Slashdot Mirror

The Office of the Privacy Commissioner of Canada said Tuesday that the Canada-based online dating and social networking service Ashely Madison used inadequate privacy and security technology while marketing itself as a discreet and secure way for consenting adults to have affairs. CBC.ca reports: "In a report Tuesday, the privacy watchdog says the Toronto-based company violated numerous privacy laws in Canada and abroad in the era before a massive data breach exposed confidential information from their clients to hackers. The hack stole correspondence, identifying details and even credit card information from millions of the site's users. The resulting scandal cost the company about a quarter of its annual revenues from irate customers who demanded refunds and cancelled their accounts. Working with a similar agency in Australia, the privacy group says the company knew that its security protocols were lacking but didn't do enough to guard against being hacked. The company even adorned its website with the logo of a 'trusted security award' -- a claim the company admits it fabricated." The report found that "poor habits such as inadequate authentication processes and sub-par key and password management practices were rampant at the company" and that "much of the company's efforts to monitor its own security were 'focused on detecting system performance issues and unusual employee requests for decryption of sensitive user data.'" What's more is that Ashley Madison continued to store personal information of its users even after some of which had deleted or deactivated their account(s). These people then had their information included in databases published online after the hack.

North Korea has unveiled a set-top box that offers video-on demand services similar to Netflix. The service is called Manbang, which translates to "everywhere" in Korean, and allows consumers to stream documentaries about Kim Jong Un and other "educational" programs, as well as five live TV channels. "If a viewer wants to watch, for instance, an animal movie and sends a request to the equipment, it will show the relevant video to the viewer [...] this is two-way communications," according to NK News. It reportedly works by plugging the set-top box into an internet modem, then connecting an HDMI cable from the cable box to the TV. A very small number of North Koreans will actually be able to use the device as "only a few thousand [...] have access to the state-sanctioned internet, in a nation of 25 million people," reports New York Daily News.

An anonymous reader writes: Sony could be about to announce two new PlayStation 4 consoles, according to the Wall Street Journal. Both units are set to be introduced next month, people familiar with the matter told the newspaper. The upgraded console outlined by the company earlier this year, capable of outputting 4K-resolution graphics, could be joined by a slimmed-down, cheaper version of the console. That would give gamers options to suit their varying budgets and demands. Sony is set to hold a press conference at the PlayStation Theater in New York on September 7 where the company is expected to outline the consoles in further detail.

Last month the FCC had pressed major U.S. phone companies to take immediate steps to develop technology that blocks unwanted automated calls available to consumers at no charge. It had demanded the concerned companies to come up with a "concrete, actionable" plan within 30 days. Well, the companies have complied. On Friday, 30 major technology companies announced they are joining the U.S. government to crack down on automated, pre-recorded telephone calls that regulators have labeled as "scourge." Reuters adds: AT&T, Alphabet, Apple, Verizon Communications and Comcast are among the members of the "Robocall Strike Force," which will work with the U.S. Federal Communications Commission. The strike force will report to the commission by Oct. 19 on "concrete plans to accelerate the development and adoption of new tools and solutions," said AT&T Chief Executive Officer Randall Stephenson, who is chairing the group. The group hopes to put in place Caller ID verification standards that would help block calls from spoofed phone numbers and to consider a "Do Not Originate" list that would block spoofers from impersonating specific phone numbers from governments, banks or others.

Chris Dixon, an American internet entrepreneur and investor in a range of tech and media companies including Kickstarter and Foursquare has written an essay on Medium highlighting some of the reasons why we should be excited about the future of technology. The reasons he has listed are as follows: 1. Self-Driving Cars: Self-driving cars exist today that are safer than human-driven cars in most driving conditions. Over the next 3-5 years they'll get even safer, and will begin to go mainstream.
2. Clean Energy: Attempts to fight climate change by reducing the demand for energy haven't worked. Fortunately, scientists, engineers, and entrepreneurs have been working hard on the supply side to make clean energy convenient and cost-effective.
3. Virtual and Augmented Reality: Computer processors only recently became fast enough to power comfortable and convincing virtual and augmented reality experiences. Companies like Facebook, Google, Apple, and Microsoft are investing billions of dollars to make VR and AR more immersive, comfortable, and affordable.
4. Drones and Flying Cars: GPS started out as a military technology but is now used to hail taxis, get mapping directions, and hunt Pokemon. Likewise, drones started out as a military technology, but are increasingly being used for a wide range of consumer and commercial applications.
5. Artificial Intelligence: Artificial intelligence has made rapid advances in the last decade, due to new algorithms and massive increases in data collection and computing power.
6. Pocket Supercomputers for Everyone: By 2020, 80% of adults on earth will have an internet-connected smartphone. An iPhone 6 has about 2 billion transistors, roughly 625 times more transistors than a 1995 Intel Pentium computer. Today's smartphones are what used to be considered supercomputers.
7. Cryptocurrencies and Blockchains: Protocols are the plumbing of the internet. Most of the protocols we use today were developed decades ago by academia and government. Since then, protocol development mostly stopped as energy shifted to developing proprietary systems like social networks and messaging apps. Cryptocurrency and blockchain technologies are changing this by providing a new business model for internet protocols. This year alone, hundreds of millions of dollars were raised for a broad range of innovative blockchain-based protocols.
8. High-Quality Online Education: While college tuition skyrockets, anyone with a smartphone can study almost any topic online, accessing educational content that is mostly free and increasingly high-quality.
9. Better Food through Science: Earth is running out of farmable land and fresh water. This is partly because our food production systems are incredibly inefficient. It takes an astounding 1799 gallons of water to produce 1 pound of beef. Fortunately, a variety of new technologies are being developed to improve our food system.
10. Computerized Medicine: Until recently, computers have only been at the periphery of medicine, used primarily for research and record keeping. Today, the combination of computer science and medicine is leading to a variety of breakthroughs.
11. A New Space Age: Since the beginning of the space age in the 1950s, the vast majority of space funding has come from governments. But that funding has been in decline: for example, NASA's budget dropped from about 4.5% of the federal budget in the 1960s to about 0.5% of the federal budget today.

Earlier this year, Xbox chief Phil Spencer expressed desires to see a steady stream of hardware innovation rather than a typical seven-year gap between different console generations, noting smartphone market as inspiration. In an interview with Engadget, Aaron Greenberg, Microsoft's Head of Xbox Games Marketing has hinted that the company's upcoming Project Scorpio is likely going to be the last generation of Xbox console you will ever need to purchase. From the report: I think it is ... For us, we think the future is without console generations, we think that the ability to build a library, a community, to be able to iterate with the hardware, we're making a pretty big bet on that with Project Scorpio. We're basically saying 'this isn't a new generation, everything you have continues forward and it works.' We think of this as a family of devices. But we'll see, we're going to learn from this, we're going to see how that goes. So far I'd say based on the reaction there appears to be a lot of demand and interest around Project Scorpio, and we think it's going to be a pretty big success. If the games and the content deliver, which I think they will do, I think it will change the way we think about the future of console gaming."

An anonymous Slashdot reader quotes an article by Help Net Security's editor-in-chief: More than one in three IT pros believe cloud providers should turn over encrypted data to the government when asked, according to Bitglass and the Cloud Security Alliance (CSA). 35 percent believe cloud app vendors should be forced to provide government access to encrypted data while 55 percent are opposed. 64 percent of US-based infosec professionals are opposed to government cooperation, compared to only 42 percent of EMEA respondents.
Raj Samani, CTO EMEA at Intel Security, told Help Net Security the answers ranged from "no way, to help yourself, and even to I don't care..." But since vendors can't satisfy both camps, he believes the situation "demands some form of open debate on the best approach to take..."

Rumors of Apple's next iPhone missing a headphone jack have been swirling around for more than a year now. But a report from WSJ a few weeks ago, and another report from Bloomberg this week further cemented such possibility. We've talked about it here -- several times -- but now Cory Doctorow is shedding light on what this imminent change holds for the music industry. Reader harrymcc writes: Fast Company's Mark Sullivan talked about the switch with author and EFF adviser Cory Doctorow, who thinks it could lead to music companies leveraging DRM to exert more control over what consumers can do with their music.From the article:"If Apple creates a circumstance where the only way to get audio off its products is through an interface that is DRM-capable, they'd be heartbreakingly naive in assuming that this wouldn't give rise to demands for DRM," said Doctorow. If a consumer or some third-party tech company used the music in way the rights holders didn't like, the rights holders could invoke the anti-circumvention law written in Section 1201 of the Digital Millennium Copyright Act (DMCA). Steve Jobs famously convinced the record industry to remove the DRM from music on iTunes; is there really any reason to believe the industry might suddenly become interested in DRM again if the iPhone audio goes all digital? "Yes -- for streaming audio services," Doctorow says. "I think it is inevitable that rights holder groups will try to prevent recording, retransmission, etc." Today it's easy to record streamed music from the analog headphone jack on the phone, and even to convert the stream back to digital and transmit it in real time to someone else. With a digital stream it might not be nearly so easy, or risk-free."Doctorow shares more on BoingBoing.

theodp writes: "Today is a milestone for personalized learning," boasted Mark Zuckerberg in a Facebook post Tuesday. "For the first time, more than 100 new schools will adopt personalized learning tools this school year. [...] A couple of years ago, our engineering team partnered with Summit [a Zuckerberg, Facebook, and Gates Foundation supported charter school network] to build out their personalized learning software platform so more schools could use it. [...] Congratulations to the Summit team, the new Basecamp schools and the entire personalized learning community on an exciting milestone!" Perhaps Zuckerberg should have also given a shout-out to the Bill and Melinda Gates Foundation, which awarded a $1.1 million grant last year "to support the Summit BaseCamp Program that will bring Next Generation learning at no cost to all partner schools that are accepted into the program." The New York Times characterized the Facebook-Summit partnership as "more of a ground-up effort to create a national demand for student-driven learning in schools." Before you scoff at that idea, consider that an earlier Gates-Zuckerberg collaboration helped give rise to a national K-12 Computer Science crisis!

An anonymous reader quotes a report from Techdirt: Interesting move by Cory Doctorow and the EFF in sending some letters to the FTC making a strong case that DRM requires some "truth in labeling" details in order to make sure people know what they're buying. The argument is pretty straightforward (PDF): "The legal force behind DRM makes the issue of advance notice especially pressing. It's bad enough when a product is designed to prevent its owner from engaging in lawful, legitimate, desirable conduct -- but when the owner is legally prohibited from reconfiguring the product to enable that conduct, it's vital that they be informed of this restriction before they make a purchase, so that they might make an informed decision. Though many companies sell products with DRM encumbrances, few provide notice of these encumbrances. Of those that do, fewer still enumerate the restrictions in plain, prominent language. Of the few who do so, none mention the ability of the manufacturer to change the rules of the game after the fact, by updating the DRM through non-negotiable updates that remove functionality that was present at the time of purchase." In a separate letter (PDF) from EFF, along with a number of other consumer interest groups, but also content creators like Baen Books, Humble Bundle and McSweeney's, they suggest some ways that a labeling notice might work.

Lorenzo Franceschi-Bicchierai, writing for Motherboard: One day, your thermostat will get hacked by some cybercriminal hundreds of miles away who will lock it with malware and demand a ransom to get it back to normal, leaving you literally in the cold until you pay up a few hundred dollars. This has been a scenario that security experts have touted as one of the theoretical dangers of the rise of the Internet of Things, internet-connected devices that are often insecure. On Saturday, what sounds like a Mr. Robot plot line came one step closer to being reality, when two white hat hackers showed off the first-ever ransomware that works against a "smart" device, in this case, a thermostat. Luckily, Andrew Tierney and Ken Munro, the two security researchers who created the ransomware, actually have no ill intention. They just wanted to make a point: some Internet of Things devices fail to take simple security precautions, leaving users in danger. "We don't have any control over our devices, and don't really know what they're doing and how they're doing it," Tierney told Motherboard. "And if they start doing something you don't understand, you don't really have a way of dealing with it." Tierney and Munro, who both work UK-based security firm Pen Test Partners, demonstrated their thermostat ransomware proof-of-concept at the hacking conference Def Con on Saturday, fulfilling the pessimistic predictions of some people in security world.

Oracle announced Thursday that it has agreed to buy NetSuite for $9.3 billion, in a move to bolster its cloud-computing offerings as it races to catch up to rivals. Both companies provide applications for running a business called enterprise-resource-planning software. Bloomberg reports: Oracle, which sells software to big corporations, has been trying to shift more sales to cloud-based products increasingly demanded by its customers. New cloud services made up about 8 percent of the company's total sales during its fiscal fourth-quarter. Buying NetSuite -- whose products include customer relationship management software -- will help Oracle compete against the likes of Salesforce.com Inc. and Microsoft Corp. "Oracle and NetSuite cloud applications are complementary, and will coexist in the marketplace forever," said Oracle co-Chief Executive Officer Mark Hurd in a statement Thursday. "We intend to invest heavily in both products -- engineering and distribution."

An anonymous reader shares a Gizmodo report:The U.S. Olympics Committee has gone off the deep end, when it comes to intellectual property. It's willing to sue anyone to protect their trademarks, even when the use is no real threat. But the committee's latest claim is an entirely new level of absurdity. What's getting the U.S. Olympics Committee in a tizzy this time? Tweets. Specifically any company that tweets about the Olympic Games and isn't a sponsor. ESPN obtained a letter from the U.S. Olympic Committee chief marketing officer Lisa Baird who outlines the absurd demands. "Commercial entities may not post about the Trials or Games on their corporate social media accounts," Baird writes, apparently in earnest. "This restriction includes the use of USOC's trademarks in hashtags such as #Rio2016 or #TeamUSA. And according to ESPN, it gets even more absurd. Apparently the letter says that any company whose primary mission isn't media is forbidden from using any pictures taken at the Olympics, sharing, and even reposting anything from the official Olympics account.

MojoKid writes: AMD took the wraps off its latest pro graphics solutions at SIGGRAPH today, and announced three new professional graphics cards in the new Polaris-based Radeon Pro WX Series. The Radeon Pro WX 4100 is the entry-level model with a half-height design for use in small form-factor workstations. The Radeon Pro WX 5100 is the middle child, while the Radeon Pro WX 7100 is AMD's current top-end WX model. The Radeon Pro WX 7100 has 32 compute units, offers 5 TFLOPs of compute performance, and is backed by 8GB of GDDR4 memory over a 256-bit memory interface. The Radeon Pro WX 5100 offers 28 compute units and 4 TFLOPs of performance along with 8GB memory over the same 256-bit interface, and the Radeon Pro WX 4100 is comprised of 16 compute units at 2 TFLOPs of perf with 4GB memory over a 128-bit memory link. The Radeon Pro WX 4100 has four mini DisplayPort outputs, while the Radeon Pro WX 5100 and 7100 each have four full-size DisplayPort connectors. None of these cards will be giving the new NVIDIA Quadro P6000 a run for its money in terms of performance, but they don't have to. The Quadro card will no doubt cost thousands of dollars, while the Radeon Pro WX 7100 will eek in at just under $1,000. The Radeon Pro WX 5100 and 4100 will slot in somewhat below that mark. AMD also announced the Radeon Solid State Storage Architecture and the Radeon Pro SSG card today. Details are scant, but AMD is essentially outfitting Radeon Pro SSG cards with large amounts of Solid State Flash Memory, which can allow much larger data sets to reside close to the GPU in an extended frame buffer. Whereas the highest-end professional graphics cards today may have up to 24GB of memory, the Radeon Pro SSG will start with 1TB, linked to the GPU via a custom PCI Express interface. Giving the GPU access to a large, local data repository should offer significantly increased performance for demanding workloads like real-time post-production of 8K video, high-resolution rendering, VR content creation and others.

An anonymous Slashdot reader quotes a report from HNGN: Game maker Valve is threatening to shut down sites dedicated to gambling with add-ons to its popular Counter Strike game. On Thursday the company sent cease and desist letters to 23 sites, demanding that gambling operations be stopped, and that the sites had 10 days to comply. The row revolves around the software overlays that change the appearance of the characters people play in Counter Strike: Global Offensive (CSGO) and the weapons and other virtual items. Last week the company reiterated that its user agreements ban external sites from asking users to connect their Steam accounts in order to trade items for real money. The company added that it would use "all available remedies" against sites that did not stop players using virtual goods to gamble.
Bloomberg reports that in June a class action lawsuit was filed against Valve "for its role in the multibillion-dollar gambling economy that has fueled the game's popularity" -- by a man who had been gambling on the site since 2014. This was followed in July by a second class action lawsuit by a mother on behalf of her son, reports ESPN. "The case alleges that the Valve knowingly allows and profits from teenagers participating in illegal, unregulated and underage gambling of in-game cosmetic weapon skins through third-party sites."

The FCC chairman on Friday pressed major U.S. phone companies to take immediate steps to develop technology that blocks unwanted automated calls available to consumers at no charge. Chairman Tom Wheeler, in letters to CEOs of Verizon Communications, AT&T, Sprint, US Cellular, Level 3 Communications, Frontier Communications, Bandwidth.com, and T-Mobile, said that so-called robocalls, automated pre-recorded telephone calls often from telemarketers or scam artists continue because the industry isn't taking any action. Wheeler demands answers with "concrete, actionable solutions to address these issues" within 30 days. A report on FastCompany adds: Wheeler also urged carriers to create a list of institutions like government agencies and banks that are commonly impersonated by scammers and filter out overseas callers impersonating them through falsified caller ID data

Microsoft said on Thursday that it has sold over 500 units of the Surface Hubs, a number that apparently "exceeded" the company's initial forecasts. In a statement to Microsoft-centric blog Petri, the company said: "Demand for Surface Hubs is very strong and exceeded initial forecasts. To date, we've shipped to over 500 customers worldwide and that number continues to grow. We are ramping up production to meet this strong demand via our partner reseller channel as soon as possible. Customers are encouraged to speak with their sales representative if interested in ordering Surface Hubs." For a refresh, the Surface Hub is a giant all-in-one Windows 10 computer which retails at a starting price point of $8,999 for the 55-inch model, and goes all the way up to $21,999 for the 84-inch model.

BetaNews's Mark Wilson writes: Yesterday France's National Data Protection Commission (CNIL) slapped a formal order on Microsoft to comply with data protection laws after it found Windows 10 was collecting "excessive data" about users. The company has been given three months to meet the demands or it will face fines. Microsoft has now responded, saying it is happy to work with the CNIL to work towards an acceptable solution. Interestingly, while not denying the allegations set against it, the company does nothing to defend the amount of data collected by Windows 10, and also fails to address the privacy concerns it raises. Microsoft does address concerns about the transfer of data between Europe and the US, saying that while the Safe Harbor agreement is no longer valid, the company still complied with it up until the adoption of Privacy Shield. It's interesting to see that Microsoft, in response to a series of complaints very clearly leveled at Windows 10, manages to mention the operating system only once. There is the promise of a statement about privacy next week, but for now we have Microsoft's response to the CNIL's order.

HughPickens.com writes: Mid-range prostitution is a relatively new market, enabled by technology. Before the internet, it was hard for escorts to find customers: They had to either walk the streets searching for customers, rely on word-of-mouth, or work with agencies. The internet changed all that as Allison Schrager writes at Quartz that if you work at Goldman Sachs in NYC and you want to tie up a woman and then have sex with her, you'll first have to talk to Rita. Rita will "insist on calling your office, speaking to the switchboard operator, and being patched through to your desk. Then she will want to check out your profile on the company website and LinkedIn. She'll demand you send her message from your work email, and require a scan of either your passport or driver's license." Though some escorts rely on sex work-specific sites that maintain "bad date" lists of potentially dangerous clients, others make use of more mainstream sources to gather information about and verify the identities of potential johns. Rita is addressing a problem that every business, both legal and illegal, has. Before the internet, more commerce occurred locally -- customers knew their merchants or service providers and went back to them repeatedly. As technology has expanded our transactional networks, it must also offer new ways of building trust and reputation. "The lesson here is that, while you'd think all the technological options for finding customers would make Rita's job as a madam obsolete, it has actually made her services more critical," says Schrager. "One step ahead of the mainstream economy, Rita's thriving business shows that some jobs won't disappear. They just need to be recast in a way that capitalizes on what made them valuable in the first place."

An anonymous reader writes: BlackBerry CEO John Chen said he is "disturbed" by Apple's tough approach to encryption and user privacy, warning that the firm's attitude is harmful to society. Earlier this year, Chen said in response to Apple resisting the government's demands to unlock an iPhone belonging to one of the San Bernardino shooters: "We are indeed in a dark place when companies put their reputations above the greater good." During BlackBerry's Security Summit in New York this week, Chen made several more comments about Apple's stance on encryption. "One of our competitors, we call it 'the other fruit company,' has an attitude that it doesn't matter how much it might hurt society, they're not going to help," he said. "I found that disturbing as a citizen. I think BlackBerry, like any company, should have a basic civil responsibility. If the world is in danger, we should be able to help out." He did say there was a lot of "nonsense" being reported about BlackBerry and its approach to how it handles user information. "Of course, there need to be clear guidelines. The guidelines we've adopted require legal assets. A subpoena for certain data. But if you have the data, you should give it to them," he said. "There's some complete nonsense about what we can and can't do. People are mad at us that we let the government have the data. It's absolute garbage. We can't do that." Chen also warned that mandatory back doors aren't a good idea either, hinting at the impending Investigatory Powers Bill. "There's proposed legislation in the U.S., and I'm sure it will come to the EU, that every vendor needs to provide some form of a back door. That is not going to fly at all. It just isn't," he said.