Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×
Security

Software Vendor Who Hid 'Supply Chain' Breach Outed (krebsonsecurity.com) 6

tsu doh nimh writes: Researchers at RSA released a startling report last week that detailed a so-called "supply chain" malware campaign that piggybacked on a popular piece of software used by system administrators at some of the nation's largest companies. This intrusion would probably not be that notable if the software vendor didn't have a long list of Fortune 500 customers, and if the attackers hadn't also compromised the company's update servers -- essentially guaranteeing that customers who downloaded the software prior to the breach were infected as well. Incredibly, the report did not name the affected software, and the vendor in question has apparently chosen to bury its breach disclosure as a page inside of its site -- not linking to it anywhere. Brian Krebs went and dug it up. Spoiler: the product/vendor in question is EVlog by Altair Technologies Ltd.
Businesses

Apple's New Spaceship Campus Gets a Name, Lifts Off In April (arstechnica.com) 29

An anonymous reader quotes a report from Ars Technica: Apple has been building its giant new "spaceship" campus in the company's hometown of Cupertino, California, since December of 2013, and since then fans have paid obsessive attention to the structure. It gets buzzed by drones constantly, and the most popular YouTube videos of the building in progress have amassed well over half-a-million views apiece. The company announced today that the campus will be open to employees starting in April and that the building and environs now have a name: Apple Park. Apple says that moving the 12,000 employees who will work at the campus will take more than six months, and landscaping and construction on some buildings won't be done until the summer. The new campus mostly replaces the university-style Infinite Loop campus Apple has used since 1993, though Apple has said that it will also be keeping the older buildings. The new campus' cost has been estimated at around $5 billion. Apple will also be naming one space on the new campus after its founder and former CEO -- the Steve Jobs Theater will replace the current Town Hall event space that Apple sometimes uses for company meetings and product announcements, and it will open "later this year." The new space will be much larger (it will seat 1,000, compared to roughly 300 for the Town Hall), and the larger space will presumably allow Apple to launch more of its products on its campus rather than having to rent expensive event space in downtown San Francisco. The company is also moving its Worldwide Developers Conference closer to home this year -- it will return to San Jose after many years at the Moscone Center in San Francisco.
Privacy

GE, Intel, and AT&T Are Putting Cameras and Sensors All Over San Diego (fortune.com) 83

An anonymous reader shares a Fortune report: General Electric will put cameras, microphones, and sensors on 3,200 street lights in San Diego this year, marking the first large-scale use of "smart city" tools GE says can help monitor traffic and pinpoint crime, but raising potential privacy concerns. Based on technology from GE's Current division, Intel and AT&T, the system will use sensing nodes on light poles to locate gunshots, estimate crowd sizes, check vehicle speeds and other tasks, GE and the city said on Wednesday. The city will provide the data to entrepreneurs and students to develop applications. Companies expect a growing market for such systems as cities seek better data to plan and run their operations. San Diego is a test of "Internet of things" technology that GE Current provides for commercial buildings and industrial sites.
Verizon

Verizon To Begin 5G User Trials in 11 Markets by Middle of Year (bloomberg.com) 28

Verizon will test faster fifth-generation (5G) mobile broadband service in 11 markets in the first half of this year as the nation's largest wireless carrier tries to take the lead in the 5G race. From a report on Bloomberg: Working with equipment partners including Ericsson and Samsung, Verizon will beam 5G signals to a test group of homes and businesses in Ann Arbor, Michigan; Atlanta; Bernardsville, New Jersey; Brockton, Massachusetts; Dallas; Denver; Houston; Miami; Sacramento, California; Seattle; and Washington, D.C., according to a statement released as part of Mobile World Congress, which starts this week in Barcelona. While 5G service isn't expected to be commercially available until 2020, Verizon and its closest rival, AT&T, are bringing the technology out of the lab and into the hands of actual users to spur development.
AI

Tinder Wants AI To Set You Up On a Date (bbc.com) 98

Dave Lee, writing for BBC: Tinder is growing up. It's now a serious technology company tackling one of life's most important matters, and is by far the most popular dating app worldwide. After a lot of boardroom musical chairs, Mr Rad is the chairman of both Tinder and Swipe Ventures, the arm of the company designed to buy other dating-related technologies. One of which is artificial intelligence. And its collision with dating might be the most intriguing application of AI yet. "I think this might sound crazy," Mr Rad said on Tuesday at tech conference Start-Up Grind. "In five years time, Tinder might be so good, you might be like "Hey [Apple voice assistant] Siri, what's happening tonight?' "And Tinder might pop up and say 'There's someone down the street you might be attracted to. She's also attracted to you. She's free tomorrow night. We know you both like the same band, and it's playing -- would you like us to buy you tickets?'... and you have a match. "It's a little scary."
Transportation

Uber's Self-Driving Cars Are Now Picking Up Passengers in Arizona (theverge.com) 89

Almost two months to the day after Uber loaded its fleet of self-driving SUVs into the trailer of a self-driving truck and stormed off to Arizona in a self-driving huff, the company is preparing to launch its second experiment (if you don't count the aborted San Francisco pilot) in autonomous ride-hailing. From a report on The Verge: What's different is that this time, Uber has the blessing from Arizona's top politician, Governor Doug Ducey, a Republican, who is expected to be "Rider Zero" on an autonomous trip along with Anthony Levandowski, VP of Uber's Advanced Technologies Group. [...] Starting today, residents of Tempe, Arizona, can hail a self-driving Volvo XC90 SUV on Uber's ride-sharing platform. All trips will include two Uber engineers in the front seats as safety drivers, in the event a human needs to take over control from the vehicle's software. Uber says it hopes to expand the coverage area to other cities in Arizona in the coming weeks.
Google

Google Releases Open Source File Sharing Project 'Upspin' On GitHub (betanews.com) 43

BrianFagioli quotes a report from BetaNews: Today, Google unveiled yet another way to share files. Called "Upspin," the open source project aims to make sharing easier for home users. With that said, the project does not seem particularly easy to set up or maintain. For example, it uses Unix-like directories and email addresses for permissions. While it may make sense to Google engineers, I am dubious that it will ever be widely used. "Upspin looks a bit like a global file system, but its real contribution is a set of interfaces, protocols, and components from which an information management system can be built, with properties such as security and access control suited to a modern, networked world. Upspin is not an "app" or a web service, but rather a suite of software components, intended to run in the network and on devices connected to it, that together provide a secure, modern information storage and sharing network," says Google. The search giant adds: "Upsin is a layer of infrastructure that other software and services can build on to facilitate secure access and sharing. This is an open source contribution, not a Google product. We have not yet integrated with the Key Transparency server, though we expect to eventually, and for now use a similar technique of securely publishing all key updates. File storage is inherently an archival medium without forward secrecy; loss of the user's encryption keys implies loss of content, though we do provide for key rotation."
Cellphones

Cellphones As a Fifth-Order Elaboration of Maxwell's Theory (ieee.org) 118

schwit1 shares a report from IEEE Spectrum that reflects on the "Stages of Electronics" based on James Clerk Maxwell's theory: Now that the world has become addicted to portable electronics, billions of people have come to see the companies providing these gadgets as the most innovative, and the people who head those companies as the most exalted, of all time. "Genius" is a starter category in this discussion. But clever and appealing though today's electronic gadgets may be, to the historian they are nothing but the inevitable fifth-order elaborations of two fundamental ideas: electromagnetic radiation, the theory of which was formulated by James Clerk Maxwell in the 1860s, and miniaturized fabrication, which followed Richard Feynman's 1959 dictum [PDF] that "there's plenty of room at the bottom." Maxwell was a true genius. The history of science offers few examples of work as brilliant as unifying electricity, magnetism, and light as aspects of a single phenomenon: electromagnetic waves. As Max Planck put it, "in doing so he achieved greatness unequalled."

Vaclav Smil writes via IEEE: "As I pass the zombielike figures on the street, oblivious to anything but their cellphone screens, I wonder how many of them know that the most fundamental advances enabling their addictions came not from Nokia, Apple, Google, Samsung, or LG. These companies' innovations are certainly admirable, but they amount only to adding a few fancy upper floors to a magnificent edifice whose foundations were laid by Maxwell 152 years ago and whose structure depends on decades-old advances that made it possible to build electronics devices ever smaller."

The Almighty Buck

The Only Thing, Historically, That's Curbed Inequality: Catastrophe (theatlantic.com) 402

ColdWetDog writes: The Atlantic has an interesting article on how societies have decreased economic equality. From the report: "Calls to make America great again hark back to a time when income inequality receded even as the economy boomed and the middle class expanded. Yet it is all too easy to forget just how deeply this newfound equality was rooted in the cataclysm of the world wars. The pressures of total war became a uniquely powerful catalyst of equalizing reform, spurring unionization, extensions of voting rights, and the creation of the welfare state. During and after wartime, aggressive government intervention in the private sector and disruptions to capital holdings wiped out upper-class wealth and funneled resources to workers; even in countries that escaped physical devastation and crippling inflation, marginal tax rates surged upward. Concentrated for the most part between 1914 and 1945, this 'Great Compression' (as economists call it) of inequality took several more decades to fully run its course across the developed world until the 1970s and 1980s, when it stalled and began to go into reverse. This equalizing was a rare outcome in modern times but by no means unique over the long run of history. Inequality has been written into the DNA of civilization ever since humans first settled down to farm the land. Throughout history, only massive, violent shocks that upended the established order proved powerful enough to flatten disparities in income and wealth. They appeared in four different guises: mass-mobilization warfare, violent and transformative revolutions, state collapse, and catastrophic epidemics. Hundreds of millions perished in their wake, and by the time these crises had passed, the gap between rich and poor had shrunk."

Slashdot reader ColdWetDog notes: "Yep, the intro is a bit of a swipe at Trump. But this should get the preppers and paranoids in the group all wound up. Grab your foil! Run for the hills!"

Transportation

College Senior Turns His Honda Civic Into a Self-Driving Car Using Free Hardware, Software (technologyreview.com) 119

holy_calamity writes: University of Nebraska student Brevan Jorgenson swapped the rear-view mirror in his 2016 Honda Civic for a home-built device called a Neo, which can steer the vehicle and follow traffic on the highway. Jorgenson used hardware designs and open-source software released by Comma, a self-driving car startup that decided to give away its technology for free last year after receiving a letter asking questions about its functionality from the National Highway Traffic Safety Administration (NHTSA). Jorgenson is just one person in a new hacker community trying to upgrade their cars using Comma's technology. "A Neo is built from a OnePlus 3 smartphone equipped with Comma's now-free Openpilot software, a circuit board that connects the device to the car's electronics, and a 3-D-printed case," reports MIT Technology Review. The report notes that Neodriven, a startup based in Los Angeles, has recently started selling a pre-built Neo device that works with Comma's Openpilot software, but it costs $1,495.
The Almighty Buck

Valve's Gabe Newell Says Only 30 SteamVR Apps Have Made $250,000+ (roadtovr.com) 130

New submitter rentarno writes: According to Valve President, Gabe Newell, only 30 virtual-reality apps on Steam (of some 1,000) have made more than $250,000. But that isn't stopping the company from throwing the bulk of their weight behind virtual reality; Valve recently confirmed that it's working on 3 full VR games. Valve still believes in a huge future for VR, even while things are slow to start. It'll take work to find and make the content that's great for VR, Newell says. "We got Half-Life 2 and Team Fortress running in VR. It was kind of a novelty, purely a development milestone. There was absolutely nothing compelling about them. Nobody's going to buy a VR system so they can watch movies. You have to aspire and be optimistic that the unique characteristics of VR will cause you to discover a bunch of stuff that isn't possible on any of the existing platforms." How do you view the VR industry in early 2017? Do you think it shows promise or will eventually fail like 3D TV?
Cellphones

Samsung To Sell Refurbished Galaxy Note 7 With a Smaller Battery, Says Report (androidauthority.com) 71

According to a report via The Korean Economic Daily, Samsung is said to be putting refurbished Galaxy Note 7 handsets on sale with new batteries following the cancellation of the device late last year. The speculation suggests the smartphones could be relaunched this June. Android Authority reports: Samsung is said to be swapping the Note 7's 3,500 mAh batteries with a "3,000 to 3,200 mAh" batteries, according to The Korean Economic Daily's sources, predominately for sale in emerging markets such as India and Vietnam. The move is said to be part of Samsung's plan to recover costs from the initial device recall and avoid environmental penalties from the estimated 2.5 million or so Galaxy Note 7s it would have to dispose of. Samsung hasn't made any official announcements in this vein, but before the battery investigation concluded, a spokesperson did tell us that the company was: "Reviewing possible options that can minimize the environmental impact of the recall." Shifting refurbished units would certainly be one way to achieve that.
Censorship

'We Won't Block Pirate Bay,' Swedish Telecoms Giant Says (torrentfreak.com) 26

Last week, a Swedish Patent and Market Court of Appeal ordered The Pirate Bay and streaming portal Swefilmer to be blocked by internet service provider Bredbandsbolaget for the next three years. The order was not well supported by other internet service providers in Sweden, as it appears they don't like the idea of becoming copyright policemen. TorrentFreak reports: Last week ISP Bahnhof absolutely slammed the decision to block The Pirate Bay, describing the effort as signaling the "death throes" of the copyright industry. It even hinted that it may offer some kind of technical solution to customers who are prevented from accessing the site. For those familiar with Bahnhof's stance over the years, this response didn't come as a surprise. The ISP is traditionally pro-freedom and has gone out of its way to make life difficult for copyright enforcers of all kinds. However, as one of the leading telecoms companies in Sweden and neighboring Norway, ISP Telia is more moderate. Nevertheless, it too says it has no intention of blocking The Pirate Bay, unless it is forced to do so by law. "No, we will not block if we are not forced to do so by a court," a company press officer said this morning. Telia says that the decision last week from the Patent and Market Court affects only Bredbandsbolaget, indicating that a fresh legal process will be required to get it to respond. That eventuality appears to be understood by the rightsholders but they're keeping their options open.
Government

Wyden To Introduce Bill To Prohibit Warrantless Phone Searches At Border (onthewire.io) 169

Trailrunner7 quotes a report from On the Wire: A senator from Oregon who has a long track record of involvement on security and privacy issues says he plans to introduce a bill soon that would prevent border agents from forcing Americans returning to the country to unlock their phones without a warrant. Sen. Ron Wyden said in a letter to the secretary of the Department of Homeland Security that he is concerned about reports that Customs and Border Patrol agents are pressuring returning Americans into handing over their phone PINs or using their fingerprints to unlock their phones. DHS Secretary John Kelly has said that he's considering the idea of asking visitors for the login data for their various social media accounts, information that typically would require a warrant to obtain. "Circumventing the normal protection for such private information is simply unacceptable," Wyden said in the letter, sent Monday. "There are well-established procedures governing how law enforcement agencies may obtain data from social media companies and email providers. The process typically requires that the government obtain a search warrant or other court order, and then ask the service provider to turn over the user's data."
Transportation

UPS Develops 'Rolling Warehouse' System In Which Drones Are Launched From Atop Trucks (bloomberg.com) 38

mi writes: A Bloomberg article describes a test conducted by UPS on Monday, "launching an unmanned aerial vehicle from the roof of a UPS truck about a quarter-mile to a blueberry farm outside Tampa, Florida. The drone dropped off a package at a home on the property, and returned to the truck, which had moved about 2,000 feet." The company is looking to design a "rolling warehouse" system in which a drone is "deployed from the roof of a UPS truck and flies at an altitude of 200 feet to the destination." It returns after dropping off the package while the truck is already on its way to the next stop.
PHP

PHP Becomes First Programming Language To Add 'Modern' Cryptography Library In Its Core (bleepingcomputer.com) 186

An anonymous reader writes from a report via BleepingComputer: The PHP team has unanimously voted to integrate the Libsodium library in the PHP core, and by doing so, becoming the first programming language to support a modern cryptography library by default. Developers approved a proposal with a vote of 37 to 0 and decided that Libsodium will be added to the upcoming PHP 7.2 release that will be launched towards the end of 2017. Scott Arciszewski, the cryptography expert who made the proposal, says that by supporting modern crypto in the PHP core, the PHP team will force the WordPress team to implement better security in its CMS, something they avoided until now. Additionally, it will allow PHP and CMS developers to add advanced cryptography features to their apps that run on shared hosting providers, where until now they weren't able to install custom PHP extensions to support modern cryptography. Other reasons on why he made the proposal are detailed here. Arciszewski also says that PHP is actually "the first" programming language to support a "modern" cryptography library in its core, despite Erlang and Go including similar libraries, which he claims are not as powerful and up-to-date as PHP's upcoming Libsodium implementation.
IT

Computer Glasses Claim To Protect Eyesight Are Selling Like Hotcakes, But They Probably Aren't Useful (businessinsider.in) 115

People are increasingly concerned that bright light -- especially "blue light" from computer screens -- is causing harm, making it a potentially dangerous public health issue. Eyewear and screen protector companies have been selling products they say can protect people from these harms. But are they really making any difference? From a report: We do know that blue light at night can interfere with sleep, causing a host of negative effects. But the evidence that the amount of light screen expose us to during the day is harmful is not really there. Furthermore, many experts think these products are unnecessary and could perhaps do more harm than good. [...] The research that companies selling blue-blocking products cite falls into three categories: animal studies, in vitro studies of retinal cells exposed to light, and studies of people exposed to outdoor light. [...] "I think it's largely hype, not science," says Dr. Richard Rosen, Director of Retina Services at New York Eye and Ear Infirmary of Mount Sinai and Ophthalmology Research Director at Icahn School of Medicine. "They want to sell it; they know people get uncomfortable staring at screens all day, so they say, it's because of this [blue light issue]." The report cites insight from several other doctors as well studies to make a case for why these glasses aren't useful.
Security

Netflix Just Announced a User Focused Security Application (netflix.com) 42

Moving beyond movies and TV shows (and their DVDs), Netflix announced on Tuesday Stethoscope, its "first project following a User Focused Security approach." From a company's blog post: The notion of "User Focused Security" acknowledges that attacks against corporate users (e.g., phishing, malware) are the primary mechanism leading to security incidents and data breaches, and it's one of the core principles driving our approach to corporate information security. [...] Stethoscope is a web application that collects information for a given user's devices and gives them clear and specific recommendations for securing their systems. If we provide employees with focused, actionable information and low-friction tools, we believe they can get their devices into a more secure state without heavy-handed policy enforcement. The company says Stethoscope tracks disk encryption, firewall, automatic updates, up-to-date OS/software, screen lock, jailbroken/rooted status, security software stack configurations of the device.
Privacy

GlobalSign Supports Billions of Device Identities In an Effort To Secure the IoT (globalsign.com) 27

Reader broknstrngz writes: GlobalSign, a WebTrust certified CA and identity services provider, has released its high volume managed PKI platform, taking a stab at the current authentication and security weaknesses in the IoT. The new service aims to commodify large scale rapid enrollment and identity management for large federated swarms of devices such as IP cameras, smart home appliances and consumer electronics, core and customer premises network equipment in an attempt to reduce the attack surface exploitable by IoT DDoS botnets such as Mirai.

Strong device identity models are developed in partnership with TPM and hardware cryptographic providers such as Infineon and Intrinsic ID, as well as other Trusted Computing Group members.

Microsoft

Microsoft Confirms Another 2017 Update After Windows 10 Creators Update (betanews.com) 74

Mark Wilson, writing for BetaNews: Windows 10 Creators Update is due to arrive in the spring, and at Microsoft Ignite in Australia, the company confirmed that a second major update is on the way later in the year. We don't know a great deal about this update, but it's likely to incorporate Project NEON design elements. While it is not a new revelation that a second big update is coming to Windows 10 in 2017, until now there has only been a passing reference to the second one from Microsoft.

Slashdot Top Deals