Slashdot Mirror

Andy Greenberg, writing for Wired:At today's Ekoparty security conference, security firm Duo plans to present research on how it delved into the guts of tens of thousands of computers to measure the real-world state of Apple's so-called extensible firmware interface, or EFI. This is the firmware that runs before your PC's operating system boots and has the potential to corrupt practically everything else that happens on your machine. Duo found that even Macs with perfectly updated operating systems often have much older EFI code, due to either Apple's neglecting to push out EFI updates to those machines or failing to warn users when their firmware update hits a technical glitch and silently fails. For certain models of Apple laptops and desktop computers, close to a third or half of machines have EFI versions that haven't kept pace with their operating system system updates. And for many models, Apple hasn't released new firmware updates at all, leaving a subset of Apple machines vulnerable to known years-old EFI attacks that could gain deep and persistent control of a victim's machine.

SpaceX CEO Elon Musk unveiled revised plans to travel to the Moon and Mars at a space industry conference today, but he ended his talk with a pretty incredible promise: using that same interplanetary rocket system for long-distance travel on Earth. From a report: Musk showed a demonstration of the idea onstage, claiming that it will allow passengers to take "most long-distance trips" in just 30 minutes, and go "anywhere on Earth in under an hour" for around the same price as an economy airline ticket. Musk proposed using SpaceX's forthcoming mega-rocket (codenamed Big Fucking Rocket or BFR for short) to lift a massive spaceship into orbit around the Earth. The ship would then settle down on floating landing pads near major cities. Both the new rocket and spaceship are currently theoretical, though Musk did say that he hopes to begin construction on the rocket in the next six to nine months. In SpaceX's video that illustrates the idea, passengers take a large boat from a dock in New York City to a floating launchpad out in the water. There, they board the same rocket that Musk wants to use to send humans to Mars by 2024. But instead of heading off to another planet once they leave the Earth's atmosphere, the ship separates and breaks off toward another city -- Shanghai. Just 39 minutes and some 7,000 miles later, the ship reenters the atmosphere and touches down on another floating pad, much like the way SpaceX lands its Falcon 9 rockets at sea. Other routes proposed in the video include Hong Kong to Singapore in 22 minutes, London to Dubai or New York in 29 minutes, and Los Angeles to Toronto in 24 minutes.

An anonymous reader writes: Canonical engineer Dimitri John Ledkov announced on Wednesday that Ubuntu does not plan to offer 32-bit ISO installation images for its new OS version starting with the next release — Ubuntu 17.10 (Artful Aardvark) scheduled for release on October 19. The decision comes after month-long discussions on the dwindling market share of 32-bit architectures. Ledkov made it clear that Canonical does not plan to stop support for 32-bit architectures. The Ubuntu team plans to continue to offer security updates and bug fixes, but they won't be offering new ISO images. Lubuntu and Xubuntu, which are Ubuntu offshoots created to run on older computers, will most likely continue to provide 32-bit ISO images, as this is their bread and butter. Manjaro, Tails, and Arch Linux announced similar decisions. Even Google dropped support for Chrome on 32-bit Linux platforms, way back in 2015, predicting the overall trend.

An anonymous reader quotes a report from Exstreamist: Comcast announced this week that they plan on rolling out their streaming service, "Xfinity Instant TV" as an option for broadband-only customers. At our very first glance, it seemed like a pretty good deal, a live-streaming service for $18 a month, not bad right? But once we actually looked into the offering, we noticed something funny. Almost the entirety of what they're planning on charging $18 a month for could be viewed free with an antenna. According to the Wall Street Journal, the antenna as an option is apparently a long lost TV option for many consumers. Variety is reporting, "Xfinity Instant TV" intro packages, the ones that are $18, will only include a handful of broadcast channels, and a few "freebies" like the Home Shopping Network, and CSPAN So we're not exactly talking about getting access to ESPN, CNN, FX, or other more desirable channels for cord cutters, those will cost you at least $45 more a month, so basically the cost of your current cable television package. The report notes that the service is only available to Comcast internet subscribers and does include access to on-demand services.

New submitter wierzpio writes: According to Rob Malcolmson, Bell Canada's VP of regulatory affairs, Canada is a safe haven to internet pirates and the only solution is to create a federally mandated blacklist of pirate websites. Unlike the existing blacklist in the U.K., Bell's plan appears to involve no judicial oversight. "Engaging in extrajudicial attempts to block access to sites, I think, raises all kinds of Charter of Rights and Freedoms issues," argues Michael Geist, a University of Ottawa professor and internet law expert. Quebec also wants to block sites. The province recently introduced a provincial law that would force internet providers to block users' access to online gambling sites not approved by the government. It argues the legislation is necessary to ensure internet gambling companies maintain responsible gaming rules.

The Department of Homeland Security plans to expand the files it collects on immigrants, as well as some citizens, by including more online data -- most notably search results and social media information -- about each individual. The plan is set out in the Federal Register, where the government publishes forthcoming regulations. A final version is set to go into effect on Oct. 18. Fortune reports: The plan, reported by BuzzFeed, is notable partly because it permits the government to amass information not only about recent immigrants, but also on green card holders and naturalized Americans as well. The proposal to collect social media data is set out in a part of the draft regulation that describes expanding the content of so-called "Alien Files," which serve as detailed profiles of individual immigrants, and are used by everyone from border agents to judges. Here is the relevant portion: "The Department of Homeland Security, therefore, is updating the [file process] to ... (5) expand the categories of records to include the following: country of nationality; country of residence; the USCIS Online Account Number; social media handles, aliases, associated identifiable information, and search results."

British inventor Sir James Dyson has announced plans to build an electric car that will be "radically different" from current models and go on sale in 2020. The Guardian reports: The billionaire who revolutionized the vacuum cleaner said 400 engineers in Wiltshire had been working since 2015 on the 2.5 billion British pound project. No prototype has yet been built, but Dyson said the car's electric motor was ready, while two different battery types were under development that he claimed were already more efficient than in existing electric cars. Dyson said consumers would have to "wait and see" what the car would look like: "We don't have an existing chassis [...] We're starting from scratch. What we're doing is quite radical." However, he said the design was "all about the technology" and warned that it would be an expensive vehicle to purchase. While he did not name a price, he said: "Maybe the better figure is how much of a deposit they would be prepared to put down."

Yesterday was the season premiere of the first new Star Trek TV series in 12 years. While the first episode aired on the CBS broadcast network Sunday night, the second episode -- and all the rest to come -- was made available exclusively on the CBS All Access streaming service for $6 a month. Naturally, this upset Trekkies and led many of them to find alternative methods to watch the show. EW reports that Star Trek: Discovery "is on the verge of cracking Pirate Bay's Top 10 most illegally downloaded shows in less than 24 hours." From the report: The Discovery pilot is currently at No. 11 on the list (apparently at No. 15 just a few hours ago), the pilot is up there with the likes of HBO's Game of Thrones, Adult Swim's Rick and Morty and, for some reason, TNT's The Last Ship. The show's second episode is at No. 17, which is a tad surprising as that was the one that wasn't free. Ever since the distribution plan was first announced fans have resisted with some vehemence the idea of paying for "yet another streaming service just to watch a single show" (there's more than one show on All Access, CBS is quick to point out, and then a debate over the relative merits of NCIS and MacGyver repeats ensues).

Dubai staged a test flight on Monday for what it said would soon be the world's first drone taxi service under an ambitious plan by the United Arab Emirates city to lead the Arab world in innovation. From a report: The flying taxi developed by German drone firm Volocopter resembles a small, two-seater helicopter cabin topped by a wide hoop studded with 18 propellers. It was unmanned for its maiden test run in a ceremony arranged for Dubai Crown Prince Sheikh Hamdan bin Mohammed. Meant to fly without remote control guidance and with a maximum flight duration of 30 minutes, it comes with plenty of fail-safes in case of trouble: back-up batteries, rotors and, for a worst case scenario, a couple of parachutes.

Owners at the Model 3 Owners Club compiled a list of over 80 different features of the Model 3 they're curious about, including questions about how the car operates (does the card unlock all the doors, where does the UI show you that your turn signals are active), physical aspects of the car (what does the tow hitch attachment look like, how much stuff can you fit in the front and rear cargo areas), and subjective details (how aggressive is the energy regeneration, does that wood trim cause glare). Ars Technica reports: So far, we've learned a few interesting facts. For instance, the windshield wipers are turned on and off by a stalk like just about every other car on the market, but changing the speed (slow/fast/intermittent) is handled by a menu on the touchscreen. The stalk also does double duty turning on the headlights, and there are no rain sensors for the wipers. The touchscreen UI really is the only way to interact with every other function, according to owners, even the rear air vents are controlled from up front (although there are USB ports in the back). Rear seat passengers also won't get seat heaters from what we gather -- unless Tesla plans to activate them in a later software update -- and the steering wheel is not heated either. The two buttons on the steering wheel do not appear to be user-configurable. Instead, the left button primarily deals with audio functions (scroll up and down for volume, left and right to change track) while the other one is for adjusting the mirrors and steering wheel position while in those menus in the UI. Additionally it appears that as of now, there's no way to tab through a different part of the UI without taking your hands off the steering wheel.

New submitter mikeatTB writes: "For software development, no significant developer activity is predictable or repetitive; if it were, the developers would have automated it already," writes Steven A. Lowe, Principal Consultant Developer at ThoughtWorks, via TechBeacon. "In addition, learning is essentially a nonlinear process; it involves trying things that don't work in order to discover what does work. You might see linear progress for a while, but you don't know what you don't know, so there will be apparent setbacks. It is from these setbacks that one learns the truth about the system -- what is really needed to make it work, to make it usable, and to make a difference for the users and the business. In other words, the dirty little secret of software development is that projects don't really exist. And they're killing our products, teams, and software." Lowe continues: "Projects, with respect to software development, are imaginary boxes drawn around scope and time in an attempt to 'manage' things. This tendency is understandable, given the long fascination with so-called scientific management (a.k.a. Taylorism, a.k.a. Theory X), but these imaginary boxes do not reduce underlying complexity. On the contrary, they add unnecessary complexity and friction and invite a counterproductive temptation to focus on the box instead of the problem or product. This misplaced emphasis leads to some harmful delusions: Conformance to schedule is the same thing as success; Estimation accuracy is possible and desirable enough to measure and optimize for; The plan is perfect and guarantees success; The cost of forming and dissolving teams is zero; The cost of functional silo hand-offs is zero; The bigger and more comprehensive the plan, the better; Predictability and efficiency are paramount."

Accounting firm Deloitte confirmed on Monday it had suffered a cyberattack. From a report: One of the world's "big four" accountancy firms has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients, the Guardian can reveal (the company has since confirmed the breach). Deloitte, which is registered in London and has its global headquarters in New York, was the victim of a cybersecurity attack that went unnoticed for months. One of the largest private firms in the US, which reported a record $37bn revenue last year, Deloitte provides auditing, tax consultancy and high-end cybersecurity advice to some of the world's biggest banks, multinational companies, media enterprises, pharmaceutical firms and government agencies. The Guardian understands Deloitte clients across all of these sectors had material in the company email system that was breached. The companies include household names as well as US government departments

More than a year after Microsoft announced its plans to purchase LinkedIn for $26.2 billion, the technology giant is rolling out some of the first integrations with the business social network. From a report: At its Ignite conference in Orlando this morning, Microsoft plans to announce that Office 365 will include a new "profile card" that can display LinkedIn information. For example, interviewers using Outlook would be able to easily access LinkedIn profiles of job seekers. This integration, the first between Office 365 and LinkedIn since the acquisition, is designed to make it easier for people to search for others inside their organizations. Here's how it works, according to the company: "Users who have access to this feature can access LinkedIn profile information by hovering over a person's name and navigating to the 'LinkedIn' tab on the new profile card. Microsoft service administrators continue to have control over organizational privacy and connected features in their tenant. We respect end-user privacy and will honor your LinkedIn privacy and profile visibility settings."

An anonymous reader shares a report: Microsoft Teams isn't even a year old, but it's about to replace Skype for Business. At Microsoft's Ignite conference in Orlando, Florida today, the software giant is revealing that it plans to kill off Skype for Business in favor of Microsoft Teams. Skype for Business took over from Lync, Microsoft's previous business chat app, back in 2015. Microsoft's original Teams launch made it look obvious that Skype for Business would eventually disappear, given the fact that Teams integrates most of Skype's functionality already. Microsoft says it has been building a new Skype infrastructure that has been "evolving rapidly," and it will serve as the enterprise-grade service for voice, video, and meetings in Microsoft Teams. A new Skype for Business server will be available in the second half of 2018 for customers not ready to move to Teams, but Microsoft is pushing Office 365 users will to move over to Teams as the key communications client instead of relying on Skype for Business.

An anonymous reader quotes the Register: Faced with growing dissatisfaction about licensing requirements for some of its open-source projects, Facebook said it will move React, Jest, Flow, and Immutable.js under the MIT license next week. "We're relicensing these projects because React is the foundation of a broad ecosystem of open source software for the web, and we don't want to hold back forward progress for nontechnical reasons," said Facebook engineering director Adam Wolff in a blog post on Friday. Wolff said while Facebook continues to believe its BSD + Patents license has benefits, "we acknowledge that we failed to decisively convince this community"... Wolff said the updated licensing scheme will arrive next week with the launch of React 16, a rewrite of the library designed for more efficient operation at scale.
Facebook was facing strong criticism from the Apache Software Foundation and last week Wordpress.com had announced plans to move away from React.

"Wolff said Facebook considered a license change for its other open-source projects, but wasn't ready to commit to anything," the Register adds. "Some projects, he said, will keep the BSD + Patents license."

"Three-point-one-four was more than a number to museum curator Larry Shaw," writes the San Francisco Chronicle. Long-time Slashdot reader linuxwrangler writes: In 1988 at a retreat for San Francisco Exploratorium staff, Larry Shaw proposed linking the digits of pi, which begins 3.14, with the date March 14. Initially the "holiday" was only celebrated by museum staff but it didn't take long for the idea to spread and Pi Day was born.

For 38 years, Mr. Shaw donned a red cap emblazoned with the magic digits and led a parade of museum goers, each of them holding a sign bearing one of the digits of pi. Shaw died August 19 at age 78 and a memorial is planned for Sunday September 24.
The memorial will be held in Mill Valley, California, the Chronicle reports, adding that "pie will be served."

Following a report from Reuters claiming T-Mobile is close to agreeing on a deal to merge with Sprint, an anonymous Slashdot reader shares a report from DSLReports arguing how such a merger would remain "a very bad deal for consumers": The Sprint-T-Mobile merger could prove problematic for not only wireless prices, but the recent resurgence in unlimited data plans. While wireless carriers still often engage in theatrical non-price competition more often than not, the government's decision to block AT&T's acquisition of T-Mobile several years ago helped spur an unprecedented period of competition in wireless (something large ISPs and their policy armies like to ignore). The end result was a brasher and more competitive T-Mobile, who lead the way on a wave of improvements in the sector culminating most recently in the return of simpler, easier unlimited data plans. The government's decision to block Sprint from acquiring T-Mobile helped keep that competition intact, something large ISPs and their policy folk would similarly like you to forget. As a result, T-Mobile has added more customers per quarter than any other wireless carrier for several years running, as the resulting competition put an end to numerous, nasty industry tactics including overcharging for international roaming, to obnoxious fees and long-term contracts. And while the new, combined company will likely still be run by current popular T-Mobile CEO John Legere, the very act of eliminating one of only four major players in the wireless market will indisputably reduce the incentive to more seriously compete on price, and could help reverse the progress the sector has seen in recent years. It's well within reason that this reduced competition could also bring back metered plans and put an end to unlimited data.Wirefly is a good place to compare cell phone plans to see the difference between Sprint and T-Mobile.

An anonymous reader quotes a report from Ars Technica: Verizon Wireless is giving a reprieve to some rural customers who are scheduled to be booted off their service plans, but only in cases when customers have no other options for cellular service. Verizon recently notified 8,500 customers in 13 states that they will be disconnected on October 17 because they used roaming data on another network. But these customers weren't doing anything wrong -- they are being served by rural networks that were set up for the purpose of extending Verizon's reach into rural areas. Today, Verizon said it is extending the deadline to switch providers to December 1. The company is also letting some customers stay on the network -- although they must switch to a new service plan. "If there is no alternative provider in your area, you can switch to the S (2GB), M (4GB), 5GB single-line, or L (8GB) Verizon plan, but you must do so by December 1," Verizon said in a statement released today. These plans range from $35 to $70 a month, plus $20 "line fees" for each line. The 8,500 customers who received disconnection letters have a total of 19,000 lines. Verizon sells unlimited plans in most of the country but said only those limited options would be available to these customers. Verizon also reiterated its promise that first responders will be able to keep their Verizon service even though some public safety officials received disconnection notices. "We have become aware of a very small number of affected customers who may be using their personal phones in their roles as first responders and another small group who may not have another option for wireless service," Verizon said. "After listening to these folks, we are committed to resolving these issues in the best interest of the customers and their communities. We're committed to ensuring first responders in these areas keep their Verizon service."

An anonymous reader shares a report: UK-based gaming journalist and blogger Chris Scullion is on a mission to preserve his collection -- and maybe your collection, too -- of these old video game VHS tapes. In the 80s and 90s, video game companies and trade magazines made these tapes to accompany popular titles or new issues with bonus material or promotional footage, giving a glimpse into how marketing for games was done in the industry's early days. Scullion has 18 tapes to upload so far, and plans to provide accompanying commentary as well as the raw video as they go up on his YouTube channel. Scullion's first upload is a promotional tape for Super Mario All-Stars, given away by Nintendo UK in 1993. It's hosted by Craig Charles, who played Lister in the British sci-fi sitcom Red Dwarf. Digitizing his collection keeps that sweet nostalgia content safe from degradation of the magnetic tape, which starts to go downhill within 10 to 25 years. He's capturing them in HD using a 1080p upscaler, at a full 50fps frame rate by converting to HDMI before grabbing -- a higher frame rate than many standard commercial digitizing devices that capture at 30fps -- so that no frames are missed. Some of the tapes he's planning to digitize have already been converted and uploaded to YouTube by other people, he says, but most are either poor quality or captured with less-advanced grabbing devices.

Ford is using Microsoft's HoloLens headset to let designers quickly model out changes to cars, trucks, and SUVs in augmented reality. This allows designers to see the changes on top of an existing physical vehicle, instead of the traditional clay model approach to car design. The Verge reports: Ford is still using clay models, but the HoloLens can be used to augment additional 3D models without having to build every single design prototype with clay. It's one of the more interesting ways we've seen businesses use Microsoft's HoloLens, and it's something customers will never see. Microsoft is planning to hold a Windows Mixed Reality launch event on October 3rd in San Francisco. We're not expecting to hear about a HoloLens successor, but we should get a better idea of what apps and games we'll see coming for Microsoft's Windows Mixed Reality headsets.