Slashdot Mirror

An anonymous Slashdot reader quotes The Stack: The Google cloud platform, Google Compute Engine, now allows customers to create their own encryption keys as an alternative to the Google-provided default encryption. Google Compute Engine automatically encrypts all data at rest, managing customer data encryption as a part of the Compute Engine service. However, some customers prefer to manage and control cloud encryption internally, to further tighten data security.

Google has released a comprehensive set of instructions for a customer to create their own encryption key. The Customer-Supplied Encryption Key (CSEK) is then used to protect the Google-generated keys that are used automatically for data encryption. The CSEK is an additional layer of protection for data stored in the cloud. Using an internally-generated encryption key also allows customers to control data encryption without using third-party providers, whose services are available at an additional cost.

An anonymous reader quotes a report from The Stack: Canada has released its latest federal cloud adoption strategy, now available for public comment, which includes policy concerning the storing of sensitive government information on Canadian citizens within national borders. The newly-published [Government of Canada Cloud Adoption Strategy] requires that only data which the government has categorized as "unclassified," or harmless to national and personal security, will be allowed outside of the country. This information will still be subject to strict encryption rules. The new strategy, which has been in development over the last year, stipulates that all personal data stored by the government on Canadian citizens, such as social insurance numbers and critical federal information, must be stored in Canada-based data centers in order to retain "sovereign control."

An anonymous reader writes: Online stock media library Getty Images is facing a $1 billion lawsuit from an American photographer for illegally selling copyright for thousands of photos. The Seattle-based company has been sued by documentary photographer Carol Highsmith for 'gross misuse', after it sold more than 18,000 of her photos despite having already donated them for public use. Highsmith's photos which were sold via Getty Images had been available for free via the Library of Congress. Getty has now been accused of selling unauthorized licenses of the images, not crediting the author, and for also sending threatening warnings and fines to those who had used the pictures without paying for the falsely imposed copyright.ArsTechnica has more details.

An anonymous reader writes: Google is looking at artificial intelligence technology to help it identify opportunities for data center energy savings. The company is approaching the end of an initial 2-year trial of the machine learning tool, and hopes to see it applied across the entire data center portfolio by the end of 2016. The new AI software, which is being developed at Google's DeepMind, has already helped to cut energy use for cooling by 40%, and to improve overall data center efficiency by 15%. DeepMind said that the program has been an enormous help in analyzing data center efficiency, from looking at energy used for cooling and air temperature to pressure and humidity. The team now hopes to expand the system to understand other infrastructure challenges, in the data center and beyond, including improving power plant conversion, reducing semiconductor manufacturing energy, water usage, and helping manufacturers increase throughput.

An anonymous reader writes: Netflix has announced that it has secured a deal to stream every episode of the new Star Trek TV series within 24 hours of its original network broadcast. However, neither the U.S. nor Canadian subscribers are included in the deal, which otherwise covers every territory that Netflix operates in worldwide. Stateside viewers will be able to stream the new show via CBS's own All Access digital subscription video-on-demand and live streaming service, with Canadian streaming provisions yet to be announced. The deal represents a potential major step forward in the company's determination to bypass regional licensing, and at one stroke eliminates the typical years of delay that occur when a U.S. program seeks foreign audiences.

An anonymous reader quotes a report from The Stack: VPN provider Private Internet Access has pulled out of Russia in the wake of new internet surveillance legislation in the country. The company claims that some of its Russian servers were seized by the government as punishment for not complying with the rules, which ask providers to log and hold all Russian internet traffic and session data for up to a year. Upon learning of the federal action, the company immediately removed its Russian availability and announced that it would no longer be operating in the region. "We believe that due to the enforcement regime surrounding this new law, some of our Russian Servers (RU) were recently seized by Russian Authorities, without notice or any type of due process," wrote Private Internet Access in a blog post. The company advises users to update their desktop clients. They also noted that its manual configurations now support the "strongest new encryption algorithms including AES-256, SHA-256, and RSA-4096." Putin has given Federal Security Agents two weeks to produce "encryption keys" for the internet.

An anonymous reader quotes a report from The Stack: Google has announced its new "Android Fundamentals" training program, which aims to train and certify up to two million Android developers in India. The course, soon to be available online and at schools country-wide, is focused on training, testing, and certifying Android developers to prepare students for careers using Android technology. Google is currently working to update the skills of its existing trainers to prepare them to teach the Fundamentals course, as well as updating course materials to provide students a solid foundation in Android development. The new program works with Prime Minister Narendra Modi's 'Skill India' initiative, launched in 2015 with the intent of training 400 million Indian citizens with new vocational skills by 2022. Caesar Sengupta, VP Product Management for Google, said that while India is forecasted to have the largest developer population in the world by 2018, with almost four million developers, only a quarter of them are currently building for mobile.

An anonymous reader writes: Users eager to get their hands on the new Nintendo mobile gaming app Pokemon GO, downloading unofficial copies of the game are opening themselves up to hackers who are circulating malicious versions of the Android APK. A remote access tool (RAT), known as DroidJack (or SandroRAT), has been added to some APK files, allowing third parties to gain full control over the users' mobile devices. Permissions granted to the dodgy app include; directly calling phone numbers, reading phone status' and identities, editing and reading text messages, sending SMS messages and recording audio.The problem is that Pokemon Go is not officially available in every region, and the Google PlayStore doesn't let people in an unsupported region download the app. Also, millions of smartphones and tablets don't support many Google Mobile Services (GMS). While we do not condone downloading installation files of Android apps and games from unofficial stores, APKMirror is one of the few places that we would suggest our readers to check as it has a very commendable track record.

An anonymous reader writes from a report via The Stack: A 2014 version of the World-Check database containing more than 2.2 million records of people with suspected terrorist, organized crime, and corruption links has been leaked online. The World-Check database is administered by Thomson-Reuters and is used by 4,500 institutions, 49 of the world's 50 largest banks and by over 300 government and intelligence agencies. The unregulated database is intended for use as "an early warning system for hidden risk" and combines records from hundreds of terror and crime suspects and watch-lists into a searchable resource. Most of the individuals in the database are unlikely to know that they are included, even though it may have a negative impact on their ability to use banking services and operate a business. A Reddit user named Chris Vickery says he obtained a copy of the database, saying he won't reveal how until "a later time." To access the database, customers must pay an annual subscription charge, that can reach up to $1 million, according to Vice, with potential subscribers then vetted before approval. Vickery says he understands that the "original location of the leak is still exposed to the public internet" and that "Thomas Reuters is working feverishly to get it secured." He told The Register that he alerted the company to the leak, but is still considering whether to publish the information contained in it.

An anonymous reader writes: The American Civil Liberties Union (ACLU) has filed a lawsuit with the U.S. Department of Justice contending that the Computer Fraud and Abuse Act's criminal prohibitions have created a barrier for those wishing to conduct research and anti-discrimination testing online. The ACLU have pursued the matter on behalf of a group of academic researchers, computer scientists and journalists seeking to remove that barrier to allow for third-party testing and research into potential online discrimination. In a public statement the ACLU contend: "The CFAA violates the First Amendment because it limits everyone, including academics and journalists, from gathering the publicly available information necessary to understand and speak about online discrimination."

An anonymous reader writes: The Cyberspace Administration of China has imposed new regulation for the mobile app community, requiring that developers keep a close watch over users and keep a record of their activities. However, the proposed legislation would also prevent apps from requesting unnecessary access to users' contacts, camera, microphone and other spurious installation requests. The regulator introduced the new laws in the name of cracking down on illegal use of mobile platforms for the distribution of pornography, fraud and the spread of 'malicious' content.

An anonymous reader writes: According to the makers of the Opera browser, Microsoft's recent claim that its Windows 10 Edge browser is more power-efficient than Chrome are erroneous. Running its own tests with Opera, Edge and Chrome, the company finds that Opera runs 22% faster (with a battery life of 3hr 55m) than Edge (3hrs 12m). In Microsoft's own tests, Google's Chrome browser was the first to completely exhaust the battery, closely followed by Firefox and Opera. In May, Opera added a power-saving mode, but any advantage it can be verified to have in the energy-efficiency stakes may be more due to the native adblocking feature it introduced this year.

An anonymous reader writes: Researchers have developed a new algorithm which may help law enforcement agencies predict potential terror attacks. The computer model has a particular focus on the behavioral patterns associated with Islamic State (ISIS) supporters...
For eight months in 2015, the researchers tracked 108,086 individual followers on ISIS-related social media pages, noting that sudden increases in the number of pages "preceded the onset of violence in a way that would not have been detected by looking at social media references to ISIS alone." According to The Stack, the University of Miami team "used a mathematical equation typically applied in physics and chemistry to monitor the development and growth of pro-ISIS groups. 'It was like watching crystals forming. We were able to see how people were materializing around certain social groups; they were discussing and sharing information -- all in real-time... This removes the guess work. With that road map, law enforcement can better navigate what is going on, who is doing what, while state security agencies can better monitor what might be developing,..."

An anonymous reader writes: Google's parent company Alphabet has found itself faced with a lawsuit, which claims that the tech giant stole the idea behind its Wi-Fi-emitting balloon network, Project Loon. The Space Data Corporation of Chandler, Arizona, filed the suit and is arguing that it currently holds patents for a balloon-based system which carries broadband antennae to create a wireless network to deliver data services to U.S. armed forces and across remote areas of Alaska and the Gulf of Mexico. The organization is seeking damages for two counts of patent infringement, as well as two counts of misappropriation of trade secrets and breach of written contract. Space Data says in their complaint that they had med with as many as 10 Google representatives, including Larry Page and Sergey Brin, in 2007 and 2008 to discuss potential partnerships. They say Google did not agree with the collaboration, and chose to steal trade secrets and start developing their own balloon network in 2011 instead. "Project Loon improperly and unlawfully utilizes Space Data's confidential information and trade secrets which Space Delta disclosed to Defendant Google pursuant to a 2007 Mutual Confidentiality and Non-Disclosure Agreement," the complain states.

An anonymous reader writes: Researchers have uncovered an underground market selling information of over 70,000 compromised servers. Russia-based Kaspersky Lab revealed that the online forum, named xDedic, seems to be operated by a Russian-speaking organisation and allows hackers to pay for undetectable access to a wide range of servers, including those owned by government, corporate and academic groups in more than 170 countries. Access to a compromised server can be bought for as little as $6. This kit comes with relevant tools to instruct on launching denial-of-service attacks and spam campaigns on the targeted network, as well as allowing criminals to illegally produce bitcoin and breach online systems, such as retail payment platforms.

An anonymous reader writes that Uber "has suffered double-losses in Europe, as both France and Germany continue to reject the company's validity in their regions." Meanwhile, a Boston Uber driver filed a federal lawsuit on Thursday accusing Uber of illegally classifying drivers as independent contractors to avoid providing full employee benefits. An Indianapolis driver has filed a similar suit, which also complains that Uber won't let them accept tips, and keeps any tips that customer's pay them through Uber's app. And remember when Uber and Lyft left Austin after losing a local election which would've required all their drivers to be fingerprinted? Now two lawsuits charge the companies were required to give 60 days notice to all their employees, and is demanding back pay and benefits.

But an anonymous reader quotes this column from the Los Angeles Times arguing that a federal judge's ultimate question is just "how sleazy" Uber really is. We're familiar with the Uber that talked about responding to bad publicity by digging up dirt on reporters following the company. Also the Uber that allegedly stalked passengers using its service, following their travel routes for the amusement of its party-goers... What about the Uber that secretly investigated a lawyer representing an adversary in a lawsuit, and then lied about it? That's the Uber that Federal Judge Jed S. Rakoff of New York wants to hear a lot more about. On Thursday he ordered Uber to turn over to the other side a pile of documents related to the investigation.
Slashdot reader chasm22 points out that the high-powered investigator hired by Uber is apparently a retired senior CIA officer -- a former chief strategy officer, chief of cyberthreat analysis and chief of counterintelligence.

An anonymous reader writes: Google India has announced that users of the YouTube app in India can now download content during cheaper night-time connectivity periods for offline viewing later. Downloaded videos can be viewed for up to 30 days... Streaming providers are currently conflicted between the low-risk policy of denying offline viewing, and the risk of alienating the lesser-connected markets where they're keen to grab an early foothold. In late 2014 a Netflix executive said offline viewing was "never going to happen", but in April of this year CEO Reed Hastings backtracked in a letter to shareholders, commenting "as we expand around the world, where we see an uneven set of networks, it's something we should keep an open mind about."

An anonymous reader writes: Government workers in Singapore will return to a 1990s-level of net connectivity from May of 2017, as the domestic government has decided to block internet access on all of its 100,000 office computers. The decision has been made in the interests of national security, although the Draconian policy will still permit workers to forward work mails to private email addresses as necessary. Workers' own devices will be allowed to connect to the internet normally by special terminals being provided in early trials, while intra-departmental connectivity will presumably be maintained via VPN tunneling. The move comes in the direct wake of a visit to Singapore from the U.S. Secretary of Defense Ashton Carter late last week, promoting stronger security ties with Singapore in the face of the rise of China in the region.BBC News has more details.

An anonymous reader writes: Saudi Arabian hacking group OurMine yesterday claimed responsibility for the defacement of Mark Zuckerberg's Twitter and Pinterest accounts, claiming additionally that the Facebook CEO re-used the very low-security password 'dadada' across the accounts. The hack was facilitated by the 2012 data breach of unsalted LinkedIn passwords, offered for sale by hacker 'peace' last month at an equivalent price in Bitcoin of approximately $2,200.The aforementioned group said to have hacked Zuckerberg's Instagram account as well, a claim that has since been refuted by a Facebook spokesperson. Zuckerberg's Google+ account remains intact if you're wondering.

An anonymous reader quotes a report from The Stack: PayPal has announced the suspension of its business operations in Turkey as of June 6, citing failure to obtain a new license for its service in the country. Turkey has made recent efforts to promote its own domestic tech sector, advancing censorship laws and other regulation to push large international companies out of the market. PayPal, as the latest victim on this trail, posted a statement on its local Turkish website today: "PayPal's priority has always been its customers. However, a local financial regulator has denied our Turkish payments license and we have had to regretfully comply with its instruction to discontinue our activities in Turkey." The denial of PayPal's license, by local financial regulator BDDK, comes following the introduction of new national rules in Turkey which require IT systems to be based within the country itself. PayPal runs its global business from a large portfolio of IT centers around the world. Turkey isn't the only country tightening its grip on the Internet. The Iranian government has given companies behind popular messaging apps one year to move their data onto servers in Iran.

An anonymous reader writes: According to an insider at Samsung's growing advertising team in New York, the second-largest consumer tech manufacturer in the world is planning to retrofit older network-connected TVs to display tiled ads via a software update. The South Korean company, which has seen a 20.9% decline in television sales in Q1 of 2016 under fierce competition from China, has included 'baked' ads into the interface of its recent TV offerings, and also experimented with injecting ads into users' streamed video, transmitting voice commands to a third party -- and, ironically, battling Android over its own AdBlocking technology.

An anonymous reader quotes a report from The Stack: Researchers at the University of Michigan have created an app that makes any smartphone pressure-sensitive without additional hardware. The app, called ForcePhone, uses ultrasonic tones in the existing microphone and speaker hardware that respond to pressure for additional functionality for touchscreens. The app emits a high-frequency ultrasound tone from the device's existing microphone, which is inaudible to humans but can be picked up by the phone. That tone is calibrated to change depending on the pressure that the user gives on the screen or on the body of the phone. This gives users an additional way to interact with their device through the app alone. The additional functionality provided by ForcePhone can be used in a number of ways. Squeezing the body of the phone could take a user back a page, for example; or increased pressure on the touchscreen could act as a 'right-click' function, showing additional information on the app in use. Kan Shin, Professor at the University of Michigan, said, "You don't need a special screen or built-in sensors to do this. Now this functionality can be realized on any phone." He added, "We've augmented the user interface without requiring any special built-in sensors. ForcePhone increases the vocabulary between the phone and the user."

An anonymous reader quotes a report from The Stack: Qualcomm president Derek Aberle has suggested that the semiconductor giant is preparing to produce its own custom chips for the Chinese market. [A Wall Street Journal interview with] Aberle revealed that the American company had entered into a joint venture with the local government in Guizhou province to manufacture custom chips starting in the second half of 2016. According to Aberle, the Guizhou government owns 55% of the venture, while Qualcomm owns the remaining 45%. Aberle told the Wall Street Journal that he expects China's server demand to dwarf that of the U.S.. He said of the government-backed venture: "This is really going to be the primary vehicle from which we build our data center business in China. We are actually trying to create the company that is going to be able to win the market here as opposed to just licensing old technology."

An anonymous reader writes: In a bid to accelerate growth and reduce labor costs, Apple supplier Foxconn cut 60,000 jobs at a single factory, work that is now being completed by robots. As many as 600 companies in the Chinese manufacturing hub of Kunshan may have similar plans to automate their workforce, according to a government survey. Foxconn spokesperson Xu Yulian said, "The Foxconn factory has reduced its employee strength from 110,000 to 50,000, thanks to the introduction of robots. It has tasted success in reduction of labor costs." He added, "More companies are likely to follow suit."

These changes are spurred in part by a desire to reduce labor costs, but have also been made in response to an explosion at a Kunshan factory in 2014 that killed 146 people. The explosion was attributed to unsafe working conditions in the Taiwanese-owned metal polishing factory, which were recognized and documented. After the explosion, the local government pledged 2 billion yuan per year in subsidies to support companies that install industrial robots on their production lines.

An anonymous reader writes: Researchers at Kaspersky have discovered an improved version of Backdoor.Win32.Skimer infecting ATM machines worldwide. The new Skimer allows criminal access to card data, including PIN numbers, as well as to the actual cash located in the machine. The malicious installers use the packer Thermida to disguise the Skimer malware which is then installed on the ATM. If the ATM file system is FAT32, the malware drops the file netmgr.dll in the folder C:\Windows\System32. If the ATM has an NTFS file system, netmgr.dll is placed in the executable file of the NTFS data stream, which makes detection and analysis of the malware more difficult. Skimer may lie dormant for months until it is activated with the phsyical use of a "magic card," which gives access control to the malware, and then offers a list of options that are accessed by inputing a choice on the pin pad. The user can then request the ATM to: show installation details, dispense money, start collecting the details of inserted cards, print collected card details, self delete, enable debug mode, and update. Here's a video of the Skimer malware in action.

An anonymous reader writes: Samsung has debuted the first commercial installation of its 55-inch 'mirror' displays at a salon in South Korea with a transparent OLED screen overlaid over a mirrored surface to allow interaction. The Samsung product rivals an equivalent TOLED from Planar, with both intended for high-end use in the retail display and exhibition space. However both manufacturers are struggling to find practical applications for the much-awaited technology. Transparent displays have been a staple of sci-fi films such as Minority Report for decades, but only, it seems, because they helped to open up scenes which would otherwise have been difficult to film. With the pending advent of AR-based visualization, the innovation of the clear monitor seems not only to have come too late, but also offer limited practical use, even if its current breathtaking prices were to descend to the consumer space.

An anonymous reader writes: The Google Institute has developed an ultra-high resolution gigapixel Art Camera which can automatically recompose images into single works of extraordinary detail. The first thousand images are released today, and include works by Rembrandt and Van Gogh. A gigapixel contains over one billion pixels, providing a level of detail unavailable even to the naked eye. The Art Camera has increased the number of available gigapixel art images from 200 to 1000 since 2011. The Art Camera consists of a robot camera that automatically takes hundreds of high resolution close-up photos of the details of an image, using laser and sonar technology to ensure that each image is in focus. Software is then used to take the hundreds of individual close-up pictures and combine them into one whole image. With this technology, one can view photos produced by classical artists from a computer or mobile device without needing to travel around the world to do so. These digital gigapixel images are intended to be available for viewing and studying for years. In the future, we may see Google use machine-learning algorithms to analyze influential classical painters and create new masterpieces.

An anonymous reader writes: Google is working on a competitor to the Amazon Echo, the smart speaker that has proved to be a sleeper hit for Amazon. The device, which will resemble an OnHub router, has not been officially named yet but is internally known as the Chirp. It has long been suspected that Google was working on a voice-controlled speaker that could integrate with Nest, since Google acquired Nest two years ago. While the Chirp isn't ready for release at next week's Google I/O developer conference, it will most likely receive honorable mention as the conference will highlight voice control, personal assistance, and virtual reality.

An anonymous reader writes: French authorities have launched an investigation after a young woman recorded her suicide which streamed live to over 1,000 connected followers on the online video app Periscope. Prosecutors in Egly, Essone, a suburb 15 miles south of Paris, confirmed they had opened the inquiry following the incident which saw the 19-year-old throw herself under a commuter train at a railway station on Tuesday.BBC reports: Previously, she had filmed herself in her flat discussing how she intended to make a video to "send a message", warning younger viewers not to continue to watch what would be a "shocking" act, it was reported. During the filming, the young woman claimed to have been raped and named her attacker, according to the reports. It is not the first time that Periscope has been linked to inappropriate content.

An anonymous reader writes: A judge in Westminster has ruled that alleged hacktivist Lauri Love cannot be forced to provide encryption keys to the National Crime Authority. This move has been called a "victory for all who use encryption in the UK" and a "great decision for privacy and personal freedom." The NCA's request was widely regarded as an attempt to circumvent the Regulatory of Investigative Powers Act of 2000, which specifically legislates police power to compel subjects to hand over encryption keys. The NCA originally tried to force Love to turn over encryption keys under RIPA in 2014 but were unsuccessful. So Love, whose property was seized two years ago, made an application to have it returned under the 1897 Police Property Act. In response, the NCA attempted to legally force decryption under the same act. The NCA argued, in the ruling documents, that they could only ascertain the contents of the devices if Love was forced to provide the encryption key. The district judge was not persuaded by this argument, saying, "The case management powers of the court are not to be used to circumvent specific legislation that has been passed in order to deal with the disclosure sought." Legal experts have noted that this case represents a civil action being put forth in a magistrate's court, which normally only deals with criminal issues.

An anonymous reader writes: Google has suffered a data breach which compromised the security of its employees, after the company's staff benefits vendor mistakenly sent an email containing sensitive data to the wrong recipient. Google has sent a formal apology to an undisclosed number of affected employees. The letter notifies of the data breach and advises staff to register for free identity protection checks and credit monitoring for the next two years. The document explains how the third-party company, which provides Google with benefits management services, sent the personal information to a benefits manager at another firm by accident. The data included staff names and social security numbers, among other sensitive details.

An anonymous reader writes: English writer, presenter and activist Stephen Fry has urged his fans to abandon social networks, comparing such platforms to 'dystopian' forms of government seen in 1970s sci-fi films such as Logan's Run and Soylent Green. In a 2,600-word essay, the comedian, who had over four million Twitter followers prior to deleting his account in February, also compared the 'surveilled conformity' of social media to the unreal state of society depicted in The Matrix. "Who most wants you to stay on the grid? The advertisers. Your boss. Human Resources. The advertisers. Your parents (irony of ironies -- once they distrusted it, now they need to tag you electronically, share your Facebook photos and message you to death). The advertisers. The government. Your local authority. Your school. Advertisers," he writes. "Well, if you're young and have an ounce of pride, doesn't that list say it all?"

An anonymous reader writes: On Tuesday, Uber released its first transparency report, an overview of the information that was requested by U.S. regulators and law enforcement in the second half of 2015. The report shows that while Uber is not yet receiving the number or type of requests that non-transport companies do, the data requests affect millions of Uber customers and drivers. According to the report, Uber received 408 requests for information from law enforcement, and 415 from state and federal governments. These requests were complied with approximately 85% of cases, where after review, Uber provided at least some of the data requested. They also responded to 67 requests for information from regulatory bodies and from airports, with data provided on over 11 million riders and 600,000 drivers.

An anonymous reader writes: Microsoft has declared its support for the EU-U.S. Privacy Shield. The proposed legislation to govern data transmission between the EU and U.S. has been the subject of much debate. While acknowledging that more work will need to be done after it is adopted, Microsoft has thrown its support behind Privacy Shield, stating that after careful and detailed review, it 'believes wholeheartedly that it represents an effective framework and should be approved.' Microsoft has pledged to sign up for Privacy Shield, to adhere to its current and future guidelines, and to respond to Microsoft user complaints under Privacy Shield within 45 days. Despite the framework being criticized for its inadequacy, Microsoft supports the Privacy Shield in its current form, and believes that further adjustments should be made after the initial adoption.Microsoft is the first company to sign up for EU-U.S. Privacy Shield pact. The EU privacy regulators are yet to share their views on the deal. According to a recent leak, however, it appears they wouldn't approve it. While this shouldn't stop the commission from making a decision, as Fortune explains, "they can't technically stop the commission issuing its adequacy decision, but they can make life very difficult for companies transferring the data if they think the U.S. doesn't offer adequate protections."

An anonymous reader writes: A data breach has been uncovered at the UK's National Childbirth Trust, with over 15,000 new and expectant parents' details compromised. The charity "has apologized to its users and has informed them that their email addresses, usernames and an encrypted version of their passwords had been exposed in the data leak," according to The Stack. "It has assured members that no sensitive or financial information was accessed. The hack, which targeted the NCT's registration database, has since been reported to the police and the UK's data watchdog, the Information Commissioner's Office."

An anonymous reader writes: Sources close to the company have confirmed that Verizon will submit a first-round bid to purchase Yahoo's web business early next week, and that they may offer to take on Yahoo Japan as well. Time Inc. and Google are said to still be considering whether or not to make an offer, while AT&T, Comcast, and Microsoft have decided against entering a bid. Verizon's willingness to take on Yahoo Japan in the bid may give it a strategic advantage over other bidders. The combined value of Yahoo web and Yahoo Japan Corp. could put the value of the bid out of range for all but the largest investors, potentially putting interested private equity firms such as Bain or TPG out of the running.

An anonymous reader writes: Academics from the VU University Amsterdam have identified a new class of vulnerabilities to two-factor authentication, commonly used to protect transactions involving financial and private information. The vulnerability leaves users of both Android and Apple mobile devices open to the theft of personal information by hackers. The researchers note the text (PDF). While anywhere computing is generally considered to be a good thing, the research claims that integration across multiple platforms essentially removes the gap between those platforms, and it is that gap that is required to make two-factor authentication secure. Without a gap between devices, a common hack called the man-in-the-browser attack can be elevated to intercept the one-time password generated for two-factor authentication, thereby rendering two-factor authentication useless.

An anonymous reader shares a report on Quartz: About a dozen trucks from major manufacturers like Volvo and Daimler just completed a week of largely autonomous driving across Europe, the first such major exercise on the continent. The trucks set off from their bases in three European countries and completed their journeys in Rotterdam in the Netherlands. One set of trucks, made by the Volkswagen subsidiary Scania, traveled more than 2,000 km and crossed four borders to get there. The trucks were taking part in the European Truck Platooning Challenge, organized by the Dutch government as one of the big events for its 2016 presidency of the European Union. While self-driving cars from Google or Ford get most of the credit for capturing the public imagination, commercial uses for autonomous or nearly autonomous vehicles, like tractors from John Deere, have been quietly putting the concept to work in a business setting.In related news, as tipped to us by a reader, "Swedish automaker Volvo is planning on bringing a fleet of 100 self-driving vehicles to China from next year, in a project which will see local drivers test autonomous cars on public roads in everyday driving conditions. Dangerous driving and congestion in Chinese cities will likely prove a difficult challenge for the fleet." I am particularly interested in learning how this autonomous truck is controlled. From the article, it appears that these vehicles utilize Wi-Fi. Based on so many security incidents we continue to come across, perhaps these companies should first work on solving the technical challenges to make these trucks safe -- that is, bolstering the hardware and software security.

An anonymous reader writes: CloudFlare's co-founder Matthew Prince has publicly appealed to work with the Tor Project on implementing a solution that will stop the high incidence of Tor users being challenged by CAPTCHAs whilst browsing. Prince proposes the implementation of a Tor plugin that would communicate with CloudFlare servers to provide temporary, anonymous identification to bypass the CAPTCHAs, and has presented the code on GitHub. Other possibilities mooted include the adoption of higher-level encryption, which would be likely to adversely influence a network which already has native (and inevitable) latency issues. CloudFlare's public post on the matter comes after five turbulent weeks of comments-section debate between CloudFlare and Tor, and seems to be an appeal for public arbitration on the matter.Prince further noted that 94% of the traffic CloudFlair sees is "per se malicious." From his blog post: That doesn't mean they are visiting controversial content, but instead that they are automated requests designed to harm our customers. A large percentage of the comment spam, vulnerability scanning, ad click fraud, content scraping, and login scanning comes via the Tor network. To give you some sense, based on data from Project Honey Pot, 18% of global email spam, or approximately 6.5 trillion unwanted messages per year, begin with an automated bot harvesting email addresses via the Tor network.

An anonymous reader writes: A new draft law in China could potentially increase domain name restrictions, limiting domestic access to foreign websites. The measures outlined in the 'Internet Domain Name Management Rules' remain unclear, yet they suggest a marked effort to increase censorship on online content. The proposals, released for public comment by the Ministry of Industry and Information Technology, seek to update existing regulations to censor any domain names not registered within China. Only domain names approved by authorities would be permitted while other names registered outside of China would be blocked automatically.

An anonymous reader quotes a report from The Stack: Mesosphere, creator of the world's first data center operating system, has confirmed significant strategic investment from Microsoft and Hewlett Packard Enterprise. Mesosphere, built on the open-source Apache Mesos project, closed $73.5 million in a Series C funding round. With HPE and Microsoft leading the round, the startups total funding to date tallies at almost $126 million. The operating system is currently used at mega-scale by customers including Verizon, Netflix and Twitter. It also underpins Microsoft's Azure Container solutions.

An anonymous reader cites an article on The Stack: Infrequent use of a computer in later life could be an early sign of reduced cognitive ability, according to research from Oregon Health and Science University. A study, which involved 27 'cognitively-healthy' adults aged 65 or older, used MRI scans to measure the volume of the hippocampus -- a small area of the brain with a key role in memory function used to pick up early biomarkers of dementia and Alzheimer's. Data was also collected on computer use among participants via mouse movement detection software. Results showed an additional hour of computer use each day was linked to a 0.025% larger hippocampal volume(PDF), thus indicating that lower computer usage could help predict cognitive decline.

An anonymous reader writes with this news, which might worry you if you'd like your music (or videos, or books) to be safely stored on your local PC, phone, or offline storage: Music streaming has surpassed digital downloads in terms of revenue, according to a report released by the Recording Industry Association of America (RIAA). Its 'News and Notes on 2015' review shows that music streaming in the U.S. brought in 34.3% of the overall revenue for the year – generating $2.4 billion out of a total $7 billion. If the numbers are accurate, streaming beat music downloads by 0.3%. While this growth is an encouraging result for those in the industry backing streaming services like Spotify and the new Apple Music, many remain unconvinced of its value. RIAA chairman and CEO Cary Sherman noted an 'alarming' disparity between the growth in the number of ad-supported streams, and the growth in revenues generated by these.

An anonymous reader writes: Researchers in Australia have proposed a system to analyse a user's voice and recognise how they are feeling, long term. The system uses a Deep Neural Network (DNN) to compare the user's tone of voice to those that he or she is talking to, in order to build up long-term data about potential cyclic changes in mood, rather than attempting to recognise whether someone is happy or sad in a particular moment.

An anonymous reader writes: A year after Uber announced a collaboration with the Robotics Department of Carnegie Mellon University, not a single project has been developed. The ride-sharing company set up its Advanced Technologies Center on CMU's doorstep in 2015 and promptly 'compensated' the poaching of 40 of the University's best talent with a $5.5 million grant, leaving CMU with a staff crisis. The university is taking the appropriation philosophically, and considering the relationship as symbiotic. In the meantime Uber is rapidly co-opting Carnegie Mellon into a feeding ground for its own labs, moving a great deal of robotics research out of academic transparency into the realm of jealously-guarded corporate secrets.

An anonymous reader writes: The Australian government has announced that Bitcoin and other digital currencies would no longer be subject to Goods and Services Tax, and regulations would become more lenient to support startups and entrepreneurs in the country. Treasurer Scott Morrison noted in a detailed policy statement that various new law proposals would see GST removed on Bitcoin, restrictions and tax barriers eased for venture capital investors, and a stronger focus on crowdfunding and peer-to-peer lending. The release detailed that reform in the area is crucial to 'assist Australia becoming a leading market for FinTech innovation in Asia.'

An anonymous reader writes: In its first project the UK's new National Cyber Security Centre (NCSC) will work with the Bank of England to produce guidelines for Britain's financial sector. The partnership will aim to bolster businesses' resilience to online threats which could damage the country's economy. The National Cyber Security Centre will seek to protect critical national infrastructure and ensure a safer online environment for UK consumers and organizations, which are increasingly threatened by crime groups, hackers and terrorists. The centre will bring together leading national cyber experts to advise on managing online security strategy.
In addition, the new centre will aim to offer more access to information relating to various cybersecurity threats, something that the GCHQ has not always been able to do since it is a secret intelligence service. The NCSC will work with both the private and public sector, acting as the focal point for communication and advice. It will be based in London and is expected to be open for business in October.

An anonymous reader writes: Researchers have devised an algorithm for identifying people who post on Twitter while drunk at home, using both geolocation tags and behavioral data. The researchers analysed alcohol-related tweets from New York City and Rochester, and found that the tweeting drinkers in Monroe were likelier to be out of their houses than New Yorkers. The scientists concluded that the model could reveal important real-time information for public health research — creating a tool for improving a community's health, and using social media as a resource to spread positive health behavior.

An anonymous reader writes: The U.S. army is working on an innovative technology for masking radar emissions in contested territory and environments with heavily congested radio bands. Effective radar system performance is critical in military operations, yet remains a challenge in locations under attack or in areas of high traffic density. Army researchers have now developed a noise-encrypted radar waveform called Advanced Pulse Compression Noise (APCN), which can be tuned in real-time to allow users to adjust radar performance depending on their surroundings. Research scientist, Mark Govoni explained: 'Having the ability to transmit a radar waveform that's continually changing, one that never repeats itself, and looks like noise, is extremely difficult to intercept....and remains anonymous to radar detectors.'

An anonymous reader writes: Royal Bank of Scotland (RBS) has announced that it will be switching customer advice services over to automated 'robo-advisers' as it cuts 220 face-to-face positions. Given the green light from UK regulator, the Financial Conduct Authority (FCA) this week, the bank agreed that the move would lead to cheaper, more accessible financial advice. Those customers qualifying for personalised advice will now need to have at least £250,000 (approx. $350,000) to invest. Following the FCA's recommendations, it is expected that other UK banks will soon introduce similar 'robo' services.