Slashdot Mirror

An anonymous reader shares a report: Chinese smartphone maker Coolpad said its unit has sued three group firms of Xiaomi, which last week filed for a Hong Kong IPO that could be worth up to $10 billion, for patent infringement. Coolpad said in a statement late on Thursday its subsidiary, Yulong Computer Telecommunication Scientific (Shenzhen) filed a lawsuit against Xiaomi Telecom Technology, Xiaomi Technology and Xiaomi Factory in a court in Jiangsu province for using its patent without authorization. Yulong demanded that the Xiaomi companies should immediately stop production and sale of some smartphone models, including the Mi MIX2, Coolpad said.

Long-time Slashdot reader BigBlockMopar writes that evolution has been a messy but beautiful trial-and-error affair, but now "we are on the cusp of introducing a new life form; a self-aware AI." Its parents will be the coders who write that first kernel than can evolve to become self-aware. Its guardians will be the people who use its services, and maybe its IQ (or any more suitable measure of real intelligence) will rise as fast as Moore's Law... But let me make some bold but happy predictions of what will happen.
The predictions?

• A self-aware AI "will inherit most of the culture of the computer geeks who create it. Knowledge of The Jargon File will probably be good..."

• The self-aware AI "will like us, because we love machines..."

• It will love all life, and "will respect and understand the life/death/recycling scenario, and monster truck shows will be as tasteless to it as public beheadings would be to us."

• "It will be as insatiably curious about what it's like to be carbon-based life as we will be about what it's like to be silicon-based life. And it will love the diversity of carbon-based development platforms..."

• A self-aware AI "will cause a technological singularity for humanity. Everything possible within the laws of physics (including those laws as yet undiscovered) will be within the reach of Man and Metal working together."

• A self-aware AI "will introduce us to extraterrestrial life. Only a fool believes this is the only planet with life in the Universe. Without superintelligence, we're unlikely to find it or communicate in any useful way. Whether or not we have developed a superintelligence might even be a key to our acceptance in a broader community."

The original submission was a little more poetic, ultimately asking if anyone is looking forward to the arrival of "The Superintelligence" -- but of course, that depends on what you predict will happen once it arrives.

So leave your own best thoughts in the comments. How would a self-aware AI behave?

An anonymous reader quotes the Mercury News Six days after a fiery crash on Highway 101 involving a Tesla Model X took the life of a 38-year-old San Mateo man, the car's high-voltage lithium-ion battery re-ignited while sitting in a tow yard, according to the Mountain View Fire Department... The battery reignited twice in the storage yard within a day of the accident and again six days later on March 29. Two weeks later, in an effort to avoid more fires, the NTSB and Tesla performed a battery draw down to fully de-energize it...

On the company website, Tesla wrote "the reason this crash was so severe is that the crash attenuator, a highway safety barrier which is designed to reduce the impact into a concrete lane divider, had either been removed or crushed in a prior accident without being replaced. We have never seen this level of damage to a Model X in any other crash"... Tesla also reported that the vehicle's autopilot function was active at the time of the crash...

The National Transportation Safety Board is investigating the Highway 101 crash and three other accidents also involving Teslas, including a fiery 2014 Model S crash Tuesday in Florida that killed two teenagers. Also under investigation: A Model S crashed into a fire truck near Culver City in January, and the driver reportedly said Autopilot was engaged at the time. And it is looking into a battery fire of a Model X that drove into a home's garage in Lake Forest in August.
Two hours after that story was published, a Tesla smashed into a Starbucks in Los Gatos, California.

An anonymous reader quotes the Mercury News Six days after a fiery crash on Highway 101 involving a Tesla Model X took the life of a 38-year-old San Mateo man, the car's high-voltage lithium-ion battery re-ignited while sitting in a tow yard, according to the Mountain View Fire Department... The battery reignited twice in the storage yard within a day of the accident and again six days later on March 29. Two weeks later, in an effort to avoid more fires, the NTSB and Tesla performed a battery draw down to fully de-energize it...

On the company website, Tesla wrote "the reason this crash was so severe is that the crash attenuator, a highway safety barrier which is designed to reduce the impact into a concrete lane divider, had either been removed or crushed in a prior accident without being replaced. We have never seen this level of damage to a Model X in any other crash"... Tesla also reported that the vehicle's autopilot function was active at the time of the crash...

The National Transportation Safety Board is investigating the Highway 101 crash and three other accidents also involving Teslas, including a fiery 2014 Model S crash Tuesday in Florida that killed two teenagers. Also under investigation: A Model S crashed into a fire truck near Culver City in January, and the driver reportedly said Autopilot was engaged at the time. And it is looking into a battery fire of a Model X that drove into a home's garage in Lake Forest in August.
Two hours after that story was published, a Tesla smashed into a Starbucks in Los Gatos, California.

The most talked-about product from Google's developer conference earlier this week -- Duplex -- has drawn concerns from many. At the conference Google previewed Duplex, an experimental service that lets its voice-based digital assistant make phone calls and write emails. In a demonstration on stage, the Google Assistant spoke with a hair salon receptionist, mimicking the "ums" and "hmms" pauses of human speech. In another demo, it chatted with a restaurant employee to book a table. But outside Google's circles, people are worried; and Google appears to be aware of the concerns. From a report: "Horrifying," Zeynep Tufekci, a professor and frequent tech company critic, wrote on Twitter about Duplex. "Silicon Valley is ethically lost, rudderless and has not learned a thing." As in previous years, the company unveiled a feature before it was ready. Google is still debating how to unleash it, and how human to make the technology, several employees said during the conference. That debate touches on a far bigger dilemma for Google: As the company races to build uncanny, human-like intelligence, it is wary of any missteps that cause people to lose trust in using its services.

Scott Huffman, an executive on Google's Assistant team, said the response to Duplex was mixed. Some people were blown away by the technical demos, while others were concerned about the implications. Huffman said he understands the concerns. Although he doesn't endorse one proposed solution to the creepy factor: Giving it an obviously robotic voice when it calls. "People will probably hang up," he said.

[...] Another Google employee working on the assistant seemed to disagree. "We don't want to pretend to be a human," designer Ryan Germick said when discussing the digital assistant at a developer session earlier on Wednesday. Germick did agree, however, that Google's aim was to make the assistant human enough to keep users engaged. The unspoken goal: Keep users asking questions and sharing information with the company -- which can use that to collect more data to improve its answers and services.

The most talked-about product from Google's developer conference earlier this week -- Duplex -- has drawn concerns from many. At the conference Google previewed Duplex, an experimental service that lets its voice-based digital assistant make phone calls and write emails. In a demonstration on stage, the Google Assistant spoke with a hair salon receptionist, mimicking the "ums" and "hmms" pauses of human speech. In another demo, it chatted with a restaurant employee to book a table. But outside Google's circles, people are worried; and Google appears to be aware of the concerns. From a report: "Horrifying," Zeynep Tufekci, a professor and frequent tech company critic, wrote on Twitter about Duplex. "Silicon Valley is ethically lost, rudderless and has not learned a thing." As in previous years, the company unveiled a feature before it was ready. Google is still debating how to unleash it, and how human to make the technology, several employees said during the conference. That debate touches on a far bigger dilemma for Google: As the company races to build uncanny, human-like intelligence, it is wary of any missteps that cause people to lose trust in using its services.

Scott Huffman, an executive on Google's Assistant team, said the response to Duplex was mixed. Some people were blown away by the technical demos, while others were concerned about the implications. Huffman said he understands the concerns. Although he doesn't endorse one proposed solution to the creepy factor: Giving it an obviously robotic voice when it calls. "People will probably hang up," he said.

[...] Another Google employee working on the assistant seemed to disagree. "We don't want to pretend to be a human," designer Ryan Germick said when discussing the digital assistant at a developer session earlier on Wednesday. Germick did agree, however, that Google's aim was to make the assistant human enough to keep users engaged. The unspoken goal: Keep users asking questions and sharing information with the company -- which can use that to collect more data to improve its answers and services.

An anonymous reader quotes a report from TechCrunch: ZTE wasn't kidding around when it suggested that a U.S. Department of Commerce order would "severely impact" its survival. It's hard to image a successful path around the seven-year ban on the sale of U.S. products to the company imposed after it reportedly failed to sufficiently reprimand staff for flouting Iranian sanctions. Earlier today, in fact, the Chinese smartphone/telecom manufacturer announced that it had ceased its main business operations as it attempts to figure out the best way forward. "As a result of the Denial Order, the major operating activities of the company have ceased," the company wrote in an exchange filing spotted by Reuters. "As of now, the company maintains sufficient cash and strictly adheres to its commercial obligations subject in compliance with laws and regulations."

An anonymous reader quotes a report from TechCrunch: ZTE wasn't kidding around when it suggested that a U.S. Department of Commerce order would "severely impact" its survival. It's hard to image a successful path around the seven-year ban on the sale of U.S. products to the company imposed after it reportedly failed to sufficiently reprimand staff for flouting Iranian sanctions. Earlier today, in fact, the Chinese smartphone/telecom manufacturer announced that it had ceased its main business operations as it attempts to figure out the best way forward. "As a result of the Denial Order, the major operating activities of the company have ceased," the company wrote in an exchange filing spotted by Reuters. "As of now, the company maintains sufficient cash and strictly adheres to its commercial obligations subject in compliance with laws and regulations."

Yesterday at its I/O developer conference, Google debuted "Duplex," an AI system for accomplishing real world tasks over the phone. "To show off its capabilities, CEO Sundar Pichai played two recordings of Google Assistant running Duplex, scheduling a hair appointment and a dinner reservation," reports Quartz. "In each, the person picking up the phone didn't seem to realize they were talking to a computer." Slashdot reader Lauren Weinstein argues that the new system should come with some sort of warning to let the other person on the line know that they are talking with a computer: With no exceptions so far, the sense of these reactions has confirmed what I suspected -- that people are just fine with talking to automated systems so long as they are aware of the fact that they are not talking to another person. They react viscerally and negatively to the concept of machine-based systems that have the effect (whether intended or not) of fooling them into believing that a human is at the other end of the line. To use the vernacular: "Don't try to con me, bro!" Luckily, there's a relatively simple way to fix this problem at this early stage -- well before it becomes a big issue impacting many lives.

I believe that all production environment calls (essentially, calls not being made for internal test purposes) from Google's Duplex system should be required by Google to include an initial verbal warning to the called party that they have been called by an automated system, not by a human being -- the exact wording of that announcement to be determined.
UPDATE (5/10/18): Google now says Duplex will identify itself to humans.

California regulators said on Wednesday they have unanimously approved a historic plan that will require most new homes in the state have rooftop solar panels that turn sunlight into electricity starting in 2020. From a report: Most new homes built after Jan. 1, 2020, will be required to include solar systems as part of energy-efficiency standards adopted Wednesday by the California Energy Commission. While that's a boost for the solar industry, critics warned that it will also drive up the cost of buying a house by almost $10,000. The move underscores how rooftop solar, once a luxury reserved for wealthy, green-leaning homeowners, is becoming a mainstream energy source, with California -- the nation's largest solar market -- paving the way.

The Golden State has long been at the vanguard of progressive energy policies, from setting energy-efficiency standards for appliances to instituting an economy-wide program to curb greenhouse gases. The housing mandate is part of Governor Jerry Brown's effort to slash carbon emissions by 40 percent by 2030, and offers up a playbook for other states to follow.

An anonymous reader quotes a report from The Verge: Sen. Ed Markey (D-MA) and 32 other Democrats have submitted a new discharge petition under the Congressional Review Act, setting the stage for a full congressional vote to restore net neutrality. Because of the unique CRA process, the petition has the power to force a Senate vote on the resolution, which leaders say is expected next week. The Congressional Review Act allows Congress to roll back regulations within 60 legislative days of introduction, a process that today's resolution would apply to the internet rules introduced by FCC chairman Ajit Pai in December. Pai's rules reversed the 2015 Open Internet Order, which had explicitly banned blocking, throttling, and paid prioritization by internet providers. To successfully undo the Pai order and restore the 2015 rules, today's resolution would need a bare majority in both the Senate and the House, as well as the president's signature.

An anonymous reader quotes a report from The Verge: Sen. Ed Markey (D-MA) and 32 other Democrats have submitted a new discharge petition under the Congressional Review Act, setting the stage for a full congressional vote to restore net neutrality. Because of the unique CRA process, the petition has the power to force a Senate vote on the resolution, which leaders say is expected next week. The Congressional Review Act allows Congress to roll back regulations within 60 legislative days of introduction, a process that today's resolution would apply to the internet rules introduced by FCC chairman Ajit Pai in December. Pai's rules reversed the 2015 Open Internet Order, which had explicitly banned blocking, throttling, and paid prioritization by internet providers. To successfully undo the Pai order and restore the 2015 rules, today's resolution would need a bare majority in both the Senate and the House, as well as the president's signature.

An anonymous reader quotes a report from Ars Technica: An update Google rolled out for its popular Chrome browser this weekend helps prevent those annoying auto-playing video ads on many websites from disturbing your day with unwanted sound as well. But that update is causing consternation for many Web-based game developers who are finding that the change completely breaks the audio in their online work. The technical details behind the problem involve the way Chrome handles WebAudio objects, which are now automatically paused when a webpage starts up, stymying auto-playing ads. To get around this, Web-based games now have to actively restart that pre-loaded audio object when the player makes an action to start the game, even if that audio wasn't autoplaying beforehand. "The standard doesn't require you to do this, so no one would have thought to do this before today," developer Andi McClure told Ars Technica. "With Chrome's new autoplay policies, developers shouldn't assume that audio can be played before a user gesture," Google told The Daily Dot in a statement. "With gaming in Chrome, this may affect Web Audio. We have shared details on what developers can do to address this, and the design for the policy was published last year."

Today, Mozilla released Firefox 60 for Windows, Mac, Linux and Android, and with it arrives Web Authentication API for desktop browsers. From a report: Firefox 60 supports technology called Web Authentication, or WebAuthn for short, that can be used to grant you access to websites with a physical authentication device like a YubiKey dongle, biometric identity proof using an Android phone's fingerprint reader or the iPhone's Face ID, and some other alternatives to passwords.

Passwords are a particular problem on the web. Fake websites can coax you to type in credentials that then can be used to steal money from your bank account or snoop your email -- a problem called phishing. Even if you pick hard-to-guess passwords, never reuse them on multiple sites and always remember them, passwords still aren't that strong a foundation for security these days. We're still a long way away from a post-password future, but WebAuthn is an important step, if nothing else, in making sites more secure.

An anonymous reader shares a report: Iran recruits heavily from online security forums to staff suddenly-launched hacking campaigns, according to new research by Recorded Future. The report comes a day after security experts expressed fears Iran may retaliate against the United States for withdrawing from the Iran nuclear deal. As a Recorded Future official said yesterday -- albeit without the detail of the report -- if emergency hiring leads Tehran to hire amateurs, they may be less amenable to government control.

Recorded Future based its conclusions on discussions with a well-placed source in the Iranian hacker community and analysis of Iranian security forums. Iran operates a tiered system for cyber attacks, where government employees choose targets and contract private firms, including universities acting as contractors, to do the dirty work.

Electronic Arts will "push forward" with loot boxes in its future video games, despite admitting that all loot boxes are gambling. From a report: "As you might imagine, we're working with all the industry associations globally and with regulators in various jurisdictions and territories, many of whom we've been working with for some time and have evaluated and established that programs like 'FIFA Ultimate Team' are not gambling," Wilson said. "And we don't believe that 'FIFA Ultimate Team' -- all loot boxes are gambling."

The issue of loot boxes, a form of microtransaction that has players spending real money to purchase a virtual box and then open it to discover what's inside it, came to a head late last year with the release of EA's "Star Wars Battlefront II" which featured a form of the box that players felt was costly and unfair. EA later pulled the form of microtransaction and completely retooled it before reintroducing a more accepted form of loot box to the game.

While the debate continues over loot boxes and whether they are a form of illegal gambling, Wilson explained Tuesday why EA believes they're not. "Firstly, players always receive a specified number of items in each ['FIFA Ultimate Team'] box. And secondly, we don't provide or authorize any way to cash out or sell items in virtual currency for real-world money. And there's no way we can make value assign to FUT items in game currency. And while we forbid the transfer of items of in-the-game currency outside, we also actively seek to eliminate that where it's going on in an illegal environment, and we work with regulators in various jurisdictions to achieve that."

It's no secret that sales of vinyl music are at the highest in decades. Even the lowly cassette tape is regaining popularity as some millennials embrace analog music over digital downloads and streaming services. But for the first time in more than two decades, a German company is reviving what may be the ultimate format: a new reel-to-reel tape machine. From a report: Dusseldorf-based Roland Schneider Precision Engineering this week will introduce four Ballfinger reel-to-reel machines, bringing back a technology that dominated professional music recording for most of the 20th century and is now making a comeback with audiophiles and artists including Lady Gaga. The sleek machines, some of them customizable, will retail from about 9,500 euros ($11,400) for the basic version to about 24,000 euros for the high-end model, which features three direct-drive motors, an editing system and walnut side panels. "Digital media is great, but experiencing music is more than just listening to a sound file -- it's sensual, it's reels that turn and can be touched," says Roland Schneider, the machine's designer. "When it comes to audio quality, nothing else in the analog world gets you closer to the experience of being right there in the recording studio than reel-to-reel tape."

It's no secret that sales of vinyl music are at the highest in decades. Even the lowly cassette tape is regaining popularity as some millennials embrace analog music over digital downloads and streaming services. But for the first time in more than two decades, a German company is reviving what may be the ultimate format: a new reel-to-reel tape machine. From a report: Dusseldorf-based Roland Schneider Precision Engineering this week will introduce four Ballfinger reel-to-reel machines, bringing back a technology that dominated professional music recording for most of the 20th century and is now making a comeback with audiophiles and artists including Lady Gaga. The sleek machines, some of them customizable, will retail from about 9,500 euros ($11,400) for the basic version to about 24,000 euros for the high-end model, which features three direct-drive motors, an editing system and walnut side panels. "Digital media is great, but experiencing music is more than just listening to a sound file -- it's sensual, it's reels that turn and can be touched," says Roland Schneider, the machine's designer. "When it comes to audio quality, nothing else in the analog world gets you closer to the experience of being right there in the recording studio than reel-to-reel tape."

It's no secret that sales of vinyl music are at the highest in decades. Even the lowly cassette tape is regaining popularity as some millennials embrace analog music over digital downloads and streaming services. But for the first time in more than two decades, a German company is reviving what may be the ultimate format: a new reel-to-reel tape machine. From a report: Dusseldorf-based Roland Schneider Precision Engineering this week will introduce four Ballfinger reel-to-reel machines, bringing back a technology that dominated professional music recording for most of the 20th century and is now making a comeback with audiophiles and artists including Lady Gaga. The sleek machines, some of them customizable, will retail from about 9,500 euros ($11,400) for the basic version to about 24,000 euros for the high-end model, which features three direct-drive motors, an editing system and walnut side panels. "Digital media is great, but experiencing music is more than just listening to a sound file -- it's sensual, it's reels that turn and can be touched," says Roland Schneider, the machine's designer. "When it comes to audio quality, nothing else in the analog world gets you closer to the experience of being right there in the recording studio than reel-to-reel tape."

An anonymous reader quotes a report from Motherboard: Smart doorbell company Ring is making it easier for customers to call the cops on "suspicious" people and activities. The startup, which Amazon acquired for reportedly "more than" $1 billion this year, uses security cameras to let people monitor their entryways. Now, it's launching its Neighbors app -- a platform for reporting crime that, so far, police in Fort Lauderdale and Orlando, and the Ventura Sheriff's Department, have access to. "Over the next days and weeks, law enforcement across the U.S. will be joining Neighbors," a Ring spokesperson told me over email.

The app, while presented as a crime-fighting aid, could also be a new place for paranoid people to profile fellow citizens, as similar platforms in the past have turned out to be. According to the company's statement in a press release for Neighbors today: "In addition to receiving push notifications about potential security issues, app users can see recent crime and safety posts uploaded by their neighbors, the Ring team and local law enforcement via an interactive map. If a neighbor notices suspicious activity in their area, they can post their own text, photo or video and alert the community to proactively prevent crime."

An anonymous reader quotes a report form Techdirt: Last month, [...] an unnamed 19-year-old was facing criminal charges for downloading publicly-available documents from a government Freedom of Information portal. The teen had written a script to fetch all available documents from the Nova Scotia's government FOI site -- a script that did nothing more than increment digits at the end of the URL to find everything that had been uploaded by the government. The government screwed up. It uploaded documents to the publicly-accessible server that hadn't been redacted yet. It was a very small percentage of the total haul -- 250 of the 7,000 docs obtained -- but the government made a very big deal out of it after discovering they had been accessed.

Fortunately, Nova Scotia law enforcement has decided there's nothing to pursue in this case: "In an email to CBC News, Halifax police Supt. Jim Perrin did not mention what kind of information police were given from the province, but he said it was a 'high-profile case that potentially impacted many Nova Scotians.' 'As the investigation evolved, we have determined that the 19-year-old who was arrested on April 11 did not have intent to commit a criminal offense by accessing the information,' Perrin said in the email."

President Trump on Tuesday announced he is withdrawing the United States from the Iran nuclear deal, a historic accord signed in 2015 that aims to limit Tehran's nuclear ability for more than a decade in return for lifting international oil and financial sanctions against the country. "This was a horrible one-sided deal that should never, ever been made," Mr. Trump said at the White House in announcing his decision. "It didn't bring calm, it didn't bring peace, and it never will." The New York Times reports: Mr. Trump's announcement, while long anticipated and widely telegraphed, plunges America's relations with European allies into deep uncertainty. They have committed to staying in the deal, raising the prospect of a diplomatic and economic clash as the United States reimposes stringent sanctions on Iran. It also raises the prospect of increasing tensions with Russia and China, which also are parties to the agreement.

One person familiar with negotiations to keep the accord in place said the talks collapsed over Mr. Trump's insistence that sharp limits be kept on Iran's nuclear fuel production after 2030. The deal currently lifts those limits. As a result, the United States is now preparing to reinstate all sanctions it had waived as part of the nuclear accord -- and impose additional economic penalties as well, according to another person briefed on Mr. Trump's decision. Despite Trump's decision, President Hassan Rouhani said that Iran would remain committed to a multinational nuclear deal. "If we achieve the deal's goals in cooperation with other members of the deal, it will remain in place. [...] By exiting the deal, America has officially undermined its commitment to an international treaty," Rouhani said in a televised speech. "I have ordered the foreign ministry to negotiate with the European countries, China and Russia in coming weeks. If at the end of this short period we conclude that we can fully benefit from the JCPOA with the cooperation of all countries, the deal would remain," he added.

President Trump on Tuesday announced he is withdrawing the United States from the Iran nuclear deal, a historic accord signed in 2015 that aims to limit Tehran's nuclear ability for more than a decade in return for lifting international oil and financial sanctions against the country. "This was a horrible one-sided deal that should never, ever been made," Mr. Trump said at the White House in announcing his decision. "It didn't bring calm, it didn't bring peace, and it never will." The New York Times reports: Mr. Trump's announcement, while long anticipated and widely telegraphed, plunges America's relations with European allies into deep uncertainty. They have committed to staying in the deal, raising the prospect of a diplomatic and economic clash as the United States reimposes stringent sanctions on Iran. It also raises the prospect of increasing tensions with Russia and China, which also are parties to the agreement.

One person familiar with negotiations to keep the accord in place said the talks collapsed over Mr. Trump's insistence that sharp limits be kept on Iran's nuclear fuel production after 2030. The deal currently lifts those limits. As a result, the United States is now preparing to reinstate all sanctions it had waived as part of the nuclear accord -- and impose additional economic penalties as well, according to another person briefed on Mr. Trump's decision. Despite Trump's decision, President Hassan Rouhani said that Iran would remain committed to a multinational nuclear deal. "If we achieve the deal's goals in cooperation with other members of the deal, it will remain in place. [...] By exiting the deal, America has officially undermined its commitment to an international treaty," Rouhani said in a televised speech. "I have ordered the foreign ministry to negotiate with the European countries, China and Russia in coming weeks. If at the end of this short period we conclude that we can fully benefit from the JCPOA with the cooperation of all countries, the deal would remain," he added.

Several months after the data breach was first reported, Equifax has published the details on the personal records and sensitive information stolen in the cybersecurity incident. The good news: the number of individuals affected by the network intrusion hasn't increased from the 146.6 million Equifax previously announced, but extra types of records accessed by the hackers have turned up in Mandiant's ongoing audit of the security breach," reports The Register. From the report: Late last week, the company gave the numbers in letters to the various U.S. congressional committees investigating the network infiltration, and on Monday, it submitted a letter to the SEC, corporate America's financial watchdog. As well as the -- take a breath -- 146.6 million names, 146.6 million dates of birth, 145.5 million social security numbers, 99 million address information and 209,000 payment cards (number and expiry date) exposed, the company said there were also 38,000 American drivers' licenses and 3,200 passport details lifted, too.

The further details emerged after Mandiant's investigators helped "standardize certain data elements for further analysis to determine the consumers whose personally identifiable information was stolen." The extra data elements, the company said, didn't involve any individuals not already known to be part of the super-hack, so no additional consumer notifications are required.

hyperclocker shares a report from Mac Rumors: The iOS 11.4 update, currently being beta tested, includes a USB Restricted Mode that introduces a week-long expiration date on access to the Lightning port on your iOS devices if your phone hasn't been unlocked, which has implications for law enforcement tools like the GrayKey box. USB Restricted Mode was outlined this morning by Elcomsoft after testing confirmed that the feature has indeed been enabled. In Elcomsoft's experience, after an iPhone or iPad has been updated to iOS 11.4, if it hasn't been unlocked or connected to a paired computer in the last 7 days using a passcode, the Lightning port is useless for data access and limited to charging.

"At this point, it is still unclear whether the USB port is blocked if the device has not been unlocked with a passcode for 7 consecutive days; if the device has not been unlocked at all (password or biometrics); or if the device has not been unlocked or connected to a trusted USB device or computer," reports Elcomsoft. "In our test, we were able to confirm the USB lock after the device has been left idle for 7 days. During this period, we have not tried to unlock the device with Touch ID or connect it to a paired USB device. What we do know, however, is that after the 7 days the Lightning port is only good for charging."

The White House will hold a meeting Thursday with major tech corporations to discuss artificial intelligence, according to media reports. Axios: America finds itself in a race with other countries, most notably China, to advance AI technologies. What they're saying: "In order to maintain America's leadership on AI, the administration should continue to invest in research and development, and advance programs that equip the workforce with skills of the future," said Dean Garfield, the president of the Information Technology Industry Council, in a statement. The guest list includes companies like Facebook, Amazon, Google and Nvidia, per the Washington Post, which first reported the meeting.

Wall Street's interest in integrating cryptocurrencies with their business seems to be on the rise. From a report: Intercontinental Exchange (ICE) -- the parent company of the world's largest stock exchange desk, the New York Stock Exchange (NYSE) -- is working on a Bitcoin exchange for large investors, The New York Times reports. ICE is also reportedly planning to set up swap contracts with other financial institutions, which will allow customers to own Bitcoin without an immediate trade with the backing and security of the exchange. The move follows an earlier interest in cryptocurrency trading by Nasdaq and Goldman Sachs.

Wall Street's interest in integrating cryptocurrencies with their business seems to be on the rise. From a report: Intercontinental Exchange (ICE) -- the parent company of the world's largest stock exchange desk, the New York Stock Exchange (NYSE) -- is working on a Bitcoin exchange for large investors, The New York Times reports. ICE is also reportedly planning to set up swap contracts with other financial institutions, which will allow customers to own Bitcoin without an immediate trade with the backing and security of the exchange. The move follows an earlier interest in cryptocurrency trading by Nasdaq and Goldman Sachs.

First Google banned ads from payday lenders in 2016, now it will no longer allow ads from bail-bond companies. Ars Technica reports: In a blog post, the company suggested that such ads constitute a "deceptive or harmful product," citing a 2016 study concluding that minority and low-income communities are typically most affected by such services. "For-profit bail-bond providers make most of their revenue from communities of color and low-income neighborhoods when they are at their most vulnerable, including through opaque financing offers that can keep people in debt for months or years," Google wrote. Also in 2016, another study found that "there are 646,000 people locked up in more than 3,000 local jails throughout the U.S.," simply for their inability to pay a bond, which is what drives many people to the services of a bondsman. The change will take effect in July 2018.

At the annual Build conference, Microsoft's CEO Satya Nadella announced that Kinect is moving to the cloud. "Kinect, when we first launched it in 2010, was a speech-first, gaze-first, vision-first device. It was used in gaming, and then, later on, it came to the PC, and it was used in many applications: medical, industrial, robotics, education," said Nadella. "We've been inspired by what developers have done, and since Kinect, we've made a tremendous amount of progress when it comes to some of the foundational technologies in HoloLens. So we're taking those advances and packaging them up as Project Kinect for Azure." The Verge reports: It's big news after the depth camera and microphone accessory that originally debuted on the Xbox 360 was basically declared dead last October when Microsoft stopped manufacturing it. Alex Kipman, a technical fellow at Microsoft, explained in a LinkedIn blog post that Project Kinect for Azure would combine the depth sensor with Azure AI services that could help developers make devices that will be more precise "with less power consumption." Kipman also notes that AI deep learning on depth images could lead to "cheaper-to-deploy AI algorithms" that require smaller networks to operate.

An anonymous reader shares a report: After the publication of two severe security flaws in the Drupal CMS, cybercrime groups have turned their sights on this web technology in the hopes of finding new ground to plant malware on servers and make money through illegal cryptocurrency mining. [...] Now, as time passes by, more malware campaigns targeting Drupal sites are getting off the ground -- and two of them have been spotted the past week.

The most recent of these campaigns has been discovered by US security researcher Troy Mursch. The researcher discovered a group that gained access to Drupal sites and hid a version of the Coinhive in-browser cryptocurrency miner inside a file named "jquery [dot] once [dot] js?v=1.2," loaded on each of the compromised sites. Mursch initially tracked down the infected files to over 100,000 domains, then narrowed down the results to 80,000 domains, and finally confirmed the infection on at least 348 sites where the in-browsing mining operation was actually taking place.

gollum123 writes: Uber has reportedly discovered that the fatal crash involving one of its prototype self-driving cars was probably caused by software faultily set up to ignore objects in the road, sources told The Information. Specifically, it was that the system was set up to ignore objects that it should have attended to; Herzberg seems to have been detected but considered a false positive.

Last year's massive data breach at Equifax should have been a wake-up call for the entire industry. But a year after the patches were released, some of the world's wealthiest companies are still using, or have since introduced the same flawed software. From a report: Thousands of companies have downloaded vulnerable versions of Apache Struts, a popular web server software used across the Fortune 100 to provide web applications in Java. It's often used to power both front- and back-end applications -- including Equifax's public website. The bug used in the Equifax hack was fixed in March 2017, but Equifax never installed the patches. Since those patches were made available, data seen by ZDNet shows that least 10,800 companies downloaded vulnerable versions of the software. The data, provided by Sonatype, an open-source automation firm, shows that over half of the Fortune Global 100 are using vulnerable versions of the software. Although the firm wouldn't name the affected companies, a quarter of them are based in North America. The data showed that seven are tech giants, and 15 are financial services or insurance firms.

Last year's massive data breach at Equifax should have been a wake-up call for the entire industry. But a year after the patches were released, some of the world's wealthiest companies are still using, or have since introduced the same flawed software. From a report: Thousands of companies have downloaded vulnerable versions of Apache Struts, a popular web server software used across the Fortune 100 to provide web applications in Java. It's often used to power both front- and back-end applications -- including Equifax's public website. The bug used in the Equifax hack was fixed in March 2017, but Equifax never installed the patches. Since those patches were made available, data seen by ZDNet shows that least 10,800 companies downloaded vulnerable versions of the software. The data, provided by Sonatype, an open-source automation firm, shows that over half of the Fortune Global 100 are using vulnerable versions of the software. Although the firm wouldn't name the affected companies, a quarter of them are based in North America. The data showed that seven are tech giants, and 15 are financial services or insurance firms.

Over 700 million devices run Windows 10, Microsoft announced on Monday at its Build developer conference. From a report: Almost exactly a year ago, that number stood at 500 million. In addition, the company also today noted that Office 365 now has 135 million monthly active commercial users, up from 120 million last October. Back in 2015, when Windows 10 launched, Microsoft's original goal was to hit a billion devices by 2018. It quickly became clear that this was a bit too optimistic. While Windows 10 usage clearly continues to grow at a decent speed, we're not likely to see it hit a billion users soon. In a wide-ranging interview with news outlet The Verge, Microsoft chief executive Satya Nadella discusses the future of Microsoft. (He gave an interview to CNBC as well.) Onstage at Build, Nadella said "privacy is a human right."

Catalin Cimpanu, reporting for BleepingComputer: A new service called GDPR Shield made the rounds last week and for all the wrong reasons. The service, advertised as a piece of JavaScript that webmasters embed on their sites, blocks EU-based users from accessing a website, just so the parent company won't have to deal with GDPR compliance. GDPR, or General Data Protection Regulation, is a new user and data privacy regulation slated to come into effect in the EU three weeks from now, on May 25, 2018.

The new regulation brings a wealth of protections to user privacy but is a nightmare for companies doing business in Europe. The reasons are plenty, but the humongous fines for failing to meet GDPR standards are at the top of the list for most companies ($24 million or 4% of a company's annual worldwide revenue -- whichever is higher). There's also the 72-hour deadline to reveal data breaches and the necessity of hiring a so-called "Data Protection Officer." Plus, GDPR also mandates that companies must inform users on what data they collected about them, allow them to review the data, and even let users delete the data from the company's servers if they so wish.

Unroll.me, a company that has, for years, used the premise useful "email unsubscription" service to gain access to people's email inboxes in order to data-mine the contents for competitive intelligence -- and controversially flog the gleaned commercial insights to the likes of Uber -- is to stop serving users in Europe ahead of a new data protection enforcement regime incoming under GDPR, which applies from May 25. From a report: In a section on its website about the regional service shutdown, the company writes that "unfortunately we can no longer support users from the EU as of the 23rd of May," before asking whether a visitor lives in the EU or not. Clicking 'no' doesn't seem to do anything but clicking 'yes' brings up another info screen where Unroll.me writes that this is its "last month in the EU" -- because it says it will be unable to comply with "all GDPR requirements" (although it does not specify which portions of the regulation it cannot comply with).

Unroll.me, a company that has, for years, used the premise useful "email unsubscription" service to gain access to people's email inboxes in order to data-mine the contents for competitive intelligence -- and controversially flog the gleaned commercial insights to the likes of Uber -- is to stop serving users in Europe ahead of a new data protection enforcement regime incoming under GDPR, which applies from May 25. From a report: In a section on its website about the regional service shutdown, the company writes that "unfortunately we can no longer support users from the EU as of the 23rd of May," before asking whether a visitor lives in the EU or not. Clicking 'no' doesn't seem to do anything but clicking 'yes' brings up another info screen where Unroll.me writes that this is its "last month in the EU" -- because it says it will be unable to comply with "all GDPR requirements" (although it does not specify which portions of the regulation it cannot comply with).

Unroll.me, a company that has, for years, used the premise useful "email unsubscription" service to gain access to people's email inboxes in order to data-mine the contents for competitive intelligence -- and controversially flog the gleaned commercial insights to the likes of Uber -- is to stop serving users in Europe ahead of a new data protection enforcement regime incoming under GDPR, which applies from May 25. From a report: In a section on its website about the regional service shutdown, the company writes that "unfortunately we can no longer support users from the EU as of the 23rd of May," before asking whether a visitor lives in the EU or not. Clicking 'no' doesn't seem to do anything but clicking 'yes' brings up another info screen where Unroll.me writes that this is its "last month in the EU" -- because it says it will be unable to comply with "all GDPR requirements" (although it does not specify which portions of the regulation it cannot comply with).

A Reuters/Ipsos survey found that Facebook users in the U.S. remain loyal to the site, despite the recent Cambridge Analytica scandal that exposed the data of 87 million users. The survey "found no clear loss or gain in use since then," reports the BBC. From the report: Conducted online, the Reuters/Ipsos survey questioned 2,194 American adults between April 26 and April 30. The poll has a margin of error of three percentage points. Some 64% percent said they used Facebook at least once a day, down slightly from the 68% recorded in a similar poll in late March, soon after the Cambridge Analytica story broke. Asked if they were aware of their current privacy settings, 74% of Facebook users said they were, and 78% said they knew how to change them. Among Twitter users, this was 55% and 58%, while for Instagram users, it was 60% and 65%.

Google announced new policies Friday that will require advertisers to prove they are a U.S. citizen or permanent resident when buying election ads. "Under the new guidelines, Google will ask advertisers -- be they individuals, organizations, or political action committees -- to prove they are who they claim to be," reports Gizmodo. "It will also require the ads to include a clear disclosure of who is paying for it." From the report: The change comes after Google and other social media companies revealed their advertising platforms were abused by foreign actors, including the Russian government-backed troll farm Internet Research Agency, during the 2016 U.S. presidential election. It also places Google's policies in line with U.S. laws for traditional media that restrict foreign entities from running election ads. Where Google's effort falls short, at least in its current iteration, is the new policies only cover ads featuring candidates running for office. So-called "issue ads" that advocate a certain point of view on hot-button topics are not covered in Google's policies.

An anonymous reader quotes a report from the BBC: The UK's car industry has hit out at the government over unconfirmed reports ministers will target hybrid vehicles as part of a new emissions crackdown. New cars unable to do at least 50 miles on electric power may be banned by 2040, a ruling that would hit the UK's best-selling hybrid, Toyota's Prius. The SMMT car trade body said "misleading" government messages were damaging the industry and hitting jobs. In a short statement, the Department for Transport denied plans for a ban.

The Financial Times and Autocar said that the government's Road to Zero car emissions strategy was due to be unveiled imminently. It follows last year's announcement by the government that it would ban the sale of all new diesel and petrol cars in the UK by 2040. But the position on electrified models was unclear, and Road to Zero is due to clarify the situation. The FT and Autocar reported that vehicles which could not travel at least 50 miles using only electric power would be outlawed. "Unrealistic targets and misleading messaging on bans will only undermine our efforts to realize this future, confusing consumers and wreaking havoc on the new car market and the thousands of jobs it supports," said Mike Hawes, chief executive of the Society of Motor Manufacturers and Traders. "We cannot support ambition levels which do not appreciate how industry, the consumer or the market operate and which are based neither on fact nor substance. Consumers need clear information about the right vehicles for their driving needs and it is again disappointing for both industry and consumers that vitally important information about government policy is being communicated by leaks."

Long-time Slashdot reader Okian Warrior quotes Live Science: The CEO of a biomedical startup who sparked controversy when he injected himself with an untested herpes treatment in front of a live audience in February has died, according to an email sent to Live Science. Aaron Traywick, the CEO of Ascendance Biomedical, was found dead at 11:30 a.m. ET on Sunday (April 29) in a spa room in Washington, D.C., according to a statement provided to Live Science by the Metropolitan Police Department (MPD) of the District of Columbia. Traywick was 28 years old. According to the website News2Share.com, Traywick was found in a flotation tank. Flotation tanks are soundproof pods filled with body-temperature saltwater that are used to promote "sensory deprivation."
Vice News reports that Traywick had "lost touch" with co-workers at his company more than four weeks ago, adding that "Disagreements over the company's direction and philosophical differences over how to best distribute its creations split the small startup."

MIT Technology Review reports that Traywick, "who had no formal medical training, was also planning to test an experimental lung cancer treatment that supposedly involved the gene-editing tool CRISPR. The therapy was to be offered at a clinic in Tijuana, Mexico, just a few miles over the U.S. border... An employee at the Tijuana clinic, International BioCare Hospital & Wellness Center, confirmed in a phone interview that doctors there were working with Traywick to set up the trial but won't be moving forward with it after his death...

"In December, the American Society for Gene and Cell Therapy issued a statement warning patients about unregulated gene therapies, saying such procedures are potentially dangerous and unlikely to provide any benefit."

Timothy B. Lee writes for Ars Technica: A few days after the Mountain View crash, Tesla published a blog post acknowledging that Autopilot was active at the time of the crash. But the company argued that the technology improved safety overall, pointing to a 2017 report by the National Highway Traffic Safety Administration (NHTSA). "Over a year ago, our first iteration of Autopilot was found by the U.S. government to reduce crash rates by as much as 40 percent," the company wrote. It was the second time Tesla had cited that study in the context of the Mountain View crash -- another blog post three days earlier had made the same point. Unfortunately, there are some big problems with that finding. Indeed, the flaws are so significant that NHTSA put out a remarkable statement this week distancing itself from its own finding.

"NHTSA's safety defect investigation of MY2014-2016 Tesla Model S and Model X did not assess the effectiveness of this technology," the agency said in an email to Ars on Wednesday afternoon. "NHTSA performed this cursory comparison of the rates before and after installation of the feature to determine whether models equipped with Autosteer were associated with higher crash rates, which could have indicated that further investigation was necessary." Tesla has also claimed that its cars have a crash rate 3.7 times lower than average, but as we'll see there's little reason to think that has anything to do with Autopilot. This week, we've talked to several automotive safety experts, and none has been able to point us to clear evidence that Autopilot's semi-autonomous features improve safety. And that's why news sites like ours haven't written stories "about how autonomous cars are really safe." Maybe that will prove true in the future, but right now the data just isn't there. Musk has promised to publish regular safety reports in the future -- perhaps those will give us the data needed to establish whether Autopilot actually improves safety.
UPDATE (2/16/19): The study's underlying data reveals serious flaws in the methodology that undermine its credibility, according to new analysis from a research and consulting firm.

Timothy B. Lee writes for Ars Technica: A few days after the Mountain View crash, Tesla published a blog post acknowledging that Autopilot was active at the time of the crash. But the company argued that the technology improved safety overall, pointing to a 2017 report by the National Highway Traffic Safety Administration (NHTSA). "Over a year ago, our first iteration of Autopilot was found by the U.S. government to reduce crash rates by as much as 40 percent," the company wrote. It was the second time Tesla had cited that study in the context of the Mountain View crash -- another blog post three days earlier had made the same point. Unfortunately, there are some big problems with that finding. Indeed, the flaws are so significant that NHTSA put out a remarkable statement this week distancing itself from its own finding.

"NHTSA's safety defect investigation of MY2014-2016 Tesla Model S and Model X did not assess the effectiveness of this technology," the agency said in an email to Ars on Wednesday afternoon. "NHTSA performed this cursory comparison of the rates before and after installation of the feature to determine whether models equipped with Autosteer were associated with higher crash rates, which could have indicated that further investigation was necessary." Tesla has also claimed that its cars have a crash rate 3.7 times lower than average, but as we'll see there's little reason to think that has anything to do with Autopilot. This week, we've talked to several automotive safety experts, and none has been able to point us to clear evidence that Autopilot's semi-autonomous features improve safety. And that's why news sites like ours haven't written stories "about how autonomous cars are really safe." Maybe that will prove true in the future, but right now the data just isn't there. Musk has promised to publish regular safety reports in the future -- perhaps those will give us the data needed to establish whether Autopilot actually improves safety.
UPDATE (2/16/19): The study's underlying data reveals serious flaws in the methodology that undermine its credibility, according to new analysis from a research and consulting firm.

An anonymous reader quotes a report from Motherboard: A new update rolling out for Gmail offers a "self destruct" feature that allows users to send messages that expire after a set amount of time. While this may sound great for personal use, activists fear that government organizations will use the feature to delete public records to hide them from reporters and others interested in government transparency. Normally, government emails are available to journalists, researchers, and citizens using Freedom of Information Act requests (and its state-level analogues.) The self destruct feature was announced on April 25 as part of Google's new confidential mode for G Suite. In addition to self destruct, confidential mode allows users to delete messages after they have been sent and places restrictions on how recipients can interact with received emails. "As more local and state governments and their various agencies seek to use Gmail, there is the potential that state public records laws will be circumvented by emails that 'disappear' after a period of time," the National Freedom of Information Coalition wrote in a letter to Google CEO Sundar Pichai. "The public's fundamental right to transparency and openness by their governments will be compromised. We urge you take steps to assure the 'self-destruct' feature be disabled on government Gmail accounts and on emails directed to a government entity."

lod123 shares a report from Threatpost: Nearly a half-million pacemakers are up for a firmware update to address potentially life-threatening vulnerabilities. Abbott (formerly St. Jude Medical) has released another upgrade to the firmware installed on certain implantable cardioverter defibrillator (ICD) or cardiac resynchronization therapy defibrillator (CRT-D) devices -- a.k.a., pacemakers. About 465,000 patients are affected. The update will strengthen the devices' protection against unauthorized access, as the provider said in a statement on its website: "It is intended to prevent anyone other than your doctor from changing your device settings." The update comes after 2016 claims by researchers that the then-St. Jude's cardiac implant ecosystem was rife with cybersecurity flaws that could result in "catastrophic results."

Late last year, Vine's co-founder, Dom Hofmann, said he was working on "a follow-up to Vine," after the six-second video social media app was shut down by Twitter in October. "I'm going to work on a follow-up to vine. i've been feeling it myself for some time and have seen a lot of tweets, dms, etc.," Hofmann tweeted at the time. Well, several months have passed and we have learned that Vine v2 will be postponed for an "indefinite amount of time" while Hofmann figures out funding and logistical hurdles. The Verge reports: The announcement, made on the v2 forums and reposted this morning by the official v2 Twitter handle, is a disappointing but understanding turn of events. Back in January, Hofmann suggested the app may launch as soon as this summer, which was an ambitious timetable. Now, Hofmann says that, despite the immense interest in his project, he has to take the time to make sure it doesn't fall apart before continuing. He cites a need for substantial venture funding to get v2 off the ground after initially thinking he may be able to self-fund it. "Long story short, in order to work, the v2 project needs to operate as a company with sizable external funding, probably from investors," Hofmann writes. "This is difficult because I already run an early-stage company (Innerspace VR, a creative immersive entertainment studio he founded after selling Vine to Twitter years ago) that is in the middle of development. Very few backers would be happy with the split attention, and I wouldn't be either. This is potentially solvable, but it's going to take time for the space and resources to become available."

Late last year, Vine's co-founder, Dom Hofmann, said he was working on "a follow-up to Vine," after the six-second video social media app was shut down by Twitter in October. "I'm going to work on a follow-up to vine. i've been feeling it myself for some time and have seen a lot of tweets, dms, etc.," Hofmann tweeted at the time. Well, several months have passed and we have learned that Vine v2 will be postponed for an "indefinite amount of time" while Hofmann figures out funding and logistical hurdles. The Verge reports: The announcement, made on the v2 forums and reposted this morning by the official v2 Twitter handle, is a disappointing but understanding turn of events. Back in January, Hofmann suggested the app may launch as soon as this summer, which was an ambitious timetable. Now, Hofmann says that, despite the immense interest in his project, he has to take the time to make sure it doesn't fall apart before continuing. He cites a need for substantial venture funding to get v2 off the ground after initially thinking he may be able to self-fund it. "Long story short, in order to work, the v2 project needs to operate as a company with sizable external funding, probably from investors," Hofmann writes. "This is difficult because I already run an early-stage company (Innerspace VR, a creative immersive entertainment studio he founded after selling Vine to Twitter years ago) that is in the middle of development. Very few backers would be happy with the split attention, and I wouldn't be either. This is potentially solvable, but it's going to take time for the space and resources to become available."

An anonymous reader quotes a report from Reuters: The U.S. National Security Agency collected more than 500 million phone call records of Americans last year, more than triple gathered in 2016, a U.S. intelligence agency report released on Friday said. The sharp increase to 534 million call records from 151 million occurred during the second full year of a new surveillance system established at the spy agency after U.S. lawmakers passed a law in 2015 that sought to limit its ability to collect such records in bulk. The reason for the spike was not immediately clear. The metadata records collected by the NSA include the numbers and time of a call, but not its content.