Slashdot Mirror

At the beginning of the year, Facebook CEO Mark Zuckerberg set a goal to visit every state in the U.S. so he could learn more about the millions of people who use the social network every day. But two of his employees tell The Guardian that they wonder when the billionaire is going to get to know his own community. From a report: The employees, a married couple named Nicole and Victor, are both contract workers in the cafeteria at Facebook's Menlo Park, Calif. headquarters. And they wish they, and the problems closer to home, could also get a share of Zuckerberg's attention. "He should learn what's happening in this city," Nicole tells The Guardian. The couple says they can barely make ends meet. Together with their three children, Nicole and Victor share a two-car garage adjacent to Victor's parents' home. They borrow money from friends and family to stay afloat and occasionally resort to payday loans. Although they earn too much to qualify for state benefits, they don't earn enough to afford Facebook's health care plan.

burtosis writes: The FCC is being sued for failure to turn over documents related to "correspondence, e-mails, telephone call logs, calendar entries, meeting agendas," between chairman Ajit or his staff and ISPs. Given the FCCs recent transparency issues, which appear to be directly ignoring the vast majority of feedback from Americans that are pro net neutrality, a nonprofit group called American Oversight is trying to force the real conversations the FCC is holding into public view. They are also asking for any communications with the media, Congress, and congressional staff. Two extensions for missed deadlines have been given, but the third extension was denied on July 24th. The FCC also ignored a FOiA request by Ars for the DDoS attack during the public comment period on net neutrality. With the current administration's attitude toward transparency and catering only to the largest corporate donors, will the American people have any meaningful influence in how the country is run anymore?

New submitter mirandakatz writes: Lily Robotics had everything: Two charismatic young founders; millions in funding; and a product that promised to change the world -- or, at the very least, transform photography. But over 60,000 customers are still waiting for their Lily Drones, and the company is now being sued by the San Francisco District Attorney's office for false advertising. As it turns out, Lily Robotics never actually had the right tools to create the product it was selling -- and it all came crashing down. At Backchannel, Jessica Pishko has the untold story of how such a promising company went so wrong.

From the report: "The magic of the Lily Drone was in its concept: It was a product you could unpack and throw -- so easy, Antoine Balaresque, the cofounder and CEO of Lily Robotics, wrote in emails, that even an old person could do it. But translating that idea into a tangible product proved difficult, and the storytelling that made the Lily Drone so tantalizing to consumers ultimately factored into its downfall. In one of his presentations, Balaresque presented a PowerPoint slide with the sentence, 'Humans have a fundamental need to put themselves in the center of stories.' It appeared to be a quote he made up, but the idea that human nature needs stories is fundamental. Stories are how we make sense of our lives. But while a good story can get you funding and acclaim, ultimately it isn't enough."

An anonymous reader quotes a report from The Daily Beast: Officials seized Trump protesters' cell phones, cracked their passwords, and are now attempting to use the contents to convict them of conspiracy to riot at the presidential inauguration. Prosecutors have indicted over 200 people on felony riot charges for protests in Washington, D.C. on January 20 that broke windows and damaged vehicles. Some defendants face up to 75 years in prison, despite little evidence against them. But a new court filing reveals that investigators have been able to crack into at least eight defendants' locked cell phones. Now prosecutors want to use the internet history, communications, and pictures they extracted from the phones as evidence against the defendants in court. [A] July 21 court document shows that investigators were successful in opening the locked phones. The July 21 filing moved to enter evidence from eight seized phones, six of which were "encrypted" and two of which were not encrypted. A Department of Justice representative confirmed that "encrypted" meant additional privacy settings beyond a lock screen. For the six encrypted phones, investigators were able to compile "a short data report which identifies the phone number associated with the cell phone and limited other information about the phone itself," the filing says. But investigators appear to have bypassed the lock on the two remaining phones to access the entirety of their contents.

Technology executives, including Facebook CEO Mark Zuckerberg and Google CEO Sundar Pichai took to social media to voice their displeasure over President Donald Trump's latest stance on transgendered people in the military.

"I am grateful to the transgender members of the military for their service," Google CEO Sundar Pichai said.
Apple CEO Tim Cook said, "We are indebted to all who serve. Discrimination against anyone holds everyone back."
Brad Smith, Microsoft President and Chief Legal Officer said, "We honor and respect all who serve, including the transgender members of our military."
Salesforce said it "believes in equality for all. We support and thank all U.S. service members, including transgender Americans."
Facebook CEO Mark Zuckerberg said, "Everyone should be able to serve their country -- no matter who they are."
Veteran entrepreneur Max Levchin urged support for transgender people across party lines. "Trans kids, soldiers etc need our support today and to know they are valued & respected regardless of politics. Let us not be divided."
Uber told news outlet Axios, "We owe the deepest debt of gratitude to all those who volunteer to serve in the US Armed Forces and defend our values. These patriotic Americans deserve to be honored and respected, not turned away because of who they are."
Twitter CEO Jack Dorsey said, "Discrimination in any form is wrong for all of us."

The maker of the Roomba robotic vacuum, iRobot -- which we have talked about several times in the past -- has found itself embroiled in a privacy row after its chief executive suggested it may begin selling floor plans of customers' homes, derived from the movement data of their autonomous servants. From a report: While it may seem like the information that a Roomba could gather is minimal, there's a lot to be gleaned from the maps it's constantly updating. It knows the floor plan of your home, the basic shape of everything on your floor, what areas require the most maintenance, and how often you require cleaning cycles, along with many other data points. [...] If a company like Amazon, for example, wanted to improve its Echo smart speaker, the Roomba's mapping info could certainly help out. Spatial mapping could improve audio performance by taking advantage of the room's acoustics. Do you have a large room that's practically empty? Targeted furniture ads might be quite effective. The laser and camera sensors would paint a nice portrait for lighting needs that would factor into smart lights that adjust in real time. Smart AC units could better control airflow. And additional sensors added in the future would gather even more data from this live-in double agent.

An anonymous reader quotes a report from The Verge: Last week, Der Spiegel published an explosive report alleging that the major German automakers formed a secret cartel in the 1990s to collude on diesel emissions. These companies, including Volkswagen, Audi, BMW, Porsche, and Daimler, met in secret working groups to discuss "the technology, costs, suppliers, and even the exhaust gas purification of its diesel vehicles," the German weekly reported. The meetings were disclosed to German competition officials in letters from VW and Daimler and viewed by Der Spiegel. The secret meetings "laid the basis" for the 2015 diesel emission cheating scandal, in which VW was caught installing secret software in more than half a million vehicles sold in the US that it used to fool exhaust emissions tests. The admission of cheating ultimately cost the automaker tens of billions of dollars in fines and legal fees, making it one of the most expensive corporate scandals in history.

Years earlier, VW participated in dozens of secret meetings with its competitors, involving over 200 employees in up to 60 working groups, on how to meet increasingly tough emissions criteria in diesel vehicles. The automakers may have colluded to fix prices of a diesel emission treatment called AdBlue through these working groups, Der Spiegel says. Specifically, VW (which owns Porsche and Audi), Daimler (which owns Mercedes-Benz and Smart), and BMW allegedly agreed to use AdBlue tanks that were too small. AdBlue is a liquid solution used to counteract a vehicle's emissions.

An anonymous reader quotes a report from The Verge: Last week, Der Spiegel published an explosive report alleging that the major German automakers formed a secret cartel in the 1990s to collude on diesel emissions. These companies, including Volkswagen, Audi, BMW, Porsche, and Daimler, met in secret working groups to discuss "the technology, costs, suppliers, and even the exhaust gas purification of its diesel vehicles," the German weekly reported. The meetings were disclosed to German competition officials in letters from VW and Daimler and viewed by Der Spiegel. The secret meetings "laid the basis" for the 2015 diesel emission cheating scandal, in which VW was caught installing secret software in more than half a million vehicles sold in the US that it used to fool exhaust emissions tests. The admission of cheating ultimately cost the automaker tens of billions of dollars in fines and legal fees, making it one of the most expensive corporate scandals in history.

Years earlier, VW participated in dozens of secret meetings with its competitors, involving over 200 employees in up to 60 working groups, on how to meet increasingly tough emissions criteria in diesel vehicles. The automakers may have colluded to fix prices of a diesel emission treatment called AdBlue through these working groups, Der Spiegel says. Specifically, VW (which owns Porsche and Audi), Daimler (which owns Mercedes-Benz and Smart), and BMW allegedly agreed to use AdBlue tanks that were too small. AdBlue is a liquid solution used to counteract a vehicle's emissions.

Microsoft said late Monday that it will not be killing off its Paint app in the next update of Windows 10. It will be made available via the Windows Store for free and will not be completely removed. CNBC reports: The U.S. technology company recently released a list which labeled Paint "deprecated," meaning it was considering removing the app when the Windows 10 Fall Creators Update gets released later this year. Fans on social media decried the potential death of Paint, which has been in existence for 32 years. But Microsoft released a blog post shortly after to clarify that Paint would not be completely removed, but instead made available via the Windows Store for free. "Today, we've seen an incredible outpouring of support and nostalgia around MS Paint. If there's anything we learned, it's that after 32 years, MS Paint has a lot of fans. It's been amazing to see so much love for our trusty old app," Megan Saunders, a general manager at Microsoft, wrote in a blog post on Monday. "Amidst today's commentary around MS Paint we wanted to take this opportunity to set the record straight, clear up some confusion and share some good news: MS Paint is here to stay, it will just have a new home soon, in the Windows Store where it will be available for free."

An anonymous reader writes: "Veritaseum has confirmed today that a hacker stole $8.4 million from the platform's ICO on Sunday, July 23," reports Bleeping Computer. "This is the second ICO hack in the last week and the fourth hack of an Ethereum platform this month. An ICO (Initial Coin Offering) is similar to a classic IPO (Initial Public Offering), but instead of stocks in a company, buyers get tokens in an online platform. Users can keep tokens until the issuing company decides to buy them back, or they can sell the tokens to other users for Ethereum. Veritaseum was holding its ICO over the weekend, allowing users to buy VERI tokens for a product the company was preparing to launch in the realm of financial services." The hacker breached its systems, stole VERI tokens and immediately dumped them on the market due to the high-demand. The hacker made $8.4 million from the token sale, which he immediately started to launder. In a post-mortem announcement, Middleton posted online today, the Veritaseum CEO said "the amount stolen was miniscule (less than 00.07%) although the dollar amount was quite material." The CEO also suspects that "at least one corporate partner that may have dropped the ball and [might] be liable." Previous Ethereum services hacks include Parity, CoinDash, and Classic Ether Wallet.

An anonymous reader writes: "Veritaseum has confirmed today that a hacker stole $8.4 million from the platform's ICO on Sunday, July 23," reports Bleeping Computer. "This is the second ICO hack in the last week and the fourth hack of an Ethereum platform this month. An ICO (Initial Coin Offering) is similar to a classic IPO (Initial Public Offering), but instead of stocks in a company, buyers get tokens in an online platform. Users can keep tokens until the issuing company decides to buy them back, or they can sell the tokens to other users for Ethereum. Veritaseum was holding its ICO over the weekend, allowing users to buy VERI tokens for a product the company was preparing to launch in the realm of financial services." The hacker breached its systems, stole VERI tokens and immediately dumped them on the market due to the high-demand. The hacker made $8.4 million from the token sale, which he immediately started to launder. In a post-mortem announcement, Middleton posted online today, the Veritaseum CEO said "the amount stolen was miniscule (less than 00.07%) although the dollar amount was quite material." The CEO also suspects that "at least one corporate partner that may have dropped the ball and [might] be liable." Previous Ethereum services hacks include Parity, CoinDash, and Classic Ether Wallet.

thejynxed writes: Awhile ago the FCC in the USA implemented a rule that required manufacturers to restrict end-users from tampering with the radio outputs on wi-fi routers. It was predicted that manufacturers would take the lazy way out by locking down the firmware/bootloaders of the routers entirely instead of partitioning off access to the radio transmit power and channel ranges. This has apparently proven to be the case, as even now routers that were previously marketed as "Open Source Ready" or "DD-WRT Compatible" are coming with locked firmware.

In my case, having noticed this trend, I purchased three routers from Belkin, Buffalo, and Netgear in Canada, the UK, and Germany respectively, instead of the USA, and the results: All three routers had locked firmware/bootloaders, with no downgrade rights and no way to install Tomato, DD-WRT, OpenWRT, etc. It seems the FCC rule is an example of the wide-reaching effect of US law on the products sold in other nations, etc. So, does anyone know a good source of unlocked routers or other technical information on how to bypass this ridiculous outcome of FCC over-reach and manufacturer laziness?
The FCC later specified that they were not trying to block Open Source firmware modifications -- so leave your best suggestions in the comments. How can you avoid routers with locked firmware?

The U.S. General Services Administration has removed Kapersky Lab from its list of approved vendors for federal systems, which also eliminates the discounts it previously offered to state governments. Long-time Slashdot reader Rick Zeman writes: "The agency's statement suggested a vulnerability exists in Kaspersky that could give the Russian government backdoor access to the systems it protects, though they offered no explanation or evidence of it," reports the Washington Post. Kaspersky, of course, denies this, offering their source code up for U.S. Government review... "Three current and former defense contractors told The Post that they knew of no specific warnings circulated about Kaspersky in recent years, but it has become an unwritten rule at the Pentagon not to include Kaspersky as a potential vendor on new projects."
"The lack of information from the GSA underscores a disconnect between local officials and the federal government about cybersecurity," the Post reports, adding that "the GSA's move on July 11 has left state and local governments to speculate about the risks of sticking with the company or abandoning taxpayer-funded contracts, sometimes at great cost."

The Post also quotes a cybersecurity expert at a prominent think tank -- the Center for Strategic and International Studies -- who believes that "it's difficult, if not impossible" for a company like Kaspersky to be headquartered in Moscow "if you don't cooperate with the government and the intelligence services."

necro81 writes: After its successful flyby of Pluto in July 2015, the New Horizons probe received a mission extension to fly past a Kuiper Belt object -- named 2014 MU69 -- in January 2019. However, we know few details about the object -- its size, shape, albedo, whether it has any companions -- which are crucial for planning the flyby. Based on observations from Hubble, the New Horizons team knew that the object would pass in front of a star -- an occultation -- on July 17th, which could provide some of this data. But the occultation would last for less than a second, would only be visible in Patagonia, and the star itself is quite dim.

NASA set up 24 telescopes near one community to capture the event, and received lots of cooperation from locals: turning off streetlights, shutting down a nearby highway, and setting up trucks as windbreaks. At least five of those telescopes captured the occultation. This was the latest in a series of observations ahead of the flyby.
"We had to go up to farmers' doors and say 'Hi, we're here from NASA, we're wondering if we can set up telescopes in your back pasture?'" one astronomer told Popular Science. "More often than not people were like 'that sounds awesome, sure, we'll help out!'"

Slashdot reader nielo tipped us off to more SoundCloud news. Motherboard reports: Last week, a group of volunteer digital preservationists known as The Archive Team announced they would be attempting to independently archive a 123.6 million track, 900-terabyte swath of SoundCloud, the popular streaming music and audio service that recently announced mass layoffs and office closures, sparking fears of an imminent closure. But just as the volunteer archive of SoundCloud was due to be getting started, it's been abruptly called off at the behest of the company... I reached out to SoundCloud for more information, and a spokesperson responded with the following written statement: "SoundCloud is dedicated to protecting the rights and content of the creators who share their work on SoundCloud. We requested the Archive Team halt their efforts as any action to take content from SoundCloud violates our Terms of Use and infringes on our users' rights... SoundCloud is not going away -- not in 50 days, not in 80 days or anytime in the foreseeable future..." But that hasn't stopped some individuals on Reddit's r/datahoarder subreddit from attempting to gather their own personal archives of as much of SoundCloud as they want and can afford to host.

Slashdot reader nielo tipped us off to more SoundCloud news. Motherboard reports: Last week, a group of volunteer digital preservationists known as The Archive Team announced they would be attempting to independently archive a 123.6 million track, 900-terabyte swath of SoundCloud, the popular streaming music and audio service that recently announced mass layoffs and office closures, sparking fears of an imminent closure. But just as the volunteer archive of SoundCloud was due to be getting started, it's been abruptly called off at the behest of the company... I reached out to SoundCloud for more information, and a spokesperson responded with the following written statement: "SoundCloud is dedicated to protecting the rights and content of the creators who share their work on SoundCloud. We requested the Archive Team halt their efforts as any action to take content from SoundCloud violates our Terms of Use and infringes on our users' rights... SoundCloud is not going away -- not in 50 days, not in 80 days or anytime in the foreseeable future..." But that hasn't stopped some individuals on Reddit's r/datahoarder subreddit from attempting to gather their own personal archives of as much of SoundCloud as they want and can afford to host.

cdreimer writes, "According to a report in the New York Times, 'nondisparagement agreements are increasingly included in employment contracts and legal settlements' to hide abuses that would otherwise be made public." The Times reports: Employment lawyers say nondisparagement agreements have helped enable a culture of secrecy. In particular, the tech start-up world has been roiled by accounts of workplace sexual harassment, and nondisparagement clauses have played a significant role in keeping those accusations secret... Nondisparagement clauses are not limited to legal settlements. They are increasingly found in standard employment contracts in many industries, sometimes in a simple offer letter that helps to create a blanket of silence around a company. Their use has become particularly widespread in tech employment contracts, from venture investment firms and start-ups to the biggest companies in Silicon Valley, including Google... Employees increasingly "have to give up their constitutional right to speak freely about their experiences if they want to be part of the work force," said Nancy E. Smith, a partner at the law firm Smith Mullin.
Three different tech industry employees told the Times "they are not allowed to acknowledge that the agreements even exist." And Google "declined to comment" for the article.

An anonymous reader quotes Mashable: Mozilla is building a massive repository of voice recordings for the voice apps of the future -- and it wants you to add yours to the collection. The organization behind the Firefox browser is launching Common Voice, a project to crowdsource audio samples from the public. The goal is to collect about 10,000 hours of audio in various accents and make it publicly available for everyone... Mozilla hopes to hand over the public dataset to independent developers so they can harness the crowdsourced audio to build the next generation of voice-powered apps and speech-to-text programs... You can also help train the speech-to-text capabilities by validating the recordings already submitted to the project. Just listen to a short clip, and report back if text on the screen matches what you heard... Mozilla says it aims is to expand the tech beyond just a standard voice recognition experience, including multiple accents, demographics and eventually languages for more accessible programs. Past open source voice-recognition projects have included Sphinx 4 and VoxForge, but unfortunately most of today's systems are still "locked up behind proprietary code at various companies, such as Amazon, Apple, and Microsoft."

An anonymous reader quotes Mashable: Mozilla is building a massive repository of voice recordings for the voice apps of the future -- and it wants you to add yours to the collection. The organization behind the Firefox browser is launching Common Voice, a project to crowdsource audio samples from the public. The goal is to collect about 10,000 hours of audio in various accents and make it publicly available for everyone... Mozilla hopes to hand over the public dataset to independent developers so they can harness the crowdsourced audio to build the next generation of voice-powered apps and speech-to-text programs... You can also help train the speech-to-text capabilities by validating the recordings already submitted to the project. Just listen to a short clip, and report back if text on the screen matches what you heard... Mozilla says it aims is to expand the tech beyond just a standard voice recognition experience, including multiple accents, demographics and eventually languages for more accessible programs. Past open source voice-recognition projects have included Sphinx 4 and VoxForge, but unfortunately most of today's systems are still "locked up behind proprietary code at various companies, such as Amazon, Apple, and Microsoft."

100 million HTTPS certificates were issued in the last year by Let's Encrypt -- a free certificate authority founded by Mozilla, Cisco and the Electronic Frontier Foundation -- and they're now issuing more than 100,000 HTTPS certificates every day. Should they be performing more vetting? msm1267 shared this article from Kaspersky Lab's ThreatPost blog: [S]ome critics are sounding alarm bells and warning that Let's Encrypt might be guilty of going too far, too fast, and delivering too much of a good thing without the right checks and balances in place. The primary concern has been that while the growth of SSL/TLS encryption is a positive trend, it also offers criminals an easy way to facilitate website spoofing, server impersonation, man-in-the-middle attacks, and a way to sneak malware through company firewalls... Critics do not contend Let's Encrypt is responsible for these types of abuses. Rather, because it is the 800-pound gorilla when it comes to issuing basic domain validation certificates, critics believe Let's Encrypt could do a better job vetting applicants to weed out bad actors... "I think there should be some type of vetting process. That would make it more difficult for malicious actors to get them," said Justin Jett, director of audit and compliance at Plixer, a network traffic analytics firm...

Josh Aas, executive director of the Internet Security Research Group, the organization that oversees Let's Encrypt, points out that its role is not to police the internet, rather its mission is to make communications secure. He added that, unlike commercial certificate authorities, it keeps a searchable public database of every single domain it issues. "When people get surprised at the number of PayPal phishing sites and get worked up about it, the reason they know about it is because we allow anyone to search our records," he said. Many other certificate authorities keep their databases of issued certificates private, citing competitive reasons and that customers don't want to broadcast the names of their servers... The reason people treat us like a punching bag is that we are big and we are transparent. "
The criticism intensified after Let's Encrypt announced they'd soon offer wildcard certificates for subdomains. But the article also cites security researcher Scott Helme, who "argued if encryption is to be available to all then that includes the small percent of bad actors. 'I don't think it's for Signal, or Let's Encrypt, to decide who should have access to encryption."

100 million HTTPS certificates were issued in the last year by Let's Encrypt -- a free certificate authority founded by Mozilla, Cisco and the Electronic Frontier Foundation -- and they're now issuing more than 100,000 HTTPS certificates every day. Should they be performing more vetting? msm1267 shared this article from Kaspersky Lab's ThreatPost blog: [S]ome critics are sounding alarm bells and warning that Let's Encrypt might be guilty of going too far, too fast, and delivering too much of a good thing without the right checks and balances in place. The primary concern has been that while the growth of SSL/TLS encryption is a positive trend, it also offers criminals an easy way to facilitate website spoofing, server impersonation, man-in-the-middle attacks, and a way to sneak malware through company firewalls... Critics do not contend Let's Encrypt is responsible for these types of abuses. Rather, because it is the 800-pound gorilla when it comes to issuing basic domain validation certificates, critics believe Let's Encrypt could do a better job vetting applicants to weed out bad actors... "I think there should be some type of vetting process. That would make it more difficult for malicious actors to get them," said Justin Jett, director of audit and compliance at Plixer, a network traffic analytics firm...

Josh Aas, executive director of the Internet Security Research Group, the organization that oversees Let's Encrypt, points out that its role is not to police the internet, rather its mission is to make communications secure. He added that, unlike commercial certificate authorities, it keeps a searchable public database of every single domain it issues. "When people get surprised at the number of PayPal phishing sites and get worked up about it, the reason they know about it is because we allow anyone to search our records," he said. Many other certificate authorities keep their databases of issued certificates private, citing competitive reasons and that customers don't want to broadcast the names of their servers... The reason people treat us like a punching bag is that we are big and we are transparent. "
The criticism intensified after Let's Encrypt announced they'd soon offer wildcard certificates for subdomains. But the article also cites security researcher Scott Helme, who "argued if encryption is to be available to all then that includes the small percent of bad actors. 'I don't think it's for Signal, or Let's Encrypt, to decide who should have access to encryption."

100 million HTTPS certificates were issued in the last year by Let's Encrypt -- a free certificate authority founded by Mozilla, Cisco and the Electronic Frontier Foundation -- and they're now issuing more than 100,000 HTTPS certificates every day. Should they be performing more vetting? msm1267 shared this article from Kaspersky Lab's ThreatPost blog: [S]ome critics are sounding alarm bells and warning that Let's Encrypt might be guilty of going too far, too fast, and delivering too much of a good thing without the right checks and balances in place. The primary concern has been that while the growth of SSL/TLS encryption is a positive trend, it also offers criminals an easy way to facilitate website spoofing, server impersonation, man-in-the-middle attacks, and a way to sneak malware through company firewalls... Critics do not contend Let's Encrypt is responsible for these types of abuses. Rather, because it is the 800-pound gorilla when it comes to issuing basic domain validation certificates, critics believe Let's Encrypt could do a better job vetting applicants to weed out bad actors... "I think there should be some type of vetting process. That would make it more difficult for malicious actors to get them," said Justin Jett, director of audit and compliance at Plixer, a network traffic analytics firm...

Josh Aas, executive director of the Internet Security Research Group, the organization that oversees Let's Encrypt, points out that its role is not to police the internet, rather its mission is to make communications secure. He added that, unlike commercial certificate authorities, it keeps a searchable public database of every single domain it issues. "When people get surprised at the number of PayPal phishing sites and get worked up about it, the reason they know about it is because we allow anyone to search our records," he said. Many other certificate authorities keep their databases of issued certificates private, citing competitive reasons and that customers don't want to broadcast the names of their servers... The reason people treat us like a punching bag is that we are big and we are transparent. "
The criticism intensified after Let's Encrypt announced they'd soon offer wildcard certificates for subdomains. But the article also cites security researcher Scott Helme, who "argued if encryption is to be available to all then that includes the small percent of bad actors. 'I don't think it's for Signal, or Let's Encrypt, to decide who should have access to encryption."

New submitter cornholed writes: In an update to previous posts on Slashdot, prominent Drupal and PHP Developer Larry Garfield is still defending his reputation against allegations by Drupal leadership against sexual misconduct. As previously reported by a variety of news organizations, Larry was exiled from the Drupal project for adherence to the Gor sci-fi lifestyle.

In the latest round of allegations, Garfield was reportedly asked to resign because an autistic "woman who attended Drupal community events ... was allowed to contribute by him". While some have accused Dries Buytart and the Drupal Association of "Autism Shaming", the leader of the Drupal project claims "this person could be vulnerable and may have been subject to exploitation", hence raising the risk of legal damage to the Drupal project. Larry refutes these allegations, saying these claims are post-hoc and has shared police reports purporting his innocence.

There is still much debate in the Drupal community around why Larry was ejected from his leadership positions. While there's much speculation over Larry's ouster, there is one thing for certain: become a leader in the OSS community and a dossier on your public statements just might be made about you.

New submitter cornholed writes: In an update to previous posts on Slashdot, prominent Drupal and PHP Developer Larry Garfield is still defending his reputation against allegations by Drupal leadership against sexual misconduct. As previously reported by a variety of news organizations, Larry was exiled from the Drupal project for adherence to the Gor sci-fi lifestyle.

In the latest round of allegations, Garfield was reportedly asked to resign because an autistic "woman who attended Drupal community events ... was allowed to contribute by him". While some have accused Dries Buytart and the Drupal Association of "Autism Shaming", the leader of the Drupal project claims "this person could be vulnerable and may have been subject to exploitation", hence raising the risk of legal damage to the Drupal project. Larry refutes these allegations, saying these claims are post-hoc and has shared police reports purporting his innocence.

There is still much debate in the Drupal community around why Larry was ejected from his leadership positions. While there's much speculation over Larry's ouster, there is one thing for certain: become a leader in the OSS community and a dossier on your public statements just might be made about you.

Dustin Kirkland, Ubuntu Product and Strategy at Canonical, writes: Howdy all- Back in March, we asked the HackerNews community, "What do you want to see in Ubuntu 17.10?": https://ubu.one/AskHN. A passionate discussion ensued, the results of which are distilled into this post: http://ubu.one/thankHN. In fact, you can check that link, http://bit.ly/thankHN and see our progress so far this cycle. We already have a beta code in 17.10 available for your testing for several of those:

- GNOME replaced Unity
- Bluetooth improvements with a new BlueZ
- Switched to libinput
- 4K/Multimonitor/HiDPI improvements
- Upgraded to Network Manager 1.8
- New Subiquity server installer
- Minimal images (36MB, 18% smaller)

And several others have excellent work in progress, and will be complete by 17.10:

- Autoremove old kernels from /boot
- EXT4 encryption with fscrypt
- Better GPU/CUDA support

In summary -- your feedback matters! There are hundreds of engineers and designers working for *you* to continue making Ubuntu amazing! Along with the switch from Unity to GNOME, we're also reviewing some of the desktop applications we package and ship in Ubuntu. We're looking to crowdsource input on your favorite Linux applications across a broad set of classic desktop functionality. We invite you to contribute by listing the applications you find most useful in Linux in order of preference.

Click through for info on how to contribute. To help us parse your input, please copy and paste the following bullets with your preferred apps in Linux desktop environments. You're welcome to suggest multiple apps, please just order them prioritized (e.g. Web Browser: Firefox, Chrome, Chromium). If some of your functionality has moved entirely to the web, please note that too (e.g. Email Client: Gmail web, Office Suite: Office360 web). If the software isn't free/open source, please note that (e.g. Music Player: Spotify client non-free). If I've missed a category, please add it in the same format. If your favorites aren't packaged for Ubuntu yet, please let us know, as we're creating hundreds of new snap packages for Ubuntu desktop applications, and we're keen to learn what key snaps we're missing.

• Web Browser: ???
• Email Client: ???
• Terminal: ???
• IDE: ???
• File manager: ???
• Basic Text Editor: ???
• IRC/Messaging Client: ???
• PDF Reader: ???
• Office Suite: ???
• Calendar: ???
• Video Player: ???
• Music Player: ???
• Photo Viewer: ???
• Screen recording: ???

In the interest of opening this survey as widely as possible, we've cross-posted this thread to HackerNews, Reddit, and Slashdot. We very much look forward to another friendly, energetic, collaborative discussion. Thank you! @DustinKirkland On behalf of @Canonical and @Ubuntu

Those disappointed when Britain rejected the name Boaty McBoatface for a polar research ship should find joy in the name of a new train in Sweden. After a public vote, a Swedish rail operator has vowed to name one of its trains Trainy McTrainface. The Guardian reports: Trainy McTrainface won 49% of the votes in the naming competition, conducted online by train operator MTR Express and Swedish newspaper Metro, beating choices such as Hakan, Miriam and Poseidon. The train will run between the Swedish capital Stockholm and Gothenburg, the country's second-biggest city. MTR said another train had been voted to be named "Glenn," an apparent tribute to an IFK Gothenburg soccer team of the 1980s that featured four players of that name -- uncommon in Sweden -- including Glenn Hysen, who later captained Liverpool.

Joseph Cox, reporting for Motherboard: On Thursday, US authorities announced the seizure of the largest dark web marketplace AlphaBay. Europol and Dutch police also claimed seizure of Hansa, another popular market. In their dark web investigations, law enforcement have increasingly turned to hacking tools, including the deployment of browser exploits on a mass scale. But tracking down the alleged AlphaBay administrator was much more mundane, officials said. Alexandre Cazes, who US authorities say used the handle alpha02 as administrator of the site, allegedly left his personal email in a welcome message to new AlphaBay members, according to the forfeiture complaint published on Thursday. The news echoes the arrest of Ross Ulbricht, the convicted creator of the original Silk Road, who made a similar security mistake. "In December 2016, law enforcement learned that CAZES' personal email was included in the header of AlphaBay's 'welcome email' to new users in December 2014," the complaint reads. Users received this message once they signed up to AlphaBay's forum and entered an email address. Cazes' email address -- Pimp_Alex_91@hotmail.com -- was also included in the header of the AlphaBay forum password recovery process, the complaint adds. From there, investigators found the address was linked to an Alexandre Cazes, and discovered his alleged front company, EBX Technologies.

An anonymous reader quotes a report from The Hill: The Federal Communications Commission (FCC) declined to reveal analysis proving that it was the victim of a cyberattack in May. The agency claimed at the time that its Electronic Comment Filing System (ECFS) did not actually crash because of a large amount of traffic on the site prompted by John Oliver telling viewers to file comments in favor of net neutrality on his HBO show, Last Week Tonight. Instead, the FCC said that the ECFS went down as a result of a DDoS attack. In its response to Gizmodo's FOIA request, the FCC said that the attack "did not result in written documentation." "Based on a review of the logs, we have already provided a detailed description of what happened. We stand by our career IT staff's analysis of the evidence in our possession," an FCC spokesperson said when asked for comment on the matter.

An anonymous reader shares a report: Is the typical Spanish daily schedule about to change forever? For decades, campaigners in the country have complained that the average Spaniard's habit of keeping extremely late hours and taking delightfully long lunch breaks was making everyday life harder for citizens. This week, change could finally be on the way, as 110 professional bodies in Catalonia have signed up to a plan to change the region's daily timetable by 2025, shortening the classic three-hour lunch break so that employees can finish work earlier in the evening. Such a change would radically reshape ordinary people's lives -- and controversially, it could drive a wedge between Catalonia and the rest of Spain, where the national government supports similar changes (and has adopted a shorter break for public offices) but hasn't yet fixed a timetable for action. You could call the plan an end to national harmony, a blessed release for hard-pressed workers, or an attack on the Spanish way of life. Whatever you do, however, don't call it the end of the siesta. That's because the beloved and much-misunderstood Spanish tradition of the afternoon nap more or less died out decades ago. What remained is a highly distinctive national timetable not found in any other European country, where it has often been read as a peculiarly exotic form of madness. The average Spanish working day is certainly unusual in shape. After starting work between 8 and 9 a.m., hungry workers hold out for a lunch break scheduled as late as 1:30 or 2:30. As if in compensation for this long wait, many then stay off-duty for a break of up to three hours, filling it with a protracted multi-course lunch and maybe a stop at a "nap bar." Most stores and many businesses close down until the late afternoon, before a final burst of office hours between 5:30 and 8 (or sometimes 4 to 7). Spaniards then head home at an hour when most people in other countries are cleaning up their dinner dishes, rarely getting food on the table any earlier than 10 p.m. This pushes bedtime past midnight for many.

Earlier this week, Comcast filed its comments in favor of the FCC's plan to eliminate the 2015 net neutrality rules. While much of the document was devoted to arguments we've heard before -- Comcast believes the current rules are anti-competitive and hurt investment, but generally supports the principles of net neutrality -- one statement stood out. The Verge adds: Buried in the 161-page document was this quirky assertion (emphasis ours): "At the same time, the Commission also should bear in mind that a more flexible approach to prioritization may be warranted and may be beneficial to the public... And paid prioritization may have other compelling applications in telemedicine. Likewise, for autonomous vehicles that may require instantaneous data transmission, black letter prohibitions on paid prioritization may actually stifle innovation instead of encouraging it. In other words, Comcast is arguing for paid prioritization and internet fast lanes to enable self-driving cars to communicate better with other vehicles and their surrounding environment, thus making them a safer and more efficient mode of transportation. The only problem is that autonomous and connected cars don't use wireless broadband to communicate. When cars talk with each other, they do it by exchanging data wirelessly over an unlicensed spectrum called the Dedicated Short Range Communications (DSRC) band, using technology similar to Wi-Fi. The FCC has set aside spectrum in the 5.9GHz band specifically for this purpose, and it is only meant to be used for vehicle-to-everything (V2X) applications. That includes vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I), and vehicle-to-pedestrian (V2P) -- so cars talking to other cars, to traffic signals, to the phone in your pocket... you name it. Soon enough, all cars sold in the US will be required to include V2V technology for safety purposes, if the Department of Transportationâ(TM)s new rule goes into effect.

AMD has faced calls from Edward Snowden, Libreboot and the Reddit community to release the source code to the AMD Secure Processor (PSP), a network-capable co-processor which some believe has the capacity to act as a backdoor. But despite some signs earlier that it might consider opening the PSP code at some point, the chip-maker has now confirmed that there hasn't been a change of heart yet. "We have no plans on releasing it to the public," the company executives said in a tech talk (video).

The OnePlus 5, dubbed "the best sub-$500 phone you can buy" when it launched, is having a few problems. Earlier this month, some owners of the new device complained about a weird jelly-like effect that appears when scrolling through apps. OnePlus went on to claim that the effect is normal and not the result of any manufacturing issues. Now, a handful of users are reporting that the OnePlus 5 will reboot itself once 911 is called, preventing them from reaching emergency services. The Verge reports: Reddit user Nick Morrelli noticed the glitch after he tried to call 911 to report a building fire in Seattle, and other users have reported that the OnePlus 5 is unable to dial 911 (or 999 in the UK, as another user reported) without rebooting. While most users haven't reported having the issue, any percentage of devices not being able to reach emergency services is a major issue for OnePlus. In a statement to The Verge, OnePlus says it's looking into the problem. "We have contacted the customer and are currently looking into the issue. We ask anyone experiencing a similar situation to contact us at support@oneplus.net."

Long time columnist Jason Snell: As there always are at this time of year, there are lots of rumors out there about what the next iPhone will be. This year we're hearing that Apple is going to release a high-priced, next-generation phone in addition to the expected iPhone 7s and iPhone 7s Plus models. [...] By most accounts, Apple's next-generation iPhone will offer a similar design. But also, by many accounts, Apple is struggling to create that product -- and when it arrives, it may be expensive, late to ship, and supply constrained. This is one of those areas where Apple may be the victim of its own success. The iPhone is so popular a product that Apple can't include any technology or source any part if it can't be made more than 200 million times a year. If the supplier of a cutting-edge part Apple wants can only provide the company with 50 million per year, it simply can't be used in the iPhone. Apple sells too many, too fast. Contrast that to Apple's competition. On the smaller end, former Android chief Andy Rubin announced the Essential phone, but even Rubin admitted that he'd only be able to sell in thousands, not millions. Same for the RED Hydrogen One -- groundbreaking phone, hardly likely to sell in any volume. The Google Pixel looks like it's in the one million range. Apple's biggest competitor, Samsung, has to deal with a scale more similar to Apple's -- but it's still only expected to sell 50 or 60 million units of the flagship Galaxy S8.

Long time columnist Jason Snell: As there always are at this time of year, there are lots of rumors out there about what the next iPhone will be. This year we're hearing that Apple is going to release a high-priced, next-generation phone in addition to the expected iPhone 7s and iPhone 7s Plus models. [...] By most accounts, Apple's next-generation iPhone will offer a similar design. But also, by many accounts, Apple is struggling to create that product -- and when it arrives, it may be expensive, late to ship, and supply constrained. This is one of those areas where Apple may be the victim of its own success. The iPhone is so popular a product that Apple can't include any technology or source any part if it can't be made more than 200 million times a year. If the supplier of a cutting-edge part Apple wants can only provide the company with 50 million per year, it simply can't be used in the iPhone. Apple sells too many, too fast. Contrast that to Apple's competition. On the smaller end, former Android chief Andy Rubin announced the Essential phone, but even Rubin admitted that he'd only be able to sell in thousands, not millions. Same for the RED Hydrogen One -- groundbreaking phone, hardly likely to sell in any volume. The Google Pixel looks like it's in the one million range. Apple's biggest competitor, Samsung, has to deal with a scale more similar to Apple's -- but it's still only expected to sell 50 or 60 million units of the flagship Galaxy S8.

An anonymous reader writes: "Thai security researcher Worawit Wang has put together an exploit based on ETERNALSYNERGY that can also target newer versions of the Windows operating system," reports Bleeping Computer. "ETERNALSYNERGY is one of the NSA exploits leaked by the Shadow Brokers hacking group in April this year. According to a Microsoft technical analysis, the exploit can allow an attacker to execute code on Windows machines with SMB services exposed to external connections. The exploit works up to Windows 8. According to Microsoft, the techniques used in the original ETERNALSYNERGY exploit do not work on newer platforms due to several kernel security improvements. Wang says his exploit targets the same vulnerability but uses a different exploitation technique. His method 'should never crash a target,' the expert says. 'Chance should be nearly 0%,' Wang adds." Combining his exploit with the original ETERNALSYNERGY exploit would allow a hacker to target all Windows versions except Windows 10. This is about 75% of all Windows PCs. The exploit code is available for download from Wang's GitHub or ExploitDB. Sheila A. Berta, a security researcher for Telefonica's Eleven Paths security unit, has published a step-by-step guide on how to use Wang's exploit.

Reader MojoKid writes: Atari CEO Fred Chesnais confirmed the company was working on a brand new console back in June this year at E3, but today the company has officially unveiled the product. The new Ataribox console draws on some of the classic styling of the original Atari 2600 console but with a modernized flare, though still sporting that tasty wood grain front panel. Atari is also looking to make the Ataribox a bit more user-friendly and expandable than its Nintendo rivals through the addition of an SD card slot and four USB ports (in addition the requisite HDMI port). The new console will be based on PC component technologies but will be available with a number of classic games to let you bask in the early days of console gaming. However, Atari will also be bringing what is being billed as "current content" to the console as well. So, we can expect to see brand new licensed games for the Ataribox, although it's hard to say, given just its size to go on, what sort of horsepower is lurking under the Ataribox's hood. "We know you are hungry for more details; on specs, games, pricing, timing," said Atari in a statement sent via email. "We're not teasing you intentionally; we want to get this right, so we've opted to share things step by step as we bring this to life, and to listen closely to the Atari community feedback as we do so."

The EFF complains that "the very companies who spent millions of dollars lobbying in D.C. to repeal our federal broadband privacy rights are now fighting state attempts to protect consumers because they supposedly prefer a federal rule." The EFF urges Californians to phone their state senator ahead of a crucial back-to-back committee hearings on Tuesday. An anonymous reader writes: "Congress stole your online privacy. Let's seize it back," begins an email that the EFF is sending to California supporters. It warns that "Big Telecom has massive amounts of money to spend on an army of lobbyists. But if Internet users from across California unite with one voice, we can defeat their misinformation campaign... Don't let the big ISPs coopt our privacy."

The EFF's site points out that more than 83% of Americans support the privacy regulations which were repealed in March by the U.S. Congress, according to a new poll released last week. That's even more than the 77% of Americans who support keeping current net neutrality protections in place, according to the same poll. The EFF now hopes that California's newly-proposed legislation could become a model for privacy-protecting laws in other states. And back in Silicon Valley, the San Jose Mercury News writes that California "has an obligation to take a lead in establishing the basic privacy rights of consumers using the Internet. Beyond being the right thing to do for the whole country, building trust in tech products is an essential long-term business strategy for the industry that was born in this region."
The EFF has also compiled an interesting list of past instances where ISPs have already tried to exploit the personal information of their customers for profit.
Here's some of the highlights from the EFF's list:

• In 2008, Charter play tested the idea of recording everything you do on the Internet and packaging it into profiles...
• We know as of 2015 telecom carriers worked to "ingest" data from cellphones close to 300 times a day every day across 20 to 25 million mobile subscribers (we aren't told which mobile telephone companies participate in this practice, they keep that a secret). That data is used to inform retailers about customer browsing info, geolocation, and demographic data.
• We know in 2011 ISPs engaged in search hijacking where your Internet search queries were monitored in order to be rerouted in coordination with a company called Paxfire...
• We know AT&T, Sprint, and T-Mobile preinstalled "Carrier IQ" on their phones, which gave them the capability to track everything you do, from what websites you visit to what applications you use. It took a class action lawsuit for the carriers to begin backing down from this idea.
• And lastly, we know in 2014 Verizon tagged every one of their mobile customers' HTTP connections with a semi permanent super-cookie, and used those super-cookies to enable third parties such as advertisers to target individual customers. Not only that, but Verizon's super-cookie also allowed unaffiliated third parties to track you, no matter what steps you took to preserve your privacy. And worst of all, AT&T was going to follow suit to get in on the action but quickly retreated after Verizon got into legal trouble with the federal government.

The EFF complains that "the very companies who spent millions of dollars lobbying in D.C. to repeal our federal broadband privacy rights are now fighting state attempts to protect consumers because they supposedly prefer a federal rule." The EFF urges Californians to phone their state senator ahead of a crucial back-to-back committee hearings on Tuesday. An anonymous reader writes: "Congress stole your online privacy. Let's seize it back," begins an email that the EFF is sending to California supporters. It warns that "Big Telecom has massive amounts of money to spend on an army of lobbyists. But if Internet users from across California unite with one voice, we can defeat their misinformation campaign... Don't let the big ISPs coopt our privacy."

The EFF's site points out that more than 83% of Americans support the privacy regulations which were repealed in March by the U.S. Congress, according to a new poll released last week. That's even more than the 77% of Americans who support keeping current net neutrality protections in place, according to the same poll. The EFF now hopes that California's newly-proposed legislation could become a model for privacy-protecting laws in other states. And back in Silicon Valley, the San Jose Mercury News writes that California "has an obligation to take a lead in establishing the basic privacy rights of consumers using the Internet. Beyond being the right thing to do for the whole country, building trust in tech products is an essential long-term business strategy for the industry that was born in this region."
The EFF has also compiled an interesting list of past instances where ISPs have already tried to exploit the personal information of their customers for profit.
Here's some of the highlights from the EFF's list:

• In 2008, Charter play tested the idea of recording everything you do on the Internet and packaging it into profiles...
• We know as of 2015 telecom carriers worked to "ingest" data from cellphones close to 300 times a day every day across 20 to 25 million mobile subscribers (we aren't told which mobile telephone companies participate in this practice, they keep that a secret). That data is used to inform retailers about customer browsing info, geolocation, and demographic data.
• We know in 2011 ISPs engaged in search hijacking where your Internet search queries were monitored in order to be rerouted in coordination with a company called Paxfire...
• We know AT&T, Sprint, and T-Mobile preinstalled "Carrier IQ" on their phones, which gave them the capability to track everything you do, from what websites you visit to what applications you use. It took a class action lawsuit for the carriers to begin backing down from this idea.
• And lastly, we know in 2014 Verizon tagged every one of their mobile customers' HTTP connections with a semi permanent super-cookie, and used those super-cookies to enable third parties such as advertisers to target individual customers. Not only that, but Verizon's super-cookie also allowed unaffiliated third parties to track you, no matter what steps you took to preserve your privacy. And worst of all, AT&T was going to follow suit to get in on the action but quickly retreated after Verizon got into legal trouble with the federal government.

The EFF complains that "the very companies who spent millions of dollars lobbying in D.C. to repeal our federal broadband privacy rights are now fighting state attempts to protect consumers because they supposedly prefer a federal rule." The EFF urges Californians to phone their state senator ahead of a crucial back-to-back committee hearings on Tuesday. An anonymous reader writes: "Congress stole your online privacy. Let's seize it back," begins an email that the EFF is sending to California supporters. It warns that "Big Telecom has massive amounts of money to spend on an army of lobbyists. But if Internet users from across California unite with one voice, we can defeat their misinformation campaign... Don't let the big ISPs coopt our privacy."

The EFF's site points out that more than 83% of Americans support the privacy regulations which were repealed in March by the U.S. Congress, according to a new poll released last week. That's even more than the 77% of Americans who support keeping current net neutrality protections in place, according to the same poll. The EFF now hopes that California's newly-proposed legislation could become a model for privacy-protecting laws in other states. And back in Silicon Valley, the San Jose Mercury News writes that California "has an obligation to take a lead in establishing the basic privacy rights of consumers using the Internet. Beyond being the right thing to do for the whole country, building trust in tech products is an essential long-term business strategy for the industry that was born in this region."
The EFF has also compiled an interesting list of past instances where ISPs have already tried to exploit the personal information of their customers for profit.
Here's some of the highlights from the EFF's list:

• In 2008, Charter play tested the idea of recording everything you do on the Internet and packaging it into profiles...
• We know as of 2015 telecom carriers worked to "ingest" data from cellphones close to 300 times a day every day across 20 to 25 million mobile subscribers (we aren't told which mobile telephone companies participate in this practice, they keep that a secret). That data is used to inform retailers about customer browsing info, geolocation, and demographic data.
• We know in 2011 ISPs engaged in search hijacking where your Internet search queries were monitored in order to be rerouted in coordination with a company called Paxfire...
• We know AT&T, Sprint, and T-Mobile preinstalled "Carrier IQ" on their phones, which gave them the capability to track everything you do, from what websites you visit to what applications you use. It took a class action lawsuit for the carriers to begin backing down from this idea.
• And lastly, we know in 2014 Verizon tagged every one of their mobile customers' HTTP connections with a semi permanent super-cookie, and used those super-cookies to enable third parties such as advertisers to target individual customers. Not only that, but Verizon's super-cookie also allowed unaffiliated third parties to track you, no matter what steps you took to preserve your privacy. And worst of all, AT&T was going to follow suit to get in on the action but quickly retreated after Verizon got into legal trouble with the federal government.

The EFF complains that "the very companies who spent millions of dollars lobbying in D.C. to repeal our federal broadband privacy rights are now fighting state attempts to protect consumers because they supposedly prefer a federal rule." The EFF urges Californians to phone their state senator ahead of a crucial back-to-back committee hearings on Tuesday. An anonymous reader writes: "Congress stole your online privacy. Let's seize it back," begins an email that the EFF is sending to California supporters. It warns that "Big Telecom has massive amounts of money to spend on an army of lobbyists. But if Internet users from across California unite with one voice, we can defeat their misinformation campaign... Don't let the big ISPs coopt our privacy."

The EFF's site points out that more than 83% of Americans support the privacy regulations which were repealed in March by the U.S. Congress, according to a new poll released last week. That's even more than the 77% of Americans who support keeping current net neutrality protections in place, according to the same poll. The EFF now hopes that California's newly-proposed legislation could become a model for privacy-protecting laws in other states. And back in Silicon Valley, the San Jose Mercury News writes that California "has an obligation to take a lead in establishing the basic privacy rights of consumers using the Internet. Beyond being the right thing to do for the whole country, building trust in tech products is an essential long-term business strategy for the industry that was born in this region."
The EFF has also compiled an interesting list of past instances where ISPs have already tried to exploit the personal information of their customers for profit.
Here's some of the highlights from the EFF's list:

• In 2008, Charter play tested the idea of recording everything you do on the Internet and packaging it into profiles...
• We know as of 2015 telecom carriers worked to "ingest" data from cellphones close to 300 times a day every day across 20 to 25 million mobile subscribers (we aren't told which mobile telephone companies participate in this practice, they keep that a secret). That data is used to inform retailers about customer browsing info, geolocation, and demographic data.
• We know in 2011 ISPs engaged in search hijacking where your Internet search queries were monitored in order to be rerouted in coordination with a company called Paxfire...
• We know AT&T, Sprint, and T-Mobile preinstalled "Carrier IQ" on their phones, which gave them the capability to track everything you do, from what websites you visit to what applications you use. It took a class action lawsuit for the carriers to begin backing down from this idea.
• And lastly, we know in 2014 Verizon tagged every one of their mobile customers' HTTP connections with a semi permanent super-cookie, and used those super-cookies to enable third parties such as advertisers to target individual customers. Not only that, but Verizon's super-cookie also allowed unaffiliated third parties to track you, no matter what steps you took to preserve your privacy. And worst of all, AT&T was going to follow suit to get in on the action but quickly retreated after Verizon got into legal trouble with the federal government.

Long-time Slashdot reader compumike writes: The group that first brought schematics and circuit simulation to the browser has now released the first few chapters of Ultimate Electronics: Practical Circuit Design and Analysis, an interactive online textbook for people learning electronics. The materials released today cover about half of a first semester undergraduate electronics course.

Speaking of Netflix, last month they began streaming "Nobody Speak: Trials of the Free Press" -- a new documentary by Brian Knappenberger about the Gawker verdict. An anonymous reader shares this description from Business Insider: Knappenberger -- who previously made the movies "The Internet's Own Boy: The Story of Aaron Swartz," on internet activist Aaron Swartz, and "We Are Legion," about the hacker group Anonymous -- got in touch with Nick Denton and Gawker editor-in-chief (who also posted the Hogan sex tape video) A.J. Daulerio to be in the film as well as Hogan's lawyer David R. Houston... Knappenberger said he also tried to get Peter Thiel to be in the movie, but Thiel declined Knappenberger's numerous requests. And the movie shows how other people with money and influence can and do silence the media.

Knappenberger also showcases what happened to the Las Vegas Review-Journal at the end of 2015. The paper's staff was suddenly told that the paper had been sold, though they were never told who the new publisher was. A group of reporters found that the son-in-law of Las Vegas casino titan Sheldon Adelson was a major player in the purchase of the paper. According to the movie, Adelson had a vendetta with the paper's columnist John L. Smith, who wrote unflattering things about him in a 2005 book. Smith was even ordered after the paper was bought that he was never to write about Adelson in any of his pieces. For Knappenberger, there's no other way to look at it: The suppression of the media by billionaires is happening.
Knappenberger said if any legal documents arrive from the billionaires discussed in his movie, "We're ready for it." But he added that the bigger issue is getting people to understand that the loss of the free press is "the most important thing facing our country." Or, as a former Gawker editor says in the film, "If you're not pissing off a billionaire, what's the point?"

Speaking of Netflix, last month they began streaming "Nobody Speak: Trials of the Free Press" -- a new documentary by Brian Knappenberger about the Gawker verdict. An anonymous reader shares this description from Business Insider: Knappenberger -- who previously made the movies "The Internet's Own Boy: The Story of Aaron Swartz," on internet activist Aaron Swartz, and "We Are Legion," about the hacker group Anonymous -- got in touch with Nick Denton and Gawker editor-in-chief (who also posted the Hogan sex tape video) A.J. Daulerio to be in the film as well as Hogan's lawyer David R. Houston... Knappenberger said he also tried to get Peter Thiel to be in the movie, but Thiel declined Knappenberger's numerous requests. And the movie shows how other people with money and influence can and do silence the media.

Knappenberger also showcases what happened to the Las Vegas Review-Journal at the end of 2015. The paper's staff was suddenly told that the paper had been sold, though they were never told who the new publisher was. A group of reporters found that the son-in-law of Las Vegas casino titan Sheldon Adelson was a major player in the purchase of the paper. According to the movie, Adelson had a vendetta with the paper's columnist John L. Smith, who wrote unflattering things about him in a 2005 book. Smith was even ordered after the paper was bought that he was never to write about Adelson in any of his pieces. For Knappenberger, there's no other way to look at it: The suppression of the media by billionaires is happening.
Knappenberger said if any legal documents arrive from the billionaires discussed in his movie, "We're ready for it." But he added that the bigger issue is getting people to understand that the loss of the free press is "the most important thing facing our country." Or, as a former Gawker editor says in the film, "If you're not pissing off a billionaire, what's the point?"

Slashdot reader cdreimer shared an article from the New York Times: Idaho achieved a notable distinction last year: It became one of the hardest places in America for someone to quit a job for a better one. The state did this by making it easier for companies to enforce noncompete agreements, which prevent employees from leaving their company for a competitor... The result was a bill that shifted the burden from companies to employees, who must now prove they have "no ability to adversely affect the employer's legitimate business interests." The bar for that is so high that Brian Kane, an assistant chief deputy in the Idaho attorney general's office, wrote that this would be "difficult if not impossible" for an employee to do...

For the most part, states have been moving toward making it easier for people to switch teams... The most extreme end of the spectrum is California, which prohibits noncompete agreements entirely. Economists say this was a crucial factor behind Silicon Valley's rise, because it made it easier for people to start and staff new businesses. But as states like Utah and Massachusetts have tried to move closer to this approach, legislators have run into mature companies trying to hold onto their best employees... A recent survey showed that one in five American workers is bound by a noncompete clause. They cover workers up and down the economic spectrum, from executives to hairdressers.
Two economists tell the newspaper that since 2000, U.S. workers have changed their jobs less and less, which is sometimes blamed on strict employment contracts as well as the occupational licensing laws which affect a third of America's workforce. The Times reports that noncompete clauses ultimately end up keeping workers' salaries lower, "because most people get raises when they switch jobs."

turkeydance shared a new article from Recode about Elon Musk: He's been warning people about AI for years, and today called it the "biggest risk we face as a civilization" when he spoke at the National Governors Association Summer Meeting in Rhode Island. Musk then called on the government to proactively regulate artificial intelligence before things advance too far... "Normally the way regulations are set up is a while bunch of bad things happen, there's a public outcry, and after many years a regulatory agency is set up to regulate that industry," he continued. "It takes forever. That, in the past, has been bad but not something which represented a fundamental risk to the existence of civilization. AI is a fundamental risk to the existence of human civilization"... Musk has even said that his desire to colonize Mars is, in part, a backup plan for if AI takes over on Earth.
Several governors asked Musk how to regulate the emerging AI industry, to which he suggested learning as much as possible about artificial intelligence. Musk also warned that society won't know how to react "until people see robots going down the street killing people... I think by the time we are reactive in AI regulation, it's too late."

This question was inspired when Slashdot reader TheRealHocusLocus found their laptop "in the throes of a Windows 10 Update," where "progress has rolled past 100% several times and started over." I pushed the re-schedule dialogue to the rear and left it waiting. But my application did not count as activity and I left for a few moments, so Windows decided to answer its own question and restart (breaking a persistent Internet connection)... I've had it. Upon due consideration I now conclude I have been personally f*ck'd with. Driver availability, my apps and WINE permitting, this machine is getting Linux or pre-Windows-8...

That's mine, now let's hear about the things that are pushing you over the edge this very minute. Phones, software, power windows, anything.
There's a longer version of this story in the original submission -- but what's bugging you today? Leave your best answers in the comments. What software (or hardware glitch) makes you angry?

Profits from both CD sales and digital downloads are declining, while online streaming now accounts for the majority of the $7.7 billion U.S. music market, according to a new article. And the music industry's newest complaint is that 25% of music streaming is happening on YouTube, which they believe is paying them too little. An anonymous reader quotes the San Jose Mercury News: Now, the battle is heating up as the European Union is expected to release new rules later this year for how services such as YouTube handle music, potentially upending some of the copyright protections that undergird the Internet... The E.U. has formally recognized that there is a "value gap" between song royalties and what user-upload services such as YouTube earn from selling ads while playing music... How such a law would address the gap is still being decided, but the E.U. has indicated it plans to focus on ensuring copyright holders are "properly remunerated." Even the value gap's existence is disputed.

A recent economic study commissioned by YouTube found no value gap -- in fact, the report said YouTube promotes the music industry, and if YouTube stopped playing music, 85 percent of users would flock to services that offered lower or no royalties. A different study by an independent consulting group pegged the YouTube value gap at more than $650 million in the United States alone. "YouTube is viewed as a giant obstacle in the path to success for the streaming marketplace," said Mitch Glazier, president of the Recording Industry Association of America... YouTube pays an estimated $1 per 1,000 plays on average, while Spotify and Apple music pay a rate closer to $7... The music industry claims YouTube has avoided paying a fair-market rate by hiding behind broad legal protections. In the United States, that's the "safe harbor" provision, which essentially says YouTube is not to blame if someone uploads a copy-protected song -- unless the copyright holder complains.
YouTube argues that its automatic Content ID system recognizes 98% of all copyright-infringing uploads -- and that each year they're already paying the music industry $1 billion in royalties.

Profits from both CD sales and digital downloads are declining, while online streaming now accounts for the majority of the $7.7 billion U.S. music market, according to a new article. And the music industry's newest complaint is that 25% of music streaming is happening on YouTube, which they believe is paying them too little. An anonymous reader quotes the San Jose Mercury News: Now, the battle is heating up as the European Union is expected to release new rules later this year for how services such as YouTube handle music, potentially upending some of the copyright protections that undergird the Internet... The E.U. has formally recognized that there is a "value gap" between song royalties and what user-upload services such as YouTube earn from selling ads while playing music... How such a law would address the gap is still being decided, but the E.U. has indicated it plans to focus on ensuring copyright holders are "properly remunerated." Even the value gap's existence is disputed.

A recent economic study commissioned by YouTube found no value gap -- in fact, the report said YouTube promotes the music industry, and if YouTube stopped playing music, 85 percent of users would flock to services that offered lower or no royalties. A different study by an independent consulting group pegged the YouTube value gap at more than $650 million in the United States alone. "YouTube is viewed as a giant obstacle in the path to success for the streaming marketplace," said Mitch Glazier, president of the Recording Industry Association of America... YouTube pays an estimated $1 per 1,000 plays on average, while Spotify and Apple music pay a rate closer to $7... The music industry claims YouTube has avoided paying a fair-market rate by hiding behind broad legal protections. In the United States, that's the "safe harbor" provision, which essentially says YouTube is not to blame if someone uploads a copy-protected song -- unless the copyright holder complains.
YouTube argues that its automatic Content ID system recognizes 98% of all copyright-infringing uploads -- and that each year they're already paying the music industry $1 billion in royalties.

Profits from both CD sales and digital downloads are declining, while online streaming now accounts for the majority of the $7.7 billion U.S. music market, according to a new article. And the music industry's newest complaint is that 25% of music streaming is happening on YouTube, which they believe is paying them too little. An anonymous reader quotes the San Jose Mercury News: Now, the battle is heating up as the European Union is expected to release new rules later this year for how services such as YouTube handle music, potentially upending some of the copyright protections that undergird the Internet... The E.U. has formally recognized that there is a "value gap" between song royalties and what user-upload services such as YouTube earn from selling ads while playing music... How such a law would address the gap is still being decided, but the E.U. has indicated it plans to focus on ensuring copyright holders are "properly remunerated." Even the value gap's existence is disputed.

A recent economic study commissioned by YouTube found no value gap -- in fact, the report said YouTube promotes the music industry, and if YouTube stopped playing music, 85 percent of users would flock to services that offered lower or no royalties. A different study by an independent consulting group pegged the YouTube value gap at more than $650 million in the United States alone. "YouTube is viewed as a giant obstacle in the path to success for the streaming marketplace," said Mitch Glazier, president of the Recording Industry Association of America... YouTube pays an estimated $1 per 1,000 plays on average, while Spotify and Apple music pay a rate closer to $7... The music industry claims YouTube has avoided paying a fair-market rate by hiding behind broad legal protections. In the United States, that's the "safe harbor" provision, which essentially says YouTube is not to blame if someone uploads a copy-protected song -- unless the copyright holder complains.
YouTube argues that its automatic Content ID system recognizes 98% of all copyright-infringing uploads -- and that each year they're already paying the music industry $1 billion in royalties.

Orome1 quotes Help Net Security:After the recent massive WannaCry ransomware campaign, Elad Erez, Director of Innovation at Imperva, was shocked at the number of systems that still sported the Microsoft Windows SMB Server vulnerabilities that made the attack possible. So, he decided to do something about it: he created Eternal Blues, an easy-to-use vulnerability scanner that he made available for download for free... The statistics collected by the tool, as well as the total number of downloads, show that after the NotPetya attack, people's awareness of the threat did increase... Over 8 million IP addresses were scanned, and a total of 60,000 vulnerable hosts were identified (out of ~537,000 that were responsive). Of the ~537,000 responsive hosts, some 258,000 still had SMBv1 enabled.
One organization in France found two vulnerable hosts after scanning over 13,000 IP addresses, and Erez believes that without his tool, "finding those two needles in the haystack would have been an almost impossible mission... Here is a lesson for IT/Security departments: don't be so certain that you know your network well. Deploy a multi-layered stack of security tools for both risk analysis and real time enforcement."