "This could be an attempt to grab more market share from the independent repair providers. Or it could be a threat to keep their authorized network in line. We just don't know." Apple confirmed to The Verge that this is the case for repairs involving certain components on newer Macs, like the logic board and Touch ID sensor, which is the first time the company has publicly acknowledged the tool's use. But Apple could not provide a list of repairs that required this or what devices were affected. It also couldn't say whether it began this protocol with the iMac Pro's introduction last year or if it's a new policy instituted recently.

First revealed last month by MacRumors and Motherboard, both of which got their hands on an internal Apple document, the T2 chip could render a computer inoperable if, say, the logic board is replaced, unless the chip recognizes a special piece of diagnostic software has been run. That means if you wanted to repair certain key parts of your MacBook, iMac, or Mac mini, you would need to go to an official Apple Store or a repair shop that's part of the company's Authorized Service Provider (ASP) network. If you want to repair or rebuild portions of those devices on your own, you simply can't -- at least, according to this document. The parts affected, according to the document, are the display assembly, logic board, top case, and Touch ID board for the MacBook Pro, and the logic board and flash storage on the iMac Pro. It is also likely that logic board repairs on the new MacBook Air and Mac mini are affected, as well as the Mac mini's flash storage. Yet, the document, which is believed to have been distributed earlier this year, does not mention those products because they were unannounced at the time. Regardless, to replace those parts, a technician would need to run what's known as the AST 2 System Configuration suite, which Apple only distributes to Apple Stores and certified ASPs. So DIY shops and those out of the Apple network would be out of luck.

YouTube CEO Susan Wojcicki has again hit out at proposed new European Union copyright rules which she claims is impossible for a platform like YouTube to comply with, and if done so, could harm the creative industries. Wojcicki said the European Parliament's vote in favor of an overhaul to copyright law two months ago is "unrealistic" because owners often disagree on who owns the rights to online material. In a blog post, she wrote: Take the global music hit "Despacito." This video contains multiple copyrights, ranging from sound recording to publishing rights. Although YouTube has agreements with multiple entities to license and pay for the video, some of the rights holders remain unknown. That uncertainty means we might have to block videos like this to avoid liability under article 13. Multiply that risk with the scale of YouTube, where more than 400 hours of video are uploaded every minute, and the potential liabilities could be so large that no company could take on such a financial risk.

The consequences of article 13 go beyond financial losses. EU residents are at risk of being cut off from videos that, in just the last month, they viewed more than 90bn times. Those videos come from around the world, including more than 35m EU channels, and they include language classes and science tutorials as well as music videos. We welcome the chance to work with policymakers and the industry to develop a solution within article 13 that protects rights holders while also allowing the creative economy to thrive. This could include more comprehensive licensing agreements, collaboration with rights holders to identify who owns what, and smart rights management technology, similar to Content ID.

The Firefox Test Pilot team on Monday rolled out two new experimental features, one of which is aimed to make this year's holiday shopping a bit easier on your wallet. It's called Price Wise, and it's an online shopping comparison tool that lets you add items from across several retailers to a Price Watcher list. From a report: When a price drops, a notification is automatically sent to your browser, and you can click regardless of what web page you are currently on. For now, Price Wise tracks just five retailers -- Amazon, Best Buy, eBay, Walmart, and the Home Depot -- but the company said it's planning on expanding to cover more outlets in the future.

Elsewhere, Mozilla is also rolling out a new feature called Email Tabs as part of its early adopter program. While Mozilla already offers a service for bookmarking content to read later via Pocket, Email Tabs enables users to choose multiple tabs and send links to one or more of them to their Gmail address. There are a number of options here. Users can choose to send links with screenshots, just links, or links with full articles. Price Wise is only available to users in the U.S. for now.

China has been pushed into third place on a list of the world's most powerful supercomputers. From a report: The latest list by Top 500, published twice a year, puts two US machines -- Summit and Sierra -- in the top two places. The US has five entries in the top 10, with other entries from Switzerland, Germany and Japan. However, overall China has 227 machines in the top 500, while the US has 109. Summit can process 200,000 trillion calculations per second. Both Summit and Sierra were built by the tech giant IBM. China's Sunway TaihuLight supercomputer, which this time last year was the world's most powerful machine, is now ranked at number three, while the country also has the fourth spot in the list.

An anonymous reader shares a report: As the holiday shopping season approaches, voice-powered smart speakers are again expected to be big sellers, adding to the approximately one-quarter to one-third of the U.S. population that already owns a smart speaker and uses a voice assistant at least once a month. Voice interfaces have been adopted faster than nearly any other technology in history.

While some of this will likely come to pass, the hype might be disguising where we really are with voice technology: Earlier than we think. About a third of smart speaker owners end up using them less after the first month, according to an NPR and Edison Research report earlier this year. Just a little more than half said they wouldn't want to go back to life without a smart speaker. While people are certainly enthusiastic about the new technology, it's not exactly life-changing yet. Today, voice assistants and smart speakers have proven to be popular ways to turn on the radio or dim the lights or get weather information. But to be revolutionary, they will need to find a greater calling -- a new, breakout application.

Smart speakers, like training wheels, are getting people more used to talking to their devices. However, the future of voice probably won't be on speakers at all. The major speaker makers have all added screens to their assistants. Samsung, smartly, is putting its voice assistant Bixby on its TVs, which have the potential to become the smart assistant hub of choice. The key element is the voice assistant, regardless of what device it resides in. Smart assistants will creep into every aspect of our lives and will be available at home and away.

Netflix says it plans to begin testing lower-priced subscription in some markets in a bid to see if it will help the company boost the number of subscribers, CEO Reed Hastings told Bloomberg. The company has not identified the markets where it will be testing the lower-priced subscription, and has not clarified how soon it intends to conduct these tests. The company will likely consider Asian markets where it is having a tough time gaining the market share against local services that are much aggressively priced.

In a fireside chat in New Delhi, India, Twitter CEO Jack Dorsey said Monday the "follower count" metric on the social platform is meaningless. Talking in front of a live audience, the Twitter co-founder said it was probably unwise to include and emphasize on the follower count on his social network, a move he said the company did not realize while implementing it back in the day. "Back then, we were not really thinking about all the dynamics that could ensue afterwards," he said.

"One of the things we did was we had people follow each other -- so you can be a follower of someone," Dorsey said, explaining the thinking that went into carving some of the core features of Twitter. The company listed the number of people you had, and "made the font size a little bit bigger than everything else on the page. We did not really think much about it and moved on to the next problem to solve. What that has done is we put all the emphasis, not intending to, on that number of how many people follow me. So if that number is big and bold, what do people want to do with it? They want to make it go up."

"So when you open Twitter and you see that number is five. It is actually incentivizing you to increase that number. That may have been right 12 years ago, but I don't think it is right today. I don't think that's the number you should be focused on. I think what is more important is the number of meaningful conversations you're having on the platform. How many times do you receive a reply?"

Dorsey's remarks comes as he has publicly acknowledged that the company is rethinking about some of the core features of Twitter. late last month, a report claimed that Twitter was also thinking about discontinuing the "likes" feature -- Twitter neither confirmed nor denied it. On Monday, Dorsey reaffirmed that focusing on number of likes and retweets is not healthy.

Dorsey is not the only Twitter co-founder who has, of late, shown disdain for the follower count. Last week, Ev Williams expressed a similar sentiment. "I think showing follower counts was probably ultimately detrimental. It really put in your face that the game was popularity," he said at a conference.

harrymcc writes: Content-distribution network Cloudflare has introduced iOS and Android versions of 1.1.1.1, a free service which helps shield you from snoops by replacing your standard DNS with its encrypted (and speedy) alternative. The mobile incarnation of the PC service it launched last April, the apps don't require you to do anything other than downloaded and install them, give your device permission to install a VPN, and flip a switch -- making them approachable for the masses, not just geeks.

Microsoft will add mouse and keyboard support to the Xbox One next week, the company announced during its X018 gaming event. From a report: In a surprising twist, Fortnite will be one of the first games to take advantage of the new feature. This update has been discussed for years, but the feature was given a concrete launch window back in September of this year, when Microsoft claimed that Warframe would be playable with a mouse and keyboard in October. The free-to-play first-person shooter will still be among the earliest games to enable this control option. Here's a roundup of everything else Microsoft announced at the gaming conference.

An anonymous reader writes: The Ruby programming language is impacted by a similar "deserialization issue" that has affected and wreaked havoc in the Java ecosystem in 2016; an issue that later also proved to be a problem for .NET and PHP applications as well. Researchers published proof-of-concept code this week showing how to exploit serialization/deserialization operations supported by the built-in features of the Ruby programming language itself.

"Versions 2.0 to 2.5 are affected," researchers said. "There is a lot of opportunity for future work including having the technique cover Ruby versions 1.8 and 1.9 as well as covering instances where the Ruby process is invoked with the command line argument --disable-all," the elttam team added. "Alternate Ruby implementations such as JRuby and Rubinius could also be investigated."

The deserialization issues can be used for remote code execution and taking over vulnerable servers. While .NET and PHP were affected, it was Java until now that has faced the biggest issues with deserialization, earlier this year, Oracle announcing it was dropping deserialization support from the Java language's standard package.

An anonymous reader quotes Fortune: Facebook is the least trustworthy of all major tech companies when it comes to safeguarding user data, according to a new national poll conducted for Fortune, highlighting the major challenges the company faces following a series of recent privacy blunders. Only 22% of Americans said that they trust Facebook with their personal information, far less than Amazon (49%), Google (41%), Microsoft (40%), and Apple (39%)....

In question after question, respondents ranked the company last in terms of leadership, ethics, trust, and image... Public mistrust extended to Zuckerberg, Facebook's public face during its privacy crisis and who once said that Facebook has "a responsibility to protect your information, If we can't, we don't deserve it." The company subsequently fell victim to a hack but continued operating as usual, including debuting a video-conferencing device intended to be used in people's living rooms or kitchens and that further extends Facebook's reach into more areas outside of personal computers and smartphones. Only 59% of respondents said they were "at least somewhat confident" in Zuckerberg's leadership in the ethical use of data and privacy information, ranking him last among four other tech CEOS...

As for Facebook, the social networking giant may have a difficult time regaining public trust because of its repeated problems. Consumers are more likely to forgive a company if they believe a problem was an aberration rather than a systemic failure by its leadership, Harris Poll CEO John Gerzema said.
The article concludes that "For now, the public isn't in a forgiving mood when it comes to Facebook and Zuckerberg."

Long-time Slashdot reader RockDoctor writes: A paper published on Arxiv last week reports on a project to redetermine the "orbits of long period comets... We recently attempted to check, whether the assumption of a parabolic orbit for hundreds of comets discovered after 1950 is fully justified in all cases." The full work by Królikowska & Dybczynski remains in preparation (which is perfectly normal), but this intriguing result deserved early attention.

During this research we found an interesting case of the comet C/2014 W10 PANSTARRS.

(that's the 10th reported comet in fortnight W of year 2014, source : the PANSTARRS team)

After discovery on 2014-11-25, fourteen observations were made over three days, giving a first-estimate orbit with an eccentricity of 0.6039453. So far, so boring — as the temporary designation suggests, these get found on most days. But that orbit is subject to uncertainty so some more measurements were made on 2014-12-22 from a different observatory. When all of the data is considered, it becomes impossible to clearly assign an orbit to this object (this is possible if, for example, there is a fragmentation of the object between observations), but many of the solutions which can be obtained have a hyperbolic orbit — that is, the object is extra-solar.

If correct, this "post-covery" would double the size of the catalogue of interstellar objects known.

Unfortunately, the quality of the original data remains poor — estimates of the orbital eccentricity vary between 1.22 and 1.65 — which is in contrast to the prompt recognition and intense observation campaign for 'Oumuamua. The report's main conclusion is that

Our main purpose is to show that similar cases should be treated in future with greater care by more reliable preliminary orbit determination and alerting observers about the importance of the object to initiate more follow-up observations.

Which is exactly what happened with 'Oumuamua.

"A Russian security researcher has published details about a zero-day vulnerability affecting VirtualBox, an Oracle software application for running virtual machines," reports ZDNet. According to a text file uploaded on GitHub, Saint Petersburg-based researcher Sergey Zelenyuk has found a chain of bugs that can allow malicious code to escape the VirtualBox virtual machine (the guest OS) and execute on the underlying (host) operating system. Once out of the VirtualBox VM, the malicious code runs in the OS' limited userspace (kernel ring 3), but Zelenyuk said that attackers can use many of the already known privilege escalation bugs to gain kernel-level access (ring 0). "The exploit is 100% reliable," Zelenyuk said. "It means it either works always or never because of mismatched binaries or other, more subtle reasons I didn't account."

The Russian researcher says the zero-day affects all current VirtualBox releases, works regardless of the host or guest operating system the user is running, and is reliable against the default configuration of newly created VMs. Besides a detailed write-up of the entire exploit chain, Zelenyuk has also published video proof, showing the zero-day in action against an Ubuntu VM running inside VirtualBox on an Ubuntu host OS.
Long-time Slashdot reader Artem Tashkinov warns that the exploit utilizes "bugs in the data link layer of the default E1000 network interface adapter which makes this vulnerability critical for everyone who uses virtualization to run untrusted code." According to ZDNet, the same security researcher "found and reported a similar issue in mid-2017, which Oracle took over 15 months to fix."

"This lengthy and drawn-out patching process appears to have angered Zelenyuk, who instead of reporting this bug to Oracle, has decided to publish details online without notifying the vendor."

An anonymous reader quotes a report from CNBC: Facebook on Friday became the latest tech company to end a policy of requiring employees to settle claims of sexual harassment through private arbitration, according to a report by the Wall Street Journal. It will now allow employees to take these types of claims to court. Tech companies have long used arbitration as a method for handling instances of sexual harassment to prevent employees from suing them in court, but that's starting to change. Facebook's move comes shortly after a similar move this week by Google, which came after thousands of its employees walked out in protest last week over its handling of sexual harassment complaints. Additionally, Facebook changed its policy on office dating and will now require employees who are director level or higher to disclose if they are dating a colleague, the report said. Previously, the company only required disclosure if an employee was dating someone they supervised, according to the report.

An anonymous reader quotes a report from CNBC: Facebook on Friday became the latest tech company to end a policy of requiring employees to settle claims of sexual harassment through private arbitration, according to a report by the Wall Street Journal. It will now allow employees to take these types of claims to court. Tech companies have long used arbitration as a method for handling instances of sexual harassment to prevent employees from suing them in court, but that's starting to change. Facebook's move comes shortly after a similar move this week by Google, which came after thousands of its employees walked out in protest last week over its handling of sexual harassment complaints. Additionally, Facebook changed its policy on office dating and will now require employees who are director level or higher to disclose if they are dating a colleague, the report said. Previously, the company only required disclosure if an employee was dating someone they supervised, according to the report.

Late last month, HealthCare.gov suffered a data breach exposing 75,000 customers. Details were sparse at the time of the breach, but have now learned that hackers obtained "inappropriate access" to a number of broker and agent accounts, which "engaged in excessive searching" of the government's healthcare marketplace systems. TechCrunch reports: [The Centers for Medicare and Medicaid Services (CMS)] didn't say how the attackers gained access to the accounts, but said it shut off the affected accounts "immediately." In a letter sent to affected customers this week (and buried on the Healthcare.gov website), CMS disclosed that sensitive personal data -- including partial Social Security numbers, immigration status and some tax information -- may have been taken. According to the letter, the data included name, date of birth, address, sex, and the last four digits of the Social Security number (SSN), if SSN was provided on the application. Other information could include expected income, tax filing status, family relationships, whether the applicant is a citizen or an immigrant, immigration document types and numbers, employer name, pregnancy status, health insurance status, and more. The government did say that no bank account information was stolen.

Cord-cutting promised us that we won't have to pay the ludicrously large cable bills. But it turns out, as long as you do not just want to watch a very limited set of movies and TV shows, you will have to subscribe to any number of these services: Netflix, Amazon Prime Video, HBO Go, Hulu, and Disney+ (and more.) For some living outside the US, the situation has become even more dire as they browse through as many as three dozen services. This, in addition to making watching TV expensive, is also creating a number of other confusions. No wonder piracy is on rise again.

Cord-cutting promised us that we won't have to pay the ludicrously large cable bills. But it turns out, as long as you do not just want to watch a very limited set of movies and TV shows, you will have to subscribe to any number of these services: Netflix, Amazon Prime Video, HBO Go, Hulu, and Disney+ (and more.) For some living outside the US, the situation has become even more dire as they browse through as many as three dozen services. This, in addition to making watching TV expensive, is also creating a number of other confusions. No wonder piracy is on rise again.

Veteran technology columnist Ed Bott writes: "Windows as a service" sounded like a good idea in 2015, when Microsoft released Windows 10. But after a terrible October, Microsoft's Windows 10 problems continued in November. Yesterday, an unknown number of devices running Windows 10 suddenly lost their activation status; the owners of those devices were told that they no longer had a valid digital license and were running a "non-genuine copy of Windows." Those activation problems are now apparently resolved, but Microsoft hasn't offered an explanation or an apology. A company spokesperson declined to provide any additional details.

[...] In the Windows-as-a-service era, it's perfectly understandable that problems will occasionally crop up. But customers have a right to expect prompt, accurate notification when those problems occur, and Microsoft is failing badly in that responsibility. For its enterprise customers, Microsoft long ago realized the need for timely and accurate status updates. If your organization is experiencing a problem with Office 365, there's a Service Status dashboard where you can find out what's wrong. Microsoft Azure customers have a similar Azure status dashboard and can even check the resolution of previous problems on the Azure status history page. Windows 10 customers have no similar resources.

Veteran technology columnist Ed Bott writes: "Windows as a service" sounded like a good idea in 2015, when Microsoft released Windows 10. But after a terrible October, Microsoft's Windows 10 problems continued in November. Yesterday, an unknown number of devices running Windows 10 suddenly lost their activation status; the owners of those devices were told that they no longer had a valid digital license and were running a "non-genuine copy of Windows." Those activation problems are now apparently resolved, but Microsoft hasn't offered an explanation or an apology. A company spokesperson declined to provide any additional details.

[...] In the Windows-as-a-service era, it's perfectly understandable that problems will occasionally crop up. But customers have a right to expect prompt, accurate notification when those problems occur, and Microsoft is failing badly in that responsibility. For its enterprise customers, Microsoft long ago realized the need for timely and accurate status updates. If your organization is experiencing a problem with Office 365, there's a Service Status dashboard where you can find out what's wrong. Microsoft Azure customers have a similar Azure status dashboard and can even check the resolution of previous problems on the Azure status history page. Windows 10 customers have no similar resources.

YouTube wants to recommend things people will like, and the clearest signal of that is whether other people liked them. From a report: Pew found that 64 percent of recommendations went to videos with more than a million views. The 50 videos that YouTube recommended most often had been viewed an average of 456 million times each. Popularity begets popularity, at least in the case of users (or bots, as here) that YouTube doesn't know much about. On the other hand, YouTube has said in previous work describing its algorithm that users like fresher content, all else being equal. But it takes time for a post to build huge numbers of views and signal to the algorithm that it's worth promoting. So, the challenge becomes how to recommend "new videos that users want to watch" when those videos are new to the system and low in views. (Finding fresh, potentially hot videos is important, YouTube researchers have written, for "propagating viral content.")

Pew's research reflects this: About 5 percent of the recommendations went to videos with fewer than 50,000 views. The system learns from a video's early performance, and if it does well, views can grow rapidly. In one case, a highly recommended kids' video went from 34,000 views when Pew first encountered it in July to 30 million in August. The behavior of the system was explicable in a few other ways, too, especially as it adapted to making more clicks inside YouTube's system. First, as Pew's software made choices, the system selected longer videos. It's as if the software recognizes that the user is going to be around for a while, and starts to serve up longer fare. Second, it also began to recommend more popular videos regardless of how popular the starting video was.

An anonymous reader quotes a report from CNBC: Disney's new streaming service will be called Disney+ and launch in late 2019, CEO Bob Iger announced on the company's earnings call Thursday. The service will also feature new, original shows and movies, including original Marvel and Star Wars series. Marvel fan favorite character Loki, played by Tom Hiddleston, will get an original series on the Disney+ service. A prequel series to Star Wars movie "Rogue One" about the character Cassian Andor, portrayed by Diego Luna, will also call the service home.

Other original shows and movies include a rebooted version of The High School Musical franchise. It will also be a hub for animated content, including the next season of "Star Wars: The Clone Wars" and an new original animated series based on Pixar's "Monsters Inc." Exclusive movies include "Noel," a Christmas movie about Santa's daughter played by Anna Kendrick, and "Togo," a movie about the 1925 Nome Serum Run starring William DaFoe. Disney launched a placeholder website for Disney+ that shows off logos of brands like Pixar, National Geographic and Marvel. Last year, Disney announced that it would remove all its movies from Netflix in 2019 to entice consumers to use their own streaming offering. It also purchased Fox for $71.3 billion to bolster its library of content.

An anonymous reader quotes a report from CNBC: Disney's new streaming service will be called Disney+ and launch in late 2019, CEO Bob Iger announced on the company's earnings call Thursday. The service will also feature new, original shows and movies, including original Marvel and Star Wars series. Marvel fan favorite character Loki, played by Tom Hiddleston, will get an original series on the Disney+ service. A prequel series to Star Wars movie "Rogue One" about the character Cassian Andor, portrayed by Diego Luna, will also call the service home.

Other original shows and movies include a rebooted version of The High School Musical franchise. It will also be a hub for animated content, including the next season of "Star Wars: The Clone Wars" and an new original animated series based on Pixar's "Monsters Inc." Exclusive movies include "Noel," a Christmas movie about Santa's daughter played by Anna Kendrick, and "Togo," a movie about the 1925 Nome Serum Run starring William DaFoe. Disney launched a placeholder website for Disney+ that shows off logos of brands like Pixar, National Geographic and Marvel. Last year, Disney announced that it would remove all its movies from Netflix in 2019 to entice consumers to use their own streaming offering. It also purchased Fox for $71.3 billion to bolster its library of content.

Vine's co-founder, Dom Hofmann, has been working on "a follow-up to Vine" for over a year and we now know what the successor will be called and when it will be ready for the masses. According to The Verge, the "proper sequel will be called Byte, and it's coming in spring 2019." From the report: Not much else is known about how Byte will work, but Hofmann says it is officially the project formerly known as v2, which had a publicized and transparent development process with dedicated fan forums for around six months starting last November. Hofmann postponed v2 indefinitely in May of this year, citing funding and logistic issues, as well as his day job running an immersive entertainment studio called Innerspace VR. Hofmann kept the forums open to keep discussion going, and it seems like he's now squared away some type of funding to get v2 off the ground as Byte. We'll likely hear more soon, but it's just a relief to hear it's actually happening and that the six-second videos that shaped modern internet culture could be coming back in a big way.

Vine's co-founder, Dom Hofmann, has been working on "a follow-up to Vine" for over a year and we now know what the successor will be called and when it will be ready for the masses. According to The Verge, the "proper sequel will be called Byte, and it's coming in spring 2019." From the report: Not much else is known about how Byte will work, but Hofmann says it is officially the project formerly known as v2, which had a publicized and transparent development process with dedicated fan forums for around six months starting last November. Hofmann postponed v2 indefinitely in May of this year, citing funding and logistic issues, as well as his day job running an immersive entertainment studio called Innerspace VR. Hofmann kept the forums open to keep discussion going, and it seems like he's now squared away some type of funding to get v2 off the ground as Byte. We'll likely hear more soon, but it's just a relief to hear it's actually happening and that the six-second videos that shaped modern internet culture could be coming back in a big way.

In an email to staff on Thursday, Google CEO Sundar Pichai said the company would overhaul its sexual harassment policies, "meeting some of the demands of employees who organized historic walkouts across the globe," the Guardian reports. "Pichai said Google would end forced arbitration of sexual miconduct claims, revamp its investigations process, share data on harassment claims and outcomes, and provide new support systems for people who come forward. From the report: Some critics, however, said the commitments were inadequate, failed to address pay disparities, and ignored demands to improve the rights of temporary employees and contractors. Pichai said Google would now make arbitration "optional for individual sexual harassment and sexual assault claims," but noted that employees could still choose to keep their claims confidential. [...] Pichai also said Google would disclose trends about investigations and disciplinary actions and would create "one dedicated site" that included "live support" for people with complaints. Google would now also offer "extra care and resources" to employees, including counseling and "career support" and a "support person," the CEO added.

azcoyote shares a report from Reuters: Tesla director Robyn Denholm, a telecoms executive who has worked for Toyota, has been promoted to chairwoman of the electric car company, tasked with regulating billionaire Elon Musk's regime after months of turbulence. An Australian accountant, Denholm is currently finance chief at telecoms firm Telstra and replaces Musk after he was forced to relinquish the role as part of a deal to head off charges of fraud by the Securities and Exchange Commission.

While she will resign from Telstra to take the role full-time, some analysts expressed concern that she may not be clearly enough removed from Musk to rein in the billionaire's public outbursts and bring more order to Tesla. Denholm, 55, has been an independent director of Tesla since 2014 and the head of its audit committee. She was paid almost $5 million, mainly in stock options, by the company last year, making her the highest remunerated of its board members. "I personally hope Denholm renames it Reynholm Industries," Slashdot reader azcoyote adds.

As chipmakers struggle to keep up with Moore's law, they are increasingly looking for alternatives to boost computers' performance. "We're seeing Moore's law slowing," says Mark Papermaster, chief technology officer at chip designer AMD. "You're still getting more density but it costs more and takes longer. It's a fundamental change." Wired has a feature story which looks at those alternatives and the progress chipmakers have been able to make with them so far. From a report: AMD's Papermaster is part of an industry-wide effort around a new doctrine of chip design that Intel, AMD, and the Pentagon all say can help keep computers improving at the pace Moore's law has conditioned society to expect. The new approach comes with a snappy name: chiplets. You can think of them as something like high-tech Lego blocks. Instead of carving new processors from silicon as single chips, semiconductor companies assemble them from multiple smaller pieces of silicon -- known as chiplets. "I think the whole industry is going to be moving in this direction," Papermaster says. Ramune Nagisetty, a senior principal engineer at Intel, agrees. She calls it "an evolution of Moore's law."

Chip chiefs say chiplets will enable their silicon architects to ship more powerful processors more quickly. One reason is that it's quicker to mix and match modular pieces linked by short data connections than to painstakingly graft and redesign them into a single new chip. That makes it easier to serve customer demand, for example for chips customized to machine learning, says Nagisetty. New artificial-intelligence-powered services such as Google's Duplex bot that makes phone calls are enabled in part by chips specialized for running AI algorithms.

Chiplets also provide a way to minimize the challenges of building with cutting-edge transistor technology. The latest, greatest, and smallest transistors are also the trickiest and most expensive to design and manufacture with. In processors made up of chiplets, that cutting-edge technology can be reserved for the pieces of a design where the investment will most pay off. Other chiplets can be made using more reliable, established, and cheaper techniques. Smaller pieces of silicon are also inherently less prone to manufacturing defects.

Earlier this year, Mark Zuckerberg came under fire after he and other executives removed their Facebook messages from several recipients' inboxes. The move led many to question whether the company would give other users the option to unsend messages. According to Twitter user @MattNavarra, the answer is yes. The feature has been listed as "coming soon" in the release notes for version 191.0 of Messenger's iOS client. The Verge reports: Facebook Messenger will soon allow you to delete sent messages up to 10 minutes after you've originally sent them. Compared to the hour Facebook gives you to delete an erroneous WhatsApp message, 10 minutes doesn't give you too much time to correct yourself. But it's a lot better than having your mistakes preserved eternally.

At its Android Developer Summit today, Google detailed plans to bake support for folding phones into the mobile operating system. One of the first Android phones to hit the market with a foldable display looks to be from Samsung with a launch date of "early next year." TechCrunch reports: "You can think of the device as both a phone and a tablet," Android VP of Engineering Dave Burke explained. "Broadly, there are two variants -- two-screen devices and one-screen devices. When folded, it looks like a phone, fitting in your pocket or purse. The defining feature for this form factor is something we call screen continuity."

Among the additions here is the ability to flag the app to respond to the screen as it folds and unfolds -- the effect would likely be similar to the response of applications as handsets switch between portrait and landscape modes.

Unannounced, unadvertised freebie lands ahead of Microsoft's X018 conference. PUBG, the game that kicked off an international "battle royale" gaming sensation, is currently free for all Xbox One owners. From a report: Even if you do not have a paid Xbox Live Gold subscription, you can head to this link and claim what appears to be a permanent copy of the game for your Microsoft Account. Timed trials of Xbox One games tend to be exclusive treats for XBLG subscribers. Bizarrely, the Konami soccer game PES 2019, which launched at a standard $60 retail price point in August, is also free to claim as of today. (Here's that link.) Of course, there is the caveat that these games' giveaways could be yanked from accounts by Microsoft at any moment. In the meantime, we suggest clicking first, asking questions later. Update: Microsoft says the games will be free only till November 11.

Apple is not in talks "at any level" to settle its wide-ranging legal dispute with mobile chip maker Qualcomm, Reuters reported Wednesday, citing a source familiar with the matter. From the report: In the past, Apple used Qualcomm's modem chips in its flagship iPhone models to help them connect to wireless data networks. But early last year, Apple sued Qualcomm in federal court in San Diego, alleging that the chip company's practice of taking a cut of the selling price of phones as a patent license fee was illegal. The case is to go to trial early next year and has spawned related legal actions in other courts around the world. In July, Qualcomm's chief executive, Steve Mollenkopf, told investors on the company's quarterly earnings call that the two companies were in talks to resolve the litigation.

Amazon is shipping its first-ever printed holiday toy catalog, titled "A Holiday of Play," to millions of customers in the U.S. starting this month, the company said. From a report: "Amazon is excited to offer a new way for customers to shop for toys this holiday season," Amazon said in a statement. The catalog comes with a distinct retro look, invoking memories of old Toys "R" Us catalogs that made the now-defunct toy retailer so successful. Some of the featured toys come with a QR code, allowing readers to instantly scan and shop for more products. Readers can also scan the product images in the catalog with their Amazon App to get more information and add them to their shopping cart. The move is Amazon's latest in following the playbook of traditional brick-and-mortar retailers.

puddingebola shares a report: WLinux is a $20 open-source, Debian-based distribution, designed to run on Windows 10's Windows Subsystem for Linux (WSL). The WSL allows Windows 10 to run various GNU/Linux distros inside Windows as Microsoft Store apps, providing access to Ubuntu, openSUSE, Debian, Fedora, Kali Linux, and others. The WSL has disadvantages over a running a dedicated GNU/Linux system. For example, there's no official support for desktop environments or graphical applications, and I/O performance bottlenecks, but it is being improved over time. The developers of WLinux describe it as a "fast Linux terminal environment for developers", saying it is the first distribution to be "pre-configured and optimized to run specifically on Windows Subsystem for Linux". Announcing WLinux's availability, Microsoft program manager Tara Raj, called out the wlinux-setup tool, "which allows users to easily set up common developer toolchains, and removes unsupported features like systemd."

AT&T will alert a little more than a dozen customers within the next week or so that their service will be terminated due to copyright infringement, news outlet Axios reported, citing sources familiar with its plans. From the report: It's the first time AT&T has discontinued customer service over piracy allegations since having shaped its own piracy policies last year, which is significant given it just became one of America's major media companies. AT&T owns a content network after its purchase of Time Warner earlier this year, an entity now called WarnerMedia. Content networks are typically responsible for issuing these types of allegations to internet service providers (ISPs) for them to address with their customers.

Oracle's Internet Intelligence division has confirmed today the findings of a recently published academic paper that accused China of "hijacking the vital internet backbone of western countries." From a report: The research paper was authored by researchers from the US Naval War College and Tel Aviv University and it made quite a few waves online after it was published. Researchers accused China Telecom, one of China's biggest state-owned internet service providers, of hijacking and detouring internet traffic through its normally-closed internet infrastructure. Some security experts contested the research paper's findings because it didn't come from an authoritative voice in the world of internet BGP hijacks, but also because the paper touched on many politically sensitive topics, such as China's cyber-espionage activities and how China used BGP hijacks as a way to circumvent the China-US cyber pact of 2015. But today, Doug Madory, Director of Oracle's Internet Analysis division (formerly Dyn), confirmed that China Telecom has, indeed, engaged in internet traffic "misdirection." "I don't intend to address the paper's claims around the motivations of these actions," said Madori. "However, there is truth to the assertion that China Telecom (whether intentionally or not) has misdirected internet traffic (including out of the United States) in recent years."