Slashdot Mirror

According to Foursquare Labs, which compiled location information from shoppers' mobile devices during the first two days after Amazon completed its acquisition of Whole Foods and compared the data with the same period a week earlier, the electronic commerce company boosted customer traffic to Whole Foods by 25 percent. Bloomberg reports: Amazon acquired the upscale chain last month for $13.7 billion, a move that has brought turmoil to the supermarket industry and sent shares of grocery rivals tumbling. The same day it completed the acquisition, the e-commerce giant cut prices by as much as 43 percent on a range of items. Organic fuji apples were marked down to $1.99 a pound from $3.49 a pound, for instance. Organic avocados dropped to $1.99 each from $2.79. The traffic data is an optimistic sign that Amazon can succeed in the brick-and-mortar world. In some areas, the jump in customers was dramatic. At stores in Chicago, 35 percent more shoppers visited Whole Foods stores, Foursquare found. It's not surprising that curious shoppers visited the stores immediately after the takeover, particularly after a bevy of media coverage, according to Jennifer Bartashus, an analyst at Bloomberg Intelligence. What's left to be seen is whether they will start consistently shopping more at Whole Foods stores.

According to Foursquare Labs, which compiled location information from shoppers' mobile devices during the first two days after Amazon completed its acquisition of Whole Foods and compared the data with the same period a week earlier, the electronic commerce company boosted customer traffic to Whole Foods by 25 percent. Bloomberg reports: Amazon acquired the upscale chain last month for $13.7 billion, a move that has brought turmoil to the supermarket industry and sent shares of grocery rivals tumbling. The same day it completed the acquisition, the e-commerce giant cut prices by as much as 43 percent on a range of items. Organic fuji apples were marked down to $1.99 a pound from $3.49 a pound, for instance. Organic avocados dropped to $1.99 each from $2.79. The traffic data is an optimistic sign that Amazon can succeed in the brick-and-mortar world. In some areas, the jump in customers was dramatic. At stores in Chicago, 35 percent more shoppers visited Whole Foods stores, Foursquare found. It's not surprising that curious shoppers visited the stores immediately after the takeover, particularly after a bevy of media coverage, according to Jennifer Bartashus, an analyst at Bloomberg Intelligence. What's left to be seen is whether they will start consistently shopping more at Whole Foods stores.

Shannon Liao reports via The Verge: If you're one of the millions affected by the Equifax breach, a chatbot can now help you sue Equifax in small claims court, potentially letting you avoid hiring a lawyer for advice. Even if you want to be part of the class action lawsuit against Equifax, you can still sue Equifax for negligence in small claims court using the DoNotPay bot and demand maximum damages. Maximum damages range between $2,500 in states like Rhode Island and Kentucky to $25,000 in Tennessee. The bot, which launched in all 50 states in July, is mainly known for helping with parking tickets. But with this new update, its creator, Joshua Browder, who was one of the 143 million affected by the breach, is tackling a much bigger target, with larger aspirations to match. He says, "I hope that my product will replace lawyers, and, with enough success, bankrupt Equifax."

Not that the bot helps you do anything you can't already do yourself, which is filling out a bunch of forms -- you still have to serve them yourself. Unfortunately, the chatbot can't show up in court a few weeks later to argue your case for you either. To add to the headache, small claims court rules differ from state to state. For instance, in California, a person needs to demand payment from Equifax or explain why they haven't demanded payment before filing the form.

Following the DefCon demonstration in July that showed how quickly Direct Recording Electronic voting equipment could be hacked, Virginia's State Board of Elections has decided it wants to replace their electronic voting machines in time for the gubernatorial election due on November 7th, 2017. According to The Register, "The decision was announced in the minutes of the Board's September 8th meeting: 'The Department of Elections officially recommends that the State Board of Elections decertify all Direct Recording Electronic (DRE or touchscreen) voting equipment." From the report: With the DefCon bods showing some machines shared a single hard-coded password, Virginia directed the Virginia Information Technology Agency (VITA) to audit the machines in use in the state (the Accuvote TSX, the Patriot, and the AVC Advantage). None passed the test. VITA told the board "each device analyzed exhibited material risks to the integrity or availability of the election process," and the lack of a paper audit trail posed a significant risk of lost votes. Local outlet The News Leader notes that many precincts had either replaced their machines already, or are in the process of doing so. The election board's decision will force a change-over on the 140 precincts that haven't replaced their machines, covering 190,000 of Virginia's ~8.4m population.

After deciding to distrust Symantec's certificates in March, Google has decided to release a more detailed plan for how that process will go. Tom's Hardware reports: Starting with Chrome 66 (we're now at version 61), the browser will remove trust in Symantec-issued certificates issued prior to June 1, 2016. Website operators that use Symantec certificates issued before that date should be looking to replace their certificates by April 2018, when Chrome 66 is expected to come out. Starting with Chrome 62 (next version), the built-in DevTools will also warn operators of Symantec certificates that will be distrusted in Chrome 66. After December 1, the new infrastructure managed by DigiCert will go into effect, and any new certificates issued by the old Symantec infrastructure will no longer be valid in Chrome. By November 2018, Chrome 70 will come out and will completely remove trust in all Symantec certificates that have ever been issued. Website operators can replace their old Symantec certificates with certificates from DigiCert from December 1 or from any other CA trusted by Google's Chrome browser.

The blame for the record-breaking cybersecurity breach that affects at least 143 million people falls on the open-source server framework, Apache Struts, according to an unsubstantiated report by equity research firm Baird. The firm's source, per one report, is believed to be Equifax. ZDNet reports: Apache Struts is a popular open-source software programming Model-View-Controller (MVC) framework for Java. It is not, as some headlines have had it, a vendor software program. It's also not proven that Struts was the source of the hole the hackers drove through. In fact, several headlines -- some of which have since been retracted -- all source a single quote by a non-technical analyst from an Equifax source. Not only is that troubling journalistically, it's problematic from a technical point of view. In case you haven't noticed, Equifax appears to be utterly and completely clueless about their own technology. Equifax's own data breach detector isn't just useless: it's untrustworthy. Adding insult to injury, the credit agency's advice and support site looks, at first glance, to be a bogus, phishing-type site: "equifaxsecurity2017.com." That domain name screams fake. And what does it ask for if you go there? The last six figures of your social security number and last name. In other words, exactly the kind of information a hacker might ask for. Equifax's technical expertise, it has been shown, is less than acceptable. Could the root cause of the hack be a Struts security hole? Two days before the Equifax breach was reported, ZDNet reported a new and significant Struts security problem. While many jumped on this as the security hole, Equifax admitted hackers had broken in between mid-May through July, long before the most recent Struts flaw was revealed. "It's possible that the hackers found the hole on their own, but zero-day exploits aren't that common," reports ZDNet. "It's far more likely that -- if the problem was indeed with Struts -- it was with a separate but equally serious security problem in Struts, first patched in March." The question then becomes: is it the fault of Struts developers or Equifax's developers, system admins, and their management? "The people who ran the code with a known 'total compromise of system integrity' should get the blame," reports ZDNet.

The blame for the record-breaking cybersecurity breach that affects at least 143 million people falls on the open-source server framework, Apache Struts, according to an unsubstantiated report by equity research firm Baird. The firm's source, per one report, is believed to be Equifax. ZDNet reports: Apache Struts is a popular open-source software programming Model-View-Controller (MVC) framework for Java. It is not, as some headlines have had it, a vendor software program. It's also not proven that Struts was the source of the hole the hackers drove through. In fact, several headlines -- some of which have since been retracted -- all source a single quote by a non-technical analyst from an Equifax source. Not only is that troubling journalistically, it's problematic from a technical point of view. In case you haven't noticed, Equifax appears to be utterly and completely clueless about their own technology. Equifax's own data breach detector isn't just useless: it's untrustworthy. Adding insult to injury, the credit agency's advice and support site looks, at first glance, to be a bogus, phishing-type site: "equifaxsecurity2017.com." That domain name screams fake. And what does it ask for if you go there? The last six figures of your social security number and last name. In other words, exactly the kind of information a hacker might ask for. Equifax's technical expertise, it has been shown, is less than acceptable. Could the root cause of the hack be a Struts security hole? Two days before the Equifax breach was reported, ZDNet reported a new and significant Struts security problem. While many jumped on this as the security hole, Equifax admitted hackers had broken in between mid-May through July, long before the most recent Struts flaw was revealed. "It's possible that the hackers found the hole on their own, but zero-day exploits aren't that common," reports ZDNet. "It's far more likely that -- if the problem was indeed with Struts -- it was with a separate but equally serious security problem in Struts, first patched in March." The question then becomes: is it the fault of Struts developers or Equifax's developers, system admins, and their management? "The people who ran the code with a known 'total compromise of system integrity' should get the blame," reports ZDNet.

An anonymous reader quotes a report from Ars Technica: China has become the latest country to publicly discuss plans to ban the production and sale of gasoline- or diesel-powered vehicles. In July, both France and the UK published plans to phase out sales of conventionally powered vehicles by 2040. China will now add another nail to the coffin of the internal combustion engine. However, unlike the French or British plans, in this case there's no target date -- yet. The news comes from an automotive policy forum in Tianjin. China's vice minister of industry and information technology, Xin Guobin, said that his ministry has begun work on a timetable to phase out fossil fueled vehicles. The Xinhua news agency also reports that Xin told automakers they need to begin to "readjust their strategies" accordingly. For foreign car companies hoping to sell EVs in China, that will mean investing in the country, as imported vehicles come with stiff import duties attached.

An anonymous reader quotes a report from Ars Technica: China has become the latest country to publicly discuss plans to ban the production and sale of gasoline- or diesel-powered vehicles. In July, both France and the UK published plans to phase out sales of conventionally powered vehicles by 2040. China will now add another nail to the coffin of the internal combustion engine. However, unlike the French or British plans, in this case there's no target date -- yet. The news comes from an automotive policy forum in Tianjin. China's vice minister of industry and information technology, Xin Guobin, said that his ministry has begun work on a timetable to phase out fossil fueled vehicles. The Xinhua news agency also reports that Xin told automakers they need to begin to "readjust their strategies" accordingly. For foreign car companies hoping to sell EVs in China, that will mean investing in the country, as imported vehicles come with stiff import duties attached.

Details of new iPhones and other forthcoming Apple devices have been revealed via an apparent leak. From a report: Two news sites were given access to an as-yet-unreleased version of the iOS operating system. The code refers to an iPhone X in addition to two new iPhone 8 handsets. It also details facial recognition tech that acts both as an ID system and maps users' expressions onto emojis. One tech writer said it was the biggest leak of its kind to hit the firm. [...] "As best I've been able to ascertain, these builds were available to download by anyone, but they were obscured by long, unguessable URLs [web addresses]," wrote John Gruber, a blogger known for his coverage of Apple. "Someone within Apple leaked the list of URLs to 9to5Mac and MacRumors. I'm nearly certain this wasn't a mistake, but rather a deliberate malicious act by a rogue Apple employee." Neither Mr Gruber nor the two Apple-related news sites have disclosed their sources. However, the BBC has independently confirmed that an anonymous source provided the publications with links to iOS 11's golden master (GM) code that downloaded the software from Apple's own computer servers. It's a big blow to Apple, which uses surprise as a key element at its events. The leak could take some wind out of its sails as it looks to wow consumers. In 2012, Tim Cook had said the company was planning to "double down on secrecy." At the quarterly earnings call, he blamed the leaks about the upcoming iPhone models as one of the reasons that slowed down the sales of current generation iPhone models. However, an analysis published over the weekend found that Apple itself has been the source of several of these leaks in the years since. Earlier this year, the company held a meeting to boast about its internal progress to curb leaks. The hour-long recording of the meeting ironically got leaked. Nearly all details, except the final press renders of the new iPhone models, have leaked. In a subsequent post, Gruber wrote: The BBC doesn't say definitively that the leak was sent by an Apple employee, but I can state with nearly 100 percent certainty that it was. I also think there's a good chance Apple is going to figure out who it was. [...] That person should be ashamed of themselves, and should be very worried when their phone next rings. Moments ago, 9to5Mac reported about a new tvOS firmware leak, which appeared "to be out in the wild today" that details the upcoming features of the next generation Apple TV streaming device.

Details of new iPhones and other forthcoming Apple devices have been revealed via an apparent leak. From a report: Two news sites were given access to an as-yet-unreleased version of the iOS operating system. The code refers to an iPhone X in addition to two new iPhone 8 handsets. It also details facial recognition tech that acts both as an ID system and maps users' expressions onto emojis. One tech writer said it was the biggest leak of its kind to hit the firm. [...] "As best I've been able to ascertain, these builds were available to download by anyone, but they were obscured by long, unguessable URLs [web addresses]," wrote John Gruber, a blogger known for his coverage of Apple. "Someone within Apple leaked the list of URLs to 9to5Mac and MacRumors. I'm nearly certain this wasn't a mistake, but rather a deliberate malicious act by a rogue Apple employee." Neither Mr Gruber nor the two Apple-related news sites have disclosed their sources. However, the BBC has independently confirmed that an anonymous source provided the publications with links to iOS 11's golden master (GM) code that downloaded the software from Apple's own computer servers. It's a big blow to Apple, which uses surprise as a key element at its events. The leak could take some wind out of its sails as it looks to wow consumers. In 2012, Tim Cook had said the company was planning to "double down on secrecy." At the quarterly earnings call, he blamed the leaks about the upcoming iPhone models as one of the reasons that slowed down the sales of current generation iPhone models. However, an analysis published over the weekend found that Apple itself has been the source of several of these leaks in the years since. Earlier this year, the company held a meeting to boast about its internal progress to curb leaks. The hour-long recording of the meeting ironically got leaked. Nearly all details, except the final press renders of the new iPhone models, have leaked. In a subsequent post, Gruber wrote: The BBC doesn't say definitively that the leak was sent by an Apple employee, but I can state with nearly 100 percent certainty that it was. I also think there's a good chance Apple is going to figure out who it was. [...] That person should be ashamed of themselves, and should be very worried when their phone next rings. Moments ago, 9to5Mac reported about a new tvOS firmware leak, which appeared "to be out in the wild today" that details the upcoming features of the next generation Apple TV streaming device.

Details of new iPhones and other forthcoming Apple devices have been revealed via an apparent leak. From a report: Two news sites were given access to an as-yet-unreleased version of the iOS operating system. The code refers to an iPhone X in addition to two new iPhone 8 handsets. It also details facial recognition tech that acts both as an ID system and maps users' expressions onto emojis. One tech writer said it was the biggest leak of its kind to hit the firm. [...] "As best I've been able to ascertain, these builds were available to download by anyone, but they were obscured by long, unguessable URLs [web addresses]," wrote John Gruber, a blogger known for his coverage of Apple. "Someone within Apple leaked the list of URLs to 9to5Mac and MacRumors. I'm nearly certain this wasn't a mistake, but rather a deliberate malicious act by a rogue Apple employee." Neither Mr Gruber nor the two Apple-related news sites have disclosed their sources. However, the BBC has independently confirmed that an anonymous source provided the publications with links to iOS 11's golden master (GM) code that downloaded the software from Apple's own computer servers. It's a big blow to Apple, which uses surprise as a key element at its events. The leak could take some wind out of its sails as it looks to wow consumers. In 2012, Tim Cook had said the company was planning to "double down on secrecy." At the quarterly earnings call, he blamed the leaks about the upcoming iPhone models as one of the reasons that slowed down the sales of current generation iPhone models. However, an analysis published over the weekend found that Apple itself has been the source of several of these leaks in the years since. Earlier this year, the company held a meeting to boast about its internal progress to curb leaks. The hour-long recording of the meeting ironically got leaked. Nearly all details, except the final press renders of the new iPhone models, have leaked. In a subsequent post, Gruber wrote: The BBC doesn't say definitively that the leak was sent by an Apple employee, but I can state with nearly 100 percent certainty that it was. I also think there's a good chance Apple is going to figure out who it was. [...] That person should be ashamed of themselves, and should be very worried when their phone next rings. Moments ago, 9to5Mac reported about a new tvOS firmware leak, which appeared "to be out in the wild today" that details the upcoming features of the next generation Apple TV streaming device.

Google appealed on Monday against a record 2.4-billion-euro ($2.9 billion) EU antitrust fine, with its chances of success boosted by Intel's partial victory last week against another EU sanction. From a report: The world's most popular Internet search engine, a unit of the U.S. firm Alphabet, launched its appeal two months after it was fined by the European Commission for abusing its dominance in Europe by giving prominent placement in searches to its comparison shopping service and demoting rival offerings.

Long-time Slashdot reader theodp writes: On Friday night, the Big Four Networks simultaneously aired EIF Presents: XQ Super School Live [YouTube], a commercial-free, one-hour TV special that championed Laurene Powell Jobs' mission to rethink the American high school. The closing credits listed Jobs as an Executive Producer, and noted that the chock-full-of-celebrities special was sponsored in part by her Emerson Collective and Apple.

"Surely Samuel L. Jackson, Tom Hanks, Mahershala Ali, Justin Timberlake, Cate Blanchett and a bevy of other celebrities have nothing but laudable intentions by appearing on Friday night's live televised high school reform spectacular on four -- count them, four -- major networks (NBC, ABC, CBS and Fox)," writes the Washington Post's Valerie Strauss. "But when an hour of prime time on four networks is purchased, it's fair to ask whether that is a public service or propaganda."
The Post points out gently that "not everyone believes" in the need to "transform" high schools, while theodp notes "viewers were pitched XQ Super School Board Program kits, which XQ's website explains are designed to prepare individuals for a school board candidacy."

If this seems suspiciously political -- or at least a way to ensure schools are friendly to Laurene Powell Jobs' specific proposals -- the nonprofit's web site adds reassuringly that "XQ won't be endorsing or supporting particular candidates; we'll be supporting all candidates who stand with us in a shared commitment to rethink high school, so all young people can be educated as they deserve."

Equifax's data breach was colossal -- but what should happen next? The Guardian writes: The problem is that companies like Equifax are able to accumulate -- essentially, without limit -- as much sensitive, personal data as they can get their hands on. There is an urgent need for strict regulations on what types of data companies can collect and how much data a company can possess, both in aggregate and about individuals. At the very least, this will lessen the severity and size of (inevitable) data breaches... Without putting hard limits on the data capitalists who extract and exploit our personal information, they will continue to reap the benefit while we bear the risks.
Marc Rotenberg, president of the Electronic Privacy Information Center, adds, "we need to penalize companies that collect SSNs but can't protect [them]." Wired reports: Experts across numerous privacy and security fields agree that the solution to the over-collection and over-use of SSNs isn't one particular replacement, but a diverse array of authentications like individual codes (similar to passwords), biometrics, and even physical tokens to create more variation in the ID process. Some also argue that the government likely won't be the driving force behind the shift. "We have a government that works at a glacial pace in the best of times," says Brenda Sharton, who chairs the Privacy & Cybersecurity practice at the Goodwin law firm, which has worked on data privacy breach investigations since the early 2000s. "There will reach a point where SSN [exposure] becomes untenable. And it may push us in the direction of having companies require multi-factor authentication."
Meanwhile TechCrunch argues, "This crass, callow, and lazy treatment of our digital data cannot stand...": We must create new, secure methods for cryptographically securing our data... These old organizations -- Equifax was founded in 1899 and hasn't changed much since inception -- must die, to be replaced by solutions that (and I shudder to say this) are blockchain-based.

"Proprietary software makes it possible to design products to cheat ordinary users..." writes Richard Stallman -- linking to a new essay by Cory Doctorow: Carriers adapted custom versions of Android to lock customers to their networks with shovelware apps that couldn't be removed from the home-screen and app store lock-in that forced customers to buy apps through their phone company. What began with printers and spread to phones is coming to everything: this kind of technology has proliferated to smart thermostats (no apps that let you turn your AC cooler when the power company dials it up a couple degrees), tractors (no buying your parts from third-party companies), cars (no taking your GM to an independent mechanic), and many categories besides.

All these forms of cheating treat the owner of the device as an enemy of the company that made or sold it, to be thwarted, tricked, or forced into conducting their affairs in the best interest of the company's shareholders. To do this, they run programs and processes that attempt to hide themselves and their nature from their owners, and proxies for their owners (like reviewers and researchers). Increasingly, cheating devices behave differently depending on who is looking at them. When they believe themselves to be under close scrutiny, their behavior reverts to a more respectable, less egregious standard. This is a shocking and ghastly turn of affairs, one that takes us back to the dark ages.

"Proprietary software makes it possible to design products to cheat ordinary users..." writes Richard Stallman -- linking to a new essay by Cory Doctorow: Carriers adapted custom versions of Android to lock customers to their networks with shovelware apps that couldn't be removed from the home-screen and app store lock-in that forced customers to buy apps through their phone company. What began with printers and spread to phones is coming to everything: this kind of technology has proliferated to smart thermostats (no apps that let you turn your AC cooler when the power company dials it up a couple degrees), tractors (no buying your parts from third-party companies), cars (no taking your GM to an independent mechanic), and many categories besides.

All these forms of cheating treat the owner of the device as an enemy of the company that made or sold it, to be thwarted, tricked, or forced into conducting their affairs in the best interest of the company's shareholders. To do this, they run programs and processes that attempt to hide themselves and their nature from their owners, and proxies for their owners (like reviewers and researchers). Increasingly, cheating devices behave differently depending on who is looking at them. When they believe themselves to be under close scrutiny, their behavior reverts to a more respectable, less egregious standard. This is a shocking and ghastly turn of affairs, one that takes us back to the dark ages.

"Proprietary software makes it possible to design products to cheat ordinary users..." writes Richard Stallman -- linking to a new essay by Cory Doctorow: Carriers adapted custom versions of Android to lock customers to their networks with shovelware apps that couldn't be removed from the home-screen and app store lock-in that forced customers to buy apps through their phone company. What began with printers and spread to phones is coming to everything: this kind of technology has proliferated to smart thermostats (no apps that let you turn your AC cooler when the power company dials it up a couple degrees), tractors (no buying your parts from third-party companies), cars (no taking your GM to an independent mechanic), and many categories besides.

All these forms of cheating treat the owner of the device as an enemy of the company that made or sold it, to be thwarted, tricked, or forced into conducting their affairs in the best interest of the company's shareholders. To do this, they run programs and processes that attempt to hide themselves and their nature from their owners, and proxies for their owners (like reviewers and researchers). Increasingly, cheating devices behave differently depending on who is looking at them. When they believe themselves to be under close scrutiny, their behavior reverts to a more respectable, less egregious standard. This is a shocking and ghastly turn of affairs, one that takes us back to the dark ages.

"Proprietary software makes it possible to design products to cheat ordinary users..." writes Richard Stallman -- linking to a new essay by Cory Doctorow: Carriers adapted custom versions of Android to lock customers to their networks with shovelware apps that couldn't be removed from the home-screen and app store lock-in that forced customers to buy apps through their phone company. What began with printers and spread to phones is coming to everything: this kind of technology has proliferated to smart thermostats (no apps that let you turn your AC cooler when the power company dials it up a couple degrees), tractors (no buying your parts from third-party companies), cars (no taking your GM to an independent mechanic), and many categories besides.

All these forms of cheating treat the owner of the device as an enemy of the company that made or sold it, to be thwarted, tricked, or forced into conducting their affairs in the best interest of the company's shareholders. To do this, they run programs and processes that attempt to hide themselves and their nature from their owners, and proxies for their owners (like reviewers and researchers). Increasingly, cheating devices behave differently depending on who is looking at them. When they believe themselves to be under close scrutiny, their behavior reverts to a more respectable, less egregious standard. This is a shocking and ghastly turn of affairs, one that takes us back to the dark ages.

An anonymous reader quotes AFP: Hurricane Irma, now taking aim at Florida, has stunned experts with its sheer size and strength, churning across the ocean with sustained Category 5 winds of 183 miles per hour (295 kilometers per hour) for more than 33 hours, making it the longest-lasting, top-intensity cyclone ever recorded. Meanwhile Jose, a Category 4 on the Saffir Simpson scale of 1 to 5, is fast on the heels of Irma, pummeling the Caribbean for the second time in the span of a few days. Many have wondered what is contributing to the power and frequency of these extreme storms. "Atlantic hurricane seasons over the years have been shaped by many complex factors," said Jim Kossin, a NOAA hurricane scientist at the University of Wisconsin. "Those include large scale ocean currents, air pollution -- which tends to cool the ocean down -- and climate change"...

Some think a surge in industrial pollution after World War II may have produced more pollutant particles that blocked the Sun's energy and exerted a cooling effect on the oceans. "The pollution reduced a lot of hurricane activity," said Gabriel Vecchi, professor of geosciences at Princeton University's Environmental Institute. Pollution began to wane in the 1980s due to regulations such as the Clean Air Act, allowing more of the Sun's rays to penetrate the ocean and provide warming fuel for storms. Vecchi said the "big debate" among scientists is over which plays a larger role -- variations in ocean currents or pollution cuts. There is evidence for both, but there isn't enough data to answer a key question...

The burning of fossil fuels, which spew greenhouse gases into the atmosphere and warm the Earth, can also be linked to a rise in extreme storms in recent years. Warmer ocean temperatures yield more moisture, more rainfall, and greater intensity storms. "It is not a coincidence that we're seeing more devastating hurricanes," climatologist Michael Mann of Penn State University told AFP in an email. "Over the past few years, as global sea surface temperatures have been the warmest on record, we've seen the strongest hurricanes -- as measured by peak sustained winds -- globally, in both Southern and Northern Hemisphere, in both Pacific and now, with Irma, the open Atlantic," he added. "The impacts of climate change are no longer subtle. We're seeing them play out in real time, and the past two weeks have been a sadly vivid example."

A 31-year-old autistic man in the U.K. is suspected of hacking U.S. government computer systems in 2013 -- and he has one final chance to appeal his extradition. An anonymous reader quotes the Guardian Even if Love is guilty, however, there are important legal and moral questions about whether he should be extradited to the US -- a nation that has prosecuted hackers with unrivalled severity, and one where Love could be sentenced to spend the rest of his life in prison... His remaining hope for mercy is a final appeal against extradition in the high court in November. Love's hope is for a full and fair trial in Britain.

Even if he is found guilty in a British court of the most serious crimes in the US government's indictment, his legal team estimate that he faces just a few months in prison. Failure means Love will be flown to a holding facility in New York, placed on suicide watch and probably forced to take antidepressants, prior to a trial. If he refuses to accept a plea deal and is convicted, he will face $9m (£6.8m) in fines and, experts estimate, a prison term of up to 99 years, a punishment illustrative of the US's aggressive sentencing against hackers under the controversial Computer Fraud and Abuse Act.
Naomi Colvin, from the human rights group the Courage Foundation, tells the Guardian that "Lauri's case is critically important in determining the reach of America's unusually harsh punitive sanctions for computer crimes."

Though Apple officially unveils their newest iPhone on Tuesday, information is already leaking on the internet.

• Mashable: "Physically, it's expected to be about the same size as an iPhone 7, but with an edge-to-edge OLED display that's bigger than what is currently on the iPhone 7 Plus. It won't have a home button or Touch ID, and will likely use some kind of facial recognition tech to unlock."

• MacRumors cites a report from KGI Securities analyst Ming-Chi Kuo suggesting facial recognition may just be one feature of a complex front camera with 3D sensing hardware, including a proximity sensor, ambient light sensor, and a structured light transmitter (using a surface-emitting laser) and receiver.

• CNET: "Irish iPhone programming guru Steve Troughton-Smith now feels sure he has the names of the three phones to be launched by Apple on Tuesday.... they'll (probably) be called the iPhone 8, iPhone 8 Plus and -- ta-da -- the iPhone X."

• Troughton-Smith also predicts a 3x screen at 1125x2436 resolution

• Fortune: "Apple's iPhone line is expected to catch up with Android phones in the area of wireless charging this year... just lay the phone down on a compatible charger mat or base or dock, and watch the battery fill up."

• 9to5Mac: "We've found a brand new feature called 'Animoji', which uses the 3D face sensors to create custom 3D animated emoji based on the expressions you make into the camera. Users will be able to make Animoji of unicorns, robots, pigs, pile of poo and many more."

Slashdot reader unixisc writes: While it's always been well known that Windows phones in the market have floundered, one saving grace has always been that one could at least use it for the barest minimum of apps, even if updates have stopped... Aside from a door stop or a hand me down to someone who'll use it like a dumb phone, what are your suggested uses for this phone? A music player (if the songs are on an SD card)? Games? As far as phones go, I have what I need, so for this, anything it's good for?
The original submission suggests problems connecting to wi-ifi -- something partially corroborated by complaints at Windows Central -- though Microsoft's site says they're still supporting wifi connections.

Slashdot reader thegreatbob suggested "shuffleboard puck" -- then added, "Snark aside, if you're into writing custom applications and such for them, there's probably a bootloader/root solution for you out there."

Leave your own best suggestions in the comments. What can you do with an old Windows Phone?

Slashdot reader unixisc writes: While it's always been well known that Windows phones in the market have floundered, one saving grace has always been that one could at least use it for the barest minimum of apps, even if updates have stopped... Aside from a door stop or a hand me down to someone who'll use it like a dumb phone, what are your suggested uses for this phone? A music player (if the songs are on an SD card)? Games? As far as phones go, I have what I need, so for this, anything it's good for?
The original submission suggests problems connecting to wi-ifi -- something partially corroborated by complaints at Windows Central -- though Microsoft's site says they're still supporting wifi connections.

Slashdot reader thegreatbob suggested "shuffleboard puck" -- then added, "Snark aside, if you're into writing custom applications and such for them, there's probably a bootloader/root solution for you out there."

Leave your own best suggestions in the comments. What can you do with an old Windows Phone?

Slashdot reader unixisc writes: While it's always been well known that Windows phones in the market have floundered, one saving grace has always been that one could at least use it for the barest minimum of apps, even if updates have stopped... Aside from a door stop or a hand me down to someone who'll use it like a dumb phone, what are your suggested uses for this phone? A music player (if the songs are on an SD card)? Games? As far as phones go, I have what I need, so for this, anything it's good for?
The original submission suggests problems connecting to wi-ifi -- something partially corroborated by complaints at Windows Central -- though Microsoft's site says they're still supporting wifi connections.

Slashdot reader thegreatbob suggested "shuffleboard puck" -- then added, "Snark aside, if you're into writing custom applications and such for them, there's probably a bootloader/root solution for you out there."

Leave your own best suggestions in the comments. What can you do with an old Windows Phone?

Slashdot reader troublemaker_23 writes, "A number of security researchers have dismissed an article by reporter Brian Krebs about Marcus Hutchins, the Briton who is awaiting trial in the US on charges of writing and distributing the Kronos banking malware, by pointing out that it has nothing to do with the case." An anonymous reader writes: Krebs investigated dozens of hacker forum pseudonyms, concluding "The clues suggest that Hutchins began developing and selling malware in his mid-teens -- only to later develop a change of heart and earnestly endeavor to leave that part of his life squarely in the rearview mirror." Krebs believes 15-year-old Hutchins registered a domain he'd later advertise as "mainly for blackhats wanting to phish," and in 2010 may have filmed YouTube videos about password-stealing malware. Krebs says the early activities are "fairly small-time -- and hardly rise to the level of coding from scratch a complex banking trojan and selling it to cybercriminals," though he believes Hutchins moved on to advertising exploit kits, password-stealers, and bot rentals.

Krebs also talked to 27-year-old Brendan Johnston, a friend of Hutchins who did time in prison in 2014 for selling Trojans, who "said his old friend sincerely tried to turn things around in late 2012... 'I feel like I know Marcus better than most people do online, and when I heard about the accusations I was completely shocked,. He tried for such a long time to steer me down a straight and narrow path that seeing this tied to him didn't make sense to me at all." Krebs stresses that Hutchins didn't try to hide the fact that he'd written malware, "which in the United States at least is a form of protected speech." And his essay concludes, "Let me be clear: I have no information to support the claim that Hutchins authored or sold the Kronos banking trojan."
Symantec's former cybersecurity czar Tarah Wheeler has now set up a new legal fund after it was discovered that most of the online donations to Hutchins' previous defense fund came from stolen or fake credit card numbers. Hutchins returns to court in October, and the new fund has already received more than $16,000 in donations from more than 200 contributors.

"I fought foreign propaganda for the FBI," writes a former special agent from its Counterintelligence Division. Now an associate dean at Yale Law School, he's warning that "the tools we had won't work anymore." An anonymous reader quotes Politico: The bureau is now faced with huge private companies, like Facebook and Twitter, which are ostensibly neutral and have no professional or ethical obligation to vet the material they distribute. Further, foreign intelligence service propaganda agents are no longer human operatives on American soil -- they are invisible "trolls," often operating from a foreign country and behind social media accounts that make them impossible for the FBI to approach directly. Or, in the case of so-called bots -- software programs designed to simulate humans -- they might not even be people at all... [S]ocial media platforms can reach an almost limitless audience, often within days or hours, more or less for free: Russia's Facebook ads alone reached between 23 million and 70 million viewers.

Without any direct way to investigate and identify the source of the private accounts that generate this "fake news," there's literally nothing the FBI can do to stop a propaganda operation that can occur on such a massive scale... But Congress could pass legislation that requires social media companies to cooperate with counterintelligence in the same ways they do with law enforcement. For example, the Communications Assistance for Law Enforcement Act requires telecommunications companies to design their digital networks in such a way that would permit wiretaps for criminal cases. Similarly, requiring social media platforms to develop ways to vet and authenticate foreign users and proactively report potential bots to the FBI would enable the FBI to identify perception management operations as they are occurring. In addition to monitoring these specific FIS-based accounts, the FBI could publicly expose the source of particular accounts, ads or news...
"At this point, we have no choice: It's clear that our current counterintelligence strategy hasn't caught up to the age of asymmetrical information warfare," the former counterintelligence agent concludes. "Until it does, we'll be silently allowing our freedoms to be manipulated...."

"I fought foreign propaganda for the FBI," writes a former special agent from its Counterintelligence Division. Now an associate dean at Yale Law School, he's warning that "the tools we had won't work anymore." An anonymous reader quotes Politico: The bureau is now faced with huge private companies, like Facebook and Twitter, which are ostensibly neutral and have no professional or ethical obligation to vet the material they distribute. Further, foreign intelligence service propaganda agents are no longer human operatives on American soil -- they are invisible "trolls," often operating from a foreign country and behind social media accounts that make them impossible for the FBI to approach directly. Or, in the case of so-called bots -- software programs designed to simulate humans -- they might not even be people at all... [S]ocial media platforms can reach an almost limitless audience, often within days or hours, more or less for free: Russia's Facebook ads alone reached between 23 million and 70 million viewers.

Without any direct way to investigate and identify the source of the private accounts that generate this "fake news," there's literally nothing the FBI can do to stop a propaganda operation that can occur on such a massive scale... But Congress could pass legislation that requires social media companies to cooperate with counterintelligence in the same ways they do with law enforcement. For example, the Communications Assistance for Law Enforcement Act requires telecommunications companies to design their digital networks in such a way that would permit wiretaps for criminal cases. Similarly, requiring social media platforms to develop ways to vet and authenticate foreign users and proactively report potential bots to the FBI would enable the FBI to identify perception management operations as they are occurring. In addition to monitoring these specific FIS-based accounts, the FBI could publicly expose the source of particular accounts, ads or news...
"At this point, we have no choice: It's clear that our current counterintelligence strategy hasn't caught up to the age of asymmetrical information warfare," the former counterintelligence agent concludes. "Until it does, we'll be silently allowing our freedoms to be manipulated...."

Long-time Slashdot reader BinBoy writes: Science fiction author and Byte magazine columnist Jerry Pournelle has died according to a statement by his son Alex posted to Jerry's web site. A well-wishing page has been set up for visitor's to post their thoughts and memories of Mr. Pournelle.
Pournelle's literary career included the 1985 science fiction novel Footfall with Larry Niven, which became a #1 New York Times best-seller -- one of several successful collaborations between the two authors. In a Slashdot interview in 2003, Larry Niven credited Jerry for the prominent role of religion in their 1974 book The Mote in God's Eye.

Wikipedia also remembers how Byte magazine announced Pournelle's legendary debut as a columnist in their June 1980 issue.
"The other day we were sitting around the BYTE offices listening to software and hardware explosions going off around us in the microcomputer world. We wondered, "Who could cover some of the latest developments for us in a funny, frank (and sometimes irascible) style?" The phone rang. It was Jerry Pournelle with an idea for a funny, frank (and sometimes irascible) series of articles to be presented in BYTE on a semi-regular (i.e.: every 2 to 3 months) basis, which would cover the wild microcomputer goings-on at the Pournelle House ("Chaos Manor") in Southern California. We said yes."
Slashdot reader tengu1sd fondly remembers Pournelle as "frequently loud, but well reasoned." He also shares a link to a new appreciation posted on the Science Fiction and Fantasy Writers of America site. And Slashdot reader Nova Express also remembers Pournelle's Chaos Manor website "later became one of the first blogs on the Internet."

Long-time Slashdot reader BinBoy writes: Science fiction author and Byte magazine columnist Jerry Pournelle has died according to a statement by his son Alex posted to Jerry's web site. A well-wishing page has been set up for visitor's to post their thoughts and memories of Mr. Pournelle.
Pournelle's literary career included the 1985 science fiction novel Footfall with Larry Niven, which became a #1 New York Times best-seller -- one of several successful collaborations between the two authors. In a Slashdot interview in 2003, Larry Niven credited Jerry for the prominent role of religion in their 1974 book The Mote in God's Eye.

Wikipedia also remembers how Byte magazine announced Pournelle's legendary debut as a columnist in their June 1980 issue.
"The other day we were sitting around the BYTE offices listening to software and hardware explosions going off around us in the microcomputer world. We wondered, "Who could cover some of the latest developments for us in a funny, frank (and sometimes irascible) style?" The phone rang. It was Jerry Pournelle with an idea for a funny, frank (and sometimes irascible) series of articles to be presented in BYTE on a semi-regular (i.e.: every 2 to 3 months) basis, which would cover the wild microcomputer goings-on at the Pournelle House ("Chaos Manor") in Southern California. We said yes."
Slashdot reader tengu1sd fondly remembers Pournelle as "frequently loud, but well reasoned." He also shares a link to a new appreciation posted on the Science Fiction and Fantasy Writers of America site. And Slashdot reader Nova Express also remembers Pournelle's Chaos Manor website "later became one of the first blogs on the Internet."

Long-time Slashdot reader BinBoy writes: Science fiction author and Byte magazine columnist Jerry Pournelle has died according to a statement by his son Alex posted to Jerry's web site. A well-wishing page has been set up for visitor's to post their thoughts and memories of Mr. Pournelle.
Pournelle's literary career included the 1985 science fiction novel Footfall with Larry Niven, which became a #1 New York Times best-seller -- one of several successful collaborations between the two authors. In a Slashdot interview in 2003, Larry Niven credited Jerry for the prominent role of religion in their 1974 book The Mote in God's Eye.

Wikipedia also remembers how Byte magazine announced Pournelle's legendary debut as a columnist in their June 1980 issue.
"The other day we were sitting around the BYTE offices listening to software and hardware explosions going off around us in the microcomputer world. We wondered, "Who could cover some of the latest developments for us in a funny, frank (and sometimes irascible) style?" The phone rang. It was Jerry Pournelle with an idea for a funny, frank (and sometimes irascible) series of articles to be presented in BYTE on a semi-regular (i.e.: every 2 to 3 months) basis, which would cover the wild microcomputer goings-on at the Pournelle House ("Chaos Manor") in Southern California. We said yes."
Slashdot reader tengu1sd fondly remembers Pournelle as "frequently loud, but well reasoned." He also shares a link to a new appreciation posted on the Science Fiction and Fantasy Writers of America site. And Slashdot reader Nova Express also remembers Pournelle's Chaos Manor website "later became one of the first blogs on the Internet."

Dan Drollette writes: Contrary to some items making the rounds of the Twitterverse, El Nino's are "Kryptonite for hurricanes." The Mercury News reports: "Irma has ripped a path of misery through the Caribbean and is aiming at Florida, but the first seed for its monster size and force was planted on the other side of the world more than six months ago. It happened innocently enough, when a widely anticipated El Nino failed to materialize over the Pacific Ocean. In time, that cleared a path for a hurricane to form in the Atlantic that grew to the size of the state of New York with winds topping 185 miles per hour. El Nino occurs when the Pacific heats up and flusters the atmosphere, setting off a chain reaction that causes wind shear across the Atlantic. Shear is wind blowing in different directions or speeds at various altitudes, and it can be Kryptonite for hurricanes. As powerful as they are, tropical cyclones have delicate structures. Shear can tear them apart. A budding storm can't get started and an established storm can't get strong."

swschrad writes: Call it a stampede, call it a business decision, but Best Buy has pulled Kaspersky internet security software from its shelves and website. Some in the U.S. government suspect Russian ties make it a suspicious product. Since all major security companies have links with each other and with government security agencies, sharing threat evidence to find counters, Kaspersky's defense seems valid. But if you want it, be prepared to buy it off their own website. Best Buy will give Kaspersky software purchasers 45 days to exchange it for free for another product if they want. Additionally, customers can also uninstall it themselves or have a Geek Squad agent do it for free within that time window.

In response to the massive Equifax cybersecurity incident impacting approximately 143 million U.S. consumer -- making it possibly the worst leak of personal info ever -- Slashdot reader AdamStarks asks: What steps can the average Joe take to protect their identity? Accepting Equifax's help forfeits your right to sue; it's the same with applying for protection at TransUnion (not sure about Experian). Extra services at those companies also cost money, but that's putting even more of your data in their hands, and it's not clear whether the protection/help they provide is worth it (leaving aside not wanting to reward bad behavior).

In response to the massive Equifax cybersecurity incident impacting approximately 143 million U.S. consumer -- making it possibly the worst leak of personal info ever -- Slashdot reader AdamStarks asks: What steps can the average Joe take to protect their identity? Accepting Equifax's help forfeits your right to sue; it's the same with applying for protection at TransUnion (not sure about Experian). Extra services at those companies also cost money, but that's putting even more of your data in their hands, and it's not clear whether the protection/help they provide is worth it (leaving aside not wanting to reward bad behavior).

An anonymous reader quotes a report from The Verge: The Note brand is still going strong despite Samsung recalling and discontinuing Note 7 devices last year for battery explosions. The company today announced that more customers in the U.S. have preordered the Note 8 than any other Notes it has ever sold in previous years during the same time period. Note 8 preorders went live on August 24th and the device is one of Samsung's most expensive smartphones to date, starting at $930. It's unapologetically pricey, though Samsung did attempt to offset that price tag with some presale offers. Samsung did not specify exactly how many Note 8 preorders it has received so far, but judging by how popular Note 7s were last year before everything went down, it seems that little has deterred Note fans from upgrading -- not even the price tag.

cdreimer writes: According to a report in The Wall Street Journal (Warning: source may be paywalled, alternative source), Uber is under investigation by federal law-enforcement authorities for using a program called "Hell" to illegally interfere with the competition by creating fake Lyft accounts, initiating phony ride requests for Lyft drivers, and offering cash bonuses for drivers who drive for both services to leave Lyft. This is creating a new headache for incoming CEO Dara Khosrowshahi to deal with. From the report: "Federal law-enforcement authorities in New York are investigating whether Uber Technologies Inc. used software to interfere illegally with its competitors, according to people familiar with the investigation, adding to legal pressures facing the embattled ride-hailing company and its new chief executive. The investigation, led by the Federal Bureau of Investigation's New York office and the Manhattan U.S. attorney's office, is focused on a defunct Uber program, known internally as 'Hell,' that could track drivers working for rival service Lyft Inc., the people said. 'We are cooperating with the SDNY investigation,' said an Uber spokesman, referring to New York's Southern District. He declined to offer additional details. Uber has never publicly discussed the details of the program. But people familiar with the matter said 'Hell' worked like this: Uber created fake Lyft customer accounts, tricking Lyft's system into believing prospective customers were seeking rides in various locations around a city. That allowed Uber to see which Lyft drivers were nearby and what prices they were offering for various routes, similar to how such information appears when an authentic Lyft app is opened on a user's smartphone, these people said. The program was also used to glean data on drivers who worked for both companies, and whom Uber could target with cash incentives to get them to leave Lyft, said these people, who added that the program was discontinued last year."

Brian Stelter, writing for CNN: Why won't Facebook show the public the propagandistic ads that a so-called Russian troll farm bought last year to target American voters? That lack of transparency is troubling to many observers. "Show us the ads Zuck!" Silicon Valley entrepreneur Jason Calacanis wrote on Twitter when The Washington Post reported on the surreptitious ad buys on Wednesday. Calacanis said Facebook was "profiting off fake news," echoing a widely held criticism of the social network. It was only the latest example of Facebook's credibility problem. For a business based on the concept of friendship, it's proving to be a hard company to trust. On the business side, Facebook's metrics for advertisers have been error-prone, to say the least. Analysts and reporters have repeatedly uncovered evidence of faulty data and measurement mistakes. Facebook's opaqueness has also engendered mistrust in the political arena. Conservative activists have accused the company of censoring right-wing voices and stories. Liberal activists have raised alarms about its exploitation of personal information to target ads. And the news business is worried about the spread of bogus stories and hoaxes on the site. Some critics have even taken to calling Facebook a "surveillance company," seeking to reframe the business the social network is in -- not networking but ad targeting based on monitoring of users. Over at The Verge, Casey Newton documents inconsistencies in Facebook's public remarks over its role in the outcome of the presidential election last year. Newton says Facebook's shifting Russian ads stories and unwillingness to disclose information citing laws (which seem to imply otherwise) are damaging its credibility.

There's a difference between clearing your head, and ditching your dying startup to do drugs in the desert. From a report: Whether you're going to Burning Man, Ibiza, SXSW, or some big international tech conference, the message you send is the same. If your startup isn't succeeding, you're skipping out on the dirty work while hoping some miracle revelation or networking connection will save you. And it probably won't. For those less familiar, Burning Man is when 70,000 people build a temporary city of tents and RVs in the Nevada desert where no money is exchanged, and instead everyone seeks to gift strangers with giant art installations, workshops, food, drinks, and celebrations. But I get a sinking feeling when I notice or hear about the leaders of a struggling startup trying to dance or dose away their troubles. Being out of a contact for several days to a week since there's no reliable cellular connection and a stigma against phone use creates a decision-making bottleneck that can slow down your company. Ex-Oculus founder Palmer Luckey here points out how juice presser startup Juicero's founder Doug Evans took off to Burning Man for week. That's despite the company recently admitting it needed to lower prices after Bloomberg reporters revealed you could simply squeeze Juicero juice packs by hand without the $400 machine. In the middle of that week Evans was at Burning Man, Juicero announced it would suspend sales of its juicer and juice packs as it desperately tries to find an acquirer. While Evans handed over the CEO title to former Coca-Cola exec Jeff Dunn late last year, the company told TechCrunch "Evans is Juicero's full time Founder and Chairman of the Board and very active within the company."

There's a difference between clearing your head, and ditching your dying startup to do drugs in the desert. From a report: Whether you're going to Burning Man, Ibiza, SXSW, or some big international tech conference, the message you send is the same. If your startup isn't succeeding, you're skipping out on the dirty work while hoping some miracle revelation or networking connection will save you. And it probably won't. For those less familiar, Burning Man is when 70,000 people build a temporary city of tents and RVs in the Nevada desert where no money is exchanged, and instead everyone seeks to gift strangers with giant art installations, workshops, food, drinks, and celebrations. But I get a sinking feeling when I notice or hear about the leaders of a struggling startup trying to dance or dose away their troubles. Being out of a contact for several days to a week since there's no reliable cellular connection and a stigma against phone use creates a decision-making bottleneck that can slow down your company. Ex-Oculus founder Palmer Luckey here points out how juice presser startup Juicero's founder Doug Evans took off to Burning Man for week. That's despite the company recently admitting it needed to lower prices after Bloomberg reporters revealed you could simply squeeze Juicero juice packs by hand without the $400 machine. In the middle of that week Evans was at Burning Man, Juicero announced it would suspend sales of its juicer and juice packs as it desperately tries to find an acquirer. While Evans handed over the CEO title to former Coca-Cola exec Jeff Dunn late last year, the company told TechCrunch "Evans is Juicero's full time Founder and Chairman of the Board and very active within the company."

The breach Equifax reported Thursday is very possibly is the most severe of all for a simple reason: the breath-taking amount of highly sensitive data it handed over to criminals. Dan Goodin of ArsTechnica writes: By providing full names, Social Security numbers, birth dates, addresses, and, in some cases, driver license numbers, it provided most of the information banks, insurance companies, and other businesses use to confirm consumers are who they claim to be. The theft, by criminals who exploited a security flaw on the Equifax website, opens the troubling prospect the data is now in the hands of hostile governments, criminal gangs, or both and will remain so indefinitely. Hacks hitting Yahoo and other sites, by contrast, may have breached more accounts, but the severity of the personal data was generally more limited. And in most cases the damage could be contained by changing a password or getting a new credit card number. What's more, the 143 million US people Equifax said were potentially affected accounts for roughly 44 percent of the population. When children and people without credit histories are removed, the proportion becomes even bigger. That means well more than half of all US residents who rely the most on bank loans and credit cards are now at a significantly higher risk of fraud and will remain so for years to come. Besides being used to take out loans in other people's names, the data could be abused by hostile governments to, say, tease out new information about people with security clearances, especially in light of the 2015 hack on the US Office of Personnel Management, which exposed highly sensitive data on 3.2 million federal employees, both current and retired. Meanwhile, if you accept Equifax's paltry "help" you forfeit the right to sue the company, it has said. In its policy, Equifax also states that it won't be helping its customers fix hack-related problems.

UPDATE (9/9/17): Equifax has now announced that "the arbitration clause and class action waiver included in the Equifax and TrustedID Premier terms of use does not apply to this cybersecurity incident."

Bloomberg reported on Friday that a class action seeking to represent 143 million consumers has been filed, and it alleges the company didn't spend enough on protecting data. The class-action -- filed by the firm Olsen Daines PC along with Geragos & Geragos, a celebrity law firm known for blockbuster class actions -- will seek as much as $70 billion in damages nationally.

According to a Taiwanese news outlet called Commercial Times, Google is in the final stages of acquiring all or part of smartphone maker HTC. CNBC reports: The report seems fishy, since Google has already been down this road, but there's a reason why Google might be interested in HTC. The Taiwanese company builds the Google Pixel, which means it could be a good fit for Google as it continues to cater to consumers with its "Pixel" smartphone brand. Here's where it sounds off base: Google acquired Motorola Mobility and then sold it off just a couple of years later. Why repeat that move? Commercial Times said HTC's poor financial position and Google's desire to "perfect [the] integration of software, content, hardware, network, cloud, [and] AI," is the driving force behind Google's interest. The news outlet said Google may make a "strategic investment" or "buy HTC's smartphone R&D team" which suggests that the VR team would exist as its own.

Google announced in a blog post today that the Google Drive app for desktop will be shut down. The Verge reports: Support will be cut off on December 11th and the app will shut down completely on March 12th, 2018. Users who are still running the Drive app will start seeing notifications in October that it's "going away," and the company will steer customers towards one of two replacements depending on whether they're a consumer or business user. Google Drive the service isn't going anywhere. You can still access it from the web, smartphone apps, and either of the software options mentioned below. Google now has two fairly new software tools for backing up your data and/or accessing files in the cloud. There's Backup and Sync, the all-encompassing consumer app that replaces both the standalone Google Drive and Google Photos Uploader apps. It offers essentially the same functionality as Drive and works much the same way. And on the enterprise side, Google has rolled out Drive File Streamer, which saves space on your local drive while providing access to "all of your Google Drive files on demand, directly from your computer."

theodp writes: After a flood of cheating cases roiled Harvard's Computer Science 50: "Introduction to Computer Science I" last year, Dean of Undergraduate Education Jay Harris implored students in the course not to cheat on assignments at an orientation session Wednesday night. Course head David Malan, the Harvard Crimson reports, spent the last five minutes of the orientation session fielding questions from students confused about the course's collaboration policy and whether or not CS50 enrollees are allowed to use code found online. He told them never to Google solutions, and never to borrow a friend's work. Last week, CS50 students were informed via a CS50 FAQ that they are also now "encouraged" to physically attend the course's taped weekly lectures. In an essay last year, Prof. Malan had questioned the value of saying everyone should attend every lecture. Attendance is now also expected at every discussion section until the first mid-semester exam. In case you're curious, the estimated sticker price for attending Harvard College during the 2017-2018 school year is $69,600-$73,600 (health insurance sold separately).

Disney CEO Bob Iger announced on Thursday that his company will pull the full catalog of films from the Star Wars franchise and Marvel universe from Netflix after 2019. Last month, Disney announced it would be pulling a number of Disney titles from the Netflix catalog, but left the door open to keeping the Star Wars franchise and Marvel films. That door has since been slammed shut, "choosing instead to use movies like Iron Man, Captain America, and the forthcoming Star Wars: Episode IX as a draw to a new Disney-owned streaming service," reports Ars Technica. From the report: It's not clear exactly which films are affected by Iger's announcement. A Netflix spokesperson told The Verge last month that "we continue to do business with the Walt Disney Company on many fronts, including our ongoing deal with Marvel TV." That refers to a collaboration between Disney and Netflix to produce several live-action television series based on lesser-known Marvel characters Daredevil, Jessica Jones, Iron Fist, and Luke Cage. Some of those series are still being actively developed. It's a high-risk gamble for Disney. It makes sense for Disney to bring its best-known franchises back under its own roof to give the Disney streaming service the best possible chance of success. But Disney is leaving a lot of money on the table by not doing a deal with Netflix or one of its competitors. It could be an expensive mistake if the Disney streaming service doesn't get traction.

An anonymous reader quotes a report from TechCrunch: Upload, formerly UploadVR, the virtual reality startup at the center of a sexual harassment and wrongful termination lawsuit filed earlier this year, has settled the case with its former employee and is aiming to put the ensuing damage behind it. The lawsuit, filed against the startup and its co-founders by former director of digital and social media Elizabeth Scott, alleged that the company had sought to create a "boy's club" environment and described "rampant" sexual behavior in the office, allegations that co-founders Will Mason and Taylor Freeman denied as "entirely without merit." The lawsuit is now over, according to people familiar with the matter, and though the terms of the agreement were undisclosed, some in the virtual reality community feel that the company has dodged a bullet in reaching some conclusion over the litigation.

"The matter has been concluded," was Upload's official statement. Neither Scott, nor her legal counsel, responded to a request for comment for this story. Upload has also released the following statement around the conclusion of the legal case. "Our primary focus at Upload is education, which we believe is the key to growing the mixed reality ecosystem. We are deeply committed to creating an inclusive community to empower the pioneers building the future."

cdreimer writes: According to a report in The New York Times (Warning: source may be paywalled; alternative source), the Court of Justice in the European Union has ordered the lower courts to revisit the $1.3 billion anti-trust fine levied against Intel in 2009, giving hope to Google and other American technology firms to avoid being fined for being dominant in the EU markets. From the report: "The highest court in the European Union ordered on Wednesday that a $1.3 billion antitrust fine doled out against Intel nearly a decade ago be revisited, a ruling that could give hope to Google and other American technology giants facing challenges to their dominance in the region. The decision to send the case back to a lower court for re-examination is a blow to regional competition regulators, whose oversight of digital services has been among the world's most aggressive. It could also embolden American technology companies, which have long complained that antitrust officials in Europe target them unfairly, to challenge rulings and investigations against them. The move by the Court of Justice of the European Union raises the prospect that the 1.06 billion euro fine on Intel in 2009, equivalent to $1.26 billion at current exchange rates, could be reduced or scrapped entirely. The penalty -- at the time the largest of its kind -- was upheld by European courts in 2014 and will most likely be the subject of legal battles for years to come. That record fine was overtaken by a 2.4 billion euro penalty against Google in June. The Silicon Valley giant was accused of using its dominant position in online search to give preferential treatment to its internet shopping service over those of its rivals."

jbernardo writes: Google is using the boiling frog method to exclude power users and custom ROMs from android. A new feature in Android 8.0 Oreo, called "Rollback Protection" and included in the "Verified Boot" changes, will prevent a device from booting should it be rolled back to an earlier firmware. The detailed information is here. As it rejects an image if its "rollback index" is inferior than the one in "tamper evident storage," any attempts to install a previous version of the official, signed ROM will make the device unbootable. Much like iOS (without the rollback grace period) or the extinct Lumias. It is explained in the recommended boot workflow and notes below, together with some other "smart" ideas.

Now, this might seem like a good idea at first, but let's just just imagine this on a PC. It would mean no easy rollback from windows 10 to 7 after a forced installation, and doing that or installing linux would mean a unreasonably complex bootloader unlocking, with all your data wiped. Add safetynet to the mix, and you would also be blocked from watching Netflix or accessing your banking sites if you dared to install linux or rollback windows. To add insult to injury, unlocked devices will stop booting for at least 10 seconds to show some paternalist message on how unlocking is bad for your health: "If the device has a screen and buttons (for example if it's a phone) the warning is to be shown for at least 10 seconds before the boot process continues." Now, and knowing that most if not all android bootloaders have vulnerabilities/backdoors, how can this be defended, even with the "security/think of the children" approach? This has no advantages other than making it hard for users to install ROMs or to revert to a previous official ROM to restore missing functionality.

An anonymous reader quotes a report from Fortune: Hackers have been burrowing their way inside the critical infrastructure of energy and other companies in the U.S. and elsewhere, warns cybersecurity giant Symantec. In a new report, Symantec claims that the threat of cyberattack-induced power outages in the west has elevated from a theoretical concern to a legitimate one in recent months. "We're talking about activity we're seeing on actual operational networks that control the actual power grid," Eric Chien, technical director of security technology and response at Symantec, told Fortune on a call. Reports surfaced over the summer of hackers targeting staff at nuclear energy facilities with phishing attacks, designed to steal login credentials or install malware on machines. The extent of the campaign as well as the question of whether the attackers had breached operational IT networks, rather than merely administrative ones, was unclear at the time. Symantec is now erasing all doubt. "There are no more technical hurdles for them to cause some sort of disruption," Chien said of the hackers. "All that's left is really motivation." Symantec detailed its findings in a report released Wednesday morning. The paper tracks the exploits of a hacker group that Symantec has dubbed DragonFly 2.0, an outfit that the company says it has linked to an earlier series of attacks perpetrated between 2011 and 2014 by a group it dubbed DragonFly.

The American Chemical Society (ACS), a leading source of academic publications in the field of chemistry, accused Sci-Hub of mass copyright infringement and is demanding $4.8 million in piracy damages. "Sci-Hub was made aware of the legal proceedings but did not appear in court," reports Torrent Freak. "As a result, a default was entered against the site, and a few days ago ACS specified its demands, which include $4.8 million in piracy damages." The complaint comes soon after the pirate site was ordered to pay $15 million in piracy damages to academic publisher Elsevier. From the report: "Here, ACS seeks a judgment against Sci-Hub in the amount of $4,800,000 -- which is based on infringement of a representative sample of publications containing the ACS Copyrighted Works multiplied by the maximum statutory damages of $150,000 for each publication," they write. "Sci-Hub's unabashed flouting of U.S. Copyright laws merits a strong deterrent. This Court has awarded a copyright holder maximum statutory damages where the defendant's actions were "clearly willful' and maximum damages were necessary to 'deter similar actors in the future.'" The publisher notes that the maximum statutory damages are only requested for 32 of its 9,000 registered works. This still adds up to a significant sum of money, of course, but that is needed as a deterrent, ACS claims.

Although the deterrent effect may sound plausible in most cases, another $4.8 million in debt is unlikely to worry Sci-Hub's owner, as she can't pay it off anyway. However, there's also a broad injunction on the table that may be more of a concern. The requested injunction prohibits Sci-Hub's owner to continue her work on the site. In addition, it also bars a wide range of other service providers from assisting others to access it. Specifically, it restrains "any Internet search engines, web hosting and Internet service providers, domain name registrars, and domain name registries, to cease facilitating access to any or all domain names and websites through which Defendant Sci-Hub engages in unlawful access to [ACS's works]."